neostrom.in Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 82

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 83

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMJNx0XPSBErA1_Brz_RzQ&google_cver=1

Request Chain 84

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUC968lsqaEXp2MzszI7igAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHaXntiFLS6zbM8w7QhAS-Y&google_cver=1

Request Chain 85

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEJjKxhQshg1Vg_cM6k-ymUk&google_cver=1

Request Chain 86

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM2MDI0Mzg4NTk1Mzk5NDIz

Request Chain 92

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 93

• https://googleads.g.doubleclick.net/pagead/adview?ai=CunvQ6b1AZdXpN7_G78EPquSP8AvX8a2_c6H8n9yIEtnZHhABIOKTliNgkQSgAYrZ_bcByAECqQLoMFZ6PM2xPqgDAcgDyQSqBP8BT9BpiGdfdTvbmhhMH4EjSGFrWHS3wukgz6IYu2UVXViddRqaWo1rqC0RNIMrRjTP7l1d1XHGyY-CQYybGZXu66ka_WPL6RRA4D1Tn4fyiW9x3nuNZ9IvTYVbadAtCFCcythHLKT6Km1mOc1_DXDor6QNm3WNtinaY3MeQiKSja3qbL54d1ynW2MepBjgM3amoRwkVtSAzSLIRkGprLVkyZd109SmHZfi9Y8PGpYgLFQSOWuQR2_XDey6Bn1gnXrX5G0Lmiv92uBPgy0tuS-ndqIenYD_wtWeE7CceNvOGefsq8OYSozFF6jr9rp4zicDhIb8ab7aiupP1SYoEyMHwAS5srqeywSIBaTi79lMoAYCgAfepoLIAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEP71RNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCRtodHRwczovL3NjcnVtZGF5ZXVyb3BlLmNvbS-ACgHICwHYEwPQFQGAFwGyFxwKGggAEhRwdWItMzU3NjYxMDk1MTM0NTEwOBgA&sigh=z9N9ed3Z57M&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaNVi7IgtgPZGpHtEF6CLYxYH_8LEkI3u0D-o80ipk4bveU9xVD66xcWzk1UKaG_onypwgpmNcM7xaWtp459UbP-x4fP_SCvhgB&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214241401065372421983%22,%22debug_reporting%22:true,%22destination%22:%22https://scrumdayeurope.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22385838218%22],%224%22:[%2210-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215796487834207984945%22}&andc=true

Request Chain 97

• https://hal900024.redintelligence.net/request.php?zone=xbrkb4s8ehf6&nw=20&renderingType=javascript&namespace=98702e35d8&subid=&uid=a52727d7865378e5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPuNH6b1AZdTpN7_G78EPquSP8AvM-YagabO9x__3D_AuEAEg4pOWI2CRBMgBCakC6DBWejzNsT6oAwHIA5sEqgSIAk_QcjKhSoec7FaEt_bwfkPs3E5hj0YfcDnDlv2L6etQmOE1zIZdp1SgLsTaNnpmHAEoACFRqNrpfsWPC-BcvbWguLLQnSglp8Tc14Qp-ZcM9P_QzV54n8qoGLGQMhm3ZtyvwPAjdM_f9PAnHVPAC0GZIqanCObm9zd1ltEFFTmCPnk9HN8d46TE-o99FN5cTHWHrCP2IVVlhQWUJZISUzncdUa6mxBNB7Bx6mU-IFI6rl_IS6YcyGGOTZ5FycqXiOjfNW7Acu3jAeBq0on0LRXnlzcqVz6xhApYJM-LPBwHvjo-jnA1ISVUmWzsLQ7vtANh659PJbtzH6XKH6x-_anwtHgxsBsDksAE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAk5MsBPgm80O0BMA2BMD2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSSwDICaaNVi7IgtgPZGpHtEF6CLYxYH_8LEkI3u0D-o80ipk4bveU9xVD66xcWzk1UKaG_onypwgpmNcM7xaWtp459UbP-x4fP_SCvhgB%26sig%3DAOD64_1Y_2Iwerjs91bzlOijCX0YYo2C2Q%26client%3Dca-pub-3576610951345108%26dbm_c%3DAKAmf-BHnUo57GYv83NxNuIclNApAlYf4nvMW5AGo6aG4eYhIbxKjvjWTZY7PbosuqEK72csCbu7JQhc3xe5nDsIrblpaXe-gNBoFs0v9Nz9XMgntqObsvykRTVm4_0vHZ4fD_O3ft89PkGgI78kpqJvMuPXdbuHI9eg5CaZeAToXdUGlkyHu4Y%26cry%3D1%26dbm_d%3DAKAmf-BicKhQxsq2SSYuYutKdhHip9zM9lpO7dln-J7_ESdb7yGuEqGl4QGuvCEHKBlfYMQFPLN7Tg_rL5pd6QxyLzd7oBk9vhUe_kB5n8PrAVs4Q5FxfLMkGvLAgyuzk9PGMixxoYhl7CzFY8R1veSnT5Ksv-dk--6Lj7AXKTOLOy3f6SQbRErjl3zUTWxBdeg_69MS_LX_W_gjo-HAJlGS95Ai8LGewKCd0WKw6Nyud52t9O-Q1oCeYhxen4mdntA4Yf9gXGYjBcTKPld92NrD46EVXhvTFA0PmCWeOEpNhqLRNeZ6TRPlUkOciAuwfmUeCalwOEAmJBrMWdVObxLEAY5aGoXU86WjokYtn7HTmdzTh5IfDJtO9pRLu-kNpas6IcgqYojmo0lg1YzZskZOcnhfGmshQLZrzWFFHB7EcsgTZLXEs6Mp3L9N0Xrze2emuy-yrRWn1Looi2dU_LGp56uSdhyBXbfOCuPy5FAeR6e8rpAcTIy0waybTb88VvXgcw8ppFzHKSR2QbyEsez4BoXKnULhgf1SRK8M3avfJ5unIF566Zs%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231026%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-3576610951345108%26fa%3D4%26ifi%3D4%26uci%3Da!4%26btvi%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fneostrom.in&random=2323729470261&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
• https://hal900024.redintelligence.net/request.php?zone=xbrkb4s8ehf6&nw=20&renderingType=javascript&namespace=98702e35d8&subid=&uid=a52727d7865378e5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPuNH6b1AZdTpN7_G78EPquSP8AvM-YagabO9x__3D_AuEAEg4pOWI2CRBMgBCakC6DBWejzNsT6oAwHIA5sEqgSIAk_QcjKhSoec7FaEt_bwfkPs3E5hj0YfcDnDlv2L6etQmOE1zIZdp1SgLsTaNnpmHAEoACFRqNrpfsWPC-BcvbWguLLQnSglp8Tc14Qp-ZcM9P_QzV54n8qoGLGQMhm3ZtyvwPAjdM_f9PAnHVPAC0GZIqanCObm9zd1ltEFFTmCPnk9HN8d46TE-o99FN5cTHWHrCP2IVVlhQWUJZISUzncdUa6mxBNB7Bx6mU-IFI6rl_IS6YcyGGOTZ5FycqXiOjfNW7Acu3jAeBq0on0LRXnlzcqVz6xhApYJM-LPBwHvjo-jnA1ISVUmWzsLQ7vtANh659PJbtzH6XKH6x-_anwtHgxsBsDksAE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAk5MsBPgm80O0BMA2BMD2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSSwDICaaNVi7IgtgPZGpHtEF6CLYxYH_8LEkI3u0D-o80ipk4bveU9xVD66xcWzk1UKaG_onypwgpmNcM7xaWtp459UbP-x4fP_SCvhgB%26sig%3DAOD64_1Y_2Iwerjs91bzlOijCX0YYo2C2Q%26client%3Dca-pub-3576610951345108%26dbm_c%3DAKAmf-BHnUo57GYv83NxNuIclNApAlYf4nvMW5AGo6aG4eYhIbxKjvjWTZY7PbosuqEK72csCbu7JQhc3xe5nDsIrblpaXe-gNBoFs0v9Nz9XMgntqObsvykRTVm4_0vHZ4fD_O3ft89PkGgI78kpqJvMuPXdbuHI9eg5CaZeAToXdUGlkyHu4Y%26cry%3D1%26dbm_d%3DAKAmf-BicKhQxsq2SSYuYutKdhHip9zM9lpO7dln-J7_ESdb7yGuEqGl4QGuvCEHKBlfYMQFPLN7Tg_rL5pd6QxyLzd7oBk9vhUe_kB5n8PrAVs4Q5FxfLMkGvLAgyuzk9PGMixxoYhl7CzFY8R1veSnT5Ksv-dk--6Lj7AXKTOLOy3f6SQbRErjl3zUTWxBdeg_69MS_LX_W_gjo-HAJlGS95Ai8LGewKCd0WKw6Nyud52t9O-Q1oCeYhxen4mdntA4Yf9gXGYjBcTKPld92NrD46EVXhvTFA0PmCWeOEpNhqLRNeZ6TRPlUkOciAuwfmUeCalwOEAmJBrMWdVObxLEAY5aGoXU86WjokYtn7HTmdzTh5IfDJtO9pRLu-kNpas6IcgqYojmo0lg1YzZskZOcnhfGmshQLZrzWFFHB7EcsgTZLXEs6Mp3L9N0Xrze2emuy-yrRWn1Looi2dU_LGp56uSdhyBXbfOCuPy5FAeR6e8rpAcTIy0waybTb88VvXgcw8ppFzHKSR2QbyEsez4BoXKnULhgf1SRK8M3avfJ5unIF566Zs%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231026%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-3576610951345108%26fa%3D4%26ifi%3D4%26uci%3Da!4%26btvi%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fneostrom.in&random=2323729470261&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response neostrom.in/ekb-model/	117 KB 23 KB	200ms 131ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neostrom.in/ekb-model/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 513f3d1c145819fafbe05737e795682d5ac995b3e41a0fb83613a8b05ec9eb1c Security Headers Name Value X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control public, max-age=0, must-revalidate cf-cache-status DYNAMIC cf-ray 81ea9a917c09527e-LHR content-encoding gzip content-type text/html; charset=utf-8 date Tue, 31 Oct 2023 08:42:17 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LOzvpDjrrwg8CVQF%2FFNOVpdyZaXTzQq4kZ9f4hvOsiDmFUz%2F1RTgDYtHgMZ4c6tOVkDtDEdkCz7pf9dTa1PC%2FhH8f18kOzRCmwRSI9ey7Olh0ohJKELsbTpbnGZflsn8F8H2Q1mZcJnjgw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-content-type-options nosniff
GET H2	200	QdVUSTchPBm7nuUeVf70viFl.woff2 neostrom.in/wp-content/astra-local-fonts/questrial/	19 KB 19 KB	48ms 45ms	Font font/woff2	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neostrom.in/wp-content/astra-local-fonts/questrial/QdVUSTchPBm7nuUeVf70viFl.woff2 Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://neostrom.in/ekb-model/ Origin https://neostrom.in accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:17 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4599 alt-svc h3=":443"; ma=86400 content-length 19292 referrer-policy strict-origin-when-cross-origin server cloudflare etag "9f91df2d789499a12eb5ff42efa74bc5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sg415WBi180NY9F88iojUjsIgYdXARYFWucn7v3lO92kjtgjUH5yEPECSrWI%2FhezauzBLYhW7irEGntlK62ojxJAShUCVzxnJfCuGW2L0ZKPoQ6TR4O7O7yvcLC0zg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000, must-revalidate accept-ranges bytes cf-ray 81ea9a926cae527e-LHR
GET H2	200	main.min.css neostrom.in/wp-content/themes/astra/assets/css/minified/	40 KB 8 KB	73ms 70ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neostrom.in/wp-content/themes/astra/assets/css/minified/main.min.css?ver=4.0.2 Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61efddbac8c465a7ac3b014e0bd5d26826cd2a0ad036d3cf3861edb6cb502ac3 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ekb-model/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:17 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-cache-status REVALIDATED etag W/"08f04101ad151705fe9a32c044af41ab" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MSFDBt8VhJ5RNjhTfgXCnjfcbUXhFcCYU5JnjlWws09II5ghNiwGJFEim6AW3oMeqDBxOSL%2BNcogz7aOE1Eklxh6GtptAGxx3k3wPyUBZCqgPl2t6xXc%2B52xhHyN1Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, must-revalidate cf-ray 81ea9a926cb0527e-LHR alt-svc h3=":443"; ma=86400
GET H2	200	astra-local-fonts.css neostrom.in/wp-content/astra-local-fonts/	926 B 749 B	37ms 35ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neostrom.in/wp-content/astra-local-fonts/astra-local-fonts.css?ver=4.0.2 Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48a8fb927e7d5d9ad1f64d720449362a135c0744ab5d90e2b51c4f44c7b382b3 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ekb-model/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:17 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4599 cf-polished origSize=1092 alt-svc h3=":443"; ma=86400 referrer-policy strict-origin-when-cross-origin cf-bgj minify server cloudflare etag W/"545024f08f4fcfa89dde8c62aab70836" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmtqzGOXAfAVg%2BmDzjzc7gw7jJbfAu5bM8Zq970dj45PIGJIgHxgGw1OyCrV60ryxNwP%2FcXcbPPW4tjCAGYm0yz%2BHmLfRqxJig0e%2FiCNtwDSNRCTnzG%2FRmNltRUKTg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, must-revalidate cf-ray 81ea9a926cb1527e-LHR
GET H2	200	menu-animation.min.css neostrom.in/wp-content/themes/astra/assets/css/minified/	3 KB 731 B	84ms 82ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neostrom.in/wp-content/themes/astra/assets/css/minified/menu-animation.min.css?ver=4.0.2 Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b6e169ac07a49b2c9d2b726bb3c384097badcc093dc6322c9a2ba066ae8e06a8 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ekb-model/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:17 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-cache-status REVALIDATED etag W/"9a5b582c0f1d5282d06d5eb754836f1d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGGnvo7iBiBr03JSjHNBp%2F46HW0cLUdmRzYXU6JHVwTNcIkq64D5hkevcrVlylhjCupOExbUJZEQUFXnpOPpLEBSu0gNvuLcgbg%2Fe1T7hgUht5CwzLbToBmnaQrEeg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, must-revalidate cf-ray 81ea9a926cb3527e-LHR alt-svc h3=":443"; ma=86400
GET H2	200	style.min.css neostrom.in/wp-includes/css/dist/block-library/	93 KB 12 KB	89ms 87ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neostrom.in/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ekb-model/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:17 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-cache-status REVALIDATED etag W/"fb66f9daf3bcb951474ba0ccffac58df" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zw4iwhMRfIR5cGLwxcD%2Bbc%2FBQXNI02m87Ukr36EFfXlGXBq6uTT6sZ7ydiUQUh2CLZ8A2qohAZ6NtLAv6ZagZH2yGNArn3%2B0rH9CC8xtrxhNnClbE4YZHRQGdmRSbw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, must-revalidate cf-ray 81ea9a926cb4527e-LHR alt-svc h3=":443"; ma=86400
GET H2	200	screen.min.css neostrom.in/wp-content/plugins/easy-table-of-contents/assets/css/	5 KB 2 KB	71ms 69ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neostrom.in/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.45.2 Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 10a2439001d53cac93726a7b6f5b1fbc3dc1af341589c3a1759703c66bf21fed Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ekb-model/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:17 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-cache-status REVALIDATED etag W/"55fc055d6cf2676924c9f38910ef4eea" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vXd79wKIM7uv8bxMzJBYtMthNsPkDJIfFQSq034xBFBPsGiB2keGeVzY4Sm8zrLtKIYGBMEn7GhxCKSjzpXkOlonK8ooln4EMR%2FajpCA02%2FWI2vAf9uAQ2mI%2FKiqA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, must-revalidate cf-ray 81ea9a926cb5527e-LHR alt-svc h3=":443"; ma=86400
GET H2	200	jquery.min.js Show response neostrom.in/wp-includes/js/jquery/	88 KB 31 KB	76ms 74ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neostrom.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ekb-model/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:17 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-cache-status REVALIDATED etag W/"ffa55499692352eff1f9fd5704442b25" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=allERQ%2BQVCBTcRkScjpWqkDWxatMeQa8Z5dhaz8dl%2F0LVTOeqZtpHzHQhmNtTGr1NnONbmqW%2BqPR7T6v%2FSYrcWnIPOrnXI5cpS%2FgQX7V08mdVIMenwBhFilTqOplgA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, must-revalidate cf-ray 81ea9a926cb8527e-LHR alt-svc h3=":443"; ma=86400
GET H2	200	jquery-migrate.min.js Show response neostrom.in/wp-includes/js/jquery/	11 KB 4 KB	37ms 35ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neostrom.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ekb-model/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:17 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4598 alt-svc h3=":443"; ma=86400 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"49fe3a00992808ed1e4ffc66d8510ee3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugp6sqEt%2Bc7xUGtI%2By7AUJN%2BxxODf4o4almDG0YV90n3GjqmBrUaCJMpk7zuZObhBzYyqiN4Jh5x2EtXDu1LUd149bSLrqdDMz7Gkr02r9o2bwRKgT21QrWFU%2BIDbQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, must-revalidate cf-ray 81ea9a926cb9527e-LHR
GET H2	200	js Show response www.googletagmanager.com/gtag/	131 KB 50 KB	86ms 33ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-146760166-5 Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash de1924b603dd3fc5f22b692fecb6e8cf183ea655eed009536886151dae3b6d80 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:17 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 51123 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 31 Oct 2023 08:42:17 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	153 KB 52 KB	126ms 72ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3576610951345108&host=ca-host-pub-2644536267352236 Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2b9f80579825ab68af4a6702bc6d6ec26b92203e25ea48c001624fd1ef048e11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://neostrom.in/ Origin https://neostrom.in accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:17 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52460 x-xss-protection 0 server cafe etag 14061254512963659450 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Tue, 31 Oct 2023 08:42:17 GMT
GET H2	200	Neostrom.png neostrom.in/wp-content/uploads/2021/12/	5 KB 6 KB	69ms 68ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://neostrom.in/wp-content/uploads/2021/12/Neostrom.png Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 14a2b598d3827ff09533e90dd2100178e8ebda50f035be4fe8d3963a4371abad Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ekb-model/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:17 GMT x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 5564 referrer-policy strict-origin-when-cross-origin server cloudflare etag "eb08bd32d8f1de284feb5aa662209608" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfNFjSZkK5sRzzkxfT5%2FAya57UZo50hqvqVO2cx9524%2BAXWVK0eCDaIta%2BvxJxhB0Rx8BO9KBdXdMh%2FwNVhwbhOA2rRaUvbCSiRR%2B92X2OCmeUvRtT%2FhW30Vbg2%2FWA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000, must-revalidate accept-ranges bytes cf-ray 81ea9a926cba527e-LHR
GET H2	200	ekb-model-of-consumer-behavior-1024x730.jpg neostrom.in/wp-content/uploads/2021/11/	67 KB 67 KB	123ms 122ms	Image image/jpeg	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://neostrom.in/wp-content/uploads/2021/11/ekb-model-of-consumer-behavior-1024x730.jpg Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b5afa91aacb0784956a4d091a2024d4de120f9f19758e9d9176acdd3878be331 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ekb-model/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:17 GMT x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 68597 referrer-policy strict-origin-when-cross-origin server cloudflare etag "4ca1cffe7d65889cb7d21bb5097fe042" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ootfEUvjC%2FLindvYToJTnKMs99829voA%2Fi0yBZFOKQbPBuyucI%2FJEZAo%2BJg8T1SIUPeXVlgFQK0lRL%2FC1wyYAf2OihkleNxCAcwulVNJXUfho4aySt0lyfvYsTiXpMcR5HWHZGkuV7cYsw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000, must-revalidate accept-ranges bytes cf-ray 81ea9a926cbb527e-LHR
GET H3	200	frontend.min.js Show response neostrom.in/wp-content/themes/astra/assets/js/minified/	18 KB 5 KB	48ms 47ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neostrom.in/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.0.2 Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 149712c16718936d2b7ad4c16d10e89de23c9c3b1c157158b533b961f2bf644d Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ekb-model/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:17 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4761 alt-svc h3=":443"; ma=86400 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"b3fea055c1683d4ca128a769d3082472" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JqgVdR8Cf%2BPtoTCwPjnVZJswS3nnOxzWc7uVnYr1Oi0RZQplSjzbXUcBOOfhaRLooUDCjgQ5cHRXAIJgg8DK3eVigl%2B3%2B%2F9LzSF76nfmuUnkdT%2BGCuR7LOhNZBJ6ckqATvfPVedzW4fQ8g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, must-revalidate cf-ray 81ea9a92d842d580-CDG
GET H3	200	js.cookie.min.js Show response neostrom.in/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/	2 KB 2 KB	82ms 81ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neostrom.in/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/js.cookie.min.js?ver=2.2.1 Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 073351c657bbb62703d3e79b437eb5b7c7a647b2293edd2caab7e7016f3d91fa Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ekb-model/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:17 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-cache-status MISS etag W/"0fb059ef24d3b7e21b73595411c073d5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0nyi5CoY92xlAxT2QtR3%2ByLEqCxadSwXerpUsQ%2FpUN%2FzwNkKF3f2KX2Otm3aL3KOU0Jbeukwl6ktBc%2B7jGKV%2Beevzbf9YhrSuysXaWNiNLMNiN1PCcQoXdmFJSH6FxjB9ZrnKvbSgS9bg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, must-revalidate cf-ray 81ea9a930891d580-CDG alt-svc h3=":443"; ma=86400
GET H3	200	jquery.sticky-kit.min.js Show response neostrom.in/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/	3 KB 2 KB	34ms 34ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neostrom.in/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/jquery.sticky-kit.min.js?ver=1.9.2 Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9b4ed13bfe6e05b6340281394abe265105b1eb916ab1e53e604352525305f7c2 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ekb-model/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:17 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4761 alt-svc h3=":443"; ma=86400 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"eeddeb625fc8be29be0746d21af855ee" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWoiTSrScFA0TBhjEq5fFUawshTJ%2FzZ1spr9vM1HD5SsJazhHrCf5GoryygmplI7rcgbyGoutandN3Y%2BZbjltqkXaRGMtlPl2PFTAYGz6Nia%2BgPypCgZkCr%2BsSHu%2BA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, must-revalidate cf-ray 81ea9a930894d580-CDG
GET H3	200	front.min.js Show response neostrom.in/wp-content/plugins/easy-table-of-contents/assets/js/	3 KB 2 KB	58ms 57ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neostrom.in/wp-content/plugins/easy-table-of-contents/assets/js/front.min.js?ver=2.0.45.2-1678003113 Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb34e3177517592aa392bbf68281a10d218f51f6f427d217110de0015eaf6872 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ekb-model/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:17 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4761 alt-svc h3=":443"; ma=86400 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"7af16636c1c3f55bc8c1a0c03f69186b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtgT0FwtAH8TB4IqlFskZGveYvZwo0aZejmGO0UlboMsitHiGlRRxB7hFC7hMf3dWuVRJh9Gl4y3So1fGUm14p4kTGgvnhcLd8stkR6WCnl73hxUIolaae63ZZFjnQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, must-revalidate cf-ray 81ea9a930895d580-CDG
GET H3	200	wp-emoji-release.min.js Show response neostrom.in/wp-includes/js/	115 KB 19 KB	37ms 37ms	Script text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://neostrom.in/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6082e7b5aac62fd23185b97d42f99de5b2e5822fb190d5d2a52ed5d981e1df9b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ekb-model/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:17 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-cache-status HIT age 4761 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzPDFm5voV6KX1nfU37ulKoK6B369RQEkkRG8aJlVtbqHu8frrOleME%2FNQ72h45mgrhXHB14J5XhXByQczfDHgbT7%2BCNbftEJQGr6tYodER5%2FVcW1T96K8jHjSQApA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, must-revalidate cf-ray 81ea9a930896d580-CDG alt-svc h3=":443"; ma=86400
GET H2	200	gtm.js Show response www.googletagmanager.com/	114 KB 44 KB	114ms 62ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TZ6DZKD Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8633bdfe84944b3c925158caf42302363e87352005b1db4ab9b7942343944c7a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:17 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 45389 x-xss-protection 0 last-modified Tue, 31 Oct 2023 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 31 Oct 2023 08:42:17 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	259 KB 88 KB	47ms 43ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-X6Y29CGY1R&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-146760166-5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c5ea599aec5ea45d724b09e94bd1b6a6a5c274ccc68ef5c3a77f718464a5e8c6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:17 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 89665 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 31 Oct 2023 08:42:17 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	48ms 12ms	Script text/javascript	2001:4860:4802:38::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-146760166-5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 31 Oct 2023 08:11:05 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 1872 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Tue, 31 Oct 2023 10:11:05 GMT
GET DATA	200 OK	truncated Show response /	435 B 0		Script text/javascript
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ad527c47eb6836a8fca3d5e6e225328603ff28f92223841db8050a887c103130 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Content-Type text/javascript
GET H2	200	v1.js Show response static.alliai.com/widget/	74 KB 15 KB	106ms 23ms	Script application/javascript	2600:9000:2156:8e00:17:a0f4:8900:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.alliai.com/widget/v1.js Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:8e00:17:a0f4:8900:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a479ab353988ec7c3893bbc5f3307f8b02d041f779c838e2e31de65c6e9c7657 Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 07:08:37 GMT content-encoding gzip via 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront) last-modified Mon, 16 Oct 2023 14:09:16 GMT server AmazonS3 x-amz-cf-pop FRA50-C1 age 5623 x-amz-server-side-encryption AES256 etag W/"36c9bf23f673dcaa2a7a724a0e4610ec" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400 x-amz-cf-id wVgRykjj3dEXw9HHeEBq-WpI_0uUMrcfUAt8ze8TTrvZ0q7Fsqt3qg==
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/	398 KB 135 KB	122ms 82ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3576610951345108&plah=neostrom.in&bust=31079294 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3576610951345108&host=ca-host-pub-2644536267352236 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8b7292957af615aae1b3a96b4f7b3e2a98ee11a18161ebf22c826731876207d9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:17 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 138072 x-xss-protection 0 server cafe etag 3858829323554052122 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 31 Oct 2023 08:42:17 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/ Frame 7038	10 KB 5 KB	65ms 18ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3576610951345108&host=ca-host-pub-2644536267352236 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://neostrom.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 24376 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4480 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 31 Oct 2023 01:56:01 GMT etag 4569948109300706969 expires Tue, 14 Nov 2023 01:56:01 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 204 B	18ms 17ms	XHR text/plain	2001:4860:4802:38::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=461525578&t=pageview&_s=1&dl=https%3A%2F%2Fneostrom.in%2Fekb-model%2F&ul=en-us&de=UTF-8&dt=EKB%20Model%20(Engel%20Kollat%20Blackwell%20Model)%20of%20Consumer%20Behavior%20%7C%20Neostrom&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=501054881&gjid=1439632806&cid=1739108170.1698741738&tid=UA-146760166-5&_gid=1489716943.1698741738&_r=1&gtm=457e3ap0&gcd=11l1l1l1l1&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1404805920 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://neostrom.in/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 31 Oct 2023 08:42:17 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://neostrom.in cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 251 B	48ms 20ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-X6Y29CGY1R&gtm=45je3ap0v885079501&_p=461525578&_gaz=1&gcd=11l1l1l1l1&cid=1739108170.1698741738&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1698741737&sct=1&seg=0&dl=https%3A%2F%2Fneostrom.in%2Fekb-model%2F&dt=EKB%20Model%20(Engel%20Kollat%20Blackwell%20Model)%20of%20Consumer%20Behavior%20%7C%20Neostrom&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-X6Y29CGY1R&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers pragma no-cache date Tue, 31 Oct 2023 08:42:17 GMT server Golfe2 content-type text/plain access-control-allow-origin https://neostrom.in cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 47 B	77ms 23ms	Ping text/plain	2a00:1450:400c:c00::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-X6Y29CGY1R&cid=1739108170.1698741738&gtm=45je3ap0v885079501&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-X6Y29CGY1R&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers pragma no-cache date Tue, 31 Oct 2023 08:42:17 GMT server Golfe2 content-type text/plain access-control-allow-origin https://neostrom.in cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.nl/ads/	42 B 408 B	82ms 30ms	Image image/gif	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-X6Y29CGY1R&cid=1739108170.1698741738&gtm=45je3ap0v885079501&aip=1&z=1989831935 Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers pragma no-cache date Tue, 31 Oct 2023 08:42:17 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 343 B	73ms 23ms	XHR text/plain	2a00:1450:400c:c00::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-146760166-5&cid=1739108170.1698741738&jid=501054881&gjid=1439632806&_gid=1489716943.1698741738&_u=YGBACUAABAAAACAAI~&z=978012388 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://neostrom.in/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Tue, 31 Oct 2023 08:42:17 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://neostrom.in cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	customizations Show response d2azal32wgllwk.cloudfront.net/api/v3/widget/site_r5EKukLaCqmnB1oU/	84 B 1 KB	84ms 27ms	Fetch application/json	2600:9000:2156:9200:17:a0f4:8900:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2azal32wgllwk.cloudfront.net/api/v3/widget/site_r5EKukLaCqmnB1oU/customizations?l=en-US&p=%2Fekb-model&h=neostrom.in Requested by Host: static.alliai.com URL: https://static.alliai.com/widget/v1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:9200:17:a0f4:8900:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cowboy / Resource Hash 6cedbe2197921936bbb1b4f84befffb73b82b0d97260e347c708ea5b856f8a26 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept application/json Referer https://neostrom.in/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Sun, 29 Oct 2023 14:28:56 GMT strict-transport-security max-age=31536000; includeSubDomains via 1.1 vegur, 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront) nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} x-amz-cf-pop FRA50-C1 age 152000 x-cache Hit from cloudfront content-length 84 reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1698589737&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=8iYGCPg1N2RMuShxMfr4JB6olUtrTvG4p6TRKWzG3To%3D x-request-id 46e1b2fb-cf94-42b0-ba7d-c2a5ea16d553 x-runtime 0.094567 server Cowboy etag W/"6cedbe2197921936bbb1b4f84befffb7" access-control-max-age 1728000 report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1698589737&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=8iYGCPg1N2RMuShxMfr4JB6olUtrTvG4p6TRKWzG3To%3D"}]} content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-methods GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS access-control-expose-headers cache-control max-age=0, private, must-revalidate vary Origin x-amz-cf-id hjxgZVDpRkCnTzZ9-5oBqg2I28gW8iXgSgfUtb5sI4kK68OsIxgMxg==
GET H2	200	recommendations Show response d2azal32wgllwk.cloudfront.net/api/v3/widget/site_r5EKukLaCqmnB1oU/	3 KB 2 KB	85ms 28ms	Fetch application/json	2600:9000:2156:9200:17:a0f4:8900:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2azal32wgllwk.cloudfront.net/api/v3/widget/site_r5EKukLaCqmnB1oU/recommendations?l=en-US&p=%2Fekb-model&h=neostrom.in Requested by Host: static.alliai.com URL: https://static.alliai.com/widget/v1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:9200:17:a0f4:8900:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cowboy / Resource Hash 16215d3348293b5f79449561ce8e55f33b296cf47fa8994c95bba9ff5da479ea Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept application/json Referer https://neostrom.in/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Sun, 29 Oct 2023 14:28:58 GMT strict-transport-security max-age=31536000; includeSubDomains via 1.1 vegur, 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront) nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} content-encoding gzip x-amz-cf-pop FRA50-C1 age 151999 x-cache Hit from cloudfront reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1698589738&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=0c2MgnE%2BXLpzVTaj3Dy63xZR11yFmupxv7nrMdVq0Lk%3D x-request-id b97cca5c-28d2-438e-9669-8376a43fec35 x-runtime 0.119802 server Cowboy etag W/"16215d3348293b5f79449561ce8e55f3" access-control-max-age 1728000 access-control-allow-methods GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1698589738&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=0c2MgnE%2BXLpzVTaj3Dy63xZR11yFmupxv7nrMdVq0Lk%3D"}]} access-control-allow-origin * content-type application/json; charset=utf-8 access-control-expose-headers cache-control max-age=0, private, must-revalidate vary Accept-Encoding,Origin x-amz-cf-id yyagl6Z9n3cNCKgTpDGymUdds5-0qAWFyjrvMt1a2reMtrfAWzl1Ww==
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	389 B 602 B	94ms 31ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=neostrom.in&callback=_gfp_s_&client=ca-pub-3576610951345108 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3576610951345108&plah=neostrom.in&bust=31079294 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 487f149833302a212359027e63dd69f570bf0bdd9552aba9e0efab960bf8383a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:17 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 251 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 246C	490 KB 99 KB	938ms 936ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3576610951345108&output=html&adk=1812271804&adf=3025194257&lmt=1698738137&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fneostrom.in%2Fekb-model%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698741737602&bpp=4&bdt=282&idt=234&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2043944251678&frm=20&pv=2&ga_vid=1739108170.1698741738&ga_sid=1698741738&ga_hid=461525578&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079079%2C31079086%2C31079231%2C42532335%2C44795922%2C44805931%2C31078297%2C31079294%2C44806139&oid=2&pvsid=2488577120309913&tmod=656315464&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=260 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3576610951345108&plah=neostrom.in&bust=31079294 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 291aa30f895fa59f3bca98957d1b1b161062f23d3264c20f21120c2db4d7d65e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://neostrom.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 100814 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 31 Oct 2023 08:42:18 GMT expires Tue, 31 Oct 2023 08:42:18 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	70ms 69ms	XHR application/json	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231026&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3576610951345108&plah=neostrom.in&bust=31079294 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6f4b131a46dc4ccd322f072a000c0442f35ae1cfbf6d3cf85a2063bbe6c7c9ea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:18 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12124 x-xss-protection 0
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/	160 KB 55 KB	79ms 79ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/reactive_library_fy2021.js?bust=31079294 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3576610951345108&plah=neostrom.in&bust=31079294 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e59421b18d1293d750f6a8526eb358f2c161a998588b148e18afa4b4688e9e9b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:18 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 55814 x-xss-protection 0 server cafe etag 2435347041138321920 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Tue, 31 Oct 2023 08:42:18 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	81ms 34ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3576610951345108&plah=neostrom.in&bust=31079294 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:19 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 31 Oct 2023 08:42:19 GMT
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/ Frame E6FB	10 KB 4 KB	19ms 19ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3576610951345108&plah=neostrom.in&bust=31079294 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://neostrom.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 77160 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4480 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 30 Oct 2023 11:16:18 GMT etag 4569948109300706969 expires Mon, 13 Nov 2023 11:16:18 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/ Frame F4CF	10 KB 4 KB	19ms 19ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3576610951345108&plah=neostrom.in&bust=31079294 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://neostrom.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 77160 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4480 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 30 Oct 2023 11:16:18 GMT etag 4569948109300706969 expires Mon, 13 Nov 2023 11:16:18 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/ Frame 6642	10 KB 4 KB	20ms 18ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3576610951345108&plah=neostrom.in&bust=31079294 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://neostrom.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 77161 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4480 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 30 Oct 2023 11:16:18 GMT etag 4569948109300706969 expires Mon, 13 Nov 2023 11:16:18 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/ Frame D1F1	10 KB 4 KB	21ms 20ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3576610951345108&plah=neostrom.in&bust=31079294 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://neostrom.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 77161 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4480 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 30 Oct 2023 11:16:18 GMT etag 4569948109300706969 expires Mon, 13 Nov 2023 11:16:18 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	css2 fonts.googleapis.com/ Frame E6FB	4 KB 1 KB	172ms 29ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 31 Oct 2023 08:42:19 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 31 Oct 2023 06:59:10 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 31 Oct 2023 08:42:19 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame E6FB	205 B 296 B	164ms 20ms	Image image/png	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Fri, 27 Oct 2023 02:28:25 GMT x-content-type-options nosniff age 368034 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sat, 26 Oct 2024 02:28:25 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame E6FB	604 B 1 KB	163ms 19ms	Image image/png	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Thu, 26 Oct 2023 11:17:16 GMT x-content-type-options nosniff age 422703 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Fri, 25 Oct 2024 11:17:16 GMT
GET H2	200	fullscreen_api_adapter_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/ Frame E6FB	15 KB 7 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/fullscreen_api_adapter_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ea1bccd5bd591ef9692b2d24f3f10b79483b891fd217cd4e7d115e33c1fce4d0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Mon, 30 Oct 2023 20:13:51 GMT content-encoding br x-content-type-options nosniff age 44908 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6641 x-xss-protection 0 server cafe etag 2088779584902205610 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 13 Nov 2023 20:13:51 GMT
GET H2	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/ Frame E6FB	20 KB 9 KB	22ms 22ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5198b4b9434e8096a62ef0b08309a7835e40508875b5cb3f2daa929fe28757ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Mon, 30 Oct 2023 19:39:17 GMT content-encoding br x-content-type-options nosniff age 46982 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8600 x-xss-protection 0 server cafe etag 14061149270319446037 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 13 Nov 2023 19:39:17 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231026/r20110914/ Frame F4CF	23 KB 9 KB	19ms 19ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Mon, 30 Oct 2023 19:19:23 GMT content-encoding br x-content-type-options nosniff age 48176 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9142 x-xss-protection 0 server cafe etag 3118617226516770384 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 13 Nov 2023 19:19:23 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame DC77	143 B 166 B	27ms 20ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 1101 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 31 Oct 2023 08:23:58 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame F4CF	3 KB 1 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Mon, 30 Oct 2023 19:18:34 GMT content-encoding br x-content-type-options nosniff age 48225 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 13 Nov 2023 19:18:34 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame F4CF	20 KB 8 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Mon, 30 Oct 2023 19:18:34 GMT content-encoding br x-content-type-options nosniff age 48225 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8430 x-xss-protection 0 server cafe etag 7000445677337367579 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 13 Nov 2023 19:18:34 GMT
GET H2	200	6719209584692599185 tpc.googlesyndication.com/simgad/ Frame F4CF	69 KB 69 KB	23ms 22ms	Image image/png	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/6719209584692599185?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn4XLWnV7Jsu00wBNc4zx3ew0I82w Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bf3e5d6ed946a7234ba1043689a0f810a59e93994eab4ed869ddd2a161fbda06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Fri, 27 Oct 2023 12:30:00 GMT x-content-type-options nosniff age 331939 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 70429 x-xss-protection 0 last-modified Thu, 21 Sep 2023 06:05:22 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 26 Oct 2024 12:30:00 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame F4CF	188 KB 60 KB	158ms 31ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:19 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60393 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1698666127188353" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 31 Oct 2023 08:42:19 GMT
GET H2	200	one_click_handler_one_afma_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame F4CF	35 KB 14 KB	45ms 44ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/one_click_handler_one_afma_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7c0eb210ca9d9770dd1e6fb58b73fe67f07f592487e0244a46477f41ae12332c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Mon, 30 Oct 2023 19:35:14 GMT content-encoding br x-content-type-options nosniff age 47225 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14506 x-xss-protection 0 server cafe etag 4792826524176232586 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 13 Nov 2023 19:35:14 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 18AF	624 B 246 B	67ms 61ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNVTdKskywOst8W2vxjb5HnVAt89AMkpi8H0ARLXmTkkKedJUHhHUALVzK8lScuLjDfTlGoBWtSoGUJAwAlbeAU8k52dUjQwKR58jW2Dz18kwfh_do2WJP81BKCNF_v6N3gXJmHIZJsnl94qCKL4tu-RSRkZNsWlaJKlbWTBHOseMw_poLk Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 31 Oct 2023 08:42:19 GMT expires Tue, 31 Oct 2023 08:42:19 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 1B18	89 KB 31 KB	80ms 77ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:19 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31491 x-xss-protection 0 server cafe etag 6167930392490353973 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Tue, 31 Oct 2023 08:42:19 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 1B18	3 KB 1 KB	23ms 20ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Mon, 30 Oct 2023 19:18:34 GMT content-encoding br x-content-type-options nosniff age 48225 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 13 Nov 2023 19:18:34 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 1B18	20 KB 8 KB	22ms 19ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Mon, 30 Oct 2023 19:18:34 GMT content-encoding br x-content-type-options nosniff age 48225 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8430 x-xss-protection 0 server cafe etag 7000445677337367579 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 13 Nov 2023 19:18:34 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 1B18	188 KB 59 KB	136ms 62ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:19 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60393 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1698666127188353" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 31 Oct 2023 08:42:19 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1B18	42 B 63 B	56ms 53ms	Image image/gif	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B0G4hylgGRThp1QrifioJ3riobzG2Lt66SvbetWk8C9AzDY_wB58JcGzfnZNl18IpGJqirpXxLEpDNW-DtMmAYRE_aq22PregPjPlElv0It-oZvac Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers pragma no-cache date Tue, 31 Oct 2023 08:42:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1B18	0 20 B	56ms 54ms	Image image/gif	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1677377608739265206&x=1&ct=77 Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers pragma no-cache date Tue, 31 Oct 2023 08:42:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231026/r20110914/ Frame D1F1	23 KB 9 KB	19ms 19ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Mon, 30 Oct 2023 19:19:23 GMT content-encoding br x-content-type-options nosniff age 48176 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9142 x-xss-protection 0 server cafe etag 3118617226516770384 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 13 Nov 2023 19:19:23 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 19B2	143 B 166 B	28ms 23ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 1101 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 31 Oct 2023 08:23:58 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame D1F1	3 KB 1 KB	19ms 19ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Mon, 30 Oct 2023 19:18:34 GMT content-encoding br x-content-type-options nosniff age 48225 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 13 Nov 2023 19:18:34 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame D1F1	20 KB 8 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Mon, 30 Oct 2023 19:18:34 GMT content-encoding br x-content-type-options nosniff age 48225 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8430 x-xss-protection 0 server cafe etag 7000445677337367579 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 13 Nov 2023 19:18:34 GMT
GET H2	200	16181549604689798811 tpc.googlesyndication.com/simgad/ Frame D1F1	31 KB 31 KB	21ms 21ms	Image image/jpeg	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/16181549604689798811?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qn61Fx0slKFgUFEh_Pghw6rf01eEQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c86a561e9b15fcec6dd584e680a89255b57e02112e946daeb66193263539822f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 24 Oct 2023 11:45:41 GMT x-content-type-options nosniff age 593798 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31931 x-xss-protection 0 last-modified Thu, 28 Sep 2023 09:18:42 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 23 Oct 2024 11:45:41 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame D1F1	188 KB 59 KB	123ms 73ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:19 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60393 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1698666127188353" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 31 Oct 2023 08:42:19 GMT
GET H2	200	one_click_handler_one_afma_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame D1F1	35 KB 14 KB	19ms 19ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/one_click_handler_one_afma_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7c0eb210ca9d9770dd1e6fb58b73fe67f07f592487e0244a46477f41ae12332c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Mon, 30 Oct 2023 19:35:14 GMT content-encoding br x-content-type-options nosniff age 47225 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14506 x-xss-protection 0 server cafe etag 4792826524176232586 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 13 Nov 2023 19:35:14 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame B4C4	13 KB 5 KB	25ms 19ms	Document text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://neostrom.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes age 55890 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 30 Oct 2023 17:10:49 GMT expires Tue, 29 Oct 2024 17:10:49 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 7DB0	829 B 1 KB	80ms 33ms	Document text/html	2a00:1450:4001:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 5bbb21907034c667dc9a7b29e8592c5d8e5d791e33030e74a024747f67793208 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-UjOK8ZcCkiuqokMJ0CEJMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://neostrom.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-UjOK8ZcCkiuqokMJ0CEJMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 31 Oct 2023 08:42:19 GMT expires Tue, 31 Oct 2023 08:42:19 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
POST H2	204	collect region1.analytics.google.com/g/	0 45 B	17ms 17ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-X6Y29CGY1R&gtm=45je3ap0v885079501&_p=461525578&gcd=11l1l1l1l1&gdid=dZTNiMT&cid=1739108170.1698741738&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAK&_s=2&sid=1698741737&sct=1&seg=1&dl=https%3A%2F%2Fneostrom.in%2Fekb-model%2F&dt=EKB%20Model%20(Engel%20Kollat%20Blackwell%20Model)%20of%20Consumer%20Behavior%20%7C%20Neostrom&en=page_view&_ee=1&_et=3 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-X6Y29CGY1R&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers pragma no-cache date Tue, 31 Oct 2023 08:42:19 GMT server Golfe2 content-type text/plain access-control-allow-origin https://neostrom.in cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated / Frame D1F1	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d566b28327ce1e248ec31db7571fd8e435ee75c0a8ee3d516f4aef1e4e922b85 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Content-Type image/png
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1B18	0 20 B	53ms 53ms	Ping image/gif	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7430277908947&version=m202309260101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers pragma no-cache date Tue, 31 Oct 2023 08:42:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1B18	0 20 B	53ms 53ms	Ping image/gif	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7430277908947&version=m202309260101&ct=77&x=1&cor=1677377608739265300 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers pragma no-cache date Tue, 31 Oct 2023 08:42:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 1B18	20 KB 14 KB	54ms 54ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwogNrqwvEvLz1RR4vryl_XpgMES7BlI5B0HfOLLaEk1NmQhlAavRJthPTYupn5JyLk-NKcbGqvhIAYrLJ6TZW92Df3zbPXBBUUSCHcwYswWkI9Y6uLYe47WPrMaQKfc__jjjs5DnlM-r2vA5srDdpfkhwLx55siVkUodU0YpEW5U1jn0&cry=1&dbm_d=AKAmf-AhAREz6KBbJWq7CIlK1eRqZA-lo7rq--ba6S_dILgFJnk-k8BM237zYLzJQS4mJVswq6gR-cqwWCAFN9nScFFxDM9fkhNF5jVQw3_lCHA5-L4d4ueIxLqMthqAw7aGcwMZU-d5gLI8x6j0PrfWcOiSIwAbkZ0_KdJkeHOBhsNrnizTRFSHkGOqKng79h0qJQpd_x6SKxQvejIQyZlMt4AudoSt94DIYQmqOv6_gyEgINOwb18V32wsVl-WFoBF5fC210-8cWWLpYFqrOFTXSiVToQTYp39z_iDUuXf8vzm5SfYlwaAFAtVIfMKBvHkghMEU4_bq1gcsoBgiXFvkVAzWPh6bxajA0aE2j7AyTJ-q3QeeK88pnrBfTuocOsMmRAAoWvbJlae406UXkbkBaLeS3meF9zjoJz_3IJ-kPQG2tX0S646HET-bgChqC2r5UrntcDnE7_St0bDG-GbOJuC0Etvfqgh-nDGlyjUvuV5u6YUY-F3Dmtu3SUFIaUMmGSfqrwr64jEq14qopxBBHPTq7qyKdvvAQV-8UyZFIoJEBVe1IZxeMlAlA7RfUpnXtfpbL2VZ0pMMw_yE8rAepEn9O10V6SE-8XwNMxlcl7ILgadlrEjeK-ikjVcztumHxribVVl66y5fxd9j1PTUXVPCx0UCkdchgXrvCr8gJPF82gRZpJCazWSNuJERlVSqxP2HbA9X70lvnMpETy9wFp2O8HGpmDFRTICFqidS1UNuYlGZ0bYplVUp1KzoApUGINxRjKPWJIxk7WqsVWwrgXESpgvzY3p5pjaoqrCOY15-3k1SPSILVmVSkxz4UcvNMqly-9uPOx4vv_f-Po4ubQAEnF79mdzFnXf-xNU8xpYqu3bYH91GtGBGORzO9g3YFmOGG_pbT_TOmCR9noLYfd6luf-5nX9KU54nSmQXEHmun27ND8w9xpdLRwAyGc3Ns03DLR98JiCrWkoDdxI2i6ih8oaXLEVCAcoOfk_sJ02Dh8XRWguDruDLUkku8dnng5Ot25LrfSIZgKJjzYiCwg3BW7OrxzJuJVZx4qtBWdNChlemiF6vW71F15hA51xr_1RxjhK3bIWDQQKSi54YXMuJ5gQSyV6bSt2My1TndMZNfQMSiihKYfv7WB1H_HwcZAflleghHNCspg-_8RmJ6PIHwAJItUYVd5ixlPdtI2TNWwr9DIDEsM31tgD4EDjiPySHGz__B9WLMhJS3iBRwRhjhZGDjZRsU7c_jmVXIL39c2CX-cv8pNYbd2UAHKnn_QWgHX74WDZGgMLZpduoyonv5_PlAaOI3VX0wJHZGZkms7eH0DQzX6ytWDITBDReqEEevw53Ob9aZbFfF9Lw0a_G0OinwKW_W4ijiZzGPIHhZ7IIWDAJDc5pXtxtBeenQymCbm_VYnlXOFkh89dGxbp7od3E-EoEC3NcpI3XfZuV8F7elPXlCsLqsL5EaztzRvA14-WnEmidXIUd-AgxHkTdSGGwo9nUD2KNGOrbi2MAOxKEkKkjG7dCHKDdOg3HwzK-PSFeN5JwginOQ0blRJhACDmy6hHUJekJZXTUq_7NSk7GsuuU5Kx0Vo9MwBKpnX_HTxDiG_7yGs_mgIHH0GYrmUynp32T05wx7H1JTOfS03dhE7wysta_2NMyIJWOGWq-b4ieBnqkewWmABbNm4zMLfdus_3r7T0bQ4F_C1-gPNUBxJWfL9bMy-NUfMwGkn4TIsMZ8T0XBgD5COnYpiYpnVQAQ77WgBdBK3a4ExpXkQTfwzljYpVEzYx8zapAdGZYnpbk06nTTS_crM3Vkw72mcWBaemylwYs-4Bcb1WA4loYSshPyil75tnhFFfSouKf-GQKt29Sykc39apdw6h7ry5ESpPTPgUhiD4sJrNTVIr2234QdPAUG4X8Ez4_Yi3matncIicHXpCPVnOSV3q5DjKbs0rnp-Tr0Z8k-owIh88-yC8cfwaoBXAdLfPD1i1nBdqX7Fr5CTuD20gaDk7eYtyVzj-vCZHQvUAyA2FeUg4FNap53x5F83wVbf9yEOa5CXrtlsDyY2ZZPxTFNzUWqpuHfpn2GhsdWLmY_LRFfbStvTh8h4o7S6zezqcDTvx5BEpeBy92zX2ZZTAF1sLGpgvJ1clvqaSgpOHcwLALFfOWlpsosfv8Wsj1F82Ufixb_gssaM0_EZPuX5kL1G-_TP3zpH8eggePRNSxA1K73KHLCDO0fSq2_NQDk-oK8lpWPX9SJPhGckGL5NetSl-wXZ0bSxBythq5XoAnTeRJNUbRXOIkk7t3z1i1mlIUfKfCna_xUA0msnRucxmg9Wvi9IbKMzJz8vy9LvNk8STECmmnoubAK4VgdWWBxa65Dl1cCNs3sdGs3L54SUTjfYPBG0wrLa0pnpHudvyjP0pchS2uFSadSB8OyQsjdO-fSKYYov4HYdYSQumoBAT98A_ZXLk7K5rk-7VpA3HRRWQAdxWLCb6bS7mMCN1oAbOhgGpAMtU6Y3cEse7WB425h2OG8bQ61VdKHr56uJHYTPbzF-EANcbIJ5pNFhThaKJizORk27b0-OJaTDrlzHcWrMYs-eplJbsJ30D6CAjN7XIoYODXWmta3X3QTZGqCpsZBoqrQz5FLy83N0kd4Z2ZNB2H21_t8-MfL3aqe6i_CoDe7Zx7gf-v-qIaJ3KCnpLxPWeZwBx-oYQGH5fUzVOm5h3NfiRe17g-mLa31eBCoOxoiPbUjtZGG8yAMxs1x31crjGFYRrDuAcGFyhtF7j3gFLQE0jnDtUU9RpuPD0sEYqt9CB48yki-la_1ywXdF_t3ogbmbhw8pUIKM39G1QVJqLcZF4l2c19qtSY0auJkr0CBgsepIs7QjVsF9LrYTbfTjf1j5AMo9FcqRVSK9-GFh0s8sYrF_Lfsjk2gBEgzGB-bdLJnfR2Ca-GOC4Xir6TIXYvap_37IALCjF9je-3Dju4B8QrnXQkmMWXp5FJesa10v8-lY5GOKN2XEsDdJIbSpxrWd1kG3Qy36bdrelDjzmQ612aumA69E-j1RhibueyqA1ZQ6OLKlmr8KNM1cwDOBdCqHS1PrF09tyIKoTEIDHpF8xeZ8mg_feDuZLt34spuOFEoYsQB_53zdAKLqS_RelJyiXK4tOSGR6o-pUpzvOSwY972MgQ--bihWEfQubpoIxc5lrSl9b0k_vqzuPknbwp9Jp1pGC-dNVL9rsQqUT_73qa1Tvr9w_b-ybd9rUs0bAoQvD1kVniZDbL09b1K9EUy8BhHRLQUY2p7T-BOJIHHJgmpQzLjHnupb8fYDE2MR-4mJv138g9D1LMo58BI_ZVJDrPFoFu57qJHuA2Ovy0X-Q5WnZjZuwf-nXYKsWkSNo-sCgun8s9ELFMg3CQff--7734HoUOhkTdahhRTQOFZTnNuwRPqRmrt_oVX_Iac3AnI65rsffxuEmurIHSC6TGnIMrl6dWiV8Uca_bze9YziZljQoQ_rj4Exq3Y_jLYFV8ypek4d-EWG_3tcZHExtvMQYvDREI8Bz-z3FiwB3lg9vdkhZd13a_SquoGECxm9UM_BPg9pXvQLU2kLBCbEaBGwAWc50_hUd_HoMS14JhKm_wCAhjp8xVxgKD9sG5QLo1mZk8eb2a_aBTUeIe21NlbucEFmreHZmImKHbYxkWKq7Lx9PgyosDAb9V8Co4w3w2M2CiRvw_Tte_f7Uk6NuH6_C2s4cTcBl8kwXVZHGxatShA&cid=CAQSSwDICaaNVi7IgtgPZGpHtEF6CLYxYH_8LEkI3u0D-o80ipk4bveU9xVD66xcWzk1UKaG_onypwgpmNcM7xaWtp459UbP-x4fP_SCvhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fneostrom.in%2F&ds=l&xdt=1&iif=1&cor=1677377608739265300&adk=1761367587&idt=88&cac=0&dtd=17 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 881c6b054e67367b0759d2c715189b07e73d3038b2281a1c4fb943b3b6ce63e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers pragma no-cache date Tue, 31 Oct 2023 08:42:19 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13837 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	css fonts.googleapis.com/ Frame ABB4	14 KB 1 KB	52ms 51ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 31 Oct 2023 08:42:19 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 31 Oct 2023 08:03:35 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 31 Oct 2023 08:42:19 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame ABB4	2 KB 825 B	19ms 18ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Mon, 30 Oct 2023 19:18:46 GMT content-encoding br x-content-type-options nosniff age 48213 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 798 x-xss-protection 0 server cafe etag 15713038447858168282 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 13 Nov 2023 19:18:46 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231026/r20110914/ Frame ABB4	23 KB 9 KB	18ms 18ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Mon, 30 Oct 2023 19:19:23 GMT content-encoding br x-content-type-options nosniff age 48176 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9142 x-xss-protection 0 server cafe etag 3118617226516770384 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 13 Nov 2023 19:19:23 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 895D	143 B 166 B	20ms 18ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 1101 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 31 Oct 2023 08:23:58 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame ABB4	3 KB 1 KB	18ms 18ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Mon, 30 Oct 2023 19:18:34 GMT content-encoding br x-content-type-options nosniff age 48225 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 13 Nov 2023 19:18:34 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame ABB4	20 KB 8 KB	19ms 18ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Mon, 30 Oct 2023 19:18:34 GMT content-encoding br x-content-type-options nosniff age 48225 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8430 x-xss-protection 0 server cafe etag 7000445677337367579 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 13 Nov 2023 19:18:34 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame ABB4	188 KB 59 KB	34ms 33ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:19 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60393 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1698666127188353" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 31 Oct 2023 08:42:19 GMT
GET H2	200	ac1dbca482530a26bafc7a8c1241173a.js Show response www.gstatic.com/mysidia/ Frame ABB4	36 KB 15 KB	21ms 19ms	Script text/javascript	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 24 Oct 2023 17:04:13 GMT content-encoding gzip x-content-type-options nosniff age 574686 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15099 x-xss-protection 0 last-modified Tue, 24 Oct 2023 16:29:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Mon, 22 Jan 2024 17:04:13 GMT
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame DC77 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	35ms 33ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 31 Oct 2023 08:42:19 GMT expires Tue, 31 Oct 2023 08:42:19 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 31 Oct 2023 08:42:19 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 19B2 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	40ms 39ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 31 Oct 2023 08:42:19 GMT expires Tue, 31 Oct 2023 08:42:19 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 31 Oct 2023 08:42:19 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 18AF Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMJNx0XPSBErA1_Brz_RzQ&google_cver=1	43 B 769 B	45ms 45ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMJNx0XPSBErA1_Brz_RzQ&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNVTdKskywOst8W2vxjb5HnVAt89AMkpi8H0ARLXmTkkKedJUHhHUALVzK8lScuLjDfTlGoBWtSoGUJAwAlbeAU8k52dUjQwKR58jW2Dz18kwfh_do2WJP81BKCNF_v6N3gXJmHIZJsnl94qCKL4tu-RSRkZNsWlaJKlbWTBHOseMw_poLk Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers pragma no-cache date Tue, 31 Oct 2023 08:42:19 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2u99WMuQCUSGN3rRwOOTCW173SGb9vE1WRp2fiUQizYQ8cQ%2BWIGexrDpHgoUjNGA41dnbflGo%2FEAIvMxsKen8EaxOYb%2FAV4G9i1o6yrBT5WBnwy7EOfT2iLKtFdUruXjmnxw73Dudlpy%2FA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 81ea9a9f3ade9bf8-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Tue, 31 Oct 2023 08:42:19 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMJNx0XPSBErA1_Brz_RzQ&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 18AF Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUC968lsqaEXp2MzszI7igAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHaXntiFLS6zbM8w7QhAS-Y&google_cver=1	43 B 733 B	35ms 35ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHaXntiFLS6zbM8w7QhAS-Y&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNVTdKskywOst8W2vxjb5HnVAt89AMkpi8H0ARLXmTkkKedJUHhHUALVzK8lScuLjDfTlGoBWtSoGUJAwAlbeAU8k52dUjQwKR58jW2Dz18kwfh_do2WJP81BKCNF_v6N3gXJmHIZJsnl94qCKL4tu-RSRkZNsWlaJKlbWTBHOseMw_poLk Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers pragma no-cache date Tue, 31 Oct 2023 08:42:19 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbtcsOX6q8UFBs0UYKiXiVFPQUQCXNINnhdlQcV%2FkYlRslZcpu1cWA82ilM4yhByghPHGXsyapPLEJepiPq%2F%2BeXUNqhwGPjWFX4yL1x3Nw0M6Rs591nsoOXT%2BjrxKlH5rTvtgpzZgtFF2g%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 81ea9a9f9b279bf8-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Tue, 31 Oct 2023 08:42:19 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHaXntiFLS6zbM8w7QhAS-Y&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame 18AF Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEJjKxhQshg1Vg_cM6k-ymUk&google_cver=1	43 B 841 B	17ms 16ms	Image image/gif	185.89.210.90 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEJjKxhQshg1Vg_cM6k-ymUk&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNVTdKskywOst8W2vxjb5HnVAt89AMkpi8H0ARLXmTkkKedJUHhHUALVzK8lScuLjDfTlGoBWtSoGUJAwAlbeAU8k52dUjQwKR58jW2Dz18kwfh_do2WJP81BKCNF_v6N3gXJmHIZJsnl94qCKL4tu-RSRkZNsWlaJKlbWTBHOseMw_poLk Protocol H2 Server 185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers pragma no-cache date Tue, 31 Oct 2023 08:42:19 GMT an-x-request-uuid 87d7e051-6100-408c-a86e-deab1ac0a4f4 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 95.211.199.153; 95.211.199.153; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 31 Oct 2023 08:42:19 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEJjKxhQshg1Vg_cM6k-ymUk&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 18AF Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM2MDI0Mzg4NTk1Mzk5NDIz	170 B 243 B	42ms 42ms	Image image/png	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM2MDI0Mzg4NTk1Mzk5NDIz Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNVTdKskywOst8W2vxjb5HnVAt89AMkpi8H0ARLXmTkkKedJUHhHUALVzK8lScuLjDfTlGoBWtSoGUJAwAlbeAU8k52dUjQwKR58jW2Dz18kwfh_do2WJP81BKCNF_v6N3gXJmHIZJsnl94qCKL4tu-RSRkZNsWlaJKlbWTBHOseMw_poLk Protocol H2 Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers pragma no-cache date Tue, 31 Oct 2023 08:42:19 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 31 Oct 2023 08:42:19 GMT an-x-request-uuid 389bd84c-085f-4e9c-801a-e290f578de8d server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM2MDI0Mzg4NTk1Mzk5NDIz x-proxy-origin 95.211.199.153; 95.211.199.153; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response pagead2.googlesyndication.com/bg/ Frame B4C4	38 KB 15 KB	22ms 22ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 07:00:10 GMT content-encoding br x-content-type-options nosniff age 6129 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15010 x-xss-protection 0 last-modified Tue, 24 Oct 2023 11:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 30 Oct 2024 07:00:10 GMT
GET H3	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 1B18	41 KB 14 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwogNrqwvEvLz1RR4vryl_XpgMES7BlI5B0HfOLLaEk1NmQhlAavRJthPTYupn5JyLk-NKcbGqvhIAYrLJ6TZW92Df3zbPXBBUUSCHcwYswWkI9Y6uLYe47WPrMaQKfc__jjjs5DnlM-r2vA5srDdpfkhwLx55siVkUodU0YpEW5U1jn0&cry=1&dbm_d=AKAmf-AhAREz6KBbJWq7CIlK1eRqZA-lo7rq--ba6S_dILgFJnk-k8BM237zYLzJQS4mJVswq6gR-cqwWCAFN9nScFFxDM9fkhNF5jVQw3_lCHA5-L4d4ueIxLqMthqAw7aGcwMZU-d5gLI8x6j0PrfWcOiSIwAbkZ0_KdJkeHOBhsNrnizTRFSHkGOqKng79h0qJQpd_x6SKxQvejIQyZlMt4AudoSt94DIYQmqOv6_gyEgINOwb18V32wsVl-WFoBF5fC210-8cWWLpYFqrOFTXSiVToQTYp39z_iDUuXf8vzm5SfYlwaAFAtVIfMKBvHkghMEU4_bq1gcsoBgiXFvkVAzWPh6bxajA0aE2j7AyTJ-q3QeeK88pnrBfTuocOsMmRAAoWvbJlae406UXkbkBaLeS3meF9zjoJz_3IJ-kPQG2tX0S646HET-bgChqC2r5UrntcDnE7_St0bDG-GbOJuC0Etvfqgh-nDGlyjUvuV5u6YUY-F3Dmtu3SUFIaUMmGSfqrwr64jEq14qopxBBHPTq7qyKdvvAQV-8UyZFIoJEBVe1IZxeMlAlA7RfUpnXtfpbL2VZ0pMMw_yE8rAepEn9O10V6SE-8XwNMxlcl7ILgadlrEjeK-ikjVcztumHxribVVl66y5fxd9j1PTUXVPCx0UCkdchgXrvCr8gJPF82gRZpJCazWSNuJERlVSqxP2HbA9X70lvnMpETy9wFp2O8HGpmDFRTICFqidS1UNuYlGZ0bYplVUp1KzoApUGINxRjKPWJIxk7WqsVWwrgXESpgvzY3p5pjaoqrCOY15-3k1SPSILVmVSkxz4UcvNMqly-9uPOx4vv_f-Po4ubQAEnF79mdzFnXf-xNU8xpYqu3bYH91GtGBGORzO9g3YFmOGG_pbT_TOmCR9noLYfd6luf-5nX9KU54nSmQXEHmun27ND8w9xpdLRwAyGc3Ns03DLR98JiCrWkoDdxI2i6ih8oaXLEVCAcoOfk_sJ02Dh8XRWguDruDLUkku8dnng5Ot25LrfSIZgKJjzYiCwg3BW7OrxzJuJVZx4qtBWdNChlemiF6vW71F15hA51xr_1RxjhK3bIWDQQKSi54YXMuJ5gQSyV6bSt2My1TndMZNfQMSiihKYfv7WB1H_HwcZAflleghHNCspg-_8RmJ6PIHwAJItUYVd5ixlPdtI2TNWwr9DIDEsM31tgD4EDjiPySHGz__B9WLMhJS3iBRwRhjhZGDjZRsU7c_jmVXIL39c2CX-cv8pNYbd2UAHKnn_QWgHX74WDZGgMLZpduoyonv5_PlAaOI3VX0wJHZGZkms7eH0DQzX6ytWDITBDReqEEevw53Ob9aZbFfF9Lw0a_G0OinwKW_W4ijiZzGPIHhZ7IIWDAJDc5pXtxtBeenQymCbm_VYnlXOFkh89dGxbp7od3E-EoEC3NcpI3XfZuV8F7elPXlCsLqsL5EaztzRvA14-WnEmidXIUd-AgxHkTdSGGwo9nUD2KNGOrbi2MAOxKEkKkjG7dCHKDdOg3HwzK-PSFeN5JwginOQ0blRJhACDmy6hHUJekJZXTUq_7NSk7GsuuU5Kx0Vo9MwBKpnX_HTxDiG_7yGs_mgIHH0GYrmUynp32T05wx7H1JTOfS03dhE7wysta_2NMyIJWOGWq-b4ieBnqkewWmABbNm4zMLfdus_3r7T0bQ4F_C1-gPNUBxJWfL9bMy-NUfMwGkn4TIsMZ8T0XBgD5COnYpiYpnVQAQ77WgBdBK3a4ExpXkQTfwzljYpVEzYx8zapAdGZYnpbk06nTTS_crM3Vkw72mcWBaemylwYs-4Bcb1WA4loYSshPyil75tnhFFfSouKf-GQKt29Sykc39apdw6h7ry5ESpPTPgUhiD4sJrNTVIr2234QdPAUG4X8Ez4_Yi3matncIicHXpCPVnOSV3q5DjKbs0rnp-Tr0Z8k-owIh88-yC8cfwaoBXAdLfPD1i1nBdqX7Fr5CTuD20gaDk7eYtyVzj-vCZHQvUAyA2FeUg4FNap53x5F83wVbf9yEOa5CXrtlsDyY2ZZPxTFNzUWqpuHfpn2GhsdWLmY_LRFfbStvTh8h4o7S6zezqcDTvx5BEpeBy92zX2ZZTAF1sLGpgvJ1clvqaSgpOHcwLALFfOWlpsosfv8Wsj1F82Ufixb_gssaM0_EZPuX5kL1G-_TP3zpH8eggePRNSxA1K73KHLCDO0fSq2_NQDk-oK8lpWPX9SJPhGckGL5NetSl-wXZ0bSxBythq5XoAnTeRJNUbRXOIkk7t3z1i1mlIUfKfCna_xUA0msnRucxmg9Wvi9IbKMzJz8vy9LvNk8STECmmnoubAK4VgdWWBxa65Dl1cCNs3sdGs3L54SUTjfYPBG0wrLa0pnpHudvyjP0pchS2uFSadSB8OyQsjdO-fSKYYov4HYdYSQumoBAT98A_ZXLk7K5rk-7VpA3HRRWQAdxWLCb6bS7mMCN1oAbOhgGpAMtU6Y3cEse7WB425h2OG8bQ61VdKHr56uJHYTPbzF-EANcbIJ5pNFhThaKJizORk27b0-OJaTDrlzHcWrMYs-eplJbsJ30D6CAjN7XIoYODXWmta3X3QTZGqCpsZBoqrQz5FLy83N0kd4Z2ZNB2H21_t8-MfL3aqe6i_CoDe7Zx7gf-v-qIaJ3KCnpLxPWeZwBx-oYQGH5fUzVOm5h3NfiRe17g-mLa31eBCoOxoiPbUjtZGG8yAMxs1x31crjGFYRrDuAcGFyhtF7j3gFLQE0jnDtUU9RpuPD0sEYqt9CB48yki-la_1ywXdF_t3ogbmbhw8pUIKM39G1QVJqLcZF4l2c19qtSY0auJkr0CBgsepIs7QjVsF9LrYTbfTjf1j5AMo9FcqRVSK9-GFh0s8sYrF_Lfsjk2gBEgzGB-bdLJnfR2Ca-GOC4Xir6TIXYvap_37IALCjF9je-3Dju4B8QrnXQkmMWXp5FJesa10v8-lY5GOKN2XEsDdJIbSpxrWd1kG3Qy36bdrelDjzmQ612aumA69E-j1RhibueyqA1ZQ6OLKlmr8KNM1cwDOBdCqHS1PrF09tyIKoTEIDHpF8xeZ8mg_feDuZLt34spuOFEoYsQB_53zdAKLqS_RelJyiXK4tOSGR6o-pUpzvOSwY972MgQ--bihWEfQubpoIxc5lrSl9b0k_vqzuPknbwp9Jp1pGC-dNVL9rsQqUT_73qa1Tvr9w_b-ybd9rUs0bAoQvD1kVniZDbL09b1K9EUy8BhHRLQUY2p7T-BOJIHHJgmpQzLjHnupb8fYDE2MR-4mJv138g9D1LMo58BI_ZVJDrPFoFu57qJHuA2Ovy0X-Q5WnZjZuwf-nXYKsWkSNo-sCgun8s9ELFMg3CQff--7734HoUOhkTdahhRTQOFZTnNuwRPqRmrt_oVX_Iac3AnI65rsffxuEmurIHSC6TGnIMrl6dWiV8Uca_bze9YziZljQoQ_rj4Exq3Y_jLYFV8ypek4d-EWG_3tcZHExtvMQYvDREI8Bz-z3FiwB3lg9vdkhZd13a_SquoGECxm9UM_BPg9pXvQLU2kLBCbEaBGwAWc50_hUd_HoMS14JhKm_wCAhjp8xVxgKD9sG5QLo1mZk8eb2a_aBTUeIe21NlbucEFmreHZmImKHbYxkWKq7Lx9PgyosDAb9V8Co4w3w2M2CiRvw_Tte_f7Uk6NuH6_C2s4cTcBl8kwXVZHGxatShA&cid=CAQSSwDICaaNVi7IgtgPZGpHtEF6CLYxYH_8LEkI3u0D-o80ipk4bveU9xVD66xcWzk1UKaG_onypwgpmNcM7xaWtp459UbP-x4fP_SCvhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fneostrom.in%2F&ds=l&xdt=1&iif=1&cor=1677377608739265300&adk=1761367587&idt=88&cac=0&dtd=17 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Thu, 26 Oct 2023 02:22:26 GMT content-encoding br x-content-type-options nosniff age 454793 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 25 Oct 2024 02:22:26 GMT
GET H2	200	attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5ODc0MTczOTIzNjI5MAogIHNlcnZlcl9pcDogMTc1ODc4ODA5CiAgcHJvY2Vzc19pZDogMzgwODY5OTMzOQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0... ad.doubleclick.net/ddm/activity/ Frame 1B18	0 853 B	147ms 65ms	Image image/png	142.250.185.134 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5ODc0MTczOTIzNjI5MAogIHNlcnZlcl9pcDogMTc1ODc4ODA5CiAgcHJvY2Vzc19pZDogMzgwODY5OTMzOQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vc29iZXJiZXJsaW4uY29tIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDUxMzM0OTU4NDY1MDAwNjg1NgpkZWJ1Z19rZXk6IDE0MDI3MDYzNDA1NTU4NzAzNgppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTAtMzEiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjI2MzU2OQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjM4MzAyMTAxCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjA2MjgwCiAgfQp9CmFyY2hldHlwZV9pZDogMQphcmNoZXR5cGVfaWQ6IDMKYXJjaGV0eXBlX2lkOiA0CmFyY2hldHlwZV9pZDogNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vc29iZXJiZXJsaW4uY29tIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzU0OTc0NzIwCg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.134 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f6.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers pragma no-cache date Tue, 31 Oct 2023 08:42:19 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"1":"0x152241e1c6cbb26f0000000000000000","3":"0xbf93f519db8683ff0000000000000000","4":"0xc89d5e89d0c244c60000000000000000","5":"0x73ff7a04f303610d0000000000000000"},"debug_key":"140270634055587036","debug_reporting":true,"destination":"https://soberberlin.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["11868943"]},"priority":"0","source_event_id":"513349584650006856"} server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type image/png access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	xbrkb4s8ehf6 Show response hal9000.redintelligence.net/zone/ Frame 1B18	11 KB 4 KB	84ms 26ms	Script text/html	138.201.63.117 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/xbrkb4s8ehf6?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPuNH6b1AZdTpN7_G78EPquSP8AvM-YagabO9x__3D_AuEAEg4pOWI2CRBMgBCakC6DBWejzNsT6oAwHIA5sEqgSIAk_QcjKhSoec7FaEt_bwfkPs3E5hj0YfcDnDlv2L6etQmOE1zIZdp1SgLsTaNnpmHAEoACFRqNrpfsWPC-BcvbWguLLQnSglp8Tc14Qp-ZcM9P_QzV54n8qoGLGQMhm3ZtyvwPAjdM_f9PAnHVPAC0GZIqanCObm9zd1ltEFFTmCPnk9HN8d46TE-o99FN5cTHWHrCP2IVVlhQWUJZISUzncdUa6mxBNB7Bx6mU-IFI6rl_IS6YcyGGOTZ5FycqXiOjfNW7Acu3jAeBq0on0LRXnlzcqVz6xhApYJM-LPBwHvjo-jnA1ISVUmWzsLQ7vtANh659PJbtzH6XKH6x-_anwtHgxsBsDksAE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAk5MsBPgm80O0BMA2BMD2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSSwDICaaNVi7IgtgPZGpHtEF6CLYxYH_8LEkI3u0D-o80ipk4bveU9xVD66xcWzk1UKaG_onypwgpmNcM7xaWtp459UbP-x4fP_SCvhgB%26sig%3DAOD64_1Y_2Iwerjs91bzlOijCX0YYo2C2Q%26client%3Dca-pub-3576610951345108%26dbm_c%3DAKAmf-BHnUo57GYv83NxNuIclNApAlYf4nvMW5AGo6aG4eYhIbxKjvjWTZY7PbosuqEK72csCbu7JQhc3xe5nDsIrblpaXe-gNBoFs0v9Nz9XMgntqObsvykRTVm4_0vHZ4fD_O3ft89PkGgI78kpqJvMuPXdbuHI9eg5CaZeAToXdUGlkyHu4Y%26cry%3D1%26dbm_d%3DAKAmf-BicKhQxsq2SSYuYutKdhHip9zM9lpO7dln-J7_ESdb7yGuEqGl4QGuvCEHKBlfYMQFPLN7Tg_rL5pd6QxyLzd7oBk9vhUe_kB5n8PrAVs4Q5FxfLMkGvLAgyuzk9PGMixxoYhl7CzFY8R1veSnT5Ksv-dk--6Lj7AXKTOLOy3f6SQbRErjl3zUTWxBdeg_69MS_LX_W_gjo-HAJlGS95Ai8LGewKCd0WKw6Nyud52t9O-Q1oCeYhxen4mdntA4Yf9gXGYjBcTKPld92NrD46EVXhvTFA0PmCWeOEpNhqLRNeZ6TRPlUkOciAuwfmUeCalwOEAmJBrMWdVObxLEAY5aGoXU86WjokYtn7HTmdzTh5IfDJtO9pRLu-kNpas6IcgqYojmo0lg1YzZskZOcnhfGmshQLZrzWFFHB7EcsgTZLXEs6Mp3L9N0Xrze2emuy-yrRWn1Looi2dU_LGp56uSdhyBXbfOCuPy5FAeR6e8rpAcTIy0waybTb88VvXgcw8ppFzHKSR2QbyEsez4BoXKnULhgf1SRK8M3avfJ5unIF566Zs%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.117.63.201.138.clients.your-server.de Software Apache / Resource Hash eb5fe0281fc5302bde45c722a3e161410d83df0cc7325bec0540154232d7d115 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Tue, 31 Oct 2023 08:42:19 GMT Content-Encoding gzip Server Apache Connection close Content-Length 4143 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 7DB0	0 0	54ms 53ms	Image text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231026&jk=2488577120309913&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 895D Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	28ms 28ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 31 Oct 2023 08:42:19 GMT expires Tue, 31 Oct 2023 08:42:19 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 31 Oct 2023 08:42:19 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame D1F1 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CunvQ6b1AZdXpN7_G78EPquSP8AvX8a2_c6H8n9yIEtnZHhABIOKTliNgkQSgAYrZ_bcByAECqQLoMFZ6PM2xPqgDAcgDyQSqBP8BT9BpiGdfdTvbmhhMH4EjSGFrWHS3wukgz6IYu2UVXVi... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214241401065372421983%22,%22debug_reporting%22:true,%22destination%22:%22https://scrumdayeurope.com%22,%22event_report_wind...	0 0	54ms 54ms	Fetch text/css	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214241401065372421983%22,%22debug_reporting%22:true,%22destination%22:%22https://scrumdayeurope.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22385838218%22],%224%22:[%2210-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215796487834207984945%22}&andc=true Protocol H3 Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:19 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"14241401065372421983","debug_reporting":true,"destination":"https://scrumdayeurope.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["385838218"],"4":["10-31"],"6":["true"]},"priority":"500","source_event_id":"15796487834207984945"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Tue, 31 Oct 2023 08:42:19 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Tue, 31 Oct 2023 08:42:19 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"14241401065372421983","debug_reporting":true,"destination":"https://scrumdayeurope.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["385838218"],"4":["10-31"],"6":["true"]},"priority":"500","source_event_id":"15796487834207984945"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame E9BF	38 KB 13 KB	20ms 19ms	Document text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes age 347313 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 27 Oct 2023 08:13:46 GMT expires Sat, 26 Oct 2024 08:13:46 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	Yki7wq91PsU7DdxfmXKOQxU4B1wmfJmh9h09t8sJadc.js Show response pagead2.googlesyndication.com/bg/ Frame 73F7	38 KB 15 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Yki7wq91PsU7DdxfmXKOQxU4B1wmfJmh9h09t8sJadc.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6248bbc2af753ec53b0ddc5f99728e431538075c267c99a1f61d3db7cb0969d7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Fri, 27 Oct 2023 11:36:40 GMT content-encoding br x-content-type-options nosniff age 335139 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15080 x-xss-protection 0 last-modified Tue, 24 Oct 2023 11:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 26 Oct 2024 11:36:40 GMT
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	141ms 64ms	Preflight text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214241401065372421983%22,%22debug_reporting%22:true,%22destination%22:%22https://scrumdayeurope.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22385838218%22],%224%22:[%2210-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215796487834207984945%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Tue, 31 Oct 2023 08:42:19 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	request.php Show response hal900024.redintelligence.net/ Frame 1B18 Redirect Chain https://hal900024.redintelligence.net/request.php?zone=xbrkb4s8ehf6&nw=20&renderingType=javascript&namespace=98702e35d8&subid=&uid=a52727d7865378e5&screenSize=1600x1200&screenSizeAvail=1600x1200&cl... https://hal900024.redintelligence.net/request.php?zone=xbrkb4s8ehf6&nw=20&renderingType=javascript&namespace=98702e35d8&subid=&uid=a52727d7865378e5&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...	613 B 934 B	130ms 85ms	Script application/x-javascript	138.201.84.252 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900024.redintelligence.net/request.php?zone=xbrkb4s8ehf6&nw=20&renderingType=javascript&namespace=98702e35d8&subid=&uid=a52727d7865378e5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPuNH6b1AZdTpN7_G78EPquSP8AvM-YagabO9x__3D_AuEAEg4pOWI2CRBMgBCakC6DBWejzNsT6oAwHIA5sEqgSIAk_QcjKhSoec7FaEt_bwfkPs3E5hj0YfcDnDlv2L6etQmOE1zIZdp1SgLsTaNnpmHAEoACFRqNrpfsWPC-BcvbWguLLQnSglp8Tc14Qp-ZcM9P_QzV54n8qoGLGQMhm3ZtyvwPAjdM_f9PAnHVPAC0GZIqanCObm9zd1ltEFFTmCPnk9HN8d46TE-o99FN5cTHWHrCP2IVVlhQWUJZISUzncdUa6mxBNB7Bx6mU-IFI6rl_IS6YcyGGOTZ5FycqXiOjfNW7Acu3jAeBq0on0LRXnlzcqVz6xhApYJM-LPBwHvjo-jnA1ISVUmWzsLQ7vtANh659PJbtzH6XKH6x-_anwtHgxsBsDksAE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAk5MsBPgm80O0BMA2BMD2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSSwDICaaNVi7IgtgPZGpHtEF6CLYxYH_8LEkI3u0D-o80ipk4bveU9xVD66xcWzk1UKaG_onypwgpmNcM7xaWtp459UbP-x4fP_SCvhgB%26sig%3DAOD64_1Y_2Iwerjs91bzlOijCX0YYo2C2Q%26client%3Dca-pub-3576610951345108%26dbm_c%3DAKAmf-BHnUo57GYv83NxNuIclNApAlYf4nvMW5AGo6aG4eYhIbxKjvjWTZY7PbosuqEK72csCbu7JQhc3xe5nDsIrblpaXe-gNBoFs0v9Nz9XMgntqObsvykRTVm4_0vHZ4fD_O3ft89PkGgI78kpqJvMuPXdbuHI9eg5CaZeAToXdUGlkyHu4Y%26cry%3D1%26dbm_d%3DAKAmf-BicKhQxsq2SSYuYutKdhHip9zM9lpO7dln-J7_ESdb7yGuEqGl4QGuvCEHKBlfYMQFPLN7Tg_rL5pd6QxyLzd7oBk9vhUe_kB5n8PrAVs4Q5FxfLMkGvLAgyuzk9PGMixxoYhl7CzFY8R1veSnT5Ksv-dk--6Lj7AXKTOLOy3f6SQbRErjl3zUTWxBdeg_69MS_LX_W_gjo-HAJlGS95Ai8LGewKCd0WKw6Nyud52t9O-Q1oCeYhxen4mdntA4Yf9gXGYjBcTKPld92NrD46EVXhvTFA0PmCWeOEpNhqLRNeZ6TRPlUkOciAuwfmUeCalwOEAmJBrMWdVObxLEAY5aGoXU86WjokYtn7HTmdzTh5IfDJtO9pRLu-kNpas6IcgqYojmo0lg1YzZskZOcnhfGmshQLZrzWFFHB7EcsgTZLXEs6Mp3L9N0Xrze2emuy-yrRWn1Looi2dU_LGp56uSdhyBXbfOCuPy5FAeR6e8rpAcTIy0waybTb88VvXgcw8ppFzHKSR2QbyEsez4BoXKnULhgf1SRK8M3avfJ5unIF566Zs%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231026%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-3576610951345108%26fa%3D4%26ifi%3D4%26uci%3Da!4%26btvi%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fneostrom.in&random=2323729470261&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol HTTP/1.1 Server 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.252.84.201.138.clients.your-server.de Software Apache / Resource Hash 36283b9417862fdfc7a872f3d208a09ad690ec8523854f094082deed8c4f5698 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Pragma no-cache Date Tue, 31 Oct 2023 08:42:19 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Content-Type application/x-javascript; charset=utf-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 54790500030490204444456012494024 Connection close Content-Length 328 Expires Tue, 31 Oct 2023 08:42:19 +0100 Redirect headers Pragma no-cache Date Tue, 31 Oct 2023 08:42:19 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=xbrkb4s8ehf6&nw=20&renderingType=javascript&namespace=98702e35d8&subid=&uid=a52727d7865378e5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPuNH6b1AZdTpN7_G78EPquSP8AvM-YagabO9x__3D_AuEAEg4pOWI2CRBMgBCakC6DBWejzNsT6oAwHIA5sEqgSIAk_QcjKhSoec7FaEt_bwfkPs3E5hj0YfcDnDlv2L6etQmOE1zIZdp1SgLsTaNnpmHAEoACFRqNrpfsWPC-BcvbWguLLQnSglp8Tc14Qp-ZcM9P_QzV54n8qoGLGQMhm3ZtyvwPAjdM_f9PAnHVPAC0GZIqanCObm9zd1ltEFFTmCPnk9HN8d46TE-o99FN5cTHWHrCP2IVVlhQWUJZISUzncdUa6mxBNB7Bx6mU-IFI6rl_IS6YcyGGOTZ5FycqXiOjfNW7Acu3jAeBq0on0LRXnlzcqVz6xhApYJM-LPBwHvjo-jnA1ISVUmWzsLQ7vtANh659PJbtzH6XKH6x-_anwtHgxsBsDksAE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAk5MsBPgm80O0BMA2BMD2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSSwDICaaNVi7IgtgPZGpHtEF6CLYxYH_8LEkI3u0D-o80ipk4bveU9xVD66xcWzk1UKaG_onypwgpmNcM7xaWtp459UbP-x4fP_SCvhgB%26sig%3DAOD64_1Y_2Iwerjs91bzlOijCX0YYo2C2Q%26client%3Dca-pub-3576610951345108%26dbm_c%3DAKAmf-BHnUo57GYv83NxNuIclNApAlYf4nvMW5AGo6aG4eYhIbxKjvjWTZY7PbosuqEK72csCbu7JQhc3xe5nDsIrblpaXe-gNBoFs0v9Nz9XMgntqObsvykRTVm4_0vHZ4fD_O3ft89PkGgI78kpqJvMuPXdbuHI9eg5CaZeAToXdUGlkyHu4Y%26cry%3D1%26dbm_d%3DAKAmf-BicKhQxsq2SSYuYutKdhHip9zM9lpO7dln-J7_ESdb7yGuEqGl4QGuvCEHKBlfYMQFPLN7Tg_rL5pd6QxyLzd7oBk9vhUe_kB5n8PrAVs4Q5FxfLMkGvLAgyuzk9PGMixxoYhl7CzFY8R1veSnT5Ksv-dk--6Lj7AXKTOLOy3f6SQbRErjl3zUTWxBdeg_69MS_LX_W_gjo-HAJlGS95Ai8LGewKCd0WKw6Nyud52t9O-Q1oCeYhxen4mdntA4Yf9gXGYjBcTKPld92NrD46EVXhvTFA0PmCWeOEpNhqLRNeZ6TRPlUkOciAuwfmUeCalwOEAmJBrMWdVObxLEAY5aGoXU86WjokYtn7HTmdzTh5IfDJtO9pRLu-kNpas6IcgqYojmo0lg1YzZskZOcnhfGmshQLZrzWFFHB7EcsgTZLXEs6Mp3L9N0Xrze2emuy-yrRWn1Looi2dU_LGp56uSdhyBXbfOCuPy5FAeR6e8rpAcTIy0waybTb88VvXgcw8ppFzHKSR2QbyEsez4BoXKnULhgf1SRK8M3avfJ5unIF566Zs%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231026%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-3576610951345108%26fa%3D4%26ifi%3D4%26uci%3Da!4%26btvi%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fneostrom.in&random=2323729470261&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1 Content-Type text/html; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Length 0 Expires Tue, 31 Oct 2023 08:42:19 +0100
GET H3	200	Yki7wq91PsU7DdxfmXKOQxU4B1wmfJmh9h09t8sJadc.js Show response pagead2.googlesyndication.com/bg/ Frame BF72	38 KB 15 KB	19ms 19ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Yki7wq91PsU7DdxfmXKOQxU4B1wmfJmh9h09t8sJadc.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6248bbc2af753ec53b0ddc5f99728e431538075c267c99a1f61d3db7cb0969d7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Fri, 27 Oct 2023 11:36:40 GMT content-encoding br x-content-type-options nosniff age 335139 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15080 x-xss-protection 0 last-modified Tue, 24 Oct 2023 11:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 26 Oct 2024 11:36:40 GMT
GET H3	200	Yki7wq91PsU7DdxfmXKOQxU4B1wmfJmh9h09t8sJadc.js Show response pagead2.googlesyndication.com/bg/ Frame 65E2	38 KB 15 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Yki7wq91PsU7DdxfmXKOQxU4B1wmfJmh9h09t8sJadc.js Requested by Host: neostrom.in URL: https://neostrom.in/ekb-model/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6248bbc2af753ec53b0ddc5f99728e431538075c267c99a1f61d3db7cb0969d7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Fri, 27 Oct 2023 11:36:40 GMT content-encoding br x-content-type-options nosniff age 335139 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15080 x-xss-protection 0 last-modified Tue, 24 Oct 2023 11:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 26 Oct 2024 11:36:40 GMT
GET H3	200	mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response pagead2.googlesyndication.com/bg/ Frame E9BF	38 KB 15 KB	19ms 19ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 07:00:10 GMT content-encoding br x-content-type-options nosniff age 6129 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15010 x-xss-protection 0 last-modified Tue, 24 Oct 2023 11:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 30 Oct 2024 07:00:10 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame B4C4	0 10 B	19ms 19ms	Image text/plain	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?Vj-_KA Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 08:42:19 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H/1.1	200 OK	request_content.php Show response hal900024.redintelligence.net/ Frame 11F8	4 KB 2 KB	76ms 24ms	Document text/html	138.201.84.252 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900024.redintelligence.net/request_content.php?s=54790500030490204444456012494024&a=1bef6b09 Requested by Host: hal900024.redintelligence.net URL: https://hal900024.redintelligence.net/request.php?zone=xbrkb4s8ehf6&nw=20&renderingType=javascript&namespace=98702e35d8&subid=&uid=a52727d7865378e5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPuNH6b1AZdTpN7_G78EPquSP8AvM-YagabO9x__3D_AuEAEg4pOWI2CRBMgBCakC6DBWejzNsT6oAwHIA5sEqgSIAk_QcjKhSoec7FaEt_bwfkPs3E5hj0YfcDnDlv2L6etQmOE1zIZdp1SgLsTaNnpmHAEoACFRqNrpfsWPC-BcvbWguLLQnSglp8Tc14Qp-ZcM9P_QzV54n8qoGLGQMhm3ZtyvwPAjdM_f9PAnHVPAC0GZIqanCObm9zd1ltEFFTmCPnk9HN8d46TE-o99FN5cTHWHrCP2IVVlhQWUJZISUzncdUa6mxBNB7Bx6mU-IFI6rl_IS6YcyGGOTZ5FycqXiOjfNW7Acu3jAeBq0on0LRXnlzcqVz6xhApYJM-LPBwHvjo-jnA1ISVUmWzsLQ7vtANh659PJbtzH6XKH6x-_anwtHgxsBsDksAE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAk5MsBPgm80O0BMA2BMD2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSSwDICaaNVi7IgtgPZGpHtEF6CLYxYH_8LEkI3u0D-o80ipk4bveU9xVD66xcWzk1UKaG_onypwgpmNcM7xaWtp459UbP-x4fP_SCvhgB%26sig%3DAOD64_1Y_2Iwerjs91bzlOijCX0YYo2C2Q%26client%3Dca-pub-3576610951345108%26dbm_c%3DAKAmf-BHnUo57GYv83NxNuIclNApAlYf4nvMW5AGo6aG4eYhIbxKjvjWTZY7PbosuqEK72csCbu7JQhc3xe5nDsIrblpaXe-gNBoFs0v9Nz9XMgntqObsvykRTVm4_0vHZ4fD_O3ft89PkGgI78kpqJvMuPXdbuHI9eg5CaZeAToXdUGlkyHu4Y%26cry%3D1%26dbm_d%3DAKAmf-BicKhQxsq2SSYuYutKdhHip9zM9lpO7dln-J7_ESdb7yGuEqGl4QGuvCEHKBlfYMQFPLN7Tg_rL5pd6QxyLzd7oBk9vhUe_kB5n8PrAVs4Q5FxfLMkGvLAgyuzk9PGMixxoYhl7CzFY8R1veSnT5Ksv-dk--6Lj7AXKTOLOy3f6SQbRErjl3zUTWxBdeg_69MS_LX_W_gjo-HAJlGS95Ai8LGewKCd0WKw6Nyud52t9O-Q1oCeYhxen4mdntA4Yf9gXGYjBcTKPld92NrD46EVXhvTFA0PmCWeOEpNhqLRNeZ6TRPlUkOciAuwfmUeCalwOEAmJBrMWdVObxLEAY5aGoXU86WjokYtn7HTmdzTh5IfDJtO9pRLu-kNpas6IcgqYojmo0lg1YzZskZOcnhfGmshQLZrzWFFHB7EcsgTZLXEs6Mp3L9N0Xrze2emuy-yrRWn1Looi2dU_LGp56uSdhyBXbfOCuPy5FAeR6e8rpAcTIy0waybTb88VvXgcw8ppFzHKSR2QbyEsez4BoXKnULhgf1SRK8M3avfJ5unIF566Zs%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231026%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-3576610951345108%26fa%3D4%26ifi%3D4%26uci%3Da!4%26btvi%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fneostrom.in&random=2323729470261&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.252.84.201.138.clients.your-server.de Software Apache / Resource Hash 6ba5723d35891d15a2bf5d8bd15725784d9928c5721be5c1456db6a15ae1f3ee Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Encoding gzip Content-Length 1498 Content-Type text/html; charset=utf-8 Date Tue, 31 Oct 2023 08:42:19 GMT Expires Tue, 31 Oct 2023 08:42:19 +0100 P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Pragma no-cache Server Apache Vary Accept-Encoding
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame E9BF	0 20 B	56ms 56ms	Image image/gif	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BBv-f671AZYK2Dpnl7gPLx5CYDgAAAAA4AeAEAg&bg=!k5ClkN_NAAbo5yKYyOc7ADQBe5WfOKWF78_erjFCiozz1jh2yq-NXr19j3lIoGnUy1xqFIGptb1uGQqOAr1-4Ciwhgn2AgAAAGNSAAAAAmgBBwoADzYI6z2R6rO5gitKTjIdjpkDBxP2UgA3BUVj9cb5ZXfgRtJs97XY2lblzjIxoCztkB98tkOG9R39_yrMbi-7BXoIL2c0L8BTMPCkJhuL2ytrCyGrtdEn9hag7LifTzDhL_BpXydkGNnHvx6qkTEptF3BRY10eH-oVIk-2BwXhJW-SDNSWVAkAjYZr-5f3yLGpbqURn0tQBDDPh1D1_bFbrrrDQS8jUNyQZDWzLd8UQ13Mbq73E1EKl36z2RHZNCRcFWooNXAZklQXCsLrFRVRrHi5LlN5uvGFF7NlOV-g-9qUQRKvnIt17UCE4b3N2jHE_oqmDXOVPW4JPZCSILnWKKdTgwomv4w4jAbKCbh0K-NiPjKCUa1uo-1T1qhXhLdRrDy2N9IVFq6CjpUTDSXoAdrP7Utsdpd5uonRPU22iBlVNgXqUGM0z1gl7E46GLVsQwQXwsn1-lSs5dJ3Qr_63sLE4fX0lwSqDe-Eh0lUxCYtm1PRKRz9Y1a9N9-tpiDbIkwqShE9qPanqWCMlJHfTF8QEQqzFsG13jhOI_uZ0w7VVGLnlWBezx5CENboqZBY1tnHKIzFnxBOIzO1qO-Qjqr7lcws2NxONHzCk7OuYQoVM3suk-htjB6Zde4N1v5U4Qss08Dw7rR9vOE39GdcU43YsfesK25rDhtDpZbMaSuwSrrybVWZCSkJBC5obh5Hi7xsPfz3EpQXTgogcaRsfrb2n1zS84cq7Wmxufq5pnIbK8jZ_sLU6ancf6qap2lzB49FosUW3XtiHJqQT4RBMqO_BbkIFp3uflSJYLjN1uXbOL38G0kgnkqJuB5P1yjUrPOsirp-uVO5j2hhuyUEmBSv_uPITmUithvtinLt5hTV9CvLSLNaL3zCMzsfu-u8IsG1iivALIBTwZC54z8T7XtrZKISoXisdF3rqylMoJ7wp3Hfoc_YrTToy8hZsAmdzYJFuqmsZs1OPuBMRQfMKfvqf0N_dv3UAH7qlCmqUv219xGdAc-yrOu5_gvrBfdNWYPQuMeeIlOr4VAFpAnQLKw7O8gM8MiSC0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers pragma no-cache date Tue, 31 Oct 2023 08:42:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	S-160x600.gif cdn.contentspread.net/24i/content/soberfb/EN/ Frame 11F8	40 KB 40 KB	107ms 32ms	Image image/gif	85.114.131.234 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.contentspread.net/24i/content/soberfb/EN/S-160x600.gif Requested by Host: hal900024.redintelligence.net URL: https://hal900024.redintelligence.net/request_content.php?s=54790500030490204444456012494024&a=1bef6b09 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 85.114.131.234 Mossingen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS srv21038.dus4.fastwebserver.de Software nginx / Resource Hash d570e242efad060adb9d0c0772e1d75f6ad9ca6b92582053376d3e3ee8585579 Request headers accept-language nl-NL,nl;q=0.9 Referer https://hal900024.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Tue, 31 Oct 2023 08:42:19 GMT Last-Modified Mon, 23 Jul 2018 15:19:30 GMT Server nginx ETag "5b55f202-9ec4" Content-Type image/gif Connection close Accept-Ranges bytes Content-Length 40644
GET H/1.1	200 OK	viewability Show response hal900024.redintelligence.net/ Frame 11F8	0 150 B	72ms 23ms	Script text/html	138.201.84.252 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900024.redintelligence.net/viewability?s=54790500030490204444456012494024&a=39dcf59d&vb=m Requested by Host: hal900024.redintelligence.net URL: https://hal900024.redintelligence.net/request_content.php?s=54790500030490204444456012494024&a=1bef6b09 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.252.84.201.138.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://hal900024.redintelligence.net/request_content.php?s=54790500030490204444456012494024&a=1bef6b09 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Tue, 31 Oct 2023 08:42:19 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET DATA	200 OK	truncated / Frame 11F8	43 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Content-Type image/gif
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	56ms 55ms	Image text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231026&jk=2488577120309913&bg=!_P-l_7DNAAbo5yKYyOc7ADQBe5WfOLPa_619lx17o1K5Rq45ooBdMBlv8T44M4QUUZ1qJKWGcFyMEgF-kyO_w8tlSVfUAgAAAPhSAAAAA2gBBwoABoDyTk9pOpkCtRw1-Y0nIAem2FCFUI81I6Kc1TrKRzJLKdThZ8t9jCuAiDTDF9-RPuyZcLS5Xhfaq2vYmNK1HiJLN4CcCajR2ARwJUHiCGeONyDuwhcLCFNruDNwbihI6r8jtap7-ze-6K-jwmuHt1CitSfgt8B2XrW76HpLWDg4WAOfrKKnVwLThmDhWcpcb3y-ioI7Sa-RWsJit-9UzTMneQb82RDTH3wcJfT7VRwznQ27XE95BwRpQ-s61dnnxSOg9sWjmfcnxxjY-kdvdjYmtSfq9ImDwXIQQs-g4VtFhqeBp10bdnYN2FdAZCatSHeZC6TBwvkjbZw6TIDwokoBWQw5hTFhtvQxU7St41AmqMfpnxFvN7VeLQ7J0bXXxbHHFZLVPna_7Dg03_xKfJvDc85XzNZC_-hJlm8NSbS8hUafGoazYKhXrRQOjPiaeDaWdAi5GT3dO039APwBLEIYH2YLPXcSFgsL9DHxvcbbUqHOxq59miAEUq_y3luDpeS09-eGUGCxkGoXCQ9Th5wjykWibAm400glnzhZNUjyOeatQfpeRuUS8iL8WIIYdMOmER2GJLVdAY4IPoER65SIYCZ2fv8WXJUaX7Z2tFX5gfhMAW7XQlZ7rDJCzJxlhAbkhBvQ4uNU5WDTxZipVrRvztHmgA95WPlElftScXGDJEH27Wq5oALR6bQR8LrojNFuM874CvYLoPdxh4CIfTkyyZbNujX3ri5jinRso_tgHgovKUoBa1RYtnMkRGw---m5ZlnmG8heLTKjGNpFIhRxU-OIQjjda1-I-vSJC6kBJy7R-7GRvw85HngSedMnIIJXw2GTM53Vh0Cui7Hkwv3cXUTVzKjuV8Z777dgi3yCC1PSkYJZA0VsZUJbh30lLjg30sX9flqUN4MgidPzdQEAPbEBX3sAJG9k46CWkQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://neostrom.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame D1F1	42 B 64 B	57ms 56ms	Fetch image/gif	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_EfeaKvihmsRmMWtCVHu58B81gl9BjhMJ_gtXpOS7oMWxH_gJ7hAs-bGmykuRjWWtY3uvLffovmP1e4O590F9rZ_1LFNM4Dvd3O5yiqYvg3zMzNYk73mNYf38oBPQ1e02tF49LgM8dXoQESPYPPGkuKkSm3a0gvDHSu-_kN97kxhmj1Z4FGw1ANcH2m6IvFk5cHx6R1lPvWSor4MK6X5CzGqJ_6gMWs3ATFSpEfmmqwewvoK7QYhHRzzWTasERsJSiYzSd8hwEG_bh1bAvYRDJ4qTuejBB1OHLyrlIK68u6DqjMYIHX3HssQz-oWwy_0xBx6WVcFGJzjVCHpaulj77zP__YT5trU6FpAhVSZqfNsnRq4JpNVgGE6SrVd20UGelnBo1WGZusnIGxU6BTa9k2J8lLCjiX3JJrXGavPBqIHERm5MLOQ8kOhuOFNe5FeDvREPtHAVdCVCXzMzlOs4Lb0Vg-qWT2eTbY8FnqpksES2NMfgOra-8ZVcqRaGzdB726U6BUC5y3bQYYu8fKNsVNBRqYx3z5UxAy67YaKaWrWyg5_XEfLuteYf5AykTE0hf4IKQUZDMcmuvTMQFNX6_fMKvKT-Gx3Rlz08N-CNYEft0dv6EhkarQFOLKG7ifqPRVlVSpwFGaOj0jr0NDxIoqeXVq_V4S_-s8NZKR92xEFb7iAj8_NCeXBGDc2Oel7CfelrVWqtbPrf9-oYXPjZqSKODP09z7ypJZ7TKr8Yqy_XS0ouP0chM7UaI3oqA4uVHQmt8nY9HUePYugzPAE3RidEj4fmWpgSsd8_9VmJWmjh0Zpw_0S4WfGvWslBU7Bf6ZmH270lgrqlgnf3f1XThDYA6lgi8s3iWTJGngS2zxQ51nPgQL3hePBU-J-iJ19dIRCGwqxVHeC3KEIFovT-5HQkVMbLrKOJ2f8CLaT8-bjibGgtGERDzv8cdBGVSDUFzTXsh3zymHYRFf1xeYq4I3EH59rYBnVyAdNMfuKo1fZpNgj_3XCVwiTL0RQbrxsvQqJvH3DBfTjBDmKODADqUnePTs5RVue7IjinFDKHYEnquPbDYrQXWtm5IcbBQm4PndRgVXfeHag10jmojQDfV1FAVwdIBxc&sai=AMfl-YQ8DufNEw6n6Rb0LDutZXfwXtdIL6lkaY7V9eoTPlctv6DzUdXTHNG-IwFD6WRwvEGs43Fett731-WTkZlSOzhOP-6YQ-urrIG2y4Duf5pR-o7qiKUTj3MZp9qILDQLGLoztgQFOfkBA2A5zP3RSctSLmyDx2rnVg&sig=Cg0ArKJSzNpGoVEfsTz9EAE&cid=CAQSSwDICaaNVi7IgtgPZGpHtEF6CLYxYH_8LEkI3u0D-o80ipk4bveU9xVD66xcWzk1UKaG_onypwgpmNcM7xaWtp459UbP-x4fP_SCvhgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=168,820,1000,1126,1126&tos=168,652,180,126,0&v=20231030&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698741738989&rpt=332&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers pragma no-cache date Tue, 31 Oct 2023 08:42:20 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1B18	0 20 B	54ms 53ms	Ping image/gif	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7430277908947&version=m202309260101&ct=77&x=1&cor=1677377608739265300 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers pragma no-cache date Tue, 31 Oct 2023 08:42:20 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT