wincreator.com Open in urlscan Pro
136.144.249.135 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wincreator.com/
Submission: On November 26 via api (November 26th 2021, 9:09:30 pm UTC) from GB — Scanned from NL

Summary HTTP 142 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 28 IPs in 7 countries across 24 domains to perform 142 HTTP transactions. The main IP is 136.144.249.135, located in Eindhoven, Netherlands and belongs to TRANSIP-AS Amsterdam, the Netherlands, NL. The main domain is wincreator.com.
TLS certificate: Issued by R3 on September 28th 2021. Valid for: 3 months.

This is the only time wincreator.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	136.144.249.135 136.144.249.135	20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
13	2600:9000:205... 2600:9000:2057:ee00:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
24	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	18.198.109.212 18.198.109.212	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
6 19	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
4 8	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 5	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	35.186.231.97 35.186.231.97	15169 (GOOGLE) (GOOGLE)
1	65.9.71.19 65.9.71.19	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1 1	18.196.159.27 18.196.159.27	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4007:80f::2003	15169 (GOOGLE) (GOOGLE)
1	64.233.167.155 64.233.167.155	15169 (GOOGLE) (GOOGLE)
2 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	217.182.200.19 217.182.200.19	16276 (OVH) (OVH)
1 1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:401c:17::7	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba60	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
142	28

20 136.144.249.135 (Eindhoven, Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: 136-144-249-135.colo.transip.net

wincreator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:2057:ee00:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

w.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.109.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.185.66 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.234.21 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.221.90 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.231.97 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com

impes.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.71.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-19.fra56.r.cloudfront.net

vht.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:36a9:ecb:e518:b308 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.159.27 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-159-27.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4007:80f::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.167.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.182.200.19 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm5.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:401c:17::7 (Ireland)

ASN15169 (GOOGLE, US)

r1---sn-5hnedn7z.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba60 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	432 KB
35	doubleclick.net 6 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net bid.g.doubleclick.net	130 KB
20	wincreator.com wincreator.com	332 KB
15	sharethis.com w.sharethis.com ws.sharethis.com l.sharethis.com	96 KB
9	2mdn.net 1 redirects s0.2mdn.net gcdn.2mdn.net r1---sn-5hnedn7z.c.2mdn.net	2 MB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com	7 KB
5	adnxs.com 3 redirects ib.adnxs.com	5 KB
4	googleapis.com fonts.googleapis.com imasdk.googleapis.com	128 KB
4	google.com adservice.google.com www.google.com	2 KB
3	pubmatic.com 3 redirects image6.pubmatic.com	1 KB
3	google.nl adservice.google.nl	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com	1 KB
2	gstatic.com csi.gstatic.com	344 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com	921 B
2	openx.net rtb.openx.net	414 B
2	rlcdn.com 2 redirects id.rlcdn.com	889 B
2	quantserve.com 1 redirects cms.quantserve.com	799 B
2	tradedoubler.com 1 redirects impes.tradedoubler.com vht.tradedoubler.com	55 KB
2	googletagservices.com www.googletagservices.com	73 KB
2	jquery.com code.jquery.com	39 KB
1	createjs.com code.createjs.com	63 KB
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	337 B
1	agkn.com 1 redirects d.agkn.com	761 B
1	googleadservices.com partner.googleadservices.com	640 B
142	24

	Domain	Requested by
24	pagead2.googlesyndication.com	wincreator.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
20	wincreator.com	wincreator.com
19	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
15	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com wincreator.com imasdk.googleapis.com
12	ws.sharethis.com	w.sharethis.com ws.sharethis.com wincreator.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net wincreator.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
6	s0.2mdn.net	wincreator.com googleads.g.doubleclick.net s0.2mdn.net
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
3	image6.pubmatic.com	3 redirects
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.nl	pagead2.googlesyndication.com
2	r1---sn-5hnedn7z.c.2mdn.net
2	e.dlx.addthis.com	2 redirects
2	csi.gstatic.com	imasdk.googleapis.com
2	googleads4.g.doubleclick.net	wincreator.com
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	id.rlcdn.com	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net wincreator.com
2	stats.g.doubleclick.net	wincreator.com
2	l.sharethis.com	w.sharethis.com wincreator.com
2	code.jquery.com	wincreator.com
1	code.createjs.com	s0.2mdn.net
1	gcdn.2mdn.net	1 redirects
1	googlecm.hit.gemius.pl	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	d.agkn.com	1 redirects
1	www.google.com	tpc.googlesyndication.com
1	vht.tradedoubler.com	googleads.g.doubleclick.net
1	impes.tradedoubler.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	w.sharethis.com	wincreator.com
142	36

This site contains links to these domains. Also see Links.

Domain
www.hermitgamer.com
rocketpas.website
wincreatordotcom.blogspot.com
plus.google.com

Subject Issuer	Validity	Valid
wincreator.com R3	`2021-09-28` - `2021-12-27`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sharethis.com Amazon	`2021-07-19` - `2022-08-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-11-09` - `2022-01-18`	2 months	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh

This page contains 23 frames:

Primary Page: https://wincreator.com/
Frame ID: A56E7D20A020CE3BFEDEB531C9A6AC09
Requests: 51 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6607726897456738&output=html&h=250&slotname=3543758009&adk=517964018&adf=2563773748&pi=t.ma~as.3543758009&w=300&lmt=1637960965&url=https%3A%2F%2Fwincreator.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637960965090&bpp=16&bdt=242&idt=96&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&correlator=7429619311411&frm=20&pv=2&ga_vid=1083446620.1637960965&ga_sid=1637960965&ga_hid=1745138062&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=336&ady=813&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063738&oid=2&pvsid=1674245277419097&pem=13&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=RBBgwGdswP&p=https%3A//wincreator.com&dtd=122
Frame ID: F62FA4D9F4A10737561CB058F37CE0BA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6607726897456738&output=html&h=250&slotname=8836425207&adk=59057611&adf=3082323651&pi=t.ma~as.8836425207&w=300&lmt=1637960965&url=https%3A%2F%2Fwincreator.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637960965107&bpp=3&bdt=259&idt=112&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3543758009&correlator=7429619311411&frm=20&pv=1&ga_vid=1083446620.1637960965&ga_sid=1637960965&ga_hid=1745138062&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=640&ady=813&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063738&oid=2&pvsid=1674245277419097&pem=13&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fIzPvQKUBg&p=https%3A//wincreator.com&dtd=115
Frame ID: 96C6785CC4C48B1827974F815A1926DC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2555265650927328&output=html&h=250&slotname=3976228146&adk=2429784936&adf=117519709&pi=t.ma~as.3976228146&w=300&lmt=1637960965&url=https%3A%2F%2Fwincreator.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637960965112&bpp=3&bdt=264&idt=112&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3543758009%2C8836425207&correlator=7429619311411&frm=20&pv=2&ga_vid=1083446620.1637960965&ga_sid=1637960965&ga_hid=1745138062&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=944&ady=813&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063738&oid=2&pvsid=1674245277419097&pem=13&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nuDIeiD2l4&p=https%3A//wincreator.com&dtd=115
Frame ID: 5EFC608BD969CB549A22CDA3B39E27D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6607726897456738&output=html&h=90&slotname=5058700403&adk=3065914911&adf=3044744386&pi=t.ma~as.5058700403&w=970&lmt=1637960965&url=https%3A%2F%2Fwincreator.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637960965115&bpp=3&bdt=267&idt=133&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3543758009%2C8836425207%2C3976228146&correlator=7429619311411&frm=20&pv=1&ga_vid=1083446620.1637960965&ga_sid=1637960965&ga_hid=1745138062&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=305&ady=1068&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063738&oid=2&pvsid=1674245277419097&pem=13&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Bu1wP7HJQJ&p=https%3A//wincreator.com&dtd=146
Frame ID: 2416227EC2A9A6BED770EB3504F0059E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIr22QEQpoGC5gIYo466uwEwAQ&v=APEucNX3EIDxEzO_vC_Y_6z0sgpclFBSLpSxZJi5FwtVWTSOXxQ5JH6Kbv0uB1b02bpGYx0-GyIaEH7RRxHvmeBBzbJXzmnmOHYZasAC7rYsTlyCxfSPjyrlL5R33Y6_iyuBfE6IhzZhlx8JeEzSGj12iGIrbEMoCZrUKHPALEQnNujm-VjVzF8
Frame ID: 985EB60FBEA873F734D1562192AC5A04
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D_jznyShMuv7fhSawgueRD9WsxcyQn3iFUmu3sEwPFYxwLs84gxp-uOKzcNrha8g60sfjscnJQphLGDgvljH-jQGjY7WwUFdghzM9cAnhAJoEVg6GF7f0_Vo9dqw-0AG2yqBaUegvOYBbn-_jqoxhJDckfQQ&cry=1&dbm_d=AKAmf-C5Z2-nRhrM7kdNrVS8z3H3IFW9ytcHY7kFQPx6YVxfdlbqgc0soBRL8oB5p2RYlUqtCnt0vpimjLQzx70IF0yELRv8eDTwrjcaDep-VC6k0okdjgXyyoym-KFvO7Azv9ATvwslKGnUGrriDeEQE2GXxQwOVBDoh3bRr-z3GvUJqGO-qTFopUZPIKvvy1TUDORcISxaxAfwEbirNglpEZXoALvDvsLzJYnvmUHXIAtrtogDqwx1VzorwLGS5Rmr98djVat9vxa_7yiDdhN4F2cSlOWg6mXDvdrfNc7oyI7bHpW_3ZGHZa4n7BpGP94uc2kRA43TV27wrGKNuBMJ56kgZMDYQcEPiqowwXhbFw4SvIGqjSOL3RNMex9uUq2LojCREWghUgTHwZ-NEhuIuNgPJs3zdp1_8jwcjl9XDSdVgfJr1GcanCv7XPHOLck_-bkUy-vvxAU5iOg8uc0TYXtKWLslXWQKiLi8NWJ5j0kfjxDd4rWBw0g-Db3LwtKPKdXKzyVywmTzRs6vNICG3L7f4fF87g6J_wnfy0urs_gaHhCs3gNXQF2p637i7lpRCD6xa8t40qSW_SC50M-o6b5aq3hqXXlvKsUEfX4KpwPf2pYyUKoPpSTLX-KiLTkABXXx2J0AaTq7rHeYR11hYWrRIL7lzb-UhHByubHE0Oefa40Xhi2r--hOdHlN-cMsbgbWAum7gYlvMc04GRAlqewSHhUJ74_ONXprnsqEu5f_dDjEXaosi0B48Z9Fndi0Ukr6USNoA3mq33w3PcG7fLnt5qqX5FZgHRaUgTE334PR76HdzBf0Yxw6YpKsNCFIgIdcCYKDvCPJgJtez86W8pvP0nsCaLfGJpuqb5YwSSIe-iMnIHNa4-4uDfs1mk9u-yNyWW3NFJRQwKFjI0MU626gIH53ecyc41imCUC4c1MrE4vNpBS-SeLBtY030AF25bnCDc2_87fOnxO4Oj3PZKOgpNsziaMheVbvxYhhGxOjU6JwyA0xZ4wdbPBuOl2PbqIe36j2CUUeO7XHq8tv6tf9FCPeKDU5bh9HY0vAUjaFj4Loz-5PAaewjBPNq1XE0gt_6ZHNFq4s80LUCebWXwEZrIG9BuI27pGGmVvDTBPOPJnp4jXrO9QFWtFQ69l16HEEn2owZdRisC121hHAK0lWOpOwPH01dbyIwroW-pK-TRMlDKusRIB6KITAatE94Aj9thrmeeF6GmDv1h93iJeei1WKWgDdzAyT37dMhdRkoFnwZPjQczph-yG01OkDPS6eefGVFk1ep9kAfgmDoWaMAMGdoOawdSZxFwVWBTSDaIiyh7bntPYmyqDZiyxLYzqAfrtGGkcrsq60kqhxRalWKZWpvcvztLuGwXMcHFbzcWKIlO1tQHTupKEmlcRZzrS1579t2xP4SfFK7Xq6pc__f9hNZL4zCfOSlIz7nMtYdXeDwCj_EQIPYjuwJ2cmxLFweLHljYDrJiz45y6fpvKXHF6CLHMXhbKZt-C8FEOTvn7oTkSKB1IoPvVM3lmfpZcIcpoOCq8E6w7cuENukhrNCeseoa1tVvj_BxPRL3BZU-5OUZ9kT6-AhSH9o3AI6vTZ9NRLRbhERjBaMs3DlOR5G34ZPFiyw3dvA3IgIjtqLMBaryuAGDmPBGOBIYIaSJinr3j9ibNtiqgU9AgYoHxssnwj7NEKhGul2lOjihvebSgwtI-3vqep2b75Y4TK9LQPnyjQ29VfGuATOm-RdUfZIJ9xMmVKbiMkjBOu3Wu_L9WXF5RxPcI8I1Zogdw6873oOe3iddIKU11eqziUcdo1_rkw-wDsfgaqKth9wPyQFr4Rwu9S8mUbHwf2_dqHFx2-U8_rZsUmpisCzQWxQNbtfhihbyNf0mDW5qgk5KnZM7dwmP4x9yWgQsrYUIQ9nkkPADAcPh4nqdM8dWY61uwQRIjFFdM3z7kNNq1XirZetUBcxlhcMg7ePwXED5StX9Q0BE4DdEgEEPPBY70THkIdBPMm5BNF-nY6ZbYcQ2_3ngG2zhSaup_nB6sukz7HIa0n-0pvTI1WwVpN74yCY1Oc_cXfMT3ClQB-WOKUjCrM6913YU8J21hl_2z3T8Wz8ff4Ji0kAaIRula8i02_WOL6yP8fbmc6R_kIw_nnhfwP6s9ueWk0nHupEg1BIhhzgu8-S2C-R4eSHFaW08zUAfdv9-FvqWuNPhrxDDnESMWSUjIV7YVJcHd5-tOnGl3srZ2evddIpPOPPfQgXfJ8HSiToqdsVqyv-39FvIFvZH7eJl7Lxb8myN8onN15Ar0PL7yvRgQfY-7MHJ5H2sOr6pVmLXEyG1BG8tgrkHkGnVU1O5qXtwZgIcuOdaFyDhD93SPYNc_D9cxEo6kF1H4M1QK49etwXEXy_Zhjld-CvsH7yGY2dzSBxeJw1biVvBEQiTXwRT95dkR5VvYicUUutbFdqLnOVIhK5ymz-l1PRTHnM2u3HFuUUJlHo9UyJRAl3EinTPJGnh0ZejLz2-lhuLSCi27nEg3laeYEufsM-TsRV8M0MARef8zs6mZyv_TzpnNOX-drdbTzWWIkENnXAy-n0nl8nxe85h1hN5cx1logYm6g8rs5x4GrU6xJkLpx3Iz7sVJBCp5sT15-09cyVn6-AjVB11OxW6F6KHOfSAjQdKwfb4brxXWfIJciu4cxOh0MUf8mQi-OVCJDuJhnzZM7yHEbdPX5lRhNWYssPNbH0NmpL46X35eBx_kvqSawrukWm-coKjrBXfpnHSYAMM0xuL0KIiDDs8z9zIJWPStTD_0occG5Oz_DeUyh1TXg1zoUIBG4sxUwSOC70tXC4ZHuSUL1xVW1CNuRr6I7MP9afAl5oI5LCMCmtpnGF6gKd9Q5XJA--_rt3zCI7-ibDYKxSfqBAFQa-w21p_zr3xrfw5yXj6zZqw78eK2sisYeSeFe-RW1tfmSR3mmf6lmiERH8YMtEQ-54dNeQbuVZwN925Y59UItFfGmCoTcgxDXNsvP3ElylfMrw8tm43rtcwOo3UijBlWDf15nw5IGEp2on70uW-c_jVJ_eUM1Tjna6Rr_e9CokUMVAkEx668_Ohf8NqeIGuM_rF4uZBz7KTUc0MJE7qE26PsyavB5Bc-SQdBGatu2G5ut6k3a9Brgt04LQKd2lt-dxLMahP0cxjpV4YC96d2JUH989N5kzU2aiEpZdo3o&cid=CAASBORoAM8&rfl=2%2Chttps%253A%252F%252Fwincreator.com%252F%240
Frame ID: 62BDD4C09ADD94D6F1F4F4BFB3A1962F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0D432189311CC3BC76667A21A2473554
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: C818285CC8DC5B85C3DE23FC0FB65773
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6607726897456738&output=html&adk=1812271804&adf=3025194257&lmt=1637960966&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwincreator.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637960965988&bpp=1&bdt=1140&idt=2&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0770d27a00019455-221df37206cc009a%3AT%3D1637960965%3ART%3D1637960965%3AS%3DALNI_MYyUSBHfl3E0YGyjzdkiKbcriNTNw&prev_slotnames=3543758009%2C8836425207%2C3976228146%2C5058700403&nras=1&correlator=7429619311411&frm=20&pv=1&ga_vid=1083446620.1637960965&ga_sid=1637960965&ga_hid=1745138062&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063738&oid=2&pvsid=1674245277419097&pem=13&tmod=981042852&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=21
Frame ID: 710CF7F9B325E83D2CCDE6A0649F472E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 176506B817D6FD660D93851802A85D9D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8010FDE5F7108B4E04676E54C3A1BB7E
Requests: 2 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure5x/index.html
Frame ID: F19EB1F1D4B310B6F49D950403A80140
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8A8BBFB4CFC4FD759E836AFF8A6C7DEA
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1
Frame ID: BA8A798B602A6860ACD910E78D4387C3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCauQEQ45bmARiH_MO7ATAB&v=APEucNWFrxj8Qv1sgzzppbSDiFGVuym89x6beXz1YsWlJOCnyOnJkh25IYBrX0olOg8qn2IOXuuQKdDbLVyvlqOZnQOczj3bJghkmLdfYyHOviNk9hzSu4-hemWIBlezYVKtyeeywsCJHty-BsxFTDRL25UCqIIVo9o6Zz0VxEtdR6rCBh3A9mE
Frame ID: 660A1226329CFC2237F37BAFCBB72B4E
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Frame ID: FE51B1568C48F943439D950AFC9B1CF7
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BCFBED5CD74BD7CC8989A2A425F86D98
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 401CC611E74C12699A399987F8043551
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Frame ID: B21EF0A0E325D3775A662BE02B0DDC72
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2E77458E8718EAD20DC0E73A4FA3F809
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 90D1AC14325FD66AFED22F01C169704B
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/407604236531593505/728x90_leaderboard_BlackFriday.html
Frame ID: 390A051FEA91A5DB69AB3E6547628DBB
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Convert YouTube to mp3 online, trim and cut mp3 online, youtube to mp4 online

Page Statistics

142
Requests

85 %
HTTPS

51 %
IPv6

24
Domains

36
Subdomains

28
IPs

7
Countries

3670 kB
Transfer

6129 kB
Size

36
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hermitgamer.com/skyrim-legendary-skills/
Title: skyrim legendary skills

Search URL Search Domain Scan URL

URL: http://rocketpas.website/
Title: rocketpayz

Search URL Search Domain Scan URL

URL: http://wincreatordotcom.blogspot.com/
Title: BLOG

Search URL Search Domain Scan URL

URL: https://plus.google.com/109200352481356529702?rel=author
Title: Google+

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFxXzqFZwlwXto8KwQhIZJM&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFxXzqFZwlwXto8KwQhIZJM&google_cver=1&C=1

Request Chain 51

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaFNBeVZktRyvadKqzC3UwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKHfTAak4f3S29fwc6s8tZY&google_cver=1

Request Chain 52

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIiokYnkBQd-wSIaJNnm1tg&google_cver=1

Request Chain 53

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyNDc5ODk2NzU0ODM4OTE3OA%3D%3D

Request Chain 55

https://impes.tradedoubler.com/imp?type(img)g(25118492)a(2865014)503511253 HTTP 302
https://vht.tradedoubler.com/file/301643/BF_NL_Engage/728x90_9.png

Request Chain 93

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKHfTAak4f3S29fwc6s8tZY&google_cver=1

Request Chain 94

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaFNBeVZktRyvadKqzC3VwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKHfTAak4f3S29fwc6s8tZY&google_cver=1

Request Chain 95

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEDSBg4O3srYnVSRNsA-U9o&google_cver=1

Request Chain 96

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyNDc5ODk2NzU0ODM4OTE3OA%3D%3D

Request Chain 104

https://d.agkn.com/pixel/2175/?google_gid=CAESEGe6pbYSvEMthcDTzTCQJfE&google_cver=1&google_push=AYg5qPJA-yGExlHjYnuSHCgIbErNS6NWt6iQECqGWJF3X5AIeoXZgty5CLgaAiU0fqZou0qC5M994om__sCAHAS3xfHspWwC3xe0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJA-yGExlHjYnuSHCgIbErNS6NWt6iQECqGWJF3X5AIeoXZgty5CLgaAiU0fqZou0qC5M994om__sCAHAS3xfHspWwC3xe0&google_hm=Q0FFU0VHZTZwYllTdkVNdGhjRFR6VENRSmZF

Request Chain 105

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPK3c71WHK6zX7NkTCrLLsyF1f6FGPsVgwHme_rIIZKwfEnptmR9AHVu-8V-XTjGXJaaJXCvZhmdx0Ql8_P2awmLFfRaMRIk&google_gid=CAESEHQlgdmU256QvumBYauU9H8&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCIaahY0GEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBLM2M3MVdISzZ6WDdOa1RDckxMc3lGMWY2RkdQc1Znd0htZV9ySUlaS3dmRW5wdG1SOUFIVnUtOFYtWFRqR1hKYWFKWEN2WmhtZHgwUWw4X1AyYXdtTEZmUmFNUklr HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcmV4cjZyR3JiZVI4TXhpbGhiUDR3c3VKNzNkZURBRFFUbnpfSU5yUGNzTQ==&google_push

Request Chain 107

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEiGIWScG1O5ApcAAW3jyyY&google_cver=1&google_push=AYg5qPLOjWWAWOp1I-PdcY1NaKtK1UmmyGpscBVX1ON7QbksbzxMudqcbrXe1e38DAZlz29I3PJnOToKpPKowPqyeGqEJbf9eJln HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEiGIWScG1O5ApcAAW3jyyY&google_cver=1&google_push=AYg5qPLOjWWAWOp1I-PdcY1NaKtK1UmmyGpscBVX1ON7QbksbzxMudqcbrXe1e38DAZlz29I3PJnOToKpPKowPqyeGqEJbf9eJln&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GWHnK_bGTC--oPnbXm9ctQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLOjWWAWOp1I-PdcY1NaKtK1UmmyGpscBVX1ON7QbksbzxMudqcbrXe1e38DAZlz29I3PJnOToKpPKowPqyeGqEJbf9eJln

Request Chain 108

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMRkcST5CoRCNP-hDvIXelI&google_cver=1&google_push=AYg5qPKzBUv0HDKg21Rms2MWAKppoc6f5QnN2DkYpacKE3Y05PidZ2H5zJRrzllSX9sX-C-rHipUeLXldv0uxSgBkgkvs38rplPk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dHVk8yS0YtMjQtRUY5Vg==&google_push=AYg5qPKzBUv0HDKg21Rms2MWAKppoc6f5QnN2DkYpacKE3Y05PidZ2H5zJRrzllSX9sX-C-rHipUeLXldv0uxSgBkgkvs38rplPk

Request Chain 109

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFyNn0-mW6ow HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFyNn0-mW6ow&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFyNn0-mW6ow&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFyNn0-mW6ow&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFyNn0-mW6ow&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFyNn0-mW6ow&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFyNn0-mW6ow&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFyNn0-mW6ow&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFyNn0-mW6ow&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFyNn0-mW6ow&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFyNn0-mW6ow&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFyNn0-mW6ow&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFyNn0-mW6ow&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFyNn0-mW6ow&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFyNn0-mW6ow&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFyNn0-mW6ow&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFyNn0-mW6ow&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFyNn0-mW6ow&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFyNn0-mW6ow&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFyNn0-mW6ow&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFyNn0-mW6ow&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1

Request Chain 118

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPf7NCMQM8k8NT6LoP2-nZQ&google_cver=1&google_push=AYg5qPKS9kVmgave7XbnfyuTEJKmnEnXhe69tsMJjNZNLNmwnm5iw887KFS5GSQXORawJXlrXoKCjkd4w4H_SRpCdwd7QdEu1jA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKS9kVmgave7XbnfyuTEJKmnEnXhe69tsMJjNZNLNmwnm5iw887KFS5GSQXORawJXlrXoKCjkd4w4H_SRpCdwd7QdEu1jA&google_hm=CPkKrSd9Lcu5BEKWxX57pQ

Request Chain 119

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLHIvp6HfMmuCIvfzcoLmXL4xngs0zpNi-SzK1JOQyjEX4lNAWjpUOm2J7nDYVMiwlel5hL0yrDXAIfO7c6pPk_IQmE6g&google_gid=CAESEKQfs-OH4t9MH-XvLO6YbIs&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLHIvp6HfMmuCIvfzcoLmXL4xngs0zpNi-SzK1JOQyjEX4lNAWjpUOm2J7nDYVMiwlel5hL0yrDXAIfO7c6pPk_IQmE6g&google_gid=CAESEKQfs-OH4t9MH-XvLO6YbIs&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMjYyMTA5MjcwMDA4OTIzNjA3MTE3Mg%3D%3D&google_push=AYg5qPLHIvp6HfMmuCIvfzcoLmXL4xngs0zpNi-SzK1JOQyjEX4lNAWjpUOm2J7nDYVMiwlel5hL0yrDXAIfO7c6pPk_IQmE6g

Request Chain 121

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEiGIWScG1O5ApcAAW3jyyY&google_cver=1&google_push=AYg5qPIgMO1oLQKY09pauHmpDI8v_X0I5GeQhvehScXa6RtnimSw4PPFeVc7Apr04-st7XMkDflkKV4ZfGT5hs_4YmKAYDEUYyY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GWHnK_bGTC--oPnbXm9ctQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIgMO1oLQKY09pauHmpDI8v_X0I5GeQhvehScXa6RtnimSw4PPFeVc7Apr04-st7XMkDflkKV4ZfGT5hs_4YmKAYDEUYyY

Request Chain 122

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMRkcST5CoRCNP-hDvIXelI&google_cver=1&google_push=AYg5qPJ3vNKiKnMUOSoIUSamQmDchdau2kKfLtTN0HvIiQklsNVwOXvbGl4qaRsk6q1BP4w_2G563pm4bb1kLbCaNYgnAslitck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dHVk8yT1ItMUctSFY4WQ==&google_push=AYg5qPJ3vNKiKnMUOSoIUSamQmDchdau2kKfLtTN0HvIiQklsNVwOXvbGl4qaRsk6q1BP4w_2G563pm4bb1kLbCaNYgnAslitck

Request Chain 123

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOVL8D_iT6eVtXCVmpRfYROY14AQqNVs_F3-i6y_QNCl5MLc9nV3ODsA1Y0W93zaE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOVL8D_iT6eVtXCVmpRfYROY14AQqNVs_F3-i6y_QNCl5MLc9nV3ODsA1Y0W93zaE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOVL8D_iT6eVtXCVmpRfYROY14AQqNVs_F3-i6y_QNCl5MLc9nV3ODsA1Y0W93zaE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOVL8D_iT6eVtXCVmpRfYROY14AQqNVs_F3-i6y_QNCl5MLc9nV3ODsA1Y0W93zaE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOVL8D_iT6eVtXCVmpRfYROY14AQqNVs_F3-i6y_QNCl5MLc9nV3ODsA1Y0W93zaE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOVL8D_iT6eVtXCVmpRfYROY14AQqNVs_F3-i6y_QNCl5MLc9nV3ODsA1Y0W93zaE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOVL8D_iT6eVtXCVmpRfYROY14AQqNVs_F3-i6y_QNCl5MLc9nV3ODsA1Y0W93zaE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOVL8D_iT6eVtXCVmpRfYROY14AQqNVs_F3-i6y_QNCl5MLc9nV3ODsA1Y0W93zaE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOVL8D_iT6eVtXCVmpRfYROY14AQqNVs_F3-i6y_QNCl5MLc9nV3ODsA1Y0W93zaE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOVL8D_iT6eVtXCVmpRfYROY14AQqNVs_F3-i6y_QNCl5MLc9nV3ODsA1Y0W93zaE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOVL8D_iT6eVtXCVmpRfYROY14AQqNVs_F3-i6y_QNCl5MLc9nV3ODsA1Y0W93zaE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOVL8D_iT6eVtXCVmpRfYROY14AQqNVs_F3-i6y_QNCl5MLc9nV3ODsA1Y0W93zaE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOVL8D_iT6eVtXCVmpRfYROY14AQqNVs_F3-i6y_QNCl5MLc9nV3ODsA1Y0W93zaE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOVL8D_iT6eVtXCVmpRfYROY14AQqNVs_F3-i6y_QNCl5MLc9nV3ODsA1Y0W93zaE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOVL8D_iT6eVtXCVmpRfYROY14AQqNVs_F3-i6y_QNCl5MLc9nV3ODsA1Y0W93zaE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOVL8D_iT6eVtXCVmpRfYROY14AQqNVs_F3-i6y_QNCl5MLc9nV3ODsA1Y0W93zaE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOVL8D_iT6eVtXCVmpRfYROY14AQqNVs_F3-i6y_QNCl5MLc9nV3ODsA1Y0W93zaE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOVL8D_iT6eVtXCVmpRfYROY14AQqNVs_F3-i6y_QNCl5MLc9nV3ODsA1Y0W93zaE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOVL8D_iT6eVtXCVmpRfYROY14AQqNVs_F3-i6y_QNCl5MLc9nV3ODsA1Y0W93zaE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOVL8D_iT6eVtXCVmpRfYROY14AQqNVs_F3-i6y_QNCl5MLc9nV3ODsA1Y0W93zaE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOVL8D_iT6eVtXCVmpRfYROY14AQqNVs_F3-i6y_QNCl5MLc9nV3ODsA1Y0W93zaE

Request Chain 124

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENyIPRYVaCthf5GoNwSOR68&google_cver=1&google_push=AYg5qPLdTSeRJGGCC1J3PU6uYB6FvyTB8zINIOeM04xLnwMR0S9Fha_lQSuRg3GHRcY5wYaCAEPpPm8MoCTN79hpmpDfg9br74W3 HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLdTSeRJGGCC1J3PU6uYB6FvyTB8zINIOeM04xLnwMR0S9Fha_lQSuRg3GHRcY5wYaCAEPpPm8MoCTN79hpmpDfg9br74W3&google_hm=

Request Chain 128

https://gcdn.2mdn.net/videoplayback/id/3c3190d0fc54ae6f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3778924756/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/5DD78278DB82FB961DFFC920F7EEAD937BAAB21.9E1E72860DCAB98FB6BB2BD16FB92C01593AF966/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-5hnedn7z.c.2mdn.net/videoplayback/id/3c3190d0fc54ae6f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3778924756/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/537D9783C06720A775741E7F2D158AE230AA34B4.3E19A51E12E14589C90C8326A8FC5A6B098855D9/key/cms1/cms_redirect/yes/mh/H7/mip/2a00:1768:1001:53:22b::1/mm/42/mn/sn-5hnedn7z/ms/onc/mt/1637959962/mv/u/mvi/1/pl/49/file/file.mp4

142 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
wincreator.com/ 19 KB
6 KB 137ms
63ms Document
text/html 136.144.249.135
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://wincreator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.144.249.135 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-249-135.colo.transip.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: 6ea622e4f760fd83c0da40102ff251c03efdc6886e043f2c7a6083e3212585f4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9

Response headers

Date: Fri, 26 Nov 2021 21:09:24 GMT
Server: Apache/2.4.38 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5405
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK bootstrap.css
wincreator.com/css/ 143 KB
21 KB 27ms
27ms Stylesheet
text/css 136.144.249.135
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://wincreator.com/css/bootstrap.css
Requested by: Host: wincreator.com
URL: https://wincreator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.144.249.135 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-249-135.colo.transip.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: 3be7f66374d7347157b4c238b8106e393007b7b237596b677bb7cc1369d1db16

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 21:09:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Jul 2016 23:56:20 GMT
Server: Apache/2.4.38 (Debian)
ETag: "23afa-5378d21c49100-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 21390

GET
H/1.1 200
OK business-frontpage.css
wincreator.com/css/ 3 KB
1 KB 48ms
16ms Stylesheet
text/css 136.144.249.135
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://wincreator.com/css/business-frontpage.css?ver=1.0
Requested by: Host: wincreator.com
URL: https://wincreator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.144.249.135 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-249-135.colo.transip.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: 020fffd2d35de073df3a3a9ec1e614b7744e00b728c0ad5f55909b6ba43f7fb3

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 21:09:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Jul 2016 23:56:20 GMT
Server: Apache/2.4.38 (Debian)
ETag: "d23-5378d21c49100-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 997

GET
H2 200 jquery-latest.min.js Show response
code.jquery.com/ 94 KB
33 KB 53ms
20ms Script
application/javascript 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-latest.min.js
Requested by: Host: wincreator.com
URL: https://wincreator.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 21:09:24 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:08 GMT
server: nginx
etag: "54499a48-1762a"
vary: Accept-Encoding
x-hw: 1637960964.dop242.am5.t,1637960964.cds276.am5.hn,1637960964.cds146.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33202

GET
H/1.1 200
OK 1.10.3-jquery-ui.js Show response
wincreator.com/js/ 426 KB
105 KB 76ms
42ms Script
application/javascript 136.144.249.135
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://wincreator.com/js/1.10.3-jquery-ui.js
Requested by: Host: wincreator.com
URL: https://wincreator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.144.249.135 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-249-135.colo.transip.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: ed711f4279a1ffd6cc7d72e912424863b40be6dc882a0fb3c1f5354b49199a00

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 21:09:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Jul 2016 23:56:19 GMT
Server: Apache/2.4.38 (Debian)
ETag: "6a6b3-5378d21b54ec0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.10.3/themes/redmond/ 31 KB
6 KB 50ms
17ms Stylesheet
text/css 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.10.3/themes/redmond/jquery-ui.css
Requested by: Host: wincreator.com
URL: https://wincreator.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c93eafe33c076d0502590b16f08e594ebec3101cc8cc31f2a1cfb8bf6b05f44

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 21:09:24 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:08 GMT
server: nginx
etag: W/"54499a48-7d77"
vary: Accept-Encoding
x-hw: 1637960964.dop242.am5.t,1637960964.cds276.am5.hn,1637960964.cds117.am5.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 6188

GET
H/1.1 200
OK meme.css
wincreator.com/css/ 14 KB
4 KB 49ms
17ms Stylesheet
text/css 136.144.249.135
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://wincreator.com/css/meme.css
Requested by: Host: wincreator.com
URL: https://wincreator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.144.249.135 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-249-135.colo.transip.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: cf0247dad363f793b4a802abb677e275580c7c957fb8a067c7e26f1e5af28c7d

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 21:09:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Jul 2016 23:56:20 GMT
Server: Apache/2.4.38 (Debian)
ETag: "39c9-5378d21c49100-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3685

GET
H/1.1 200
OK jquery.timer.js Show response
wincreator.com/js/ 3 KB
2 KB 52ms
16ms Script
application/javascript 136.144.249.135
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://wincreator.com/js/jquery.timer.js
Requested by: Host: wincreator.com
URL: https://wincreator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.144.249.135 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-249-135.colo.transip.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: 54b2dbbca012fc266b8756387252ff44825505d2c579d80d80d8dde6f8fdecfc

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 21:09:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Jul 2016 23:56:19 GMT
Server: Apache/2.4.38 (Debian)
ETag: "d2e-5378d21b54ec0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1340

GET
H/1.1 200
OK common.js Show response
wincreator.com/js/ 134 B
452 B 52ms
16ms Script
application/javascript 136.144.249.135
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://wincreator.com/js/common.js
Requested by: Host: wincreator.com
URL: https://wincreator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.144.249.135 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-249-135.colo.transip.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: b77bda3dbc275c2cd5d2cd0b426dd80df792300eac7aac0006b212f2c7998134

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 21:09:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Jul 2016 23:56:19 GMT
Server: Apache/2.4.38 (Debian)
ETag: "86-5378d21b54ec0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 103

GET
H2 200 buttons.js Show response
w.sharethis.com/button/ 59 KB
17 KB 79ms
25ms Script
application/javascript 2600:9000:2057:ee00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://w.sharethis.com/button/buttons.js

Requested by

Host: wincreator.com
URL: https://wincreator.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

7ba38c636940db54018406db91e3a02040d14fd6ce7dabf8bdb011067ba8eb41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 08:06:03 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 219801
x-cache: Hit from cloudfront
content-length: 16739
server: nginx/1.20.1
etag: W/"6179dc0f-ea95"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: FRA6-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: 4I9ScjYbUPIG77zx8TAnOW3XM1R2YCLxeoG901qoE3vTFt1qhKgT3A==
expires: Sat, 27 Nov 2021 08:06:03 GMT

GET
H/1.1 200
OK button1.png
wincreator.com/images/button/ 6 KB
6 KB 16ms
15ms Image
image/png 136.144.249.135
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wincreator.com/images/button/button1.png
Requested by: Host: wincreator.com
URL: https://wincreator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.144.249.135 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-249-135.colo.transip.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: 073b1f105e905339744324dd839349e3e9fd266fca5875994f9c29e4bb9b354e

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 21:09:25 GMT
Last-Modified: Wed, 13 Jul 2016 23:56:20 GMT
Server: Apache/2.4.38 (Debian)
ETag: "1881-5378d21c49100"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6273

GET
H/1.1 200
OK button2.png
wincreator.com/images/button/ 9 KB
9 KB 17ms
15ms Image
image/png 136.144.249.135
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wincreator.com/images/button/button2.png
Requested by: Host: wincreator.com
URL: https://wincreator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.144.249.135 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-249-135.colo.transip.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: eb618971169041e9015bb8ebce4321d211c84e0b78604fccceeb6a3fdb252b3f

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 21:09:25 GMT
Last-Modified: Wed, 13 Jul 2016 23:56:20 GMT
Server: Apache/2.4.38 (Debian)
ETag: "23d2-5378d21c49100"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9170

GET
H/1.1 200
OK button3.png
wincreator.com/images/button/ 7 KB
8 KB 17ms
15ms Image
image/png 136.144.249.135
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wincreator.com/images/button/button3.png
Requested by: Host: wincreator.com
URL: https://wincreator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.144.249.135 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-249-135.colo.transip.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: a58707733dd9cd70a60dc0a0aff00bf9c484de86e65af7d770c06ea739448918

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 21:09:25 GMT
Last-Modified: Wed, 13 Jul 2016 23:56:20 GMT
Server: Apache/2.4.38 (Debian)
ETag: "1dc1-5378d21c49100"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7617

GET
H/1.1 200
OK button4.png
wincreator.com/images/button/ 11 KB
11 KB 18ms
16ms Image
image/png 136.144.249.135
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wincreator.com/images/button/button4.png
Requested by: Host: wincreator.com
URL: https://wincreator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.144.249.135 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-249-135.colo.transip.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: 40d6aab84bcbd4fb05e99d2c3d764dacb2154e81b42d19f5a3d101a93ca5e9a4

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 21:09:25 GMT
Last-Modified: Wed, 13 Jul 2016 23:56:20 GMT
Server: Apache/2.4.38 (Debian)
ETag: "2b32-5378d21c49100"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 11058

GET
H/1.1 200
OK button5.png
wincreator.com/images/button/ 9 KB
9 KB 18ms
16ms Image
image/png 136.144.249.135
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wincreator.com/images/button/button5.png
Requested by: Host: wincreator.com
URL: https://wincreator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.144.249.135 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-249-135.colo.transip.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: 4733ce8da1a4229ed0ebdb67c2d3a164d1384f6a7878fa93ee7217c89ec7042b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 21:09:25 GMT
Last-Modified: Wed, 13 Jul 2016 23:56:20 GMT
Server: Apache/2.4.38 (Debian)
ETag: "23be-5378d21c49100"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9150

GET
H/1.1 200
OK button6.png
wincreator.com/images/button/ 8 KB
8 KB 17ms
16ms Image
image/png 136.144.249.135
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wincreator.com/images/button/button6.png
Requested by: Host: wincreator.com
URL: https://wincreator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.144.249.135 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-249-135.colo.transip.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: 99308d3a4376c2bce7160e33aaa3a90b4545b693e2ff9984563591df18338939

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 21:09:25 GMT
Last-Modified: Wed, 13 Jul 2016 23:56:20 GMT
Server: Apache/2.4.38 (Debian)
ETag: "1f99-5378d21c49100"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8089

GET
H/1.1 200
OK button7.png
wincreator.com/images/button/ 9 KB
9 KB 19ms
16ms Image
image/png 136.144.249.135
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wincreator.com/images/button/button7.png
Requested by: Host: wincreator.com
URL: https://wincreator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.144.249.135 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-249-135.colo.transip.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: 1ae9e9fdc77119a20abe31cbb524d06a2d31409ba191b7d9a3021c8e695f7d2c

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 21:09:25 GMT
Last-Modified: Wed, 13 Jul 2016 23:56:20 GMT
Server: Apache/2.4.38 (Debian)
ETag: "241b-5378d21c49100"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 9243

GET
H/1.1 200
OK 201407_video_down.png
wincreator.com/img/ 9 KB
9 KB 17ms
16ms Image
image/png 136.144.249.135
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wincreator.com/img/201407_video_down.png
Requested by: Host: wincreator.com
URL: https://wincreator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.144.249.135 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-249-135.colo.transip.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: df8f74fe50d2ff0fa86eb050c48a5a42e241bb963abbceb8552da56ead6244a7

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 21:09:25 GMT
Last-Modified: Wed, 13 Jul 2016 23:56:20 GMT
Server: Apache/2.4.38 (Debian)
ETag: "2411-5378d21c49100"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 9233

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 111 KB
40 KB 110ms
62ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: wincreator.com
URL: https://wincreator.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

421d9ef04c36d76a164006832de00f79133eac24f3a05f06d4b2aba59d73183b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 21:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40087
x-xss-protection: 0
server: cafe
etag: 6679808606451755292
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 21:09:25 GMT

GET
H/1.1 200
OK bot2.png
wincreator.com/img/ 4 KB
4 KB 17ms
16ms Image
image/png 136.144.249.135
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wincreator.com/img/bot2.png
Requested by: Host: wincreator.com
URL: https://wincreator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.144.249.135 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-249-135.colo.transip.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: 357b406ed293cac04cb24710f510e18284f40eaf8c5ae7b42888c53af8dc42dc

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 21:09:25 GMT
Last-Modified: Wed, 13 Jul 2016 23:56:20 GMT
Server: Apache/2.4.38 (Debian)
ETag: "e4e-5378d21c49100"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3662

GET
H/1.1 200
OK botlogo1.png
wincreator.com/images/ 7 KB
7 KB 16ms
15ms Image
image/png 136.144.249.135
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wincreator.com/images/botlogo1.png
Requested by: Host: wincreator.com
URL: https://wincreator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.144.249.135 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-249-135.colo.transip.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: da45674e417aa20f3f805d586c23cefa4cbf6cbecda8d097f4bcf3456bf172f1

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 21:09:25 GMT
Last-Modified: Wed, 13 Jul 2016 23:56:20 GMT
Server: Apache/2.4.38 (Debian)
ETag: "1ba8-5378d21c49100"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 7080

GET
H/1.1 200
OK bootstrap.min.js Show response
wincreator.com/js/ 36 KB
10 KB 18ms
18ms Script
application/javascript 136.144.249.135
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://wincreator.com/js/bootstrap.min.js
Requested by: Host: wincreator.com
URL: https://wincreator.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.144.249.135 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-249-135.colo.transip.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 21:09:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Jul 2016 23:56:19 GMT
Server: Apache/2.4.38 (Debian)
ETag: "9004-5378d21b54ec0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 9765

GET
H2 200 async-buttons.js Show response
ws.sharethis.com/button/ 89 KB
19 KB 65ms
23ms Script
application/javascript 2600:9000:2057:ee00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/async-buttons.js

Requested by

Host: w.sharethis.com
URL: https://w.sharethis.com/button/buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 16:58:06 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 187879
x-cache: Hit from cloudfront
content-length: 18813
server: nginx/1.20.1
etag: W/"6179dc46-16245"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: FRA6-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: ZY71PimD1Uuc0DELwq8_7mYl36Kw0oTeVVvu983AYc61orBd3oJsiA==
expires: Sat, 27 Nov 2021 16:58:06 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
401 B 96ms
22ms XHR
text/plain 18.198.109.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: w.sharethis.com
URL: https://w.sharethis.com/button/buttons.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-109-212.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 21:09:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin: https://wincreator.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK header.png
wincreator.com/images/button/ 96 KB
96 KB 19ms
15ms Image
image/png 136.144.249.135
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wincreator.com/images/button/header.png
Requested by: Host: wincreator.com
URL: https://wincreator.com/css/business-frontpage.css?ver=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.144.249.135 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-249-135.colo.transip.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: 5f75c33d635a40110a44b7d15cee1e692271af2d1aabf5aca0a860434aabe31f

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/css/business-frontpage.css?ver=1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 21:09:25 GMT
Last-Modified: Wed, 13 Jul 2016 23:56:20 GMT
Server: Apache/2.4.38 (Debian)
ETag: "1809f-5378d21c49100"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 98463

GET
H/1.1 200
OK buttonhomebg.png
wincreator.com/img/ 5 KB
5 KB 18ms
18ms Image
image/png 136.144.249.135
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wincreator.com/img/buttonhomebg.png
Requested by: Host: wincreator.com
URL: https://wincreator.com/css/business-frontpage.css?ver=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.144.249.135 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 136-144-249-135.colo.transip.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: b1a8157d572a6453e74c4c44bff4d395f91d817ada6db633dfea3eede8ea1062

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/css/business-frontpage.css?ver=1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 21:09:25 GMT
Last-Modified: Wed, 13 Jul 2016 23:56:20 GMT
Server: Apache/2.4.38 (Debian)
ETag: "1302-5378d21c49100"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 4866

GET
H2 200 buttons-secure.css
ws.sharethis.com/button/css/ 23 KB
4 KB 20ms
20ms Stylesheet
text/css 2600:9000:2057:ee00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/css/buttons-secure.css

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 16:55:52 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 23:09:58 GMT
server: nginx/1.20.1
age: 15213
etag: W/"6179dc46-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex, nofollow
content-length: 3851
x-amz-cf-id: 3xcwXkXivjRQM5lyBMfhoj6N7-Kj3tAqx4EnACwXeon10LRochFwpQ==

GET
H2 200 facebook_32.png
ws.sharethis.com/images/2017/ 1 KB
2 KB 21ms
20ms Image
image/png 2600:9000:2057:ee00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/images/2017/facebook_32.png

Requested by

Host: wincreator.com
URL: https://wincreator.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

732d3038cffc852adde57cc51509924b478a45c898cefbb6e46b04448feff7e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 21:49:43 GMT
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 3367182
etag: "612ef1b8-497"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1175
x-amz-cf-id: IrcLfgRdz_dPfFumsYW4o9f9j-9IB6w4QTicu9rIRiU9oKbYXgKXdg==
expires: Tue, 18 Oct 2022 21:49:43 GMT

GET
H2 200 twitter_32.png
ws.sharethis.com/images/2017/ 1 KB
2 KB 22ms
22ms Image
image/png 2600:9000:2057:ee00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/images/2017/twitter_32.png

Requested by

Host: wincreator.com
URL: https://wincreator.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

39446b399dd1911651e5517b059c649de4a58c3d89ddafa594a6867a9b201564

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 03:47:34 GMT
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 7492911
etag: "612ef1b8-53a"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1338
x-amz-cf-id: Blp2m8jTMZB92CUuWEMZ8A9W3eo64xtGoTiQgBAIaW1OBX2wKXMxWA==
expires: Thu, 01 Sep 2022 03:47:34 GMT

GET
H2 200 googleplus_32.png
ws.sharethis.com/images/2017/ 2 KB
3 KB 23ms
22ms Image
image/png 2600:9000:2057:ee00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/images/2017/googleplus_32.png

Requested by

Host: wincreator.com
URL: https://wincreator.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

d0c8da105e3942965cf032c25db093698e244ee11cc23c52e52b506926083dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 03:47:34 GMT
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 7492911
etag: "612ef1b8-9a4"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2468
x-amz-cf-id: JR9uAcptuRW9DgQRX-I0Pm4wamoZJqBYIt1To6JIAAFYActkZrrumQ==
expires: Thu, 01 Sep 2022 03:47:34 GMT

GET
H2 200 linkedin_32.png
ws.sharethis.com/images/2017/ 1 KB
2 KB 23ms
23ms Image
image/png 2600:9000:2057:ee00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/images/2017/linkedin_32.png

Requested by

Host: wincreator.com
URL: https://wincreator.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

e083ca305fe5020595b52c04499258219f69c8cb83ec0ffc1eb0f22815f5c60f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 01:02:00 GMT
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 4651645
etag: "612ef1b8-4c9"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1225
x-amz-cf-id: zhXVBRKIwCW5AxVRAxwaMbJ9twgYGzdmycLPlfv6b52tCdzpPy0eoA==
expires: Tue, 04 Oct 2022 01:02:00 GMT

GET
H2 200 pinterest_32.png
ws.sharethis.com/images/2017/ 1 KB
2 KB 23ms
23ms Image
image/png 2600:9000:2057:ee00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/images/2017/pinterest_32.png

Requested by

Host: wincreator.com
URL: https://wincreator.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

03f4f72d7090e82fbaf35259ac9dfea880d4874bf694cd6cbfc54a62a0023c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 00:17:05 GMT
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 3703939
etag: "612ef1b8-59b"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1435
x-amz-cf-id: EjYZqCN01OMSnw_acjw-mL61r6ekdxpghjCs152cucwYpBiXiJBEDA==
expires: Sat, 15 Oct 2022 00:17:05 GMT

GET
H2 200 sharethis_32.png
ws.sharethis.com/images/2017/ 1 KB
2 KB 20ms
19ms Image
image/png 2600:9000:2057:ee00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/images/2017/sharethis_32.png

Requested by

Host: wincreator.com
URL: https://wincreator.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

1af0e0ca290a13faeabef7d1bde7ca8d96bb83b876f5d42e32c4b6095a5b0afb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 05:38:08 GMT
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 7313477
etag: "612ef1b8-539"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1337
x-amz-cf-id: 0sDYSyC4UTcDpPmnUhaNILsqgi6kYs6Z0LwauVF02jHmxVoXFIMH6A==
expires: Sat, 03 Sep 2022 05:38:08 GMT

GET
H2 200 email_32.png
ws.sharethis.com/images/2017/ 1 KB
2 KB 21ms
20ms Image
image/png 2600:9000:2057:ee00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/images/2017/email_32.png

Requested by

Host: wincreator.com
URL: https://wincreator.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

c3a537ae5d8020c10896418cb8658af444cbb3f89d3543c7db596b624e38690d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 21:49:43 GMT
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 3367182
etag: "612ef1b8-566"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1382
x-amz-cf-id: sZKuHdxW8doKh7CChRMRZCBU3n9-h1W4oncSsLrC5LeJRDWFyUGJWA==
expires: Tue, 18 Oct 2022 21:49:43 GMT

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
380 B 22ms
21ms Image
text/plain 18.198.109.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1637960964989.91719&hostname=wincreator.com&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fwincreator.com%2F&title=Convert%20YouTube%20to%20mp3%20online%2C%20trim%20and%20cut%20mp3%20online%2C%20youtube%20to%20mp4%20online&sop=false&description=Entertainment%20platform.%20New%20music%20%26%20toursim%20ideas%2C%20from%20idea%20to%20execution.%20Tools%20for%20download%20and%20converting%20Your%20videos%20to%20mp3%20from%20youtube%2C%20vimeo%2C%20dailymotion%20with%20trim%20and%20cut%20possibilites%20for%20both%20music%20and%20videos%20or%20convert%20videos%20to%20gif%20files.%20&description=Entertainment%20platform.%20New%20music%20%26%20toursim%20ideas%2C%20from%20idea%20to%20execution.%20Tools%20for%20download%20and%20converting%20Your%20videos%20to%20mp3%20from%20youtube%2C%20vimeo%2C%20dailymotion%20with%20trim%20and%20cut%20possibilites%20for%20both%20music%20and%20videos%20or%20convert%20videos%20to%20gif%20files.%20&img_pview=true

Requested by

Host: wincreator.com
URL: https://wincreator.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-109-212.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 21:09:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/ 270 KB
97 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6607726897456738&plah=wincreator.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2af65c3ed45375d73f79b99aa967b3afa2bd7caccfe0a7a536246da391bec1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 21:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99572
x-xss-protection: 0
server: cafe
etag: 8277321816506038126
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 21:09:25 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 54ms
17ms Script
text/javascript 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: wincreator.com
URL: https://wincreator.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5066
date: Fri, 26 Nov 2021 19:44:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Fri, 26 Nov 2021 21:44:59 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
640 B 88ms
30ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=wincreator.com&callback=_gfp_s_&client=ca-pub-6607726897456738

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6607726897456738&plah=wincreator.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

6be28b056b56a297494eb701294895479f21ee227b6e8773736d3ee430bdd96e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 21:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
792 B 95ms
30ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=wincreator.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 21:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 83ms
28ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=wincreator.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 21:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F62F 430 B
378 B 229ms
179ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6607726897456738&output=html&h=250&slotname=3543758009&adk=517964018&adf=2563773748&pi=t.ma~as.3543758009&w=300&lmt=1637960965&url=https%3A%2F%2Fwincreator.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637960965090&bpp=16&bdt=242&idt=96&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&correlator=7429619311411&frm=20&pv=2&ga_vid=1083446620.1637960965&ga_sid=1637960965&ga_hid=1745138062&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=336&ady=813&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063738&oid=2&pvsid=1674245277419097&pem=13&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=RBBgwGdswP&p=https%3A//wincreator.com&dtd=122

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c834778459903c4dce17aad590845931fef799d4ad98e0b1d7de33423ed7352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 26 Nov 2021 21:09:25 GMT
server: cafe
content-length: 208
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 26 Nov 2021 21:09:25 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 96C6 430 B
379 B 237ms
192ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6607726897456738&output=html&h=250&slotname=8836425207&adk=59057611&adf=3082323651&pi=t.ma~as.8836425207&w=300&lmt=1637960965&url=https%3A%2F%2Fwincreator.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637960965107&bpp=3&bdt=259&idt=112&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3543758009&correlator=7429619311411&frm=20&pv=1&ga_vid=1083446620.1637960965&ga_sid=1637960965&ga_hid=1745138062&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=640&ady=813&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063738&oid=2&pvsid=1674245277419097&pem=13&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fIzPvQKUBg&p=https%3A//wincreator.com&dtd=115

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae139bc43f7f6f1ccf724232b1a7f2583c0b34291b8e0c3fd738f044e4ca1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 26 Nov 2021 21:09:25 GMT
server: cafe
content-length: 209
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 26 Nov 2021 21:09:25 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5EFC 430 B
787 B 215ms
175ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2555265650927328&output=html&h=250&slotname=3976228146&adk=2429784936&adf=117519709&pi=t.ma~as.3976228146&w=300&lmt=1637960965&url=https%3A%2F%2Fwincreator.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637960965112&bpp=3&bdt=264&idt=112&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3543758009%2C8836425207&correlator=7429619311411&frm=20&pv=2&ga_vid=1083446620.1637960965&ga_sid=1637960965&ga_hid=1745138062&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=944&ady=813&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063738&oid=2&pvsid=1674245277419097&pem=13&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nuDIeiD2l4&p=https%3A//wincreator.com&dtd=115

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb0082cab0a60dc76eda5639d09b7005e90e6fdc3d6455f001b0b385da71a714

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 26 Nov 2021 21:09:25 GMT
server: cafe
content-length: 206
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 26 Nov 2021 21:09:25 GMT
cache-control: private

GET
H3 200 __utm.gif
stats.g.doubleclick.net/r/ 35 B
55 B 37ms
18ms Image
image/gif 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=875547889&utmhn=wincreator.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Convert%20YouTube%20to%20mp3%20online%2C%20trim%20and%20cut%20mp3%20online%2C%20youtube%20to%20mp4%20online&utmhid=1745138062&utmr=-&utmp=%2F&utmht=1637960965240&utmac=UA-45531689-1&utmcc=__utma%3D101675527.1083446620.1637960965.1637960965.1637960965.1%3B%2B__utmz%3D101675527.1637960965.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1035620997&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~

Requested by

Host: wincreator.com
URL: https://wincreator.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 26 Nov 2021 21:09:25 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2416 17 KB
8 KB 273ms
268ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6607726897456738&output=html&h=90&slotname=5058700403&adk=3065914911&adf=3044744386&pi=t.ma~as.5058700403&w=970&lmt=1637960965&url=https%3A%2F%2Fwincreator.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637960965115&bpp=3&bdt=267&idt=133&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3543758009%2C8836425207%2C3976228146&correlator=7429619311411&frm=20&pv=1&ga_vid=1083446620.1637960965&ga_sid=1637960965&ga_hid=1745138062&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=305&ady=1068&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063738&oid=2&pvsid=1674245277419097&pem=13&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Bu1wP7HJQJ&p=https%3A//wincreator.com&dtd=146

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a7e392e240ca5020f94cb3c558a82f820c3e5e4fc6ba1c5a9c451cc3012611d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 26 Nov 2021 21:09:25 GMT
server: cafe
content-length: 8473
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 26 Nov 2021 21:09:25 GMT
cache-control: private

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 985E 624 B
300 B 59ms
31ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIr22QEQpoGC5gIYo466uwEwAQ&v=APEucNX3EIDxEzO_vC_Y_6z0sgpclFBSLpSxZJi5FwtVWTSOXxQ5JH6Kbv0uB1b02bpGYx0-GyIaEH7RRxHvmeBBzbJXzmnmOHYZasAC7rYsTlyCxfSPjyrlL5R33Y6_iyuBfE6IhzZhlx8JeEzSGj12iGIrbEMoCZrUKHPALEQnNujm-VjVzF8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6607726897456738&output=html&h=90&slotname=5058700403&adk=3065914911&adf=3044744386&pi=t.ma~as.5058700403&w=970&lmt=1637960965&url=https%3A%2F%2Fwincreator.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637960965115&bpp=3&bdt=267&idt=133&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3543758009%2C8836425207%2C3976228146&correlator=7429619311411&frm=20&pv=1&ga_vid=1083446620.1637960965&ga_sid=1637960965&ga_hid=1745138062&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=305&ady=1068&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063738&oid=2&pvsid=1674245277419097&pem=13&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Bu1wP7HJQJ&p=https%3A//wincreator.com&dtd=146

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6607726897456738&output=html&h=90&slotname=5058700403&adk=3065914911&adf=3044744386&pi=t.ma~as.5058700403&w=970&lmt=1637960965&url=https%3A%2F%2Fwincreator.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637960965115&bpp=3&bdt=267&idt=133&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3543758009%2C8836425207%2C3976228146&correlator=7429619311411&frm=20&pv=1&ga_vid=1083446620.1637960965&ga_sid=1637960965&ga_hid=1745138062&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=305&ady=1068&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063738&oid=2&pvsid=1674245277419097&pem=13&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Bu1wP7HJQJ&p=https%3A//wincreator.com&dtd=146

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 26 Nov 2021 21:09:25 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 26 Nov 2021 21:09:25 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 62BD 13 KB
9 KB 80ms
52ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D_jznyShMuv7fhSawgueRD9WsxcyQn3iFUmu3sEwPFYxwLs84gxp-uOKzcNrha8g60sfjscnJQphLGDgvljH-jQGjY7WwUFdghzM9cAnhAJoEVg6GF7f0_Vo9dqw-0AG2yqBaUegvOYBbn-_jqoxhJDckfQQ&cry=1&dbm_d=AKAmf-C5Z2-nRhrM7kdNrVS8z3H3IFW9ytcHY7kFQPx6YVxfdlbqgc0soBRL8oB5p2RYlUqtCnt0vpimjLQzx70IF0yELRv8eDTwrjcaDep-VC6k0okdjgXyyoym-KFvO7Azv9ATvwslKGnUGrriDeEQE2GXxQwOVBDoh3bRr-z3GvUJqGO-qTFopUZPIKvvy1TUDORcISxaxAfwEbirNglpEZXoALvDvsLzJYnvmUHXIAtrtogDqwx1VzorwLGS5Rmr98djVat9vxa_7yiDdhN4F2cSlOWg6mXDvdrfNc7oyI7bHpW_3ZGHZa4n7BpGP94uc2kRA43TV27wrGKNuBMJ56kgZMDYQcEPiqowwXhbFw4SvIGqjSOL3RNMex9uUq2LojCREWghUgTHwZ-NEhuIuNgPJs3zdp1_8jwcjl9XDSdVgfJr1GcanCv7XPHOLck_-bkUy-vvxAU5iOg8uc0TYXtKWLslXWQKiLi8NWJ5j0kfjxDd4rWBw0g-Db3LwtKPKdXKzyVywmTzRs6vNICG3L7f4fF87g6J_wnfy0urs_gaHhCs3gNXQF2p637i7lpRCD6xa8t40qSW_SC50M-o6b5aq3hqXXlvKsUEfX4KpwPf2pYyUKoPpSTLX-KiLTkABXXx2J0AaTq7rHeYR11hYWrRIL7lzb-UhHByubHE0Oefa40Xhi2r--hOdHlN-cMsbgbWAum7gYlvMc04GRAlqewSHhUJ74_ONXprnsqEu5f_dDjEXaosi0B48Z9Fndi0Ukr6USNoA3mq33w3PcG7fLnt5qqX5FZgHRaUgTE334PR76HdzBf0Yxw6YpKsNCFIgIdcCYKDvCPJgJtez86W8pvP0nsCaLfGJpuqb5YwSSIe-iMnIHNa4-4uDfs1mk9u-yNyWW3NFJRQwKFjI0MU626gIH53ecyc41imCUC4c1MrE4vNpBS-SeLBtY030AF25bnCDc2_87fOnxO4Oj3PZKOgpNsziaMheVbvxYhhGxOjU6JwyA0xZ4wdbPBuOl2PbqIe36j2CUUeO7XHq8tv6tf9FCPeKDU5bh9HY0vAUjaFj4Loz-5PAaewjBPNq1XE0gt_6ZHNFq4s80LUCebWXwEZrIG9BuI27pGGmVvDTBPOPJnp4jXrO9QFWtFQ69l16HEEn2owZdRisC121hHAK0lWOpOwPH01dbyIwroW-pK-TRMlDKusRIB6KITAatE94Aj9thrmeeF6GmDv1h93iJeei1WKWgDdzAyT37dMhdRkoFnwZPjQczph-yG01OkDPS6eefGVFk1ep9kAfgmDoWaMAMGdoOawdSZxFwVWBTSDaIiyh7bntPYmyqDZiyxLYzqAfrtGGkcrsq60kqhxRalWKZWpvcvztLuGwXMcHFbzcWKIlO1tQHTupKEmlcRZzrS1579t2xP4SfFK7Xq6pc__f9hNZL4zCfOSlIz7nMtYdXeDwCj_EQIPYjuwJ2cmxLFweLHljYDrJiz45y6fpvKXHF6CLHMXhbKZt-C8FEOTvn7oTkSKB1IoPvVM3lmfpZcIcpoOCq8E6w7cuENukhrNCeseoa1tVvj_BxPRL3BZU-5OUZ9kT6-AhSH9o3AI6vTZ9NRLRbhERjBaMs3DlOR5G34ZPFiyw3dvA3IgIjtqLMBaryuAGDmPBGOBIYIaSJinr3j9ibNtiqgU9AgYoHxssnwj7NEKhGul2lOjihvebSgwtI-3vqep2b75Y4TK9LQPnyjQ29VfGuATOm-RdUfZIJ9xMmVKbiMkjBOu3Wu_L9WXF5RxPcI8I1Zogdw6873oOe3iddIKU11eqziUcdo1_rkw-wDsfgaqKth9wPyQFr4Rwu9S8mUbHwf2_dqHFx2-U8_rZsUmpisCzQWxQNbtfhihbyNf0mDW5qgk5KnZM7dwmP4x9yWgQsrYUIQ9nkkPADAcPh4nqdM8dWY61uwQRIjFFdM3z7kNNq1XirZetUBcxlhcMg7ePwXED5StX9Q0BE4DdEgEEPPBY70THkIdBPMm5BNF-nY6ZbYcQ2_3ngG2zhSaup_nB6sukz7HIa0n-0pvTI1WwVpN74yCY1Oc_cXfMT3ClQB-WOKUjCrM6913YU8J21hl_2z3T8Wz8ff4Ji0kAaIRula8i02_WOL6yP8fbmc6R_kIw_nnhfwP6s9ueWk0nHupEg1BIhhzgu8-S2C-R4eSHFaW08zUAfdv9-FvqWuNPhrxDDnESMWSUjIV7YVJcHd5-tOnGl3srZ2evddIpPOPPfQgXfJ8HSiToqdsVqyv-39FvIFvZH7eJl7Lxb8myN8onN15Ar0PL7yvRgQfY-7MHJ5H2sOr6pVmLXEyG1BG8tgrkHkGnVU1O5qXtwZgIcuOdaFyDhD93SPYNc_D9cxEo6kF1H4M1QK49etwXEXy_Zhjld-CvsH7yGY2dzSBxeJw1biVvBEQiTXwRT95dkR5VvYicUUutbFdqLnOVIhK5ymz-l1PRTHnM2u3HFuUUJlHo9UyJRAl3EinTPJGnh0ZejLz2-lhuLSCi27nEg3laeYEufsM-TsRV8M0MARef8zs6mZyv_TzpnNOX-drdbTzWWIkENnXAy-n0nl8nxe85h1hN5cx1logYm6g8rs5x4GrU6xJkLpx3Iz7sVJBCp5sT15-09cyVn6-AjVB11OxW6F6KHOfSAjQdKwfb4brxXWfIJciu4cxOh0MUf8mQi-OVCJDuJhnzZM7yHEbdPX5lRhNWYssPNbH0NmpL46X35eBx_kvqSawrukWm-coKjrBXfpnHSYAMM0xuL0KIiDDs8z9zIJWPStTD_0occG5Oz_DeUyh1TXg1zoUIBG4sxUwSOC70tXC4ZHuSUL1xVW1CNuRr6I7MP9afAl5oI5LCMCmtpnGF6gKd9Q5XJA--_rt3zCI7-ibDYKxSfqBAFQa-w21p_zr3xrfw5yXj6zZqw78eK2sisYeSeFe-RW1tfmSR3mmf6lmiERH8YMtEQ-54dNeQbuVZwN925Y59UItFfGmCoTcgxDXNsvP3ElylfMrw8tm43rtcwOo3UijBlWDf15nw5IGEp2on70uW-c_jVJ_eUM1Tjna6Rr_e9CokUMVAkEx668_Ohf8NqeIGuM_rF4uZBz7KTUc0MJE7qE26PsyavB5Bc-SQdBGatu2G5ut6k3a9Brgt04LQKd2lt-dxLMahP0cxjpV4YC96d2JUH989N5kzU2aiEpZdo3o&cid=CAASBORoAM8&rfl=2%2Chttps%253A%252F%252Fwincreator.com%252F%240

Requested by

Host: wincreator.com
URL: https://wincreator.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

994c92cf2c920637f5ea674b59c7a4ccb885432da289eb413e631dd8153e6da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6607726897456738&output=html&h=90&slotname=5058700403&adk=3065914911&adf=3044744386&pi=t.ma~as.5058700403&w=970&lmt=1637960965&url=https%3A%2F%2Fwincreator.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637960965115&bpp=3&bdt=267&idt=133&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3543758009%2C8836425207%2C3976228146&correlator=7429619311411&frm=20&pv=1&ga_vid=1083446620.1637960965&ga_sid=1637960965&ga_hid=1745138062&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=305&ady=1068&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063738&oid=2&pvsid=1674245277419097&pem=13&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Bu1wP7HJQJ&p=https%3A//wincreator.com&dtd=146
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9630
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 62BD 2 KB
1 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 21:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 21:05:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 62BD 119 KB
37 KB 83ms
34ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 21:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 Nov 2021 21:09:25 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 62BD 15 KB
7 KB 68ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 21:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 21:07:49 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 62BD 42 B
63 B 52ms
52ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Anv77exVTxtBq5oCAA0G0oAoCwSLrLJ-Qf3gRnvPFGDnQLKQls8U9eV0iP2ASZ8jJJpkyTA1-qSo6LsgKLaClkbIrV8dC-rpLWYfbYVBO308V3nk8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 985E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFxXzqFZwlwXto8KwQhIZJM&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFxXzqFZwlwXto8KwQhIZJM&google_cver=1&C=1

43 B
1014 B

28ms
27ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFxXzqFZwlwXto8KwQhIZJM&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIr22QEQpoGC5gIYo466uwEwAQ&v=APEucNX3EIDxEzO_vC_Y_6z0sgpclFBSLpSxZJi5FwtVWTSOXxQ5JH6Kbv0uB1b02bpGYx0-GyIaEH7RRxHvmeBBzbJXzmnmOHYZasAC7rYsTlyCxfSPjyrlL5R33Y6_iyuBfE6IhzZhlx8JeEzSGj12iGIrbEMoCZrUKHPALEQnNujm-VjVzF8
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 21:09:25 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 26 Nov 2021 21:09:25 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 21:09:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFxXzqFZwlwXto8KwQhIZJM&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Fri, 26 Nov 2021 21:09:25 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 985E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaFNBeVZktRyvadKqzC3UwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKHfTAak4f3S29fwc6s8tZY&google_cver=1

43 B
894 B

27ms
27ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKHfTAak4f3S29fwc6s8tZY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIr22QEQpoGC5gIYo466uwEwAQ&v=APEucNX3EIDxEzO_vC_Y_6z0sgpclFBSLpSxZJi5FwtVWTSOXxQ5JH6Kbv0uB1b02bpGYx0-GyIaEH7RRxHvmeBBzbJXzmnmOHYZasAC7rYsTlyCxfSPjyrlL5R33Y6_iyuBfE6IhzZhlx8JeEzSGj12iGIrbEMoCZrUKHPALEQnNujm-VjVzF8
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 21:09:25 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 26 Nov 2021 21:09:25 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKHfTAak4f3S29fwc6s8tZY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 985E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIiokYnkBQd-wSIaJNnm1tg&google_cver=1

43 B
1004 B

43ms
32ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIiokYnkBQd-wSIaJNnm1tg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIr22QEQpoGC5gIYo466uwEwAQ&v=APEucNX3EIDxEzO_vC_Y_6z0sgpclFBSLpSxZJi5FwtVWTSOXxQ5JH6Kbv0uB1b02bpGYx0-GyIaEH7RRxHvmeBBzbJXzmnmOHYZasAC7rYsTlyCxfSPjyrlL5R33Y6_iyuBfE6IhzZhlx8JeEzSGj12iGIrbEMoCZrUKHPALEQnNujm-VjVzF8

Protocol

HTTP/1.1

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 21:09:25 GMT
X-Proxy-Origin: 46.166.179.56; 46.166.179.56; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c3ebf5f9-6e48-4ca2-a151-da9a4d718118
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIiokYnkBQd-wSIaJNnm1tg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 985E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyNDc5ODk2NzU0ODM4OTE3OA%3D%3D

170 B
188 B

74ms
47ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyNDc5ODk2NzU0ODM4OTE3OA%3D%3D

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 21:09:25 GMT
X-Proxy-Origin: 46.166.179.56; 46.166.179.56; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 781b6fc2-1ed8-4ee2-a305-a6e03f678e38
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyNDc5ODk2NzU0ODM4OTE3OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 62BD 41 KB
15 KB 49ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D_jznyShMuv7fhSawgueRD9WsxcyQn3iFUmu3sEwPFYxwLs84gxp-uOKzcNrha8g60sfjscnJQphLGDgvljH-jQGjY7WwUFdghzM9cAnhAJoEVg6GF7f0_Vo9dqw-0AG2yqBaUegvOYBbn-_jqoxhJDckfQQ&cry=1&dbm_d=AKAmf-C5Z2-nRhrM7kdNrVS8z3H3IFW9ytcHY7kFQPx6YVxfdlbqgc0soBRL8oB5p2RYlUqtCnt0vpimjLQzx70IF0yELRv8eDTwrjcaDep-VC6k0okdjgXyyoym-KFvO7Azv9ATvwslKGnUGrriDeEQE2GXxQwOVBDoh3bRr-z3GvUJqGO-qTFopUZPIKvvy1TUDORcISxaxAfwEbirNglpEZXoALvDvsLzJYnvmUHXIAtrtogDqwx1VzorwLGS5Rmr98djVat9vxa_7yiDdhN4F2cSlOWg6mXDvdrfNc7oyI7bHpW_3ZGHZa4n7BpGP94uc2kRA43TV27wrGKNuBMJ56kgZMDYQcEPiqowwXhbFw4SvIGqjSOL3RNMex9uUq2LojCREWghUgTHwZ-NEhuIuNgPJs3zdp1_8jwcjl9XDSdVgfJr1GcanCv7XPHOLck_-bkUy-vvxAU5iOg8uc0TYXtKWLslXWQKiLi8NWJ5j0kfjxDd4rWBw0g-Db3LwtKPKdXKzyVywmTzRs6vNICG3L7f4fF87g6J_wnfy0urs_gaHhCs3gNXQF2p637i7lpRCD6xa8t40qSW_SC50M-o6b5aq3hqXXlvKsUEfX4KpwPf2pYyUKoPpSTLX-KiLTkABXXx2J0AaTq7rHeYR11hYWrRIL7lzb-UhHByubHE0Oefa40Xhi2r--hOdHlN-cMsbgbWAum7gYlvMc04GRAlqewSHhUJ74_ONXprnsqEu5f_dDjEXaosi0B48Z9Fndi0Ukr6USNoA3mq33w3PcG7fLnt5qqX5FZgHRaUgTE334PR76HdzBf0Yxw6YpKsNCFIgIdcCYKDvCPJgJtez86W8pvP0nsCaLfGJpuqb5YwSSIe-iMnIHNa4-4uDfs1mk9u-yNyWW3NFJRQwKFjI0MU626gIH53ecyc41imCUC4c1MrE4vNpBS-SeLBtY030AF25bnCDc2_87fOnxO4Oj3PZKOgpNsziaMheVbvxYhhGxOjU6JwyA0xZ4wdbPBuOl2PbqIe36j2CUUeO7XHq8tv6tf9FCPeKDU5bh9HY0vAUjaFj4Loz-5PAaewjBPNq1XE0gt_6ZHNFq4s80LUCebWXwEZrIG9BuI27pGGmVvDTBPOPJnp4jXrO9QFWtFQ69l16HEEn2owZdRisC121hHAK0lWOpOwPH01dbyIwroW-pK-TRMlDKusRIB6KITAatE94Aj9thrmeeF6GmDv1h93iJeei1WKWgDdzAyT37dMhdRkoFnwZPjQczph-yG01OkDPS6eefGVFk1ep9kAfgmDoWaMAMGdoOawdSZxFwVWBTSDaIiyh7bntPYmyqDZiyxLYzqAfrtGGkcrsq60kqhxRalWKZWpvcvztLuGwXMcHFbzcWKIlO1tQHTupKEmlcRZzrS1579t2xP4SfFK7Xq6pc__f9hNZL4zCfOSlIz7nMtYdXeDwCj_EQIPYjuwJ2cmxLFweLHljYDrJiz45y6fpvKXHF6CLHMXhbKZt-C8FEOTvn7oTkSKB1IoPvVM3lmfpZcIcpoOCq8E6w7cuENukhrNCeseoa1tVvj_BxPRL3BZU-5OUZ9kT6-AhSH9o3AI6vTZ9NRLRbhERjBaMs3DlOR5G34ZPFiyw3dvA3IgIjtqLMBaryuAGDmPBGOBIYIaSJinr3j9ibNtiqgU9AgYoHxssnwj7NEKhGul2lOjihvebSgwtI-3vqep2b75Y4TK9LQPnyjQ29VfGuATOm-RdUfZIJ9xMmVKbiMkjBOu3Wu_L9WXF5RxPcI8I1Zogdw6873oOe3iddIKU11eqziUcdo1_rkw-wDsfgaqKth9wPyQFr4Rwu9S8mUbHwf2_dqHFx2-U8_rZsUmpisCzQWxQNbtfhihbyNf0mDW5qgk5KnZM7dwmP4x9yWgQsrYUIQ9nkkPADAcPh4nqdM8dWY61uwQRIjFFdM3z7kNNq1XirZetUBcxlhcMg7ePwXED5StX9Q0BE4DdEgEEPPBY70THkIdBPMm5BNF-nY6ZbYcQ2_3ngG2zhSaup_nB6sukz7HIa0n-0pvTI1WwVpN74yCY1Oc_cXfMT3ClQB-WOKUjCrM6913YU8J21hl_2z3T8Wz8ff4Ji0kAaIRula8i02_WOL6yP8fbmc6R_kIw_nnhfwP6s9ueWk0nHupEg1BIhhzgu8-S2C-R4eSHFaW08zUAfdv9-FvqWuNPhrxDDnESMWSUjIV7YVJcHd5-tOnGl3srZ2evddIpPOPPfQgXfJ8HSiToqdsVqyv-39FvIFvZH7eJl7Lxb8myN8onN15Ar0PL7yvRgQfY-7MHJ5H2sOr6pVmLXEyG1BG8tgrkHkGnVU1O5qXtwZgIcuOdaFyDhD93SPYNc_D9cxEo6kF1H4M1QK49etwXEXy_Zhjld-CvsH7yGY2dzSBxeJw1biVvBEQiTXwRT95dkR5VvYicUUutbFdqLnOVIhK5ymz-l1PRTHnM2u3HFuUUJlHo9UyJRAl3EinTPJGnh0ZejLz2-lhuLSCi27nEg3laeYEufsM-TsRV8M0MARef8zs6mZyv_TzpnNOX-drdbTzWWIkENnXAy-n0nl8nxe85h1hN5cx1logYm6g8rs5x4GrU6xJkLpx3Iz7sVJBCp5sT15-09cyVn6-AjVB11OxW6F6KHOfSAjQdKwfb4brxXWfIJciu4cxOh0MUf8mQi-OVCJDuJhnzZM7yHEbdPX5lRhNWYssPNbH0NmpL46X35eBx_kvqSawrukWm-coKjrBXfpnHSYAMM0xuL0KIiDDs8z9zIJWPStTD_0occG5Oz_DeUyh1TXg1zoUIBG4sxUwSOC70tXC4ZHuSUL1xVW1CNuRr6I7MP9afAl5oI5LCMCmtpnGF6gKd9Q5XJA--_rt3zCI7-ibDYKxSfqBAFQa-w21p_zr3xrfw5yXj6zZqw78eK2sisYeSeFe-RW1tfmSR3mmf6lmiERH8YMtEQ-54dNeQbuVZwN925Y59UItFfGmCoTcgxDXNsvP3ElylfMrw8tm43rtcwOo3UijBlWDf15nw5IGEp2on70uW-c_jVJ_eUM1Tjna6Rr_e9CokUMVAkEx668_Ohf8NqeIGuM_rF4uZBz7KTUc0MJE7qE26PsyavB5Bc-SQdBGatu2G5ut6k3a9Brgt04LQKd2lt-dxLMahP0cxjpV4YC96d2JUH989N5kzU2aiEpZdo3o&cid=CAASBORoAM8&rfl=2%2Chttps%253A%252F%252Fwincreator.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 26 Nov 2022 12:48:05 GMT

GET
H/1.1

200
OK

728x90_9.png
vht.tradedoubler.com/file/301643/BF_NL_Engage/ Frame 62BD
Redirect Chain

https://impes.tradedoubler.com/imp?type(img)g(25118492)a(2865014)503511253
https://vht.tradedoubler.com/file/301643/BF_NL_Engage/728x90_9.png

54 KB
54 KB

86ms
24ms

Image
image/png

65.9.71.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vht.tradedoubler.com/file/301643/BF_NL_Engage/728x90_9.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6607726897456738&output=html&h=90&slotname=5058700403&adk=3065914911&adf=3044744386&pi=t.ma~as.5058700403&w=970&lmt=1637960965&url=https%3A%2F%2Fwincreator.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637960965115&bpp=3&bdt=267&idt=133&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3543758009%2C8836425207%2C3976228146&correlator=7429619311411&frm=20&pv=1&ga_vid=1083446620.1637960965&ga_sid=1637960965&ga_hid=1745138062&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=305&ady=1068&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063738&oid=2&pvsid=1674245277419097&pem=13&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Bu1wP7HJQJ&p=https%3A//wincreator.com&dtd=146
Protocol: HTTP/1.1
Server: 65.9.71.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-19.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: c0f5b9a61df1cc1b3763f20fd636b7c43ec9efc9c25d6c54cc8da0a49a3d207d

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 10:09:39 GMT
Via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 16 Nov 2021 09:52:03 GMT
Server: Apache
Age: 298786
ETag: "d613-5d0e4e09c16c0"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=604800, public
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Content-Length: 54803
X-Amz-Cf-Id: 4u95kOXlPmFDX4fxYuvJPnbpI4mtMX6m4XOAx6dmcuI2tyn6ZlmUKw==
Expires: Tue, 30 Nov 2021 10:09:39 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:24 GMT
via: 1.1 google
referrer-policy: origin
server: TXServerHttp
location: https://vht.tradedoubler.com/file/301643/BF_NL_Engage/728x90_9.png
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin: *
cache-control: private, max-age=0
content-type: text/html; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 271

GET
DATA 200
OK truncated
/ Frame 62BD 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c68a70790a7a07c9a8ecabb6893f5886e4262603c2bccdecd4514652e02dc875

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0D43 22 KB
8 KB 19ms
19ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Nov 2021 12:48:06 GMT
expires: Sat, 26 Nov 2022 12:48:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 30079
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame 0D43 35 KB
13 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:14:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 09:14:39 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f8f436406ed6984b0be858b4ad76e47b00f66a202daacb1fe1a5d1a8a2f0e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 21:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51217
x-xss-protection: 0
server: cafe
etag: 17058696712593616700
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 21:09:25 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 64ms
37ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb2ff15f20a72422fd8c992a2d053dea303e34cb54277c23b887dfeabb07ae37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 21:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9289
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D43 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvcljBU2hYYD4JPqNjuwP9eGSkAMAAAAAOAHgBAI&bg=!pKelp-PNAAZQLpa_UC47ACkAdvg8WtI94zDuzuZaiyonGiQwP2t44ZrEW8yJYMY6X_5_GpxU_H1DWwIAAABoUgAAAApoAQeZAtOqAF3K1FWoaTB_cb3FgMpIh6g3hEdP40EGoxncf6qHr3jfHlcjlnyyW1Mt0QeBU3J-b1VTS24xoSCSHNLSBoDstedF314X3WjtAkXxFO24Vj9jCphS91WxYXm1aIq2pxC_4y7IGQPnRgwSGutaPCELIJuaZv12_bIuGb3KA1dch-GDp3ojVZHGlL91YD-RjEvJNH-w7WjfGyT_2q7vXerDg0sWgzmUETSn9hAzsrmyUTY-pTrr6AJlIPBIebtpCsc6uKEv6l6ZUQUwXMRvQs4IzNnijIMLCroZIydTV8XACIGVPRO-ubGUwzBNCslUSVc-w1QHS0yVquksjItWQPOvwGQpytCxTiiTPCcw7HRmyeBaK05cluxDLLSXOhAQ5RI_UCQPfIx5l8Uvet-zmulIgbH6VnaasK-8UOmjepHVtSXBBltCdNrgqzsmKLlUqMNg50Gbh6b-7fzAW9D1gf4YPNh8vxLqUQzp03O0X47hwnS9N29X11ikzVULbdcuL_e4rlxjiEZzjny52_loDLpju6SkZMLYqzgzNATSyNDhLtmvY0x9jaMr-rIfrMESWUcUoLDo4NKvxYcFkKJeIyvk4ymLjmlfv03n9U1S2k8QihcS1axh77LeN8o8wey9q5mfKMYlcNDCNbArk1WkjckwYKYwTkoEvkm3ljESZbp3MdasJukvvWZLcFOQC-NBUo8BV_YK5Ck0_xAaXsx3toZApfSbFY9Ym3bDurzgPo28w51C8QM1hxJTcevUsFZY9P6ukWf6cgksYXoEiBbyXp8hIa62hl9Ee9wIWFKES2Fd9ed0vVFhoowdZIEy1afNx_08OgtJUcLoRHmElTWeJN1cVFnDfrfSzaxTY_YW1F5HJ9KVMAXz8P8EuLRoC9r2Ltq-0amMzrgWf3RtX7iHTOsVGUHNysAZZSXldCiB2B3hAIiczW6w_VUWpA51UhqhK1HEFhA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 21:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 26 Nov 2021 21:09:25 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame C818 11 KB
5 KB 19ms
19ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 26 Nov 2021 06:55:30 GMT
expires: Fri, 10 Dec 2021 06:55:30 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 51236
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 55ms
28ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=wincreator.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 21:09:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 56ms
29ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=wincreator.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 21:09:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 53ms
53ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwincreator.com%2F&tn=NAV&cls=navbar%20navbar-inverse%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 710C 202 KB
60 KB 271ms
270ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6607726897456738&output=html&adk=1812271804&adf=3025194257&lmt=1637960966&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwincreator.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637960965988&bpp=1&bdt=1140&idt=2&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0770d27a00019455-221df37206cc009a%3AT%3D1637960965%3ART%3D1637960965%3AS%3DALNI_MYyUSBHfl3E0YGyjzdkiKbcriNTNw&prev_slotnames=3543758009%2C8836425207%2C3976228146%2C5058700403&nras=1&correlator=7429619311411&frm=20&pv=1&ga_vid=1083446620.1637960965&ga_sid=1637960965&ga_hid=1745138062&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063738&oid=2&pvsid=1674245277419097&pem=13&tmod=981042852&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=21

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a9eb28d7c04b64e60787c9250ec6e277a9141a34ad4b97eafa27af1c20b0c03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 26 Nov 2021 21:09:26 GMT
server: cafe
content-length: 61860
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1765 12 KB
5 KB 19ms
19ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 26 Nov 2021 20:23:33 GMT
expires: Sat, 26 Nov 2022 20:23:33 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8010 783 B
1 KB 77ms
29ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4a3c039e5669ad4ffa4ef2e464ecdaac55ae506adf5c70f0c47c3a3579d84f33

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9wYV1bmIMOxok1c/N/jAhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 26 Nov 2021 21:09:26 GMT
date: Fri, 26 Nov 2021 21:09:26 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-9wYV1bmIMOxok1c/N/jAhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame 1765 35 KB
13 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:14:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 09:14:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8010 0
0 60ms
60ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=1674245277419097&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 index.html Show response
ws.sharethis.com/secure5x/ Frame F19E 14 KB
4 KB 21ms
21ms Document
text/html 2600:9000:2057:ee00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure5x/index.html

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

40279417deb789df672f0165a0817b4c84893685d47a4fd8e20770e838ef4367

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/

Response headers

content-type: text/html
content-length: 4082
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 23:09:58 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
date: Fri, 26 Nov 2021 02:06:59 GMT
etag: W/"6179dc46-390f"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: PJQvoN4nlN-22LNH3OiPxxGKf3gMRxhZkTgll-tNsUQqtQIAuiT5zw==
age: 68550

GET
H2 200 stcommon.1f60705adac788a51a8240cf535237b0.js Show response
ws.sharethis.com/secure5x/js/ Frame F19E 16 KB
6 KB 21ms
20ms Script
application/javascript 2600:9000:2057:ee00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ws.sharethis.com/secure5x/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 03:47:33 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 7492913
x-cache: Hit from cloudfront
content-length: 5630
server: nginx/1.20.1
etag: W/"612ef1fe-40f6"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: 5UFr_FBxUO14Eyh8ppaQQWwrC4GklwLvFZGY59WWLZ0nl34hWnvs1A==
expires: Thu, 01 Sep 2022 03:47:33 GMT

GET
H2 200 st.31cb6fcb48e558d491ec5da1e80ebf3d.js Show response
ws.sharethis.com/secure5x/js/ Frame F19E 132 KB
32 KB 25ms
24ms Script
application/javascript 2600:9000:2057:ee00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure5x/js/st.31cb6fcb48e558d491ec5da1e80ebf3d.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

ffd7d8f21205b5a8c3d1e2fd124fd554edbc9ab1ef756b679fcf276bb00a229f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ws.sharethis.com/secure5x/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 00:51:53 GMT
content-encoding: gzip
server: nginx/1.20.1
age: 2578653
etag: W/"6179dc46-20e82"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex, nofollow
x-amz-cf-id: Cw0SaPJnykn4_UmXT0dAdisN6yolZWFllMpcu_nBqrJyYgy91Ic1EA==
expires: Fri, 28 Oct 2022 00:51:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=1674245277419097&bg=!CgmlCU3NAAZQLpa_UC47ACkAdvg8Wk7JYqXen93Ii4iOfTzs9Izo7ImUgA4SB0MPn9hAceUgSIZE9wIAAABtUgAAAAdoAQcKAFiB9POsbEY51zvTATpWbbLqtCVGKm-tpJOdOPrZ6_u1RQ-E9Gt4XwLzRjaAJbkBUdVgLrvdz9auffuk75TMBkxQzY-u_q-yZArAf5f8-o73ZGVJKn_OTNcmmQKDBwhcPzeLO9Rra8TPmEcrq9br5C0ywwRXjHqbHyu8T0ifzjM-ugB_wN5oh-KPIoioQoOKYZk75C-xBDayk2pBoLYvEdoUc8TC6dupThDPQ7uPYu21_MFjjz6Ou-_DJMRu3UinxL-5MpnTiT39CNaaLdV7W2-5Qe6czTp-4KLBgs_akUzmvqZPgv-fUFX5_RRslOXQlTKT1hsK8JV7RJMgRS-2bOPsqw6zWR8cZj0p7tr64D4nVZXYRkhnMuYhiORSmYuuDM7w_X2duyj3FT-tJqV6YrPf_G9fdS_pMWVzCYcGVZBhgKFSBTvAg-AE8TmYoY7fMPZFCqtFNPtldxi0ia0PZxHPvDWcaB_pN0WrRSJNHXphYOztPRBHoZrmv7jRQPx6iJlAYFUIQf9ZKXmt7HLIFvolm5gZVldorQqFwbCnkknNyxDn4mLWPHTZ2sqLcUPsuYgIQ9HsoyqjsJ23Kep7gXKAlViBsuQ9FZ8aB0yBgL4CGupu8br5qeGkxDnhc53Zz2IefZXgmuoxtvEjEwkKyZZYip3UHSrBbEJOWVYUGZwACkrXGJUp3En7C_vbtBfaHYwvCbnZSmSd8uCMcmbxyZwPngfiNy81sUc1Zx0l0bY8vuMoJ38j70VG5dxQreO5RIYZKY6773ng09s7hSp5GUMA7_na3LvuiG8-9j8CJR-Csr5OCrryFl1XcIiwM1_-aZgS8DV8uiK2EKHigtcQ2U7F7g1SyVQF44yLc_Y2QoEQufY5-DTIdpm2zPj-6T4Ha9wPr_8irGjq4t7fVpCNHsaphSPNXQtC9zPCsJUT2JnUDYiJbA1IiFxJqERhr6hfsNk264IW7kthTOmD_2Rh9g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/ 147 KB
52 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d001e97f73ccb55a0c5a20fbdca0b4e2c626436d789ba1e76540a5c7976f37a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 21:09:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53390
x-xss-protection: 0
server: cafe
etag: 7835342028683329274
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 21:09:26 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 29ms
29ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=wincreator.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 21:09:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
30ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=wincreator.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 21:09:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/ Frame 8A8B 11 KB
5 KB 19ms
19ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 26 Nov 2021 11:15:29 GMT
expires: Fri, 10 Dec 2021 11:15:29 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 35637
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/ Frame BA8A 11 KB
5 KB 19ms
18ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://wincreator.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 26 Nov 2021 11:15:29 GMT
expires: Fri, 10 Dec 2021 11:15:29 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 35637
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css2
fonts.googleapis.com/ Frame 8A8B 4 KB
1 KB 84ms
29ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 19:45:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 26 Nov 2021 21:09:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Nov 2021 21:09:26 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 8A8B 18 KB
8 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db8deb30d5cecf873a6361b5410aed53a439e46072dcd6af4dc2481e44ea2a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 21:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8141
x-xss-protection: 0
server: cafe
etag: 15959965552278146708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 21:04:40 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 660A 624 B
297 B 33ms
32ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCauQEQ45bmARiH_MO7ATAB&v=APEucNWFrxj8Qv1sgzzppbSDiFGVuym89x6beXz1YsWlJOCnyOnJkh25IYBrX0olOg8qn2IOXuuQKdDbLVyvlqOZnQOczj3bJghkmLdfYyHOviNk9hzSu4-hemWIBlezYVKtyeeywsCJHty-BsxFTDRL25UCqIIVo9o6Zz0VxEtdR6rCBh3A9mE

Requested by

Host: wincreator.com
URL: https://wincreator.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 26 Nov 2021 21:09:26 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame FE51 106 KB
38 KB 67ms
19ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: wincreator.com
URL: https://wincreator.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46539
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 08:13:47 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame FE51 6 KB
3 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: wincreator.com
URL: https://wincreator.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 21:04:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 21:04:02 GMT

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame FE51 19 KB
8 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: wincreator.com
URL: https://wincreator.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:43:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 20:43:33 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame FE51 2 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: wincreator.com
URL: https://wincreator.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 21:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 21:04:58 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FE51 119 KB
36 KB 2831ms
2802ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: wincreator.com
URL: https://wincreator.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 21:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 Nov 2021 21:09:29 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame FE51 15 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: wincreator.com
URL: https://wincreator.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 21:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 21:08:29 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FE51 42 B
63 B 56ms
56ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BEUE3g736KEYEA6dsWfgjeQmYYDJLKktLvSVGEMaaw_xf_Ce5DukDTwooFIan8TD8cAMSKWVVsvB7sEDDoIksJU2UKvBFBQhv7f_O1GfqG1iyTRVI

Requested by

Host: wincreator.com
URL: https://wincreator.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FE51 41 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30081
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 26 Nov 2022 12:48:05 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BCFB 1 KB
749 B 20ms
18ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 26 Nov 2021 13:26:12 GMT
expires: Sat, 27 Nov 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 27794
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 660A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKHfTAak4f3S29fwc6s8tZY&google_cver=1

43 B
894 B

26ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKHfTAak4f3S29fwc6s8tZY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCauQEQ45bmARiH_MO7ATAB&v=APEucNWFrxj8Qv1sgzzppbSDiFGVuym89x6beXz1YsWlJOCnyOnJkh25IYBrX0olOg8qn2IOXuuQKdDbLVyvlqOZnQOczj3bJghkmLdfYyHOviNk9hzSu4-hemWIBlezYVKtyeeywsCJHty-BsxFTDRL25UCqIIVo9o6Zz0VxEtdR6rCBh3A9mE
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 21:09:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 26 Nov 2021 21:09:26 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKHfTAak4f3S29fwc6s8tZY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 660A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaFNBeVZktRyvadKqzC3VwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKHfTAak4f3S29fwc6s8tZY&google_cver=1

43 B
894 B

36ms
35ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKHfTAak4f3S29fwc6s8tZY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCauQEQ45bmARiH_MO7ATAB&v=APEucNWFrxj8Qv1sgzzppbSDiFGVuym89x6beXz1YsWlJOCnyOnJkh25IYBrX0olOg8qn2IOXuuQKdDbLVyvlqOZnQOczj3bJghkmLdfYyHOviNk9hzSu4-hemWIBlezYVKtyeeywsCJHty-BsxFTDRL25UCqIIVo9o6Zz0VxEtdR6rCBh3A9mE
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 21:09:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 26 Nov 2021 21:09:26 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKHfTAak4f3S29fwc6s8tZY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 660A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEDSBg4O3srYnVSRNsA-U9o&google_cver=1

43 B
1004 B

16ms
16ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEDSBg4O3srYnVSRNsA-U9o&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCauQEQ45bmARiH_MO7ATAB&v=APEucNWFrxj8Qv1sgzzppbSDiFGVuym89x6beXz1YsWlJOCnyOnJkh25IYBrX0olOg8qn2IOXuuQKdDbLVyvlqOZnQOczj3bJghkmLdfYyHOviNk9hzSu4-hemWIBlezYVKtyeeywsCJHty-BsxFTDRL25UCqIIVo9o6Zz0VxEtdR6rCBh3A9mE

Protocol

HTTP/1.1

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 21:09:26 GMT
X-Proxy-Origin: 46.166.179.56; 46.166.179.56; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6807ca6e-8542-44b6-8bc6-fdc34b152862
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEDSBg4O3srYnVSRNsA-U9o&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 660A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyNDc5ODk2NzU0ODM4OTE3OA%3D%3D

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyNDc5ODk2NzU0ODM4OTE3OA%3D%3D

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 21:09:26 GMT
X-Proxy-Origin: 46.166.179.56; 46.166.179.56; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: df7c9415-c1c6-455a-b244-37cf5847eb4b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyNDc5ODk2NzU0ODM4OTE3OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 401C 22 KB
8 KB 19ms
19ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Nov 2021 12:48:06 GMT
expires: Sat, 26 Nov 2022 12:48:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 30080
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame B21E 19 KB
8 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 21:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 21:08:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B21E 8 KB
714 B 55ms
28ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 19:47:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 26 Nov 2021 21:09:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Nov 2021 21:09:26 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame B21E 14 KB
3 KB 86ms
19ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 227867
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 05:51:39 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame B21E 355 KB
123 KB 87ms
21ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 16:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125995
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 16:07:26 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame B21E 15 KB
6 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 21:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 21:08:29 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame BCFB 35 B
463 B 73ms
25ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPf7NCMQM8k8NT6LoP2-nZQ&google_cver=1&google_push=AYg5qPLeJZD3nwYNJGZQuJWrNBwF5r2MnhRG9_vbyEuG1-g9CsS2QLxjdtGpbU2fSgLQK9T33ZjzQPVN-leBocO8uljOS1YBXQ3V

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:26 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BCFB
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEGe6pbYSvEMthcDTzTCQJfE&google_cver=1&google_push=AYg5qPJA-yGExlHjYnuSHCgIbErNS6NWt6iQECqGWJF3X5AIeoXZgty5CLgaAiU0fqZou0qC5M994om__sCAHAS3xfHspWwC3xe0
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJA-yGExlHjYnuSHCgIbErNS6NWt6iQECqGWJF3X5AIeoXZgty5CLgaAiU0fqZou0qC5M994om__sCAHAS3xfHspWwC3xe0&google_hm=Q0FFU0VHZTZwYllTdkVNd...

170 B
188 B

45ms
44ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJA-yGExlHjYnuSHCgIbErNS6NWt6iQECqGWJF3X5AIeoXZgty5CLgaAiU0fqZou0qC5M994om__sCAHAS3xfHspWwC3xe0&google_hm=Q0FFU0VHZTZwYllTdkVNdGhjRFR6VENRSmZF

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 21:09:26 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJA-yGExlHjYnuSHCgIbErNS6NWt6iQECqGWJF3X5AIeoXZgty5CLgaAiU0fqZou0qC5M994om__sCAHAS3xfHspWwC3xe0&google_hm=Q0FFU0VHZTZwYllTdkVNdGhjRFR6VENRSmZF
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BCFB
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPK3c71WHK6zX7NkTCrLLsyF1f6FGPsVgwHme_rIIZKwfEnptmR9AHVu-8V-XTjGXJaaJXCvZhmdx0Ql8_P2awmLFfRaMRIk&google_gid=CAESEHQlgdmU256QvumBYauU9H8&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCIaahY0GEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBLM2M3MVdISzZ6WDdOa1RDckxMc3lGMWY2RkdQc1Znd0htZV9ySUlaS3dmRW5wdG1SOUFIVnUtOFYtWFRqR1hKYWFKWEN2WmhtZHgwUWw4X1...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcmV4cjZyR3JiZVI4TXhpbGhiUDR3c3VKNzNkZURBRFFUbnpfSU5yUGNzTQ==&google_push

170 B
188 B

46ms
46ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcmV4cjZyR3JiZVI4TXhpbGhiUDR3c3VKNzNkZURBRFFUbnpfSU5yUGNzTQ==&google_push

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 26 Nov 2021 21:09:26 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcmV4cjZyR3JiZVI4TXhpbGhiUDR3c3VKNzNkZURBRFFUbnpfSU5yUGNzTQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame BCFB 43 B
350 B 54ms
24ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEJB34tQy2WzsXYybxyUJ2PU&google_cver=1&google_push=AYg5qPJ9CFm9bL76GLqJQWPYyDpQIGVkbvYNALQZDYohKCuiaPZnJQujsJ-KQ02cvUjb-YMwlu4_XXYqOHdhHEdeTihixuW_zvh8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:26 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: tpeake26m8fr6msl1vg1g9gu2p2m4qhe

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BCFB
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GWHnK_bGTC--oPnbXm9ctQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

47ms
47ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GWHnK_bGTC--oPnbXm9ctQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLOjWWAWOp1I-PdcY1NaKtK1UmmyGpscBVX1ON7QbksbzxMudqcbrXe1e38DAZlz29I3PJnOToKpPKowPqyeGqEJbf9eJln

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GWHnK_bGTC--oPnbXm9ctQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLOjWWAWOp1I-PdcY1NaKtK1UmmyGpscBVX1ON7QbksbzxMudqcbrXe1e38DAZlz29I3PJnOToKpPKowPqyeGqEJbf9eJln
date: Fri, 26 Nov 2021 21:09:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BCFB
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMRkcST5CoRCNP-hDvIXelI&google_cver=1&google_push=AYg5qPKzBUv0HDKg21Rms2MWAKppoc6f5QnN2DkYpacKE3Y05PidZ2H5zJRrzllSX9sX-C-rHip...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dHVk8yS0YtMjQtRUY5Vg==&google_push=AYg5qPKzBUv0HDKg21Rms2MWAKppoc6f5QnN2DkYpacKE3Y05PidZ2H5zJRrzllSX9sX-C-rHipUeLXldv0uxSgBkgkvs38rplPk

170 B
188 B

61ms
59ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dHVk8yS0YtMjQtRUY5Vg==&google_push=AYg5qPKzBUv0HDKg21Rms2MWAKppoc6f5QnN2DkYpacKE3Y05PidZ2H5zJRrzllSX9sX-C-rHipUeLXldv0uxSgBkgkvs38rplPk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dHVk8yS0YtMjQtRUY5Vg==&google_push=AYg5qPKzBUv0HDKg21Rms2MWAKppoc6f5QnN2DkYpacKE3Y05PidZ2H5zJRrzllSX9sX-C-rHipUeLXldv0uxSgBkgkvs38rplPk
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame BCFB
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFy...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame BCFB 0
12 B 45ms
44ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IbIBMxsXlsDXnKvBZmtf6VHVgefYM_O5y5RqBpDsWuePMWgORjAcFsM4bW0i_lzGEgSKCh

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 21:09:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FE51 0
571 B 132ms
63ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvfIaiOIOWEyvtGv16dFZsmiQ3MDwxfk1ZvqjncS4SKIf05kvuMPVCfVHY4Meuo33IynjYUTJ_P8e70LcI8PfPefUh-Aw0M7JUMagxUmiJCxn_vhGYYnonj44QtRldl9DFhO1_UdBwRK1IFjMPeZbQ03OLEInZfc3Dv3Ox0PGSBlmzWT1OOqGcZc2N8KwUVWRXCqIRMMDyPK_2BuWW6010qXPVAOkfPwVyBeg9TVaBj_uE2oCgiGmaeW0JX8gv2L6bja8j_u_Kubw6raqsaVYWewwdQ5TvgqDlXHvKp_Bz6l_03SBkFNhw0oIVlrRdkm_YeAauaVn7xFfqniEuZJaXIt-GGUuu0dfLdO0xnhm_e_b2C5PunkAnhHU8RD_wU3xGpKwS53taeQpYbBzLkOnCPSrsM1JC_5tmNsZJTsFJ-OiaqXJVYUF-tMpTnXGWp5pEeY8wTKmNV8cZoi8OhwqU2hNizQly-MHMuqc73AerXjEcYTP8eK0MhyVwr2qXJOJXMIq1HKlqvp8pLyMSYBTLSij6oQEvJM5RYVctV3jqecaDsyWeMU-BybchT91jTheiECWPICmBkYkEkC-PPN7bxQQF72nO_TOpYQjzG9moXyc2Q-X4nlX7Y4gUkP1tR2fJULCIfz60Bud3yWrfltYEz4B0M2LpQfErOIBZJULs7eYiIlNSwZjdfj58vS1vufLGrJ_jaZra8b6B-37ITXNij60x7TDvylyMko-Hd6qRrqyrbuxK-mXgD_po8lGFZI24ZuZ2EqMfrhqyMhI6vCjhctRwHaMkZVDy9BoQTTtKmPsyqTFFZaHPPPw1Q40_NhPVWFMa4Wrpd6nZb4Pf925XZ8Ox2OrnXNsJR5FJf-YanztmBYVH7uytVBTIgo1BsQu44rh0iBVHBUDwOJUcicsqfZQL3FNEUvdgIEHv2MNekIdeS-pj09uHbmx4f-ul1r24SVrMSJXdQAyzlaEykOhD4PfDT9sRwjtDdn31oF5zg8Swk7KdCxYTp4gjFumVeyR0JwSiujpmTPUqGQF_S0zRsf0VTYpTeCkywaN8HX5LhMMeb2cbUTUv6-A0-iYPfIs6wCJfMu-aOxr7LlsVzIRzQDjFPXvaKskViayKKmZuJVfzFUTgze2eBoAKwluI2z2_geWF56ozeRS6XNw&sai=AMfl-YQ42eav5_MgBC2KkRRSuGLkDQBcD7eXlicoLKb0WWoaxdX4hA-wwhVicDMOCFUCoMt8dc8MeNquEwSYT489c-efTqn18jA74HdLeIHobVRzv9Mlj7sLfxUbv2Er1eHhb7DVlkFk3OiUZtNPPSWZ6PmaqfTIFD1bUeDxcOHgIMXAyFNAaY9xZDASy3KhBDiklFA1NE1IYXG1NEubcjEmQBsOX63DQsJVxubfeg3NuZqFLnpuj2e6vDvuD_BdKBGcp8r65bs3vtgsUaFdB-JlXcFp-rt4_oVmxsdzvpU&sig=Cg0ArKJSzCF5WPJ7CqsIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=101&cbvp=1&cisv=r20211111.56698&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: wincreator.com
URL: https://wincreator.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 26 Nov 2021 21:09:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 10024404794630044209
s0.2mdn.net/simgad/ Frame FE51 34 KB
34 KB 48ms
20ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/10024404794630044209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

456239d9258df30115f79a871e46756d0456aa8964572205a15bb915642d3bfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 16:12:10 GMT
x-content-type-options: nosniff
age: 17836
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34401
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 12:29:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Nov 2022 16:12:10 GMT

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame 401C 35 KB
13 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 09:14:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 09:14:39 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B21E 0
327 B 508ms
182ms Ping
image/gif 2607:f8b0:4007:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kwgvo2m3&c=7534818360942&slotId=3767409180471&qqid=COOIpoz4tvQCFfJnFQgdY7cCAA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B21E 0
20 B 53ms
53ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CbcsiBk2hYePtAvLP1fAP4-4Kr5yR02aYzaP9sg6euIi2gwMQASCZy9UmYJEEoAG4nq7vAsgBBakCEhJba7z5sj6oAwHIA5sEqgT1AU_QrfcaiQUVZzNIeG8JyntPDJYaL9SaxPA77l8BTVftb560_yP2jVBUYd9FyIdBRXgAym4xvzXxF9O096oz__ucAjUnYFujj8u8NlkcRNyIsjCifTvD8SBPgSt-7KMC_tTg8brLbRM95Pyx9DdLyNL8ilxUM3F_YaaM5GaZxgNCdf9ZBB9NaBXPKJXenuP8ly68kEsx_NOUUb8FXxEWpA_eAubIJMgnwO1o-9dM4YXYZlyP0Hf3M9JEvDDLlhb9X4PwqU4lHi2VNnSK621ktsXD4KocIc8MozOkVgduEXFFelMYa9-jfBgLhFAIuq51LVOTCgkZwASNs9OiswPgBAOQBgGgBk6AB7Dh0ZABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARhfgAoBmAsByAsBgAwBsBOYlJMN0BMA2BMQiBQC2BQB0BUBgBcB&eventType=clickstring&clientTime=1637960966728&ai=CbcsiBk2hYePtAvLP1fAP4-4Kr5yR02aYzaP9sg6euIi2gwMQASCZy9UmYJEEoAG4nq7vAsgBBakCEhJba7z5sj6oAwHIA5sEqgT1AU_QrfcaiQUVZzNIeG8JyntPDJYaL9SaxPA77l8BTVftb560_yP2jVBUYd9FyIdBRXgAym4xvzXxF9O096oz__ucAjUnYFujj8u8NlkcRNyIsjCifTvD8SBPgSt-7KMC_tTg8brLbRM95Pyx9DdLyNL8ilxUM3F_YaaM5GaZxgNCdf9ZBB9NaBXPKJXenuP8ly68kEsx_NOUUb8FXxEWpA_eAubIJMgnwO1o-9dM4YXYZlyP0Hf3M9JEvDDLlhb9X4PwqU4lHi2VNnSK621ktsXD4KocIc8MozOkVgduEXFFelMYa9-jfBgLhFAIuq51LVOTCgkZwASNs9OiswPgBAOQBgGgBk6AB7Dh0ZABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARhfgAoBmAsByAsBgAwBsBOYlJMN0BMA2BMQiBQC2BQB0BUBgBcB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame B21E 28 KB
15 KB 99ms
48ms XHR
text/xml 64.233.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Ayal1x_crgmZt1cc0jY1rJm6hkx_769ZSeIOEWqOZEa4u9O_1xit72ajO0uv-ExQhZy0ilIDyW-l6842iDp9GGP2wIvg&dbm_d=AKAmf-A-ZCpSGVCE3bmUTSr4jwDVskGo6-VvIYfNA_6x7sNuXx7qZGKntwclHGofl_wdJTJBHLCWJgTfvVixdhb5JjsskPvmDb95YTYBhTVYbfErK7yhYClyscfYCVz9GoF2eBX2EJkDCrCaALMv6QOnMS_VqTBqw7l8fP8mHprBi04J1zJd6wqJE273P0rROdFD-ujZZYpAVjh3oi2JnGVG2TmMH_4e34oZYbhw1JA45csjtrTmxfiiYeJQPpwRSOTMrs8S5KKKkZHv1YSePYWMvXX73u1qb7BtNirGjxzvNi7aiVyBz7c6kwlDoM0_XRRd56C7Qd-vQkPGp7QMLEsuHbIeu2xh78npnmxYBwwI_kR-cg1_c0ZV5yxBvnSdBJ8gqH9Wmz7OrObJv1lU9dyW7h5cLwghr5RETnizXEXjIw1Ig4HpY3Vp-OP_fiezNCYHPh6tHrIEn4GjRfYENhG_YD_sUmGXs__SlXaO7FsUSFjk8Hs92YIvJ4Y-1zOxpx-uttCRCXUQCDk2D83P1n2O9k5u_pF6TK2Fkr7XAas8NoE-uKddj1yK2l6nZCOtyDlM38YwW2kK60AS2FLSpGOLm5HUo7-NnWZArAjrxzv7rzI4fIYoroB5AvJCEOa5vRwAxqOSksL3FlYOTZvL8xpAyBHDlxVf49rZ8MYHIYGHGLN-PHV-11mnhR42gqHjnSCdX90oqAgKy9cCg-P38CfGIHtTDitfReKU2sgSBjePMpg07C_159RPyL88MNGMVvS17DfnD8Pr6OlZ68dhyDIPKI3oIeek2zMgGbS-cgjIaIKz7oz8hn2kHp0tDs-S9WTPIDOWkJ1nOofqxSvbKhc9H5T1fJ86i7nLNRXD6yKGerwbVrH2J1Wp3en8EH2U4T25_oT4WXQ9S4WVFIBlfav3XX239Ialh3nryrmS968Nq3nSErzu4F1a2rrBT_TQpTNdBm53kOcOhP3Ic5AqzWjuwcf_DfHdo49bL0Vf06dFbEOEd70SV4yVX4wqucSfPJ8A7WZcmdpdjecewIX7U2t-i0803xpSi3EO5HXp2U2fae-a004F3J0dw8-pr8dZNQXWAD8nGm1hQF6RtiUkfd_TE99Hc-CCPNGb4q27nF2Z49oRDDcG5KMiLWNweQSKqQWVohKT4oBs-ScSGuUjrsTVskiQtqD1edmAbu1VH60LFd0H3mHF0qh0Ckl4UGTRp-Kl8DNTUkeJQI69ndwhkjsj95awrjD2csqoeTvH3rckj0t_PuKcjfp1NBO4cE8JoEchCjDlgqFIFhOaQyxkk_SxILvUGBk0-tmdzHPCjybVRWDhzK68OcvJcCtmAuOUHE0Q4J-xsNG2OFiuHGjx9IZk7Vxc5cK_WOVw67Jw-NgdCIHJv9UfXKk0fn4vxB5nPV-yeYl1rmUXzhhHGSlnM_SllScdxHzDb8cgFKRMdWuCgeotW1ZXpmgFElKx6m7lftwQMVj2W-37N2mQ3HRAMJpsw27oI_bJvspsfPyAjuW3AP_fMeHgUBqc0qNU0An6YgBVHNKVctbb5PpAQ2Rf6Gyv4HR-OZpe5fpxte7WZR6_yJ2FmFa4IpXCDLkgFVr0ceCuV2Ei4k-4auW8CgYK-OgGLGqs-5TM5qdt-ftqz4Ust0ZrPB4Wh_ty2knQl0MgyWdjAJNpLh145PJ-NwA1OFEb_HuJpifOyUpYWe_lHNDzqMXogS65Ig6MR9fSVI3DruVcbXwM3akV2O1IBxcf-zkFALG8oVz-mbXjScfiAbasNxxCVkReYxQeaH8E15i0zVj6n7-Ojj799t5AgfjGRLVOA-rIvDVrju0UUs0TPmPy9a0RwsbHTv5JmUZX-9ttGR8gRW1zc6yyq85iutWTTZfiAaLI0qhr5j9C1FI7urFA_XuygJXOFTDnyvnhAxD5-9WvZLGN2pr2wwp5cm-kX907pwMny_d-_geV8pTyG4ixjK7xfqXpzv-0_DLQddoioZTvzf5N7vxWcnIZ2uWIX56DCeH06LIul9FK6ib474YZqwMiE15rSEAM4VMnpgButrzWuOf6UFQV5z_L2-vlkvLO7L2V_NadmcemqL7y5otwXDGUqxIFMW8Z0F8b02Ttcx8d9-ZBnNQZ1kYIk0rqey6jbeue3vhn6hHp8tzqs22DMXzgtLRFmhtT3yFiYAoQGwYZsrlcyvbWvne0JZLbgC-7ArlOfVXn7jJxkoD2t9C8PUk4QfctLN1x77bL3RomyvQA0SGojqNhwvtjZQezQu4mwcCSd9MHMUNUFM9VtAnvZBe6fJAbckr28J9k3Fp5TbXwZX2CIrg1khM-0XQZKEveMa_BWJqfhQgETtD0cSFbmmbY-w7UD5cNg8ZUxP4PZE5Ra7-qCXjHX-o2BOA3ew-0icQQ13MDjQXOm1PwKAFimYW3xFATYUh_BpK7X0JIcIXatDD-lkGSAVOaRpMgh50K-HAdNHfyQhvwjKEHkBjoLSoYEmpJuQOE3rzIJZdr6W7z5z72Qhp8aoN5vtFgMkBaz6oi-36x1lugyrjffgsamVTQwaJF1G-2oNZvhUEtiDoUbMYHgmDzqwFi8-IYjgpkdE2pcV_fTAAnX8osxpRSR-f7ptWy4uSEu3cCqTlCOeOn1jlcZCgYee7dzrjj7zfsXQBT369HtGrRWqsxTKDkemqGzR1DBQckdL0opQorFK5-nBfnUGXH_dcFD-eCB6mCbaJDrhBLjTNspT1ck2IRJWVCgrzrDqQ20bDOaRL7jUi3jceuZgzs8mXDSYySrok3QljkW3CxgNpEv3xfiOxzMc7gmIrPDUQblXoppqNoPr89-yAsxx_2v8RdPUTx29FlJQ3oDhmvC3CHN22k4QVMrGsYZgOX20A8L8KqdiMwOo8fVUbI1iB8AmQqZ23gZ99t5XE0rFli66A3e-nQNPZ12kKc6U0oy6Cvb0KsWvPI8fCl0-IxDFB92zIJDEbP5RYnyNnG6le9LuyyMc02eAP9CxbZrdmcUh3FbBBh-G4rc2EZ86xcDomMA6dlvMsZCLO9ApZa6D0hT8tGSXVf9SwFUF8XaAYO3Svdjdpqyth31pcsNkOHNT5Y4uAP-N1TxLkrerhBX4LBItUT42bAIS12MZ3YOUf-HWc&cid=CAASEuRokFtHAcA_0jEzZohX-J8aNA&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f155.1e100.net

Software

cafe /

Resource Hash

a77890506c208bb7033a1f159c26f2ea725185310ad2e744542c755fb794fcbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 21:09:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14490
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2E77 1 KB
749 B 19ms
18ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 26 Nov 2021 13:26:12 GMT
expires: Sat, 27 Nov 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 27794
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E77
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPf7NCMQM8k8NT6LoP2-nZQ&google_cver=1&google_push=AYg5qPKS9kVmgave7XbnfyuTEJKmnEnXhe69tsMJjNZNLNmwnm5iw887KF...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKS9kVmgave7XbnfyuTEJKmnEnXhe69tsMJjNZNLNmwnm5iw887KFS5GSQXORawJXlrXoKCjkd4w4H_SRpCdwd7QdEu1jA&google_hm=CPkKrSd...

170 B
188 B

45ms
45ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKS9kVmgave7XbnfyuTEJKmnEnXhe69tsMJjNZNLNmwnm5iw887KFS5GSQXORawJXlrXoKCjkd4w4H_SRpCdwd7QdEu1jA&google_hm=CPkKrSd9Lcu5BEKWxX57pQ

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKS9kVmgave7XbnfyuTEJKmnEnXhe69tsMJjNZNLNmwnm5iw887KFS5GSQXORawJXlrXoKCjkd4w4H_SRpCdwd7QdEu1jA&google_hm=CPkKrSd9Lcu5BEKWxX57pQ
pragma: no-cache
date: Fri, 26 Nov 2021 21:09:26 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E77
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLHIvp6...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLHIvp6...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMjYyMTA5MjcwMDA4OTIzNjA3MTE3Mg%3D%3D&google_push=AYg5qPLHIvp6HfMmuCIvfzcoLmXL4xngs0zpNi-SzK1JOQyjEX4lNAWjpUOm2J7nDYVMiw...

170 B
188 B

59ms
59ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMjYyMTA5MjcwMDA4OTIzNjA3MTE3Mg%3D%3D&google_push=AYg5qPLHIvp6HfMmuCIvfzcoLmXL4xngs0zpNi-SzK1JOQyjEX4lNAWjpUOm2J7nDYVMiwlel5hL0yrDXAIfO7c6pPk_IQmE6g

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMjYyMTA5MjcwMDA4OTIzNjA3MTE3Mg%3D%3D&google_push=AYg5qPLHIvp6HfMmuCIvfzcoLmXL4xngs0zpNi-SzK1JOQyjEX4lNAWjpUOm2J7nDYVMiwlel5hL0yrDXAIfO7c6pPk_IQmE6g
pragma: no-cache
date: Fri, 26 Nov 2021 21:09:27 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Fri, 26 Nov 2021 21:09:27 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 2E77 43 B
64 B 36ms
20ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEJB34tQy2WzsXYybxyUJ2PU&google_cver=1&google_push=AYg5qPJ-VvRSunJMw_HKdkNkkhiMOmSJWxGvHVSJn6a5o9dgdgafsc317ivsrGGLMcfC3iv_9HiTT2mzreRXvdw6lp-4w-8Uzcg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:26 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: hjtch2bdcgg0brrbk3qgbtanbeookagv

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E77
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GWHnK_bGTC--oPnbXm9ctQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

46ms
46ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GWHnK_bGTC--oPnbXm9ctQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIgMO1oLQKY09pauHmpDI8v_X0I5GeQhvehScXa6RtnimSw4PPFeVc7Apr04-st7XMkDflkKV4ZfGT5hs_4YmKAYDEUYyY

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GWHnK_bGTC--oPnbXm9ctQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIgMO1oLQKY09pauHmpDI8v_X0I5GeQhvehScXa6RtnimSw4PPFeVc7Apr04-st7XMkDflkKV4ZfGT5hs_4YmKAYDEUYyY
date: Fri, 26 Nov 2021 21:09:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E77
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMRkcST5CoRCNP-hDvIXelI&google_cver=1&google_push=AYg5qPJ3vNKiKnMUOSoIUSamQmDchdau2kKfLtTN0HvIiQklsNVwOXvbGl4qaRsk6q1BP4w_2G5...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dHVk8yT1ItMUctSFY4WQ==&google_push=AYg5qPJ3vNKiKnMUOSoIUSamQmDchdau2kKfLtTN0HvIiQklsNVwOXvbGl4qaRsk6q1BP4w_2G563pm4bb1kLbCaNYgnAslitck

170 B
188 B

45ms
45ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dHVk8yT1ItMUctSFY4WQ==&google_push=AYg5qPJ3vNKiKnMUOSoIUSamQmDchdau2kKfLtTN0HvIiQklsNVwOXvbGl4qaRsk6q1BP4w_2G563pm4bb1kLbCaNYgnAslitck

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dHVk8yT1ItMUctSFY4WQ==&google_push=AYg5qPJ3vNKiKnMUOSoIUSamQmDchdau2kKfLtTN0HvIiQklsNVwOXvbGl4qaRsk6q1BP4w_2G563pm4bb1kLbCaNYgnAslitck
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 2E77
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOV...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOV...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOV...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOV...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOV...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOV...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOV...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOV...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOV...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOV...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOV...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOV...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOV...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOV...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOV...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOV...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOV...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOV...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOV...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOV...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E77
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENyIPRYVaCthf5GoNwSOR68&google_cver=1&google_push=AYg5qPLdTSeRJGGCC1J3PU6u...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLdTSeRJGGCC1J3PU6uYB6FvyTB8zINIOeM04xLnwMR0S9Fha_lQSuRg3GHRcY5wYaCAEPpPm8MoCTN79hpmpDfg9br74W3&google_hm=

170 B
188 B

45ms
45ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLdTSeRJGGCC1J3PU6uYB6FvyTB8zINIOeM04xLnwMR0S9Fha_lQSuRg3GHRcY5wYaCAEPpPm8MoCTN79hpmpDfg9br74W3&google_hm=

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:26 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLdTSeRJGGCC1J3PU6uYB6FvyTB8zINIOeM04xLnwMR0S9Fha_lQSuRg3GHRcY5wYaCAEPpPm8MoCTN79hpmpDfg9br74W3&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Thu, 25 Nov 2021 21:09:26 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2E77 0
12 B 45ms
43ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LTAVjA3SaOK27CR97vmYbjQsh8zuuLNB88kQiLgNSFnhlYX8JahxuAbCVIMCQ31DYq81gNaQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 21:09:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 401C 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiJ3bBk2hYeTtAvLP1fAP4-4KAAAAADgB4AQC&bg=!sbKlsvbNAAZQLpa_UC47ACkAdvg8WrFUH25gQS8FiclR9eBiSAgsc5GJXRXD8YR6jkii1uPqhxcurQIAAACkUgAAAAxoAQcKADxQ1Mbfy6gF9g_FcNBU3kJ0Kfd9mQNn-Sqdyji5cM84XAxe7Zd-t_IOFAHXlK-a8qbHe15WjtMqIkPEkCeZAtk8-kwEDVF9GScUa3351sA1Dt-6iIP7p0LnVM21ZTBaxg2ujHkUPPOswL9Jn_bdzBS8R8mXzxcUcdH_ani-zOiaV0QF0H84ndvHRTWcLizb2LbHbaDgCUPZzhDAv5knSOyyxo5BIUgzzvWftaep4az3IGhHnPs5DdlVjlEQXXasXzvD0qxfklz_3L2i_hgkRfAA2uK3fkwiKmytM1fp57jOJQYNwYa3hfGpPtQCAPLJ6ONKyzPXtMKeIMheUQmEfPWTmbz07qop0YwcoLo5L2SYvQJbuyQWf7WlIIyklWA7-YmO8S9v5npIn9cH5XAH1ICUTfQGoo5WvUAFugBB9sOznrft2QhcDBdWfeagTz5e3hQwsF1UuEuQCxQQ3WUZLAFroMAQQ8VzYLd5wVmgEn62CU3oo-Dnl9dX0pekfFtuAprIwpONm4yQpgRZ1SQlZaNoZFMIQJKLRFZ_DGGvzkgO5J8sCdaaLRO27cx2igXGTyfxIF2-A5lJpnffLq8Z4TL7aELk4cA2-uPUcKfANN77HjCe-ppnNLL7Ow3FfbvJI_LWpvAsG6EXxK4l79S3nMJaKbhWM5wUvce7SEZZ5ZFj373ue832sQjyB8twj9DLqGW-A1oG50v0ZtyZUtHU7c5MtDhHotR9_msMA8vifhW8RNb1gAn3DpilErqyc76xXYGM_F3EpBNPE7KYkUXNYHVHmMbHxcHMjqq6yupZ-hGxo7I5w-CHqBFKGSg76fTmLOjWCZkMcMOibC-nGht09V31sIu_VyLG3RMKb4ngi4oIr8lw6sz4t4Z4RZrVOXFnT6MuDQQj_DxpRNY0e1dkDJMzP5vxogd72s4abU7A7zxNfNqfiOMLVuwzqKaT2zf4ZdKQj0rrazrO66tgIMcH2-cK3ywpSa3P17p5hrYa3mcanBkcVcxWjA-IEagFnEiAWiAIQb7copqPgzqozOesTQ7aGSIItWIZDhc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame B21E 41 KB
15 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 24 Nov 2022 17:50:29 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-5hnedn7z.c.2mdn.net/videoplayback/id/3c3190d0fc54ae6f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3778924756/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame B21E
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/3c3190d0fc54ae6f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3778924756/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r1---sn-5hnedn7z.c.2mdn.net/videoplayback/id/3c3190d0fc54ae6f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3778924756/sparams/acao,ctier,expire,id,ip,ipbits,i...

0
0

78ms
16ms

Fetch
video/mp4

2a00:1450:401c:17::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-5hnedn7z.c.2mdn.net/videoplayback/id/3c3190d0fc54ae6f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3778924756/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/537D9783C06720A775741E7F2D158AE230AA34B4.3E19A51E12E14589C90C8326A8FC5A6B098855D9/key/cms1/cms_redirect/yes/mh/H7/mip/2a00:1768:1001:53:22b::1/mm/42/mn/sn-5hnedn7z/ms/onc/mt/1637959962/mv/u/mvi/1/pl/49/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:401c:17::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 21:09:27 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2226383
Last-Modified: Sun, 17 Oct 2021 13:19:14 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 26 Nov 2021 21:09:27 GMT

Redirect headers

date: Fri, 26 Nov 2021 21:09:26 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 656
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r1---sn-5hnedn7z.c.2mdn.net/videoplayback/id/3c3190d0fc54ae6f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3778924756/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/537D9783C06720A775741E7F2D158AE230AA34B4.3E19A51E12E14589C90C8326A8FC5A6B098855D9/key/cms1/cms_redirect/yes/mh/H7/mip/2a00:1768:1001:53:22b::1/mm/42/mn/sn-5hnedn7z/ms/onc/mt/1637959962/mv/u/mvi/1/pl/49/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 90D1 23 KB
9 KB 19ms
18ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
date: Wed, 24 Nov 2021 17:50:29 GMT
expires: Thu, 24 Nov 2022 17:50:29 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 184737
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 62BD 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1vB5y2VvKgXG4KFnSgESYbmhDZKPeVbEq0slPuWHUNfTaD3KTdHTzz1O6exVujJspd0m6k3xQ9yvDnf0i3dPF_CbIu-BaDTBcckcDcT4S0Q2_5CbG0A&sai=AMfl-YRU3_GvztBCGeSg11ubjHV6iC-v-lhR8G0hniXmQlHfaslDNjZ91CEqo_yLjwe8PoCcF9pW9U3ey_fb&sig=Cg0ArKJSzFFfRBcXD2MiEAE&cid=CAASBORoAM8&id=lidar2&mcvt=1003&p=0,0,94,728&mtos=0,1003,1003,1003,1003&tos=0,1003,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=3065914911&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637960965548&rpt=327&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 90D1 35 KB
13 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 20:23:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 20:23:24 GMT

GET
H3 206 file.mp4
r1---sn-5hnedn7z.c.2mdn.net/videoplayback/id/3c3190d0fc54ae6f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3778924756/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame B21E 2 MB
2 MB 37ms
20ms Media
video/mp4 2a00:1450:401c:17::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:401c:17::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

13996cd1f24ce2aada80649694dba48ab0e86526ee822ed718510c20220fa5da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 26 Nov 2021 21:09:27 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2226382/2226383
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2226383
expires: Fri, 26 Nov 2021 21:09:27 GMT
last-modified: Sun, 17 Oct 2021 13:19:14 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 90D1 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BQFV4Bk2hYY-kMcK8lgSwhK7gCwAAAAA4AeAEAg&bg=!fX6lfjrNAAZQLpa_UC47ACkAdvg8WrLamW9Dv-aoyCUuPV71HN6uUelxNr16ipLsmc2lwH9_qFUgbwIAAABVUgAAAApoAQeZAsWFeoXuvvqe5CpQOWH35lz5Do6ToZ06ku2solTm3iRKEUTaDIX-8wDLNh_85peo8QcQCcu4gn9reXTRcEOB71MPWx5IYOa6a3WnPAva2ER8y32oNAOVDKcwX01RB1dwI74m3louTwDQtIylpzzcWT39JObBKiGJx_chwgxu6r0p_sLEtAqGG_Evl-htNKSfDY-8QvUJsBl2XITzAITi6W_Cf5cBfv2V71HZJQ4tEjyUPw6A_nuldratMUWeFDXYCgr9fcJbJ8xNf-Y-R6OTmarF4OVlqVugmrxFAEuJk5y7BP744hUOYiejAkyrBEGnV5taOEV68BnIG4ov7v3BfBmqJ_vuoh1FLPOjFK6ZCDcXNDM8F6TGnMA6qOZiMxdRui6A_NIRRnI4PCByJa4D01GWjbUNCwOFa6y94IUQ166WwsRe1HvRXV8J-hSsC5tWPsjgC-fQIwKnDvm_8hnWpcs3TU-83D8XpTK9Lmom8sAWmjbdIYZqU_KlpwkqlxbSDC1y8uFYHnLvxjJd7mKAB6ZGqiYlh_cqluA8VgJCpK4M_ytrEx4z9GCVYIdeCemuvc-JcSa5c3x6K1XkdEo9UE_96hcF9FZvCeb0FkN2E5lfkUiQqEmdHK25jXIy1q8W3Buct9gci2olR3nKAS04vRNmLLwETZQTTQpgE_u6VqZlKOP1wie2G8HdLRMYGFgyYA9Jdlv4Erm5q-CeocloIzamWRYVPqrYwyv1GDpDeCN_ThfeqQm5e8zyKlJBZcbzoZaaaF8IZN4DOR9VkO-SJJMHz_-mQdKIUrHR9gnHhn4Q1gu_W0qTeOekAIdMcc0fZuKjKUINLpSByagQ8rbbWh4n7lCA-XtfS8yYtA9jC0EPaCjPeC3cM3ohPtDPZsmnD5Gvpr1UNUC8aHObPy69uInFLaFZ4u1npVtd9BrP1oM6I27-Py8U

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame B21E 0
17 B 349ms
184ms Ping
image/gif 2607:f8b0:4007:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kwgvo2mi&c=7534818360942&slotId=3767409180471&qqid=COOIpoz4tvQCFfJnFQgdY7cCAA&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=989&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=16&vhc=0&msm=1&aits=17%2C36%2C18%2C22%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C43%2C44%2C45%2C0&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4007:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame FE51 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2d0bfeb6b074eefa5b368ff3a6051748463bab7c3d51941789c62eb6ba990c2

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame FE51 0
23 B 82ms
55ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvfIaiOIOWEyvtGv16dFZsmiQ3MDwxfk1ZvqjncS4SKIf05kvuMPVCfVHY4Meuo33IynjYUTJ_P8e70LcI8PfPefUh-Aw0M7JUMagxUmiJCxn_vhGYYnonj44QtRldl9DFhO1_UdBwRK1IFjMPeZbQ03OLEInZfc3Dv3Ox0PGSBlmzWT1OOqGcZc2N8KwUVWRXCqIRMMDyPK_2BuWW6010qXPVAOkfPwVyBeg9TVaBj_uE2oCgiGmaeW0JX8gv2L6bja8j_u_Kubw6raqsaVYWewwdQ5TvgqDlXHvKp_Bz6l_03SBkFNhw0oIVlrRdkm_YeAauaVn7xFfqniEuZJaXIt-GGUuu0dfLdO0xnhm_e_b2C5PunkAnhHU8RD_wU3xGpKwS53taeQpYbBzLkOnCPSrsM1JC_5tmNsZJTsFJ-OiaqXJVYUF-tMpTnXGWp5pEeY8wTKmNV8cZoi8OhwqU2hNizQly-MHMuqc73AerXjEcYTP8eK0MhyVwr2qXJOJXMIq1HKlqvp8pLyMSYBTLSij6oQEvJM5RYVctV3jqecaDsyWeMU-BybchT91jTheiECWPICmBkYkEkC-PPN7bxQQF72nO_TOpYQjzG9moXyc2Q-X4nlX7Y4gUkP1tR2fJULCIfz60Bud3yWrfltYEz4B0M2LpQfErOIBZJULs7eYiIlNSwZjdfj58vS1vufLGrJ_jaZra8b6B-37ITXNij60x7TDvylyMko-Hd6qRrqyrbuxK-mXgD_po8lGFZI24ZuZ2EqMfrhqyMhI6vCjhctRwHaMkZVDy9BoQTTtKmPsyqTFFZaHPPPw1Q40_NhPVWFMa4Wrpd6nZb4Pf925XZ8Ox2OrnXNsJR5FJf-YanztmBYVH7uytVBTIgo1BsQu44rh0iBVHBUDwOJUcicsqfZQL3FNEUvdgIEHv2MNekIdeS-pj09uHbmx4f-ul1r24SVrMSJXdQAyzlaEykOhD4PfDT9sRwjtDdn31oF5zg8Swk7KdCxYTp4gjFumVeyR0JwSiujpmTPUqGQF_S0zRsf0VTYpTeCkywaN8HX5LhMMeb2cbUTUv6-A0-iYPfIs6wCJfMu-aOxr7LlsVzIRzQDjFPXvaKskViayKKmZuJVfzFUTgze2eBoAKwluI2z2_geWF56ozeRS6XNw&sai=AMfl-YQ42eav5_MgBC2KkRRSuGLkDQBcD7eXlicoLKb0WWoaxdX4hA-wwhVicDMOCFUCoMt8dc8MeNquEwSYT489c-efTqn18jA74HdLeIHobVRzv9Mlj7sLfxUbv2Er1eHhb7DVlkFk3OiUZtNPPSWZ6PmaqfTIFD1bUeDxcOHgIMXAyFNAaY9xZDASy3KhBDiklFA1NE1IYXG1NEubcjEmQBsOX63DQsJVxubfeg3NuZqFLnpuj2e6vDvuD_BdKBGcp8r65bs3vtgsUaFdB-JlXcFp-rt4_oVmxsdzvpU&sig=Cg0ArKJSzCF5WPJ7CqsIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2869&vt=11&dtpt=2768&dett=3&cstd=2869&cisv=r20211111.56698&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: wincreator.com
URL: https://wincreator.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 21:09:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 728x90_leaderboard_BlackFriday.html Show response
s0.2mdn.net/sadbundle/407604236531593505/ Frame 390A 6 KB
2 KB 20ms
20ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/407604236531593505/728x90_leaderboard_BlackFriday.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bad3eaf4fa3c5185d95e79411e8695c6d11ccde9945344fdabd728d56771761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 2301
date: Fri, 26 Nov 2021 16:49:06 GMT
expires: Sat, 26 Nov 2022 16:49:06 GMT
last-modified: Fri, 19 Nov 2021 12:29:36 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 15623
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 390A 236 KB
63 KB 124ms
44ms Script
text/javascript 2a02:26f0:6c00::210:ba60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/407604236531593505/728x90_leaderboard_BlackFriday.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba60 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 21:09:29 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Fri, 26 Nov 2021 21:24:29 GMT

GET
H3 200 728x90_leaderboard_BlackFriday.js Show response
s0.2mdn.net/sadbundle/407604236531593505/ Frame 390A 58 KB
14 KB 20ms
19ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/407604236531593505/728x90_leaderboard_BlackFriday.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/407604236531593505/728x90_leaderboard_BlackFriday.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c667512721206a3b29b9f2a0f33542f4bbbfd648edce7834d4184712ae82df8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/407604236531593505/728x90_leaderboard_BlackFriday.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 16:49:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15623
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13993
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 12:29:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Nov 2022 16:49:06 GMT

GET
H3 200 blad01.png
s0.2mdn.net/sadbundle/407604236531593505/ Frame 390A 26 KB
26 KB 20ms
19ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/407604236531593505/blad01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12480385b88734637adce0bf82c0f9c6b13764e4feb3c390fa90f9fcdcf10af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/407604236531593505/728x90_leaderboard_BlackFriday.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 16:49:06 GMT
x-content-type-options: nosniff
age: 15623
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26598
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 12:29:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Nov 2022 16:49:06 GMT

GET
H3 200 blad02.png
s0.2mdn.net/sadbundle/407604236531593505/ Frame 390A 26 KB
26 KB 20ms
19ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/407604236531593505/blad02.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eee163efd7b46fc2ae981601c2b72eb2b0bdc08c6150f54d9be96bbb9b50bcbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/407604236531593505/728x90_leaderboard_BlackFriday.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 16:49:06 GMT
x-content-type-options: nosniff
age: 15623
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27042
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 12:29:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Nov 2022 16:49:06 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FE51 42 B
64 B 59ms
58ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9GZW5IBfWf4S8PxBjaZPO9th4k3R6b5RUlarrr7aVfI2m8gtVFvkHYMwIdkp3YL-tHmArpgLGKlXSz1hhK5gibZm6MCSbba5_TRMCbSTYnkgM2pZS1w&sai=AMfl-YSaliycholRUSDrNObVlBIVmVchm89SUpsevijXtlms7hv39UmY45ObEFWT0P-uYrWkXh5waISGvc17fr3NkRDUctNTa5N2b02pGE_426MBonjUuCHc3V0eLoI&sig=Cg0ArKJSzCZzV7RLdBT-EAE&cid=CAASEuRoyUGsnJ0in41CAlPIUFCFZg&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637960966471&rpt=2877&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 21:09:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFyNn0-mW6ow&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOVL8D_iT6eVtXCVmpRfYROY14AQqNVs_F3-i6y_QNCl5MLc9nV3ODsA1Y0W93zaE

Verdicts & Comments Add Verdict or Comment

221 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
wincreator.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: agj07n3drp5pkln4d8enulkhg6
wincreator.com/	1970-01-19 23:42:32	Name: addivideuid Value: 0512a1838b789e9516bac2423e721daa
.wincreator.com/	1969-12-31 23:59:59	Name: __utmc Value: 101675527
.wincreator.com/	1970-01-20 03:22:08	Name: __utmz Value: 101675527.1637960965.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.wincreator.com/	1970-01-19 22:59:21	Name: __utmt Value: 1
.wincreator.com/	1970-01-20 16:30:32	Name: __utma Value: 101675527.1083446620.1637960965.1637960965.1637960965.1
.wincreator.com/	1970-01-19 22:59:22	Name: __utmb Value: 101675527.1.10.1637960965
.wincreator.com/	1970-01-20 08:20:56	Name: __gads Value: ID=0770d27a00019455-221df37206cc009a:T=1637960965:RT=1637960965:S=ALNI_MYyUSBHfl3E0YGyjzdkiKbcriNTNw
.doubleclick.net/	1970-01-20 08:20:56	Name: IDE Value: AHWqTUl-MDfd4omDmkdrd_zQN2MLW5w7yV7KMfk872nwUliyCx65XVVicvBq1GqphCE
.adnxs.com/	1970-01-20 01:08:56	Name: uuid2 Value: 6224798967548389178
.tradedoubler.com/	1970-01-20 07:44:56	Name: BT Value: 1z11zzrIz11Qnfgzcn5gqnrzzJx1z9ycn5gqnr
.tradedoubler.com/	1970-01-20 07:44:56	Name: PI Value: 1z11z1zrIz21Lo1jzDu2Xy1y24Hq9y1eGbyyyAlJty1RcZy2HAIDFyyy
.tradedoubler.com/	1970-01-20 07:44:56	Name: UI Value: 1z11zzrIzsDL44z1NlNyLHY9
.casalemedia.com/	1970-01-20 01:08:56	Name: CMPS Value: 3222
.casalemedia.com/	1970-01-20 07:44:56	Name: CMID Value: YaFNBeVZktRyvadKqzC3VwAA
.casalemedia.com/	1970-01-20 01:08:56	Name: CMPRO Value: 1215
.casalemedia.com/	1970-01-19 23:00:47	Name: CMST Value: YaFNBWGhTQYA
.adnxs.com/	1970-01-20 01:08:56	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hb<Z2%o0!2!_QPupfp68r?FfxLLEpWnlUq7[LNH[8WBBWRWF*-+G>r(4p@V7qtJ]3s=lNl$]kNya!tNhTq>A?6#a
.casalemedia.com/	1970-01-20 07:44:56	Name: CMRUM3 Value: 2d61a14d062760CAESEKHfTAak4f3S29fwc6s8tZY
.rlcdn.com/	1970-01-20 07:44:56	Name: rlas3 Value: yoQi+g9fY9YvbxjMAv1iyBTqowhn3YiqHbH7ZX3aw5Q=
.pubmatic.com/	1970-01-19 23:00:47	Name: KTPCACOOKIE Value: YES
.quantserve.com/	1970-01-20 01:08:56	Name: d Value: EFQBCQHoJIEA
.quantserve.com/	1970-01-20 08:29:35	Name: mc Value: 61a14d06-99e33-b6f7e-75ceb
.rlcdn.com/	1970-01-20 00:25:44	Name: pxrc Value: CIaahY0GEgUI6AcQABIGCOndKhAA
.pubmatic.com/	1970-01-20 01:08:56	Name: KADUSERCOOKIE Value: 1961E72B-F6C6-4C2F-BEA0-F9DB5E6F5CB5
.agkn.com/	1970-01-20 07:44:56	Name: ab Value: 0001%3A5HsusSBbwtq7%2F0yuinboP3ffAwbl9MSs
.agkn.com/	1970-01-20 07:44:56	Name: u Value: C\|0CEApNAmGKTQJhgAAAAAAAQ13AQCAAQpAAAAAAA
.e.dlx.addthis.com/	1970-01-20 08:29:35	Name: na_tc Value: Y
.addthis.com/	1970-01-20 08:29:35	Name: na_id Value: 2021112621092700089236071172
.addthis.com/	1970-01-20 08:29:35	Name: na_tc Value: Y
.addthis.com/	1970-01-20 08:29:35	Name: uid Value: 61a14d0743811ce6
.addthis.com/	1970-01-20 08:29:35	Name: ouid Value: 61a14d070001d21dfe7e272bd73c8e2a5b2b67d501b34994f4cc
.dlx.addthis.com/	1970-01-19 23:42:32	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-19 23:42:32	Name: na_sr Value: 20211126
.dlx.addthis.com/	1970-01-19 22:59:21	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-19 23:42:32	Name: na_sc_e Value: 0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_push=AYg5qPKVhLYrOuXJmS3vkh1mwHXmbzQbqBg5mzxhBbPJohmQCiBjb_dalccF0buax_JHHjOq06WPKtVXT4oJ1BPTFyNn0-mW6ow&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaFNBeVZktRyvadKqzC3VwAABL8AAAIB&google_gid=CAESEHbMrtD5aQdBpoqloGucGiI&google_cver=1&google_push=AYg5qPK86EfwtvSQU6joprlQkbx4Mq7b9YuOVL8D_iT6eVtXCVmpRfYROY14AQqNVs_F3-i6y_QNCl5MLc9nV3ODsA1Y0W93zaE Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
bid.g.doubleclick.net
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
code.jquery.com
csi.gstatic.com
d.agkn.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
fonts.googleapis.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
imasdk.googleapis.com
impes.tradedoubler.com
l.sharethis.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
r1---sn-5hnedn7z.c.2mdn.net
rtb.openx.net
s0.2mdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
vht.tradedoubler.com
w.sharethis.com
wincreator.com
ws.sharethis.com
www.google.com
www.googletagservices.com
cm.g.doubleclick.net
104.111.215.191
136.144.249.135
142.250.185.66
142.250.186.130
142.250.186.98
18.196.159.27
18.198.109.212
185.33.221.90
185.64.190.78
2.18.234.21
2001:4de0:ac18::1:a:2b
217.182.200.19
2600:9000:2057:ee00:3:c04e:c780:93a1
2607:f8b0:4007:80f::2003
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:808::2002
2a00:1450:4001:809::200a
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200e
2a00:1450:400c:c06::9a
2a00:1450:401c:17::7
2a02:26f0:6c00::210:ba60
35.186.231.97
35.227.252.103
35.244.174.68
64.233.167.155
65.9.71.19
69.173.144.165
020fffd2d35de073df3a3a9ec1e614b7744e00b728c0ad5f55909b6ba43f7fb3
03f4f72d7090e82fbaf35259ac9dfea880d4874bf694cd6cbfc54a62a0023c4d
073b1f105e905339744324dd839349e3e9fd266fca5875994f9c29e4bb9b354e
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c834778459903c4dce17aad590845931fef799d4ad98e0b1d7de33423ed7352
12480385b88734637adce0bf82c0f9c6b13764e4feb3c390fa90f9fcdcf10af1
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13996cd1f24ce2aada80649694dba48ab0e86526ee822ed718510c20220fa5da
1ae9e9fdc77119a20abe31cbb524d06a2d31409ba191b7d9a3021c8e695f7d2c
1af0e0ca290a13faeabef7d1bde7ca8d96bb83b876f5d42e32c4b6095a5b0afb
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2ae139bc43f7f6f1ccf724232b1a7f2583c0b34291b8e0c3fd738f044e4ca1ca
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
357b406ed293cac04cb24710f510e18284f40eaf8c5ae7b42888c53af8dc42dc
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842
39446b399dd1911651e5517b059c649de4a58c3d89ddafa594a6867a9b201564
3be7f66374d7347157b4c238b8106e393007b7b237596b677bb7cc1369d1db16
40279417deb789df672f0165a0817b4c84893685d47a4fd8e20770e838ef4367
40d6aab84bcbd4fb05e99d2c3d764dacb2154e81b42d19f5a3d101a93ca5e9a4
421d9ef04c36d76a164006832de00f79133eac24f3a05f06d4b2aba59d73183b
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
456239d9258df30115f79a871e46756d0456aa8964572205a15bb915642d3bfd
4733ce8da1a4229ed0ebdb67c2d3a164d1384f6a7878fa93ee7217c89ec7042b
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4a3c039e5669ad4ffa4ef2e464ecdaac55ae506adf5c70f0c47c3a3579d84f33
4a7e392e240ca5020f94cb3c558a82f820c3e5e4fc6ba1c5a9c451cc3012611d
4a9eb28d7c04b64e60787c9250ec6e277a9141a34ad4b97eafa27af1c20b0c03
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
54b2dbbca012fc266b8756387252ff44825505d2c579d80d80d8dde6f8fdecfc
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5f75c33d635a40110a44b7d15cee1e692271af2d1aabf5aca0a860434aabe31f
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
6be28b056b56a297494eb701294895479f21ee227b6e8773736d3ee430bdd96e
6ea622e4f760fd83c0da40102ff251c03efdc6886e043f2c7a6083e3212585f4
6f8f436406ed6984b0be858b4ad76e47b00f66a202daacb1fe1a5d1a8a2f0e1b
732d3038cffc852adde57cc51509924b478a45c898cefbb6e46b04448feff7e5
7ba38c636940db54018406db91e3a02040d14fd6ce7dabf8bdb011067ba8eb41
7c667512721206a3b29b9f2a0f33542f4bbbfd648edce7834d4184712ae82df8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8bad3eaf4fa3c5185d95e79411e8695c6d11ccde9945344fdabd728d56771761
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
99308d3a4376c2bce7160e33aaa3a90b4545b693e2ff9984563591df18338939
994c92cf2c920637f5ea674b59c7a4ccb885432da289eb413e631dd8153e6da6
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c93eafe33c076d0502590b16f08e594ebec3101cc8cc31f2a1cfb8bf6b05f44
9d001e97f73ccb55a0c5a20fbdca0b4e2c626436d789ba1e76540a5c7976f37a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2af65c3ed45375d73f79b99aa967b3afa2bd7caccfe0a7a536246da391bec1b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a58707733dd9cd70a60dc0a0aff00bf9c484de86e65af7d770c06ea739448918
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a77890506c208bb7033a1f159c26f2ea725185310ad2e744542c755fb794fcbb
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a8157d572a6453e74c4c44bff4d395f91d817ada6db633dfea3eede8ea1062
b77bda3dbc275c2cd5d2cd0b426dd80df792300eac7aac0006b212f2c7998134
bb0082cab0a60dc76eda5639d09b7005e90e6fdc3d6455f001b0b385da71a714
c0f5b9a61df1cc1b3763f20fd636b7c43ec9efc9c25d6c54cc8da0a49a3d207d
c3a537ae5d8020c10896418cb8658af444cbb3f89d3543c7db596b624e38690d
c68a70790a7a07c9a8ecabb6893f5886e4262603c2bccdecd4514652e02dc875
cf0247dad363f793b4a802abb677e275580c7c957fb8a067c7e26f1e5af28c7d
d0c8da105e3942965cf032c25db093698e244ee11cc23c52e52b506926083dfd
da45674e417aa20f3f805d586c23cefa4cbf6cbecda8d097f4bcf3456bf172f1
db8deb30d5cecf873a6361b5410aed53a439e46072dcd6af4dc2481e44ea2a59
df8f74fe50d2ff0fa86eb050c48a5a42e241bb963abbceb8552da56ead6244a7
e083ca305fe5020595b52c04499258219f69c8cb83ec0ffc1eb0f22815f5c60f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
eb2ff15f20a72422fd8c992a2d053dea303e34cb54277c23b887dfeabb07ae37
eb618971169041e9015bb8ebce4321d211c84e0b78604fccceeb6a3fdb252b3f
ed711f4279a1ffd6cc7d72e912424863b40be6dc882a0fb3c1f5354b49199a00
eee163efd7b46fc2ae981601c2b72eb2b0bdc08c6150f54d9be96bbb9b50bcbd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d0bfeb6b074eefa5b368ff3a6051748463bab7c3d51941789c62eb6ba990c2
ffd7d8f21205b5a8c3d1e2fd124fd554edbc9ab1ef756b679fcf276bb00a229f

wincreator.com Open in urlscan Pro 136.144.249.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

142 Requests

85 %HTTPS

51 %IPv6

24 Domains

36 Subdomains

28 IPs

7 Countries

3670 kBTransfer

6129 kBSize

36 Cookies

4 Outgoing links

Redirected requests

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wincreator.com Open in urlscan Pro
136.144.249.135 Public Scan

Screenshot
Live screenshot

Full Image

142
Requests

85 %
HTTPS

51 %
IPv6

24
Domains

36
Subdomains

28
IPs

7
Countries

3670 kB
Transfer

6129 kB
Size

36
Cookies

142 HTTP transactions
2 data transactions