urlscan.io logo urlscan.io
SecurityTrails logo

www.google.com Open in urlscan Pro
2a00:1450:4001:82a::2004  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://captcha.amazingcontent.site/
Effective URL: https://www.google.com/?gws_rd=ssl
Submission Tags: phishingrod
Submission: On June 10 via api from DE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 5 countries across 13 domains to perform 32 HTTP transactions. The main IP is 2a00:1450:4001:82a::2004, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.google.com. The Cisco Umbrella rank of the primary domain is 3.
TLS certificate: Issued by GTS CA 1C3 on May 19th 2023. Valid for: 3 months.
This is the only time www.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 178.62.200.171 14061 (DIGITALOC...)
2 45.133.44.24 39572 (ADVANCEDH...)
1 4 2a02:6b8::1:119 208722 (GLOBAL_DC)
1 2 2a01:4f8:c0:2... 24940 (HETZNER-AS)
1 1 2a02:128:7:48... 50245 (SERVEREL-AS)
1 148.251.152.17 24940 (HETZNER-AS)
1 8.248.113.243 3356 (LEVEL3)
1 66.254.114.171 29789 (REFLECTED)
1 66.254.122.23 29789 (REFLECTED)
3 209.197.3.25 20446 (STACKPATH...)
1 136.243.51.205 24940 (HETZNER-AS)
1 78.47.199.202 24940 (HETZNER-AS)
1 45.133.44.52 39572 (ADVANCEDH...)
1 88.198.136.234 24940 (HETZNER-AS)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
32 18
5    178.62.200.171 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
captcha.amazingcontent.site
ni9q.captcha.amazingcontent.site
2    45.133.44.24 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
cdn.tubecorp.com
4    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
2    2a01:4f8:c0:2f03::2 (Germany)

ASN24940 (HETZNER-AS, DE)
rtbbnr.com
rtbrennab.com
1    2a02:128:7:4860::2 (Czech Republic)

ASN50245 (SERVEREL-AS, US)
btds.zog.link
1    148.251.152.17 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.17.152.251.148.clients.your-server.de
tsyndicate.com
1    8.248.113.243 (United States)

ASN3356 (LEVEL3, US)
lcdn.tsyndicate.com
1    66.254.114.171 (United States)

ASN29789 (REFLECTED, US)
PTR: reflectededge.reflected.net
a.adtng.com
1    66.254.122.23 (United States)

ASN29789 (REFLECTED, US)
ht-cdn2.adtng.com
3    209.197.3.25 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: vip0x019.map2.ssl.hwcdn.net
hw-cdn2.adtng.com
1    136.243.51.205 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.205.51.243.136.clients.your-server.de
pxl.tsyndicate.com
1    78.47.199.202 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.202.199.47.78.clients.your-server.de
metricswpsh.com
1    45.133.44.52 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
js.wpshsdk.com
1    88.198.136.234 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-136-234.clients.your-server.de
notification.tubecup.net
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
google.com
7    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
Apex Domain
Subdomains		 Transfer
9 google.com
google.com — Cisco Umbrella Rank: 1
www.google.com — Cisco Umbrella Rank: 3
apis.google.com — Cisco Umbrella Rank: 171
111 KB
5 adtng.com
a.adtng.com — Cisco Umbrella Rank: 13171
ht-cdn2.adtng.com — Cisco Umbrella Rank: 11531
hw-cdn2.adtng.com — Cisco Umbrella Rank: 10181
711 KB
5 amazingcontent.site
captcha.amazingcontent.site
ni9q.captcha.amazingcontent.site
202 KB
4 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3244
76 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
68 KB
3 tsyndicate.com
tsyndicate.com — Cisco Umbrella Rank: 9084
lcdn.tsyndicate.com — Cisco Umbrella Rank: 11357
pxl.tsyndicate.com — Cisco Umbrella Rank: 13415
6 KB
2 tubecorp.com
cdn.tubecorp.com — Cisco Umbrella Rank: 127432
19 KB
1 tubecup.net
notification.tubecup.net — Cisco Umbrella Rank: 12723
201 B
1 wpshsdk.com
js.wpshsdk.com — Cisco Umbrella Rank: 15028
238 B
1 metricswpsh.com
metricswpsh.com — Cisco Umbrella Rank: 30120
1 zog.link
btds.zog.link — Cisco Umbrella Rank: 44398
277 B
1 rtbrennab.com
rtbrennab.com — Cisco Umbrella Rank: 45040
386 B
1 rtbbnr.com
rtbbnr.com — Cisco Umbrella Rank: 420282
1 KB
32 13
Domain Requested by
7 www.google.com 1 redirects ni9q.captcha.amazingcontent.site
www.google.com
4 mc.yandex.ru 1 redirects ni9q.captcha.amazingcontent.site
3 hw-cdn2.adtng.com a.adtng.com
3 ni9q.captcha.amazingcontent.site captcha.amazingcontent.site
ni9q.captcha.amazingcontent.site
2 www.gstatic.com www.google.com
2 cdn.tubecorp.com ni9q.captcha.amazingcontent.site
cdn.tubecorp.com
2 captcha.amazingcontent.site captcha.amazingcontent.site
1 apis.google.com www.gstatic.com
1 fonts.gstatic.com www.google.com
1 google.com 1 redirects
1 notification.tubecup.net
1 js.wpshsdk.com ni9q.captcha.amazingcontent.site
1 metricswpsh.com ni9q.captcha.amazingcontent.site
1 pxl.tsyndicate.com tsyndicate.com
1 ht-cdn2.adtng.com a.adtng.com
1 a.adtng.com tsyndicate.com
1 lcdn.tsyndicate.com rtbbnr.com
1 tsyndicate.com rtbbnr.com
1 btds.zog.link 1 redirects
1 rtbrennab.com 1 redirects
1 rtbbnr.com cdn.tubecorp.com
32 21
Subject Issuer Validity Valid
*.captcha.amazingcontent.site
R3		 2023-04-11 -
2023-07-10		 3 months crt.sh
cdn.tubecorp.com
R3		 2023-06-09 -
2023-09-07		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-03-17 -
2023-08-27		 5 months crt.sh
rtbbnr.com
R3		 2023-05-05 -
2023-08-03		 3 months crt.sh
tsyndicate.com
R3		 2023-05-12 -
2023-08-10		 3 months crt.sh
lcdn.tsyndicate.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-08 -
2024-04-07		 a year crt.sh
*.adtng.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-06-09 -
2024-07-09		 a year crt.sh
notification.tubecup.net
R3		 2023-04-28 -
2023-07-27		 3 months crt.sh
js.wpshsdk.com
R3		 2023-05-26 -
2023-08-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.google.com/?gws_rd=ssl
Frame ID: DE747FD369AA37A5D1B58B8FEF1CEB6F
Requests: 31 HTTP requests in this frame

Frame: https://cdn.tubecorp.com/i/b.html?spot=2&pid=10340&width=300&height=250&spaceid=1696
Frame ID: F7C40E85A7052CCB9524AA3894EA3E38
Requests: 2 HTTP requests in this frame

Frame: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjIsImlkIjoxNjk2LCJsYWJlbHMiOiIiLCJzaXRlX2lkIjoyLCJ0eXBlIjoiYmFubmVyIiwic3BhY2VpZCI6MTY5Niwic3BvdF9pZCI6MCwiaWR6b25lIjozODMwODE5LCJ6b25lIjoidGNfcGFiXzMwMHgyNTAiLCJhZF90YWdzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IiIsInV0bTEiOiJ0Y2Jhbl9pIiwidXRtMiI6IjIiLCJ1dG0zIjoiMTAzNDAiLCJ1dG00IjoiIn0sImJhbm5lciI6eyJ3IjozMDAsImgiOjI1MH19XSwic2l0ZSI6eyJpZCI6IjIiLCJwYWdlIjoiaHR0cHM6Ly9uaTlxLmNhcHRjaGEuYW1hemluZ2NvbnRlbnQuc2l0ZS8ifSwiZGV2aWNlIjp7InciOjE2MDAsImgiOjEyMDB9LCJ1c2VyIjp7ImlkIjoiZDIzMTU5MjY5YzZjMGM2M2RhMzM1MDg4YjllOTJjZDEifSwiZXh0Ijp7ImR0IjoxNjg2MzY1NzQ4OTk3fX0=
Frame ID: D9C68BF85021EF7A8332A4B45F8DDF3C
Requests: 1 HTTP requests in this frame

Frame: https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=0&categories={{ad_tags}}
Frame ID: 0FA36D68F1FAE1B567C659D5A4F57041
Requests: 3 HTTP requests in this frame

Frame: https://a.adtng.com/get/10014242?time=1684509571351&atc=554003&apb=tlOi9NQgFi0X05ZL6yPlHXuBnn5hYIrhDA-j8hhu0cE0coIPAZy5vS98h6UPHZnh7QRQHrA4VPLrwvVZNWXXCR1REepczsZpYXiN-eKTnVWgdQI_gUIDRUi
Frame ID: 802B906B1E6E3290A0CAC513EBA54853
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Google

Page URL History Show full URLs

  1. https://captcha.amazingcontent.site/ Page URL
  2. https://ni9q.captcha.amazingcontent.site/?r=1 Page URL
  3. http://google.com/ HTTP 301
    http://www.google.com/ HTTP 302
    https://www.google.com/?gws_rd=ssl Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

32
Requests

97 %
HTTPS

42 %
IPv6

13
Domains

21
Subdomains

18
IPs

5
Countries

1190 kB
Transfer

2064 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://captcha.amazingcontent.site/ Page URL
  2. https://ni9q.captcha.amazingcontent.site/?r=1 Page URL
  3. http://google.com/ HTTP 301
    http://www.google.com/ HTTP 302
    https://www.google.com/?gws_rd=ssl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://mc.yandex.ru/watch/73444708?wmode=7&page-url=https%3A%2F%2Fni9q.captcha.amazingcontent.site%2F%3Fr%3D1&page-ref=https%3A%2F%2Fcaptcha.amazingcontent.site%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzhfy8utpb%3Afp%3A120%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A242791383128%3Ahid%3A573627433%3Az%3A0%3Ai%3A20230610025549%3Aet%3A1686365749%3Ac%3A1%3Arn%3A694633138%3Arqn%3A1%3Au%3A1686365749454432140%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C32%2C26%2C0%2C0%2C%2C116%2C0%2C%2C%2C%2C196%3Aco%3A0%3Acpf%3A1%3Ans%3A1686365748658%3Arqnl%3A1%3Ast%3A1686365749%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/73444708/1?wmode=7&page-url=https%3A%2F%2Fni9q.captcha.amazingcontent.site%2F%3Fr%3D1&page-ref=https%3A%2F%2Fcaptcha.amazingcontent.site%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzhfy8utpb%3Afp%3A120%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A242791383128%3Ahid%3A573627433%3Az%3A0%3Ai%3A20230610025549%3Aet%3A1686365749%3Ac%3A1%3Arn%3A694633138%3Arqn%3A1%3Au%3A1686365749454432140%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C32%2C26%2C0%2C0%2C%2C116%2C0%2C%2C%2C%2C196%3Aco%3A0%3Acpf%3A1%3Ans%3A1686365748658%3Arqnl%3A1%3Ast%3A1686365749%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 14
  • https://rtbrennab.com/banner/in/show/?mid=4093314643709846821&pid=0&site=2&sc=NL&usage_type=DCH&subid=0&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=ni9q.captcha.amazingcontent.site&hostname=auc-banner-hz-6&site_id=0&spot_id=0&utm_source=tcban_i&utm_medium=2&utm_campaign=10340&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&pop_winurl=&ip=2a00:1630:2:606::3&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=269&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=1696&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D0%26idzone%3D3830819%26w%3D300%26h%3D250%26mo%3D%26ve%3D%26site_id%3D2%26utm1%3Dtcban_i%26utm2%3D2%26utm3%3D10340%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Fni9q.captcha.amazingcontent.site%252F%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
  • https://btds.zog.link/in/912/?sid=0&source=0&idzone=3830819&w=300&h=250&mo=&ve=&site_id=2&utm1=tcban_i&utm2=2&utm3=10340&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Fni9q.captcha.amazingcontent.site%2F&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
  • https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=0&categories={{ad_tags}}

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
captcha.amazingcontent.site/ 		254 KB
96 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://captcha.amazingcontent.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.62.200.171 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 / PHP/7.4.33
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 10 Jun 2023 02:55:48 GMT
server
nginx/1.18.0
x-powered-by
PHP/7.4.33
captcha.css
captcha.amazingcontent.site/assets/styles/ 		9 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://captcha.amazingcontent.site/assets/styles/captcha.css
Requested by
Host: captcha.amazingcontent.site
URL: https://captcha.amazingcontent.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.62.200.171 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://captcha.amazingcontent.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 02:55:48 GMT
content-encoding
gzip
last-modified
Tue, 11 Apr 2023 08:05:26 GMT
server
nginx/1.18.0
etag
W/"643514c6-22fb"
content-type
text/css
/
ni9q.captcha.amazingcontent.site/ 		254 KB
96 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ni9q.captcha.amazingcontent.site/?r=1
Requested by
Host: captcha.amazingcontent.site
URL: https://captcha.amazingcontent.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.62.200.171 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 / PHP/7.4.33
Resource Hash
d0f64a5355f2f1033bdd3b96aa910ccbd2dfa1f628c533ed822dd8cb78483e10

Request headers

Referer
https://captcha.amazingcontent.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 10 Jun 2023 02:55:48 GMT
server
nginx/1.18.0
x-powered-by
PHP/7.4.33
captcha.css
ni9q.captcha.amazingcontent.site/assets/styles/ 		9 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ni9q.captcha.amazingcontent.site/assets/styles/captcha.css
Requested by
Host: ni9q.captcha.amazingcontent.site
URL: https://ni9q.captcha.amazingcontent.site/?r=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.62.200.171 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
8f665deb6bf65eb2a136f529cb3fd114c1c33cac19b464bc8265a49f7bd32ead

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ni9q.captcha.amazingcontent.site/?r=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 02:55:48 GMT
content-encoding
gzip
last-modified
Tue, 11 Apr 2023 08:05:26 GMT
server
nginx/1.18.0
etag
W/"643514c6-22fb"
content-type
text/css
b.html
cdn.tubecorp.com/i/ Frame F7C4 		223 B
460 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.tubecorp.com/i/b.html?spot=2&pid=10340&width=300&height=250&spaceid=1696
Requested by
Host: ni9q.captcha.amazingcontent.site
URL: https://ni9q.captcha.amazingcontent.site/?r=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
dee7baef733b9e0de6f65fc1b7016aa5564b90a7f1c99a67d15335bacf32d69b

Request headers

Referer
https://ni9q.captcha.amazingcontent.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 10 Jun 2023 02:55:48 GMT
etag
W/"df-5d132d021cf80"
expires
Sat, 10 Jun 2023 03:55:48 GMT
last-modified
Sat, 20 Nov 2021 06:50:54 GMT
server
nginx/1.20.1
x-proxy-cache
HIT
x-request-id
e371fefe62fc16b4b5a624366af77dbe
metrika.js
ni9q.captcha.amazingcontent.site/assets/scripts/ 		440 B
451 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ni9q.captcha.amazingcontent.site/assets/scripts/metrika.js
Requested by
Host: ni9q.captcha.amazingcontent.site
URL: https://ni9q.captcha.amazingcontent.site/?r=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.62.200.171 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
fb200c319c04a1170cd1bcf0e8ea007b518799cb78ef296f69aef7d94d595c4d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ni9q.captcha.amazingcontent.site/?r=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 02:55:48 GMT
content-encoding
gzip
last-modified
Tue, 11 Apr 2023 08:05:26 GMT
server
nginx/1.18.0
etag
W/"643514c6-1b8"
content-type
application/javascript
truncated
/ 		24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cbf5ff9c2945171c3f93c38e9c67d4b98fb5354a3c95cf4910259780c1fb9b0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a72fd7760f623c9fd5fee0bd98df809a347471902fc479bcdae38681c1a071d1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca7a07233506b5529a951fd2c4580757f5606d874b8a2b0a153d14a418b201ef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
tag.js
mc.yandex.ru/metrika/ 		214 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: ni9q.captcha.amazingcontent.site
URL: https://ni9q.captcha.amazingcontent.site/assets/scripts/metrika.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
d061d49d7dca2febc35bb2f24f549365f423cd71b305f8b70a568a531504c165
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ni9q.captcha.amazingcontent.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 02:55:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Thu, 08 Jun 2023 15:38:48 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6481cbd8-12498"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
74904
expires
Sat, 10 Jun 2023 03:55:48 GMT
tcbanner.js
cdn.tubecorp.com/b/ Frame F7C4 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tubecorp.com/b/tcbanner.js?v=21
Requested by
Host: cdn.tubecorp.com
URL: https://cdn.tubecorp.com/i/b.html?spot=2&pid=10340&width=300&height=250&spaceid=1696
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
3eb693b3d6b913111d8676b4a077fce9d517b9ab46305fb6db20995e248f7517

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn.tubecorp.com/i/b.html?spot=2&pid=10340&width=300&height=250&spaceid=1696
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Sat, 10 Jun 2023 03:55:48 GMT
date
Sat, 10 Jun 2023 02:55:48 GMT
content-encoding
gzip
last-modified
Sat, 20 Nov 2021 06:50:35 GMT
server
nginx/1.20.1
etag
W/"61989abb-c604"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
x-request-id
0b4f84509ec81fc5f2a25b3ae62fde04
x-proxy-cache
HIT
/
rtbbnr.com/get/ Frame D9C6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjIsImlkIjoxNjk2LCJsYWJlbHMiOiIiLCJzaXRlX2lkIjoyLCJ0eXBlIjoiYmFubmVyIiwic3BhY2VpZCI6MTY5Niwic3BvdF9pZCI6MCwiaWR6b25lIjozODMwODE5LCJ6b25lIjoidGNfcGFiXzMwMHgyNTAiLCJhZF90YWdzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IiIsInV0bTEiOiJ0Y2Jhbl9pIiwidXRtMiI6IjIiLCJ1dG0zIjoiMTAzNDAiLCJ1dG00IjoiIn0sImJhbm5lciI6eyJ3IjozMDAsImgiOjI1MH19XSwic2l0ZSI6eyJpZCI6IjIiLCJwYWdlIjoiaHR0cHM6Ly9uaTlxLmNhcHRjaGEuYW1hemluZ2NvbnRlbnQuc2l0ZS8ifSwiZGV2aWNlIjp7InciOjE2MDAsImgiOjEyMDB9LCJ1c2VyIjp7ImlkIjoiZDIzMTU5MjY5YzZjMGM2M2RhMzM1MDg4YjllOTJjZDEifSwiZXh0Ijp7ImR0IjoxNjg2MzY1NzQ4OTk3fX0=
Requested by
Host: cdn.tubecorp.com
URL: https://cdn.tubecorp.com/b/tcbanner.js?v=21
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:c0:2f03::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
8024a38e92aa618ffcdd7013a4be1467484aaafd105e16bea1a207a86af0c0c5

Request headers

Referer
https://cdn.tubecorp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html
date
Sat, 10 Jun 2023 02:55:49 GMT
pragma
no-cache
server
nginx/1.18.0
vary
Origin
advert.gif
mc.yandex.ru/metrika/ 		43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: ni9q.captcha.amazingcontent.site
URL: https://ni9q.captcha.amazingcontent.site/?r=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ni9q.captcha.amazingcontent.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 02:55:49 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 08 Jun 2023 15:38:48 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6481cbd8-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 10 Jun 2023 03:55:49 GMT
1
mc.yandex.ru/watch/73444708/
Redirect Chain
  • https://mc.yandex.ru/watch/73444708?wmode=7&page-url=https%3A%2F%2Fni9q.captcha.amazingcontent.site%2F%3Fr%3D1&page-ref=https%3A%2F%2Fcaptcha.amazingcontent.site%2F&charset=utf-8&uah=chm%0A%3F0&bro...
  • https://mc.yandex.ru/watch/73444708/1?wmode=7&page-url=https%3A%2F%2Fni9q.captcha.amazingcontent.site%2F%3Fr%3D1&page-ref=https%3A%2F%2Fcaptcha.amazingcontent.site%2F&charset=utf-8&uah=chm%0A%3F0&b...
428 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/73444708/1?wmode=7&page-url=https%3A%2F%2Fni9q.captcha.amazingcontent.site%2F%3Fr%3D1&page-ref=https%3A%2F%2Fcaptcha.amazingcontent.site%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzhfy8utpb%3Afp%3A120%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A242791383128%3Ahid%3A573627433%3Az%3A0%3Ai%3A20230610025549%3Aet%3A1686365749%3Ac%3A1%3Arn%3A694633138%3Arqn%3A1%3Au%3A1686365749454432140%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C32%2C26%2C0%2C0%2C%2C116%2C0%2C%2C%2C%2C196%3Aco%3A0%3Acpf%3A1%3Ans%3A1686365748658%3Arqnl%3A1%3Ast%3A1686365749%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Requested by
Host: ni9q.captcha.amazingcontent.site
URL: https://ni9q.captcha.amazingcontent.site/?r=1
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
80605285f1ee82dbd08cb70fc04eaa1ae400433b2cd7bfb6bf92394b6eb38639
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ni9q.captcha.amazingcontent.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jun 2023 02:55:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 10-Jun-2023 02:55:49 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ni9q.captcha.amazingcontent.site
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
428
x-xss-protection
1; mode=block
expires
Sat, 10-Jun-2023 02:55:49 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Jun 2023 02:55:49 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 10-Jun-2023 02:55:49 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/73444708/1?wmode=7&page-url=https%3A%2F%2Fni9q.captcha.amazingcontent.site%2F%3Fr%3D1&page-ref=https%3A%2F%2Fcaptcha.amazingcontent.site%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzhfy8utpb%3Afp%3A120%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A242791383128%3Ahid%3A573627433%3Az%3A0%3Ai%3A20230610025549%3Aet%3A1686365749%3Ac%3A1%3Arn%3A694633138%3Arqn%3A1%3Au%3A1686365749454432140%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C32%2C26%2C0%2C0%2C%2C116%2C0%2C%2C%2C%2C196%3Aco%3A0%3Acpf%3A1%3Ans%3A1686365748658%3Arqnl%3A1%3Ast%3A1686365749%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://ni9q.captcha.amazingcontent.site
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 10-Jun-2023 02:55:49 GMT
00394b71264946e5bf58746cefe5435f.html
tsyndicate.com/iframes2/ Frame 0FA3
Redirect Chain
  • https://rtbrennab.com/banner/in/show/?mid=4093314643709846821&pid=0&site=2&sc=NL&usage_type=DCH&subid=0&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=ni9q...
  • https://btds.zog.link/in/912/?sid=0&source=0&idzone=3830819&w=300&h=250&mo=&ve=&site_id=2&utm1=tcban_i&utm2=2&utm3=10340&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Fni9q.captcha.amazingcontent.site%2F...
  • https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=0&categories={{ad_tags}}
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=0&categories={{ad_tags}}
Requested by
Host: rtbbnr.com
URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjIsImlkIjoxNjk2LCJsYWJlbHMiOiIiLCJzaXRlX2lkIjoyLCJ0eXBlIjoiYmFubmVyIiwic3BhY2VpZCI6MTY5Niwic3BvdF9pZCI6MCwiaWR6b25lIjozODMwODE5LCJ6b25lIjoidGNfcGFiXzMwMHgyNTAiLCJhZF90YWdzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IiIsInV0bTEiOiJ0Y2Jhbl9pIiwidXRtMiI6IjIiLCJ1dG0zIjoiMTAzNDAiLCJ1dG00IjoiIn0sImJhbm5lciI6eyJ3IjozMDAsImgiOjI1MH19XSwic2l0ZSI6eyJpZCI6IjIiLCJwYWdlIjoiaHR0cHM6Ly9uaTlxLmNhcHRjaGEuYW1hemluZ2NvbnRlbnQuc2l0ZS8ifSwiZGV2aWNlIjp7InciOjE2MDAsImgiOjEyMDB9LCJ1c2VyIjp7ImlkIjoiZDIzMTU5MjY5YzZjMGM2M2RhMzM1MDg4YjllOTJjZDEifSwiZXh0Ijp7ImR0IjoxNjg2MzY1NzQ4OTk3fX0=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.17.152.251.148.clients.your-server.de
Software
nginx /
Resource Hash
d7e7ce2f45b60b48c331997f5fed04e306a5df50a3b96c251c93a0b8bb853d34

Request headers

Referer
https://rtbbnr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache, no-store, no-transform, must-revalidate no-transform
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 10 Jun 2023 02:55:49 GMT
expires
0
link
<https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
pragma
no-cache
report-to
{ "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
server
nginx
vary
Accept-Encoding *
x-api-version
2
x-request-id
f79795380e7c1e5c
x-robots-tag
none noindex, nofollow

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 10 Jun 2023 02:55:49 GMT
location
https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=0&categories={{ad_tags}}
pragma
no-cache
server
nginx/1.20.1
vary
*
b.b.js
lcdn.tsyndicate.com/sdk/v1/ Frame 0FA3 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lcdn.tsyndicate.com/sdk/v1/b.b.js
Requested by
Host: rtbbnr.com
URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjIsImlkIjoxNjk2LCJsYWJlbHMiOiIiLCJzaXRlX2lkIjoyLCJ0eXBlIjoiYmFubmVyIiwic3BhY2VpZCI6MTY5Niwic3BvdF9pZCI6MCwiaWR6b25lIjozODMwODE5LCJ6b25lIjoidGNfcGFiXzMwMHgyNTAiLCJhZF90YWdzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IiIsInV0bTEiOiJ0Y2Jhbl9pIiwidXRtMiI6IjIiLCJ1dG0zIjoiMTAzNDAiLCJ1dG00IjoiIn0sImJhbm5lciI6eyJ3IjozMDAsImgiOjI1MH19XSwic2l0ZSI6eyJpZCI6IjIiLCJwYWdlIjoiaHR0cHM6Ly9uaTlxLmNhcHRjaGEuYW1hemluZ2NvbnRlbnQuc2l0ZS8ifSwiZGV2aWNlIjp7InciOjE2MDAsImgiOjEyMDB9LCJ1c2VyIjp7ImlkIjoiZDIzMTU5MjY5YzZjMGM2M2RhMzM1MDg4YjllOTJjZDEifSwiZXh0Ijp7ImR0IjoxNjg2MzY1NzQ4OTk3fX0=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.248.113.243 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tsyndicate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 02:55:50 GMT
content-encoding
gzip
last-modified
Wed, 23 Nov 2022 12:50:59 GMT
server
nginx
age
15596903
etag
W/"637e1733-1f37"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
2884
10014242
a.adtng.com/get/ Frame 802B 		21 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a.adtng.com/get/10014242?time=1684509571351&atc=554003&apb=tlOi9NQgFi0X05ZL6yPlHXuBnn5hYIrhDA-j8hhu0cE0coIPAZy5vS98h6UPHZnh7QRQHrA4VPLrwvVZNWXXCR1REepczsZpYXiN-eKTnVWgdQI_gUIDRUi
Requested by
Host: tsyndicate.com
URL: https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=0&categories={{ad_tags}}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.254.114.171 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
reflectededge.reflected.net
Software
openresty /
Resource Hash
cd50f5fac66921205c8e2a355ac3a26ef571ea3be201f261f05bc74b273563ba

Request headers

Referer
https://tsyndicate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET
content-encoding
gzip
content-type
text/html
date
Sat, 10 Jun 2023 02:55:50 GMT
server
openresty
vortex-simple-1.0.0.js
ht-cdn2.adtng.com/delivery/vortex/ Frame 802B 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ht-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js
Requested by
Host: a.adtng.com
URL: https://a.adtng.com/get/10014242?time=1684509571351&atc=554003&apb=tlOi9NQgFi0X05ZL6yPlHXuBnn5hYIrhDA-j8hhu0cE0coIPAZy5vS98h6UPHZnh7QRQHrA4VPLrwvVZNWXXCR1REepczsZpYXiN-eKTnVWgdQI_gUIDRUi
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.254.122.23 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a.adtng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 02:55:50 GMT
last-modified
Fri, 02 Nov 2018 14:17:11 GMT
etag
"13a3-579af30f7688b"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=10658409
x-cdn-diag
fra1-11014-2-13956-h-0-0---;11028-31-27001----0-0-1
accept-ranges
bytes
content-length
5027
expires
Sun, 10 Sep 2023 06:35:10 GMT
1065831_logo.png
hw-cdn2.adtng.com/a7/creatives/1/49/816177/1065831/ Frame 802B 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hw-cdn2.adtng.com/a7/creatives/1/49/816177/1065831/1065831_logo.png
Requested by
Host: a.adtng.com
URL: https://a.adtng.com/get/10014242?time=1684509571351&atc=554003&apb=tlOi9NQgFi0X05ZL6yPlHXuBnn5hYIrhDA-j8hhu0cE0coIPAZy5vS98h6UPHZnh7QRQHrA4VPLrwvVZNWXXCR1REepczsZpYXiN-eKTnVWgdQI_gUIDRUi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x019.map2.ssl.hwcdn.net
Software
/
Resource Hash
af487ec82bb7e6bdb24d54388a9a86d8e57ded9c0d83d9b4d608ce32e9768585

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a.adtng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Sat, 10 Jun 2023 02:55:50 GMT
Last-Modified
Wed, 03 May 2023 14:34:56 GMT
ETag
"1683124496"
X-HW
1686365750.dop123.am5.t,1686365750.cds317.am5.shn,1686365750.dop123.am5.t,1686365750.cds110.am5.c
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=10582268
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3341
IntersectionObserver.js
hw-cdn2.adtng.com/delivery/intersection_observer/ Frame 802B 		16 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
Requested by
Host: a.adtng.com
URL: https://a.adtng.com/get/10014242?time=1684509571351&atc=554003&apb=tlOi9NQgFi0X05ZL6yPlHXuBnn5hYIrhDA-j8hhu0cE0coIPAZy5vS98h6UPHZnh7QRQHrA4VPLrwvVZNWXXCR1REepczsZpYXiN-eKTnVWgdQI_gUIDRUi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x019.map2.ssl.hwcdn.net
Software
/
Resource Hash
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a.adtng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Sat, 10 Jun 2023 02:55:50 GMT
Last-Modified
Tue, 05 Apr 2022 20:54:54 GMT
ETag
"1649192094"
X-HW
1686365750.dop123.am5.t,1686365750.cds317.am5.shn,1686365750.dop123.am5.t,1686365750.cds277.am5.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10434140
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
16885
1065831_video.mp4
hw-cdn2.adtng.com/a7/creatives/1/49/816177/1065831/ Frame 802B 		675 KB
676 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://hw-cdn2.adtng.com/a7/creatives/1/49/816177/1065831/1065831_video.mp4
Requested by
Host: a.adtng.com
URL: https://a.adtng.com/get/10014242?time=1684509571351&atc=554003&apb=tlOi9NQgFi0X05ZL6yPlHXuBnn5hYIrhDA-j8hhu0cE0coIPAZy5vS98h6UPHZnh7QRQHrA4VPLrwvVZNWXXCR1REepczsZpYXiN-eKTnVWgdQI_gUIDRUi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x019.map2.ssl.hwcdn.net
Software
/
Resource Hash
842b32f271f2f2e8d36254ece68b49d10ce6ac585fe790d72569c64851d3b1b0

Request headers

Referer
https://a.adtng.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Range
bytes=0-

Response headers

Date
Sat, 10 Jun 2023 02:55:51 GMT
Last-Modified
Wed, 03 May 2023 14:40:26 GMT
ETag
"1683124826"
X-HW
1686365750.dop123.am5.t,1686365750.cds317.am5.shn,1686365751.dop123.am5.t,1686365751.cds276.am5.c
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-691390/691391
Cache-Control
max-age=10582268
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
691391
p.js
pxl.tsyndicate.com/api/v1/p/ Frame 0FA3 		24 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zCyGWoRGDho0cOVrcmCHDTAuOEVvgoAGjhsoyMGTYoDHjYI0ZZkQ8nCMmDRmFOraIgCGiy8MwdcZkrCmGDA4cYlzKCBP1JA0cMVqIMSNmTIsaOWbkMNPQxpgbMcLohEjGzsKPNmQ8hFNHDEUZOW4chQOHYgyQM3bCmahjxg0bMQzLFTGmTV8dNWqwhBGYbU6GD8W4cbNwBg0ZHBM_bOMGow4ZIz_OJW26Y4wYOB7WiZERDR06cOboePEijAuDdEq7GPOmzYszZei8iAEDRkfQMn7QSdOmTI8YNlbWgJGjBtoZNWJwqdNcZhg6Y3pEnjxjfHkbYeCI6UGEzpMYSKggkZFmRpooR1iBBBNzCEEFFkLMkEUSWeQAAxZw5ICHGU7YcUQTOXzBxBoxoDcGDk-8YQQMR9jwholxnEVGETCMYUcZTSSBRhhzWEGDFjkMsV8OcKRhgxVu2LBGGnooIYMRZtBxBw1frFGFHGzUQUYYQdjRghp1BDEEE2csscYXZ1SRBBFSVJHGWmQUl5EcdIihmRzDqfnQGOcttMUMMRglAhxyKMVQGS3AYENml8HgQnMOMQZHG1_w6aehzcGA1UNy2PHYXw-VMcaiC0HqnGx1nKmDCGTQcENeMZDhEhkydHVSDmSI0UIOZcTgVRllwDoGWZKGYQYZa6XxmAh4uiADDDS40JAMxra0lhxfCLtUDM0mu2yzNaxVh1qjNvGGHmmwwUYYL9RwKAgoXJGGG2neMQcITlABAnOH7gCCukHSYC8eM6UAQhB8sVHGFWWIsUQayt10gwsz2IDuEvk1wQQLILCRxhplgHCEpmu84e8QaMhRXBnLdXSoC96Bp6ygIEzhaxhypFGuYQzbsNYYforgBBNrvQEtzhntvBYbOQv90EF2fCFHGWxQ5F14NazUHKVncHaadzQcXUbSYsixUGykbv1FG28AexpWWZMqMkUPvQFU2ny-gUceC6W99GUD3Zbbbi-w6aYbcBJn3FpzVLrmG3Sc53MLdbiB8EmGkjFGDDKgmfNBX0hO-Vp0tEFRdjY0jHUOFrVROUOgi34DDTk8BcNRZChdxhxwfFEn6jiEbsPomSYdhsBsAnUnDXpSRVjYZiDFxkRzEd3pnKbB0IcCAQE%3D&s=d8c7f6eb3a5f881d834fd87d5fb9a2153b76cbee1af92f6fa20ed49de94855661686365749&w=t&r=1&d=629&priv=false
Requested by
Host: tsyndicate.com
URL: https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=0&categories={{ad_tags}}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.51.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.205.51.243.136.clients.your-server.de
Software
nginx /
Resource Hash
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tsyndicate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 02:55:51 GMT
server
nginx
x-robots-tag
noindex, nofollow
content-length
24
content-type
text/plain; charset=utf-8
track
metricswpsh.com/in/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://metricswpsh.com/in/track?data=eyJ0YWdfaWQiOjB9
Requested by
Host: ni9q.captcha.amazingcontent.site
URL: https://ni9q.captcha.amazingcontent.site/?r=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.47.199.202 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.202.199.47.78.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ni9q.captcha.amazingcontent.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jun 2023 02:55:51 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
wp-banners.js
js.wpshsdk.com/npc/sdk/ 		0
238 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpshsdk.com/npc/sdk/wp-banners.js
Requested by
Host: ni9q.captcha.amazingcontent.site
URL: https://ni9q.captcha.amazingcontent.site/?r=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ni9q.captcha.amazingcontent.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Sat, 10 Jun 2023 03:00:51 GMT
date
Sat, 10 Jun 2023 02:55:51 GMT
last-modified
Fri, 20 Aug 2021 15:14:31 GMT
server
nginx/1.18.0
etag
"611fc6d7-0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
0
x-proxy-cache
HIT
subscription-offers
notification.tubecup.net/in/ 		0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notification.tubecup.net/in/subscription-offers?href=https%3A%2F%2Fni9q.captcha.amazingcontent.site%2F%3Fr%3D1&tcid=0&spot_id=&site=landing&source_id=0&utm_source=null&utm_medium=null&utm_campaign=null&utm_content=null&spotId=&adFormat=push&clickId=null
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.136.234 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-136-234.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ni9q.captcha.amazingcontent.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jun 2023 02:55:51 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
Primary Request /
www.google.com/
Redirect Chain
  • http://google.com/
  • http://www.google.com/
  • https://www.google.com/?gws_rd=ssl
200 KB
63 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/?gws_rd=ssl
Requested by
Host: ni9q.captcha.amazingcontent.site
URL: https://ni9q.captcha.amazingcontent.site/?r=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
57dad48ca18ad976cb72d3b9ccc55278f3289b0ccb6aa9ec0468bd270bcd0cce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
62840
content-security-policy-report-only
object-src 'none';base-uri 'self';script-src 'nonce-bjPZ0b6nUFnio6RWRHh7zg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Sat, 10 Jun 2023 02:55:51 GMT
expires
-1
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-xss-protection
0

Redirect headers

Cache-Control
private
Content-Length
231
Content-Security-Policy-Report-Only
object-src 'none';base-uri 'self';script-src 'nonce-SXNYqWwrZFAmSLMTbGGnpQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
Content-Type
text/html; charset=UTF-8
Cross-Origin-Opener-Policy
same-origin-allow-popups; report-to="gws"
Date
Sat, 10 Jun 2023 02:55:51 GMT
Location
https://www.google.com/?gws_rd=ssl
Origin-Trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
Permissions-Policy
unload=()
Report-To
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
Server
gws
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
0
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: www.google.com
URL: https://www.google.com/?gws_rd=ssl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 02:55:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5969
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 10 Jun 2023 02:55:51 GMT
truncated
/ 		315 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfc968774223d526b5bd576d65d52926560be675eb4d289e4b50b6b2d1c4c34c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
24px.svg
fonts.gstatic.com/s/i/productlogos/googleg/v6/ 		742 B
973 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fonts.gstatic.com/s/i/productlogos/googleg/v6/24px.svg
Requested by
Host: www.google.com
URL: https://www.google.com/?gws_rd=ssl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed9087d76cdc6d1c53698f6068f79872e77e87c8d012c0cfdad13b05b6ccb37c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 19:59:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
543382
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
438
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 17:17:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 02 Jun 2024 19:59:29 GMT
desktop_searchbox_sprites318_hr.webp
www.google.com/images/searchbox/ 		660 B
762 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/searchbox/desktop_searchbox_sprites318_hr.webp
Requested by
Host: www.google.com
URL: https://www.google.com/?gws_rd=ssl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d788f86be22112bb53762545989c0f1bbdb7343161130952c9ba3834ff81e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/?gws_rd=ssl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 02:55:51 GMT
x-content-type-options
nosniff
last-modified
Wed, 22 Apr 2020 22:00:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/webp
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
660
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 10 Jun 2023 02:55:51 GMT
gen_204
www.google.com/ 		0
231 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/gen_204?ei=N-aDZPuCHJbtkgXNzqqADA&vet=10ahUKEwi7-s782bf_AhWWtqQKHU2nCsAQhJAHCBw..s&gl=nl&pc=SEARCH_HOMEPAGE&isMobile=false
Requested by
Host: www.google.com
URL: https://www.google.com/?gws_rd=ssl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-DWFftyhtI1EWiTfL1830zg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-DWFftyhtI1EWiTfL1830zg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date
Sat, 10 Jun 2023 02:55:51 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/html; charset=UTF-8
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ 		775 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
592fa7f72e229674612ddb6f5578f05cdcd1e8aa470d3fa257415e2c7499e435

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		236 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e641d94ac2d51089bf1282148963c8b2253dcfe089861537544b44b346672f0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		197 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5d67eaa85688500479563e35f5f52c860a32d66234bc5326b4acae00e20bf63

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		686 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
228a729bd6316ceac03ebdf00ccfa5dab5429a38f0598ec0c9f228b16b26261f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		338 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b01d1155941a02829ae5eaecfd86c83f7e7a5a6e34edd94a0b7780f4ae1ae78

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
948fe62ca3b291d8bccb2f4799f97bd46f1d670f85d8f275d0347f7398e50e99

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/svg+xml
gen_204
www.google.com/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=N-aDZPuCHJbtkgXNzqqADA&zx=1686365751607&opi=89978449
Requested by
Host: www.google.com
URL: https://www.google.com/?gws_rd=ssl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-wJNnqvwMByaEDWW-Msar2g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-wJNnqvwMByaEDWW-Msar2g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date
Sat, 10 Jun 2023 02:55:51 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/html; charset=UTF-8
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rs=AA2YrTvmL88z5krjV_swGFrEtokcHNFKmQ
www.gstatic.com/og/_/js/k=og.qtm.en_US.j5Pqc5w9pqA.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ 		185 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/og/_/js/k=og.qtm.en_US.j5Pqc5w9pqA.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTvmL88z5krjV_swGFrEtokcHNFKmQ
Requested by
Host: www.google.com
URL: https://www.google.com/?gws_rd=ssl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
206ee425d0532e8dec56bb9a4945811323c41e14ff9e110439753c5d744f00c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 12:30:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311132
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67719
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 01:39:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="one-google-eng"
vary
Accept-Encoding, Origin
report-to
{"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Jun 2024 12:30:19 GMT
rs=AA2YrTvUB3B6yXeMO_sewwqFSY2IgrAGoA
www.gstatic.com/og/_/ss/k=og.qtm.VcdoEjfOBQM.L.W.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ct=zgms/ 		389 B
826 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/og/_/ss/k=og.qtm.VcdoEjfOBQM.L.W.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ct=zgms/rs=AA2YrTvUB3B6yXeMO_sewwqFSY2IgrAGoA
Requested by
Host: www.google.com
URL: https://www.google.com/?gws_rd=ssl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
237246dafac5532b8687505ea27acf51436daa155b93d749abc6b307136e32e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 16:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
211962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
274
x-xss-protection
0
last-modified
Fri, 02 Jun 2023 01:43:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="one-google-eng"
vary
Accept-Encoding, Origin
report-to
{"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 06 Jun 2024 16:03:09 GMT
gen_204
www.google.com/ 		0
19 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=N-aDZPuCHJbtkgXNzqqADA&rt=wsrt.360,aft.233,afti.233,prt.77&wh=1200&imn=6&ima=3&imad=0&imac=0&imf=0&aft=1&aftp=1200&opi=89978449&bl=lRvD
Requested by
Host: www.google.com
URL: https://www.google.com/?gws_rd=ssl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-nNfofdbMoI6butr4TcuUxA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-nNfofdbMoI6butr4TcuUxA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date
Sat, 10 Jun 2023 02:55:51 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/html; charset=UTF-8
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.K1LWthAzeb4.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-TQTqnv7hwijrseP4JKJ1XY83Ehg/ 		112 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.K1LWthAzeb4.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-TQTqnv7hwijrseP4JKJ1XY83Ehg/cb=gapi.loaded_0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.j5Pqc5w9pqA.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTvmL88z5krjV_swGFrEtokcHNFKmQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6cb41ccda19e4e0d932237cf11399b9a1a4ce2dfc156f7ebd92f2e4623078d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 20:41:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
368058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38651
x-xss-protection
0
last-modified
Fri, 28 Apr 2023 15:20:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Jun 2024 20:41:33 GMT

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| google object| gws_wizbind object| _skwEvts object| gbar_ object| gbar string| __PVT object| gapi object| ___jsl object| __jsaction object| W_jd object| WIZ_global_data object| IJ_values function| _F_installCss string| _F_jsUrl object| _ function| _DumpException object| _s object| _qs object| jsl number| closure_uid_630795227 object| closure_lm_954381 object| osapi object| gadgets object| shindig object| googleapis

17 Cookies

Domain/Path Name / Value
.amazingcontent.site/ Name: _ym_uid
Value: 1686365749454432140
.amazingcontent.site/ Name: _ym_d
Value: 1686365749
.amazingcontent.site/ Name: _ym_isad
Value: 2
mc.yandex.ru/ Name: yabs-sid
Value: 150175131686365749
.yandex.ru/ Name: i
Value: /W/MF3JuWavQAt1+PJjLEXw25nrQSHHgmBqPz1dNAVeMHBvu7RQI963DnxsgWkHWvylIkgBCzsUMD3wYkTjyeRoeJZs=
.yandex.ru/ Name: yandexuid
Value: 3529686891686365749
.yandex.ru/ Name: yuidss
Value: 3529686891686365749
.yandex.ru/ Name: ymex
Value: 1717901749.yc.1686365749#1717901749.yrts.1686365749#1717901749.yrtsi.1686365749
.yandex.ru/ Name: bh
Value: KgI/MA==
.amazingcontent.site/ Name: _ym_visorc
Value: b
btds.zog.link/ Name: 912.0
Value: 1
.tsyndicate.com/ Name: ts_uid
Value: d47971d5-d2bc-49db-9e1c-ee9dcf108afd
a.adtng.com/ Name: adtool_guid
Value: Ch5KBmSD5jZlH3a2Zjh/Ag==
a.adtng.com/ Name: LBSERVERID
Value: ded6974
.google.com/ Name: AEC
Value: AUEFqZcHx7aiwNprGMYTFZKzQXEijbHqGfx_daWoCSB2vKgZw9w7TvatFw
.google.com/ Name: __Secure-ENID
Value: 12.SE=SInYw06nklF24RO6sQ5SoMbF8Tbl2ZkpUsQNlueclrXvD6or3ZGhwcXKo4YYsFOviSGyCUCND1FXZDyUzKVjpF-ZZ0SxtmRWsdV81zJI47tBm5hEvFqk9PoC8L86-KVNvqKKEsUs8RFrbH26v-T2yOCgRqKDy9rwtGkBkItXWzY
.google.com/ Name: CONSENT
Value: PENDING+227

4 Console Messages

Source Level URL
Text
other error URL: https://ni9q.captcha.amazingcontent.site/?r=1
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'unload'.
other error URL: https://www.google.com/?gws_rd=ssl
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
other error URL: https://www.google.com/?gws_rd=ssl
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.adtng.com
apis.google.com
btds.zog.link
captcha.amazingcontent.site
cdn.tubecorp.com
fonts.gstatic.com
google.com
ht-cdn2.adtng.com
hw-cdn2.adtng.com
js.wpshsdk.com
lcdn.tsyndicate.com
mc.yandex.ru
metricswpsh.com
ni9q.captcha.amazingcontent.site
notification.tubecup.net
pxl.tsyndicate.com
rtbbnr.com
rtbrennab.com
tsyndicate.com
www.google.com
www.gstatic.com
136.243.51.205
148.251.152.17
178.62.200.171
209.197.3.25
2a00:1450:4001:802::200e
2a00:1450:4001:803::2003
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200e
2a01:4f8:c0:2f03::2
2a02:128:7:4860::2
2a02:6b8::1:119
45.133.44.24
45.133.44.52
66.254.114.171
66.254.122.23
78.47.199.202
8.248.113.243
88.198.136.234
1e641d94ac2d51089bf1282148963c8b2253dcfe089861537544b44b346672f0
206ee425d0532e8dec56bb9a4945811323c41e14ff9e110439753c5d744f00c0
228a729bd6316ceac03ebdf00ccfa5dab5429a38f0598ec0c9f228b16b26261f
237246dafac5532b8687505ea27acf51436daa155b93d749abc6b307136e32e4
366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9
3eb693b3d6b913111d8676b4a077fce9d517b9ab46305fb6db20995e248f7517
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
57dad48ca18ad976cb72d3b9ccc55278f3289b0ccb6aa9ec0468bd270bcd0cce
592fa7f72e229674612ddb6f5578f05cdcd1e8aa470d3fa257415e2c7499e435
6cbf5ff9c2945171c3f93c38e9c67d4b98fb5354a3c95cf4910259780c1fb9b0
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356
6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c
73d788f86be22112bb53762545989c0f1bbdb7343161130952c9ba3834ff81e3
8024a38e92aa618ffcdd7013a4be1467484aaafd105e16bea1a207a86af0c0c5
80605285f1ee82dbd08cb70fc04eaa1ae400433b2cd7bfb6bf92394b6eb38639
842b32f271f2f2e8d36254ece68b49d10ce6ac585fe790d72569c64851d3b1b0
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
8b01d1155941a02829ae5eaecfd86c83f7e7a5a6e34edd94a0b7780f4ae1ae78
8f665deb6bf65eb2a136f529cb3fd114c1c33cac19b464bc8265a49f7bd32ead
948fe62ca3b291d8bccb2f4799f97bd46f1d670f85d8f275d0347f7398e50e99
a72fd7760f623c9fd5fee0bd98df809a347471902fc479bcdae38681c1a071d1
af487ec82bb7e6bdb24d54388a9a86d8e57ded9c0d83d9b4d608ce32e9768585
b5d67eaa85688500479563e35f5f52c860a32d66234bc5326b4acae00e20bf63
b6cb41ccda19e4e0d932237cf11399b9a1a4ce2dfc156f7ebd92f2e4623078d7
ca7a07233506b5529a951fd2c4580757f5606d874b8a2b0a153d14a418b201ef
cd50f5fac66921205c8e2a355ac3a26ef571ea3be201f261f05bc74b273563ba
d061d49d7dca2febc35bb2f24f549365f423cd71b305f8b70a568a531504c165
d0f64a5355f2f1033bdd3b96aa910ccbd2dfa1f628c533ed822dd8cb78483e10
d7e7ce2f45b60b48c331997f5fed04e306a5df50a3b96c251c93a0b8bb853d34
dee7baef733b9e0de6f65fc1b7016aa5564b90a7f1c99a67d15335bacf32d69b
dfc968774223d526b5bd576d65d52926560be675eb4d289e4b50b6b2d1c4c34c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed9087d76cdc6d1c53698f6068f79872e77e87c8d012c0cfdad13b05b6ccb37c
fb200c319c04a1170cd1bcf0e8ea007b518799cb78ef296f69aef7d94d595c4d