www.uspslitebluelogin.net Open in urlscan Pro
45.148.121.89 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.uspslitebluelogin.net/
Effective URL:
https://www.uspslitebluelogin.net/
Submission: On November 14 via api (November 14th 2021, 5:18:40 pm UTC) from US — Scanned from NL

Summary HTTP 142 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 17 domains to perform 142 HTTP transactions. The main IP is 45.148.121.89, located in Netherlands and belongs to SKB-ENTERPRISE, NL. The main domain is www.uspslitebluelogin.net.
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 11th 2021. Valid for: 3 months.

This is the only time www.uspslitebluelogin.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	45.148.121.89 45.148.121.89	64425 (SKB-ENTER...) (SKB-ENTERPRISE)
7	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::ac43:9c42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
7	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	23.88.35.13 23.88.35.13	24940 (HETZNER-AS) (HETZNER-AS)
17	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
5	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 1	79.137.69.91 79.137.69.91	16276 (OVH) (OVH)
142	18

11 45.148.121.89 (Netherlands) 1 redirects

ASN64425 (SKB-ENTERPRISE, NL)
PTR: server51rang.flaunt7.com

www.uspslitebluelogin.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:9c42 (United States)

ASN13335 (CLOUDFLARENET, US)

www.signinsupport.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.35.13 (Frankfurt am Main, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.13.35.88.23.clients.your-server.de

www.icegram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.137.69.91 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm11.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	591 KB
22	doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	190 KB
20	gravatar.com secure.gravatar.com	6 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com	244 KB
11	uspslitebluelogin.net 1 redirects www.uspslitebluelogin.net	149 KB
7	googleapis.com fonts.googleapis.com	5 KB
6	googletagservices.com www.googletagservices.com	218 KB
6	google.com 2 redirects adservice.google.com www.google.com	2 KB
3	google.nl adservice.google.nl	754 B
2	openx.net 2 redirects rtb.openx.net	582 B
2	addthis.com 2 redirects e.dlx.addthis.com	1 KB
2	rlcdn.com 2 redirects id.rlcdn.com	890 B
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	338 B
1	quantserve.com cms.quantserve.com	463 B
1	googleadservices.com partner.googleadservices.com	517 B
1	icegram.com www.icegram.com	16 KB
1	signinsupport.net www.signinsupport.net	96 KB
142	17

	Domain	Requested by
32	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
20	secure.gravatar.com	www.uspslitebluelogin.net
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
17	pagead2.googlesyndication.com	www.uspslitebluelogin.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	www.uspslitebluelogin.net	1 redirects www.uspslitebluelogin.net
9	www.gstatic.com	googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
7	fonts.googleapis.com	www.uspslitebluelogin.net googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
5	cm.g.doubleclick.net	googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.nl	pagead2.googlesyndication.com
2	rtb.openx.net	2 redirects
2	e.dlx.addthis.com	2 redirects
2	id.rlcdn.com	2 redirects
1	googlecm.hit.gemius.pl	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.icegram.com	www.uspslitebluelogin.net
1	www.signinsupport.net	www.uspslitebluelogin.net
142	21

This site contains links to these domains. Also see Links.

Domain
ssp.usps.gov
liteblue.usps.gov
ewss.usps.gov
www.liteblue.usps.gov
human

Subject Issuer	Validity	Valid
uspslitebluelogin.net cPanel, Inc. Certification Authority	`2021-11-11` - `2022-02-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-15` - `2022-05-14`	a year	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.icegram.com R3	`2021-10-26` - `2022-01-24`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://www.uspslitebluelogin.net/
Frame ID: 32E296846772041DDE484132D1600B7A
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/zrt_lookup.html
Frame ID: 48ED0FC57178E60E27DE41CAEB3A9441
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&slotname=3539237290&adk=2124115515&adf=647587806&pi=t.ma~as.3539237290&w=696&fwrn=4&fwrnh=100&lmt=1636909658&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910314837&bpp=7&bdt=229&idt=88&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&correlator=4346608245516&frm=20&pv=2&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=193&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=4174965133456260&pem=703&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oQoiS6FAuz&p=https%3A//www.uspslitebluelogin.net&dtd=103
Frame ID: 47BBF550DF1B62D4F8E4EEB156E8591F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&slotname=3539237290&adk=2124115515&adf=1790951028&pi=t.ma~as.3539237290&w=696&fwrn=4&fwrnh=100&lmt=1636909658&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910314845&bpp=1&bdt=237&idt=117&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&correlator=4346608245516&frm=20&pv=1&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=4174965133456260&pem=703&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=v1RJLwoPho&p=https%3A//www.uspslitebluelogin.net&dtd=120
Frame ID: 64B4A2584B78E56183A9A93C1253C3C3
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&slotname=6249161112&adk=1885983945&adf=351507405&pi=t.ma~as.6249161112&w=696&fwrn=4&fwrnh=100&lmt=1636909658&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910314846&bpp=1&bdt=239&idt=121&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280%2C696x280&correlator=4346608245516&frm=20&pv=1&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=1874&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=4174965133456260&pem=703&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ake5reX2DQ&p=https%3A//www.uspslitebluelogin.net&dtd=123
Frame ID: D78A6227E32092E5E1AD99DA261B7185
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&adk=1812271804&adf=3025194257&lmt=1636909658&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910314855&bpp=1&bdt=248&idt=118&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280%2C696x280%2C696x280&nras=1&correlator=4346608245516&frm=20&pv=1&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=4174965133456260&pem=703&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=121
Frame ID: 1B8FC4DCDF1A59CE47A3B57919DAD616
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Frame ID: 109EFE7230C06C8DC818DA75BF7F2B46
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&adk=644660767&adf=2823959481&pi=t.aa~a.638164068~i.32~rp.4&w=696&fwrn=4&fwrnh=100&lmt=1636909658&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9641277406&psa=1&ad_type=text_image&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&pra=3&rh=174&rw=696&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910315714&bpp=1&bdt=1107&idt=1&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De9c744bb64417721-226044d7b7cb0083%3AT%3D1636910314%3ART%3D1636910314%3AS%3DALNI_MadpZiVl8q-R6cjX9h5c19oTd7gIw&prev_fmts=696x280%2C696x280%2C696x280%2C0x0&nras=2&correlator=4346608245516&frm=20&pv=1&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&psts=AGkb-H-CnPtinTY9tQEZBaOrEPthRtknAGa3T4DWxmVLEE-65_Q1gxRPfLQxXXK6aPuU7aE0syZseBlHPMm_PA&pvsid=4174965133456260&pem=703&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=yJlwzHUdki&p=https%3A//www.uspslitebluelogin.net&dtd=16
Frame ID: CC4C94DA8300955449B6460AD24C682F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D5F3293E5D9A00C0BE20CDFC12E6623F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Frame ID: D37F783EFF6D0F8F053F9D3871DBDAC3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1
Frame ID: BC0B3EB878862F010832DCB63CA1D25F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6D6DEC123C34C6B14ACCA253090DF596
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Frame ID: 3DCFED053B2BEC6DFBF58D44E9B51EEF
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: A058580FB734E6FA3B25F9B0FCA30986
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Frame ID: BFF3CAA9451A826AF989698483DA9FD5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Frame ID: 8B9A7E7762B8D21113BECC5046B0793E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DBF3BED0BD15CB7715862E60D51B1EF3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D7844152EA55E66D2A4262B5F35FEE0D
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: D6B27B67D6E3626CF462099A965089ED
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 625EB615F11C59F6D06F1D6D35A8B428
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Liteblue Usps Login Official (Liteblue Usps Gov) | Liteblue Usps Employee Login

Page URL History Show full URLs

http://www.uspslitebluelogin.net/ HTTP 301
https://www.uspslitebluelogin.net/ Page URL

Page Statistics

142
Requests

96 %
HTTPS

62 %
IPv6

17
Domains

21
Subdomains

18
IPs

5
Countries

1518 kB
Transfer

3497 kB
Size

21
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://ssp.usps.gov/
Title: www.ssp.usps.gov

Search URL Search Domain Scan URL

URL: https://liteblue.usps.gov/
Title: homepage

Search URL Search Domain Scan URL

URL: https://liteblue.usps.gov/lite-blue/ssp.htm
Title: here

Search URL Search Domain Scan URL

URL: https://liteblue.usps.gov/lite-blue/forget-your-password.htm
Title: Reset Password

Search URL Search Domain Scan URL

URL: https://ewss.usps.gov/
Title: PostalEASE

Search URL Search Domain Scan URL

URL: http://www.liteblue.usps.gov/
Title: http://www.LiteBlue.USPS.Gov

Search URL Search Domain Scan URL

URL: http://human%20resources./
Title: Angela Alexander

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.uspslitebluelogin.net/ HTTP 301
https://www.uspslitebluelogin.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 130

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKqYSi95Ac8nnu5cWmWbldEbWgI1FCyDEYCoppnGDL2CHzC82uOaXTnsyB81j0o-LCWKianVAbio9zq66CHFUggJ575w1cB&google_gid=CAESEGMFNdeYRhksYQeZw6oLyzA&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOyJxYwGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBLcVlTaTk1QWM4bm51NWNXbVdibGRFYldnSTFGQ3lERVlDb3BwbkdETDJDSHpDODJ1T2FYVG5zeUI4MWowby1MQ1dLaWFuVkFiaW85enE2NkNIRlVnZ0o1NzV3MWNC HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwak1MSFVGLW95clMzc3VNNWJYQnB1QnM1NnM3S1JobDR1TDFnbGRuaFpDSQ==&google_push

Request Chain 131

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLRCe-Oplb1Lk1wpAYJnVO0M6MCg41-D7TB1JILzd4JdQfj3ASgNWaItekO4cx5UeDAdVTNi-1s_JZQlK_nNaNTvBKd2KM&google_gid=CAESEC6SdQOKszsTOKnTpOshORU&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLRCe-Oplb1Lk1wpAYJnVO0M6MCg41-D7TB1JILzd4JdQfj3ASgNWaItekO4cx5UeDAdVTNi-1s_JZQlK_nNaNTvBKd2KM&google_gid=CAESEC6SdQOKszsTOKnTpOshORU&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMTQxNzE4MzcwMDAxMjU0ODY3MjI3Ng%3D%3D&google_push=AYg5qPLRCe-Oplb1Lk1wpAYJnVO0M6MCg41-D7TB1JILzd4JdQfj3ASgNWaItekO4cx5UeDAdVTNi-1s_JZQlK_nNaNTvBKd2KM

Request Chain 132

https://rtb.openx.net/sync/dds?google_gid=CAESEE98AWAJx5JiOV1suzuf4qM&google_cver=1&google_push=AYg5qPLygRIMhtOXnz8nZkHc0eU1Tz5XTjWfAdN8TRSa2Dx7-Q16nDuiD9BRRMt4G2RF8Kk1UU97oDgTb6Np13QbHRD5MAKjpE1m HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEE98AWAJx5JiOV1suzuf4qM&google_cver=1&google_push=AYg5qPLygRIMhtOXnz8nZkHc0eU1Tz5XTjWfAdN8TRSa2Dx7-Q16nDuiD9BRRMt4G2RF8Kk1UU97oDgTb6Np13QbHRD5MAKjpE1m&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLygRIMhtOXnz8nZkHc0eU1Tz5XTjWfAdN8TRSa2Dx7-Q16nDuiD9BRRMt4G2RF8Kk1UU97oDgTb6Np13QbHRD5MAKjpE1m&google_hm=SXPS4XS9z0QJVVk38dil3w==

Request Chain 133

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc6DiR7nOWdAjC8gCEztvKxtDZGGUxrhoF9Sx8Qm68cvwFfHk20xZINEMJM0KFD4V HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc6DiR7nOWdAjC8gCEztvKxtDZGGUxrhoF9Sx8Qm68cvwFfHk20xZINEMJM0KFD4V&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc6DiR7nOWdAjC8gCEztvKxtDZGGUxrhoF9Sx8Qm68cvwFfHk20xZINEMJM0KFD4V HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc6DiR7nOWdAjC8gCEztvKxtDZGGUxrhoF9Sx8Qm68cvwFfHk20xZINEMJM0KFD4V HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc6DiR7nOWdAjC8gCEztvKxtDZGGUxrhoF9Sx8Qm68cvwFfHk20xZINEMJM0KFD4V HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc6DiR7nOWdAjC8gCEztvKxtDZGGUxrhoF9Sx8Qm68cvwFfHk20xZINEMJM0KFD4V HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc6DiR7nOWdAjC8gCEztvKxtDZGGUxrhoF9Sx8Qm68cvwFfHk20xZINEMJM0KFD4V HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc6DiR7nOWdAjC8gCEztvKxtDZGGUxrhoF9Sx8Qm68cvwFfHk20xZINEMJM0KFD4V HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc6DiR7nOWdAjC8gCEztvKxtDZGGUxrhoF9Sx8Qm68cvwFfHk20xZINEMJM0KFD4V HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc6DiR7nOWdAjC8gCEztvKxtDZGGUxrhoF9Sx8Qm68cvwFfHk20xZINEMJM0KFD4V HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc6DiR7nOWdAjC8gCEztvKxtDZGGUxrhoF9Sx8Qm68cvwFfHk20xZINEMJM0KFD4V HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc6DiR7nOWdAjC8gCEztvKxtDZGGUxrhoF9Sx8Qm68cvwFfHk20xZINEMJM0KFD4V HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc6DiR7nOWdAjC8gCEztvKxtDZGGUxrhoF9Sx8Qm68cvwFfHk20xZINEMJM0KFD4V HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc6DiR7nOWdAjC8gCEztvKxtDZGGUxrhoF9Sx8Qm68cvwFfHk20xZINEMJM0KFD4V HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc6DiR7nOWdAjC8gCEztvKxtDZGGUxrhoF9Sx8Qm68cvwFfHk20xZINEMJM0KFD4V HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc6DiR7nOWdAjC8gCEztvKxtDZGGUxrhoF9Sx8Qm68cvwFfHk20xZINEMJM0KFD4V HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc6DiR7nOWdAjC8gCEztvKxtDZGGUxrhoF9Sx8Qm68cvwFfHk20xZINEMJM0KFD4V HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc6DiR7nOWdAjC8gCEztvKxtDZGGUxrhoF9Sx8Qm68cvwFfHk20xZINEMJM0KFD4V HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc6DiR7nOWdAjC8gCEztvKxtDZGGUxrhoF9Sx8Qm68cvwFfHk20xZINEMJM0KFD4V HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc6DiR7nOWdAjC8gCEztvKxtDZGGUxrhoF9Sx8Qm68cvwFfHk20xZINEMJM0KFD4V HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc6DiR7nOWdAjC8gCEztvKxtDZGGUxrhoF9Sx8Qm68cvwFfHk20xZINEMJM0KFD4V

Request Chain 134

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECqcDycmsDeQm3XJbin05Eg&google_cver=1&google_push=AYg5qPLlPnMCyWd3TcLTHM6Go6keGVUvEeqshamv39kr4-bhDuf0Ljtb2QWIXbkTUnPCMFhgiNJXuOP-x43rYrPxu3tK_JqFUs1iuQ HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLlPnMCyWd3TcLTHM6Go6keGVUvEeqshamv39kr4-bhDuf0Ljtb2QWIXbkTUnPCMFhgiNJXuOP-x43rYrPxu3tK_JqFUs1iuQ&google_hm=

Request Chain 136

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

142 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.uspslitebluelogin.net/
Redirect Chain

http://www.uspslitebluelogin.net/
https://www.uspslitebluelogin.net/

108 KB
22 KB

48ms
14ms

Document
text/html

45.148.121.89
SKB-ENTERPRISE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.uspslitebluelogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.148.121.89 , Netherlands, ASN64425 (SKB-ENTERPRISE, NL),
Reverse DNS: server51rang.flaunt7.com
Software: LiteSpeed /
Resource Hash: ade8114f51e6fcd0fd31969c858151dbefb16a416aa0b8679e8f4971ef635e24

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9

Response headers

content-type: text/html
last-modified: Sun, 14 Nov 2021 17:07:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 21879
date: Sun, 14 Nov 2021 17:18:34 GMT
server: LiteSpeed
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 29 Oct 1923 20:30:00 GMT
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

Redirect headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Location: https://www.uspslitebluelogin.net/
Content-Length: 0
Date: Sun, 14 Nov 2021 17:18:34 GMT
Server: LiteSpeed

GET
H2 200 hgmc9.css
www.uspslitebluelogin.net/wp-content/cache/wpfc-minified/kc7ukg6t/ 53 KB
11 KB 15ms
14ms Stylesheet
text/css 45.148.121.89
SKB-ENTERPRISE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.uspslitebluelogin.net/wp-content/cache/wpfc-minified/kc7ukg6t/hgmc9.css
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.148.121.89 , Netherlands, ASN64425 (SKB-ENTERPRISE, NL),
Reverse DNS: server51rang.flaunt7.com
Software: LiteSpeed /
Resource Hash: 69cb5a70320620054ce14ccb7349e1840dd71448dcbc253164ea698167ec0f78

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:18:34 GMT
content-encoding: br
last-modified: Sun, 28 Mar 2021 12:57:41 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11331
expires: Sun, 21 Nov 2021 17:18:34 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 81ms
29ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%20Slab%3A300%2C400%7CRaleway%3A400%2C500%2C700&subset=latin-ext

Requested by

Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8c6b0d68efab7cd6288a6f6b332b34423ae0a1172da7ac736eaafd81a53c152

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 17:05:38 GMT
server: ESF
date: Sun, 14 Nov 2021 17:18:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Nov 2021 17:18:34 GMT

GET
H2 200 hgmc9.js Show response
www.uspslitebluelogin.net/wp-content/cache/wpfc-minified/l09e8i1x/ 95 KB
32 KB 17ms
17ms Script
application/javascript 45.148.121.89
SKB-ENTERPRISE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.uspslitebluelogin.net/wp-content/cache/wpfc-minified/l09e8i1x/hgmc9.js
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.148.121.89 , Netherlands, ASN64425 (SKB-ENTERPRISE, NL),
Reverse DNS: server51rang.flaunt7.com
Software: LiteSpeed /
Resource Hash: 9056f87fe0f7a601f2b63ba77a11a8767d838ab97cd2d7a8b6661e7809c81569

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:18:34 GMT
content-encoding: br
last-modified: Sun, 28 Mar 2021 12:57:41 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 32898
expires: Sun, 21 Nov 2021 17:18:34 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 121ms
54ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba5a747b6bb70f14752f815aff731d6d34eecbd7faf2a2a3dd4c9afedb193e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 51381
x-xss-protection: 0
server: cafe
etag: 835866301012697823
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 17:18:34 GMT

GET
H2 200 liteblue.png
www.signinsupport.net/wp-content/uploads/2017/09/ 95 KB
96 KB 1392ms
1113ms Image
image/png 2606:4700:3036::ac43:9c42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.signinsupport.net/wp-content/uploads/2017/09/liteblue.png
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81e9e3dc4ac99c7f876aa3dcb22a457a3df5afbc022a631ae9ef1f3fdc611408

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:18:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 97079
last-modified: Wed, 06 Sep 2017 16:51:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBPBVe8b5g8G8bKhJjv4n3vfs9r7IvTNcSjGLJ%2BT5uwudKI1y4V3Ym5URuOGwgvehd046ezF8C%2Br3xHeSEt7WR%2Bjrl%2FQe9ayCTFfg2p9SKtxQeBt9S%2BI%2Blw6%2BMTwwgsqMXtJIPrJsK%2FFpH6SUMQUxAXja8A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6ae1e65d49ad0e02-MXP
expires: max-age=A10368000, public

GET
H2 200 5b12018e818dd8dbabc127fd1260b747
secure.gravatar.com/avatar/ 138 B
296 B 376ms
231ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/5b12018e818dd8dbabc127fd1260b747?s=80&d=blank&r=g
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c6ae70d8b4c011aeed79480feb0a1718b7606eea9f08f685b3839aa61a952aed

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: MISS mxp 3
date: Sun, 14 Nov 2021 17:18:35 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="5b12018e818dd8dbabc127fd1260b747.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/5b12018e818dd8dbabc127fd1260b747?s=80&d=blank&r=g>; rel="canonical"
content-length: 138
expires: Sun, 14 Nov 2021 17:23:35 GMT

GET
H2 200 4a72e8b577b11a42149498f59775d7dd
secure.gravatar.com/avatar/ 138 B
298 B 378ms
232ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/4a72e8b577b11a42149498f59775d7dd?s=80&d=blank&r=g
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c6ae70d8b4c011aeed79480feb0a1718b7606eea9f08f685b3839aa61a952aed

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: MISS mxp 3
date: Sun, 14 Nov 2021 17:18:35 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="4a72e8b577b11a42149498f59775d7dd.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/4a72e8b577b11a42149498f59775d7dd?s=80&d=blank&r=g>; rel="canonical"
content-length: 138
expires: Sun, 14 Nov 2021 17:23:35 GMT

GET
H2 200 6f5262f54903cb834556502eb5e33d24
secure.gravatar.com/avatar/ 138 B
297 B 379ms
233ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/6f5262f54903cb834556502eb5e33d24?s=80&d=blank&r=g
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c6ae70d8b4c011aeed79480feb0a1718b7606eea9f08f685b3839aa61a952aed

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: MISS mxp 3
date: Sun, 14 Nov 2021 17:18:35 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="6f5262f54903cb834556502eb5e33d24.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/6f5262f54903cb834556502eb5e33d24?s=80&d=blank&r=g>; rel="canonical"
content-length: 138
expires: Sun, 14 Nov 2021 17:23:35 GMT

GET
H2 200 a0784c40747b2b28f3bc915c7bcd2d20
secure.gravatar.com/avatar/ 138 B
296 B 378ms
233ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/a0784c40747b2b28f3bc915c7bcd2d20?s=80&d=blank&r=g
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c6ae70d8b4c011aeed79480feb0a1718b7606eea9f08f685b3839aa61a952aed

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: MISS mxp 3
date: Sun, 14 Nov 2021 17:18:35 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="a0784c40747b2b28f3bc915c7bcd2d20.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/a0784c40747b2b28f3bc915c7bcd2d20?s=80&d=blank&r=g>; rel="canonical"
content-length: 138
expires: Sun, 14 Nov 2021 17:23:35 GMT

GET
H2 200 db64d1c356a0a20a1f72aef0129cdec5
secure.gravatar.com/avatar/ 138 B
414 B 374ms
229ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/db64d1c356a0a20a1f72aef0129cdec5?s=80&d=blank&r=g
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c6ae70d8b4c011aeed79480feb0a1718b7606eea9f08f685b3839aa61a952aed

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: MISS mxp 3
date: Sun, 14 Nov 2021 17:18:35 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="db64d1c356a0a20a1f72aef0129cdec5.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/db64d1c356a0a20a1f72aef0129cdec5?s=80&d=blank&r=g>; rel="canonical"
content-length: 138
expires: Sun, 14 Nov 2021 17:23:35 GMT

GET
H2 200 50a1d4ec5cab4126ae224d3b39574cea
secure.gravatar.com/avatar/ 138 B
296 B 379ms
234ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/50a1d4ec5cab4126ae224d3b39574cea?s=80&d=blank&r=g
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c6ae70d8b4c011aeed79480feb0a1718b7606eea9f08f685b3839aa61a952aed

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: MISS mxp 3
date: Sun, 14 Nov 2021 17:18:35 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="50a1d4ec5cab4126ae224d3b39574cea.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/50a1d4ec5cab4126ae224d3b39574cea?s=80&d=blank&r=g>; rel="canonical"
content-length: 138
expires: Sun, 14 Nov 2021 17:23:35 GMT

GET
H2 200 b7be39615e53c84daa8c598834960e9e
secure.gravatar.com/avatar/ 138 B
297 B 230ms
229ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/b7be39615e53c84daa8c598834960e9e?s=80&d=blank&r=g
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c6ae70d8b4c011aeed79480feb0a1718b7606eea9f08f685b3839aa61a952aed

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: MISS mxp 3
date: Sun, 14 Nov 2021 17:18:35 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="b7be39615e53c84daa8c598834960e9e.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/b7be39615e53c84daa8c598834960e9e?s=80&d=blank&r=g>; rel="canonical"
content-length: 138
expires: Sun, 14 Nov 2021 17:23:35 GMT

GET
H2 200 c28780982b3b7f45a5eee51b0869d328
secure.gravatar.com/avatar/ 138 B
297 B 255ms
255ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/c28780982b3b7f45a5eee51b0869d328?s=80&d=blank&r=g
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c6ae70d8b4c011aeed79480feb0a1718b7606eea9f08f685b3839aa61a952aed

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: MISS mxp 3
date: Sun, 14 Nov 2021 17:18:35 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="c28780982b3b7f45a5eee51b0869d328.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/c28780982b3b7f45a5eee51b0869d328?s=80&d=blank&r=g>; rel="canonical"
content-length: 138
expires: Sun, 14 Nov 2021 17:23:35 GMT

GET
H2 200 a7530f89976a392d9b8853b526b12e0a
secure.gravatar.com/avatar/ 138 B
297 B 255ms
254ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/a7530f89976a392d9b8853b526b12e0a?s=80&d=blank&r=g
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c6ae70d8b4c011aeed79480feb0a1718b7606eea9f08f685b3839aa61a952aed

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: MISS mxp 3
date: Sun, 14 Nov 2021 17:18:35 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="a7530f89976a392d9b8853b526b12e0a.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/a7530f89976a392d9b8853b526b12e0a?s=80&d=blank&r=g>; rel="canonical"
content-length: 138
expires: Sun, 14 Nov 2021 17:23:35 GMT

GET
H2 200 1b46dcd6d010f5a7a8a6a1dcf0179cbf
secure.gravatar.com/avatar/ 138 B
296 B 256ms
256ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/1b46dcd6d010f5a7a8a6a1dcf0179cbf?s=80&d=blank&r=g
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c6ae70d8b4c011aeed79480feb0a1718b7606eea9f08f685b3839aa61a952aed

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: MISS mxp 3
date: Sun, 14 Nov 2021 17:18:35 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="1b46dcd6d010f5a7a8a6a1dcf0179cbf.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/1b46dcd6d010f5a7a8a6a1dcf0179cbf?s=80&d=blank&r=g>; rel="canonical"
content-length: 138
expires: Sun, 14 Nov 2021 17:23:35 GMT

GET
H2 200 da68e1e0420c001bc6d61436b2a03c09
secure.gravatar.com/avatar/ 138 B
295 B 257ms
257ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/da68e1e0420c001bc6d61436b2a03c09?s=80&d=blank&r=g
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c6ae70d8b4c011aeed79480feb0a1718b7606eea9f08f685b3839aa61a952aed

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: MISS mxp 3
date: Sun, 14 Nov 2021 17:18:35 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="da68e1e0420c001bc6d61436b2a03c09.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/da68e1e0420c001bc6d61436b2a03c09?s=80&d=blank&r=g>; rel="canonical"
content-length: 138
expires: Sun, 14 Nov 2021 17:23:35 GMT

GET
H2 200 0d693bb8ccc6307c02ead4ef0472d369
secure.gravatar.com/avatar/ 138 B
296 B 254ms
253ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/0d693bb8ccc6307c02ead4ef0472d369?s=80&d=blank&r=g
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c6ae70d8b4c011aeed79480feb0a1718b7606eea9f08f685b3839aa61a952aed

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: MISS mxp 3
date: Sun, 14 Nov 2021 17:18:35 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="0d693bb8ccc6307c02ead4ef0472d369.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/0d693bb8ccc6307c02ead4ef0472d369?s=80&d=blank&r=g>; rel="canonical"
content-length: 138
expires: Sun, 14 Nov 2021 17:23:35 GMT

GET
H2 200 ad3a80ca783e724b126da0a167c514bf
secure.gravatar.com/avatar/ 138 B
296 B 253ms
253ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/ad3a80ca783e724b126da0a167c514bf?s=80&d=blank&r=g
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c6ae70d8b4c011aeed79480feb0a1718b7606eea9f08f685b3839aa61a952aed

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: MISS mxp 3
date: Sun, 14 Nov 2021 17:18:35 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="ad3a80ca783e724b126da0a167c514bf.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/ad3a80ca783e724b126da0a167c514bf?s=80&d=blank&r=g>; rel="canonical"
content-length: 138
expires: Sun, 14 Nov 2021 17:23:35 GMT

GET
H2 200 4301c0c152e9cc35316bb742a79cfc3e
secure.gravatar.com/avatar/ 138 B
296 B 253ms
252ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/4301c0c152e9cc35316bb742a79cfc3e?s=80&d=blank&r=g
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c6ae70d8b4c011aeed79480feb0a1718b7606eea9f08f685b3839aa61a952aed

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: MISS mxp 3
date: Sun, 14 Nov 2021 17:18:35 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="4301c0c152e9cc35316bb742a79cfc3e.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/4301c0c152e9cc35316bb742a79cfc3e?s=80&d=blank&r=g>; rel="canonical"
content-length: 138
expires: Sun, 14 Nov 2021 17:23:35 GMT

GET
H2 200 7ecfb63dcc0d60ad489c6c429957c586
secure.gravatar.com/avatar/ 138 B
297 B 254ms
254ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/7ecfb63dcc0d60ad489c6c429957c586?s=80&d=blank&r=g
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c6ae70d8b4c011aeed79480feb0a1718b7606eea9f08f685b3839aa61a952aed

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: MISS mxp 3
date: Sun, 14 Nov 2021 17:18:35 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="7ecfb63dcc0d60ad489c6c429957c586.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/7ecfb63dcc0d60ad489c6c429957c586?s=80&d=blank&r=g>; rel="canonical"
content-length: 138
expires: Sun, 14 Nov 2021 17:23:35 GMT

GET
H2 200 28dbabd70695792ef7854d915d8d9bc6
secure.gravatar.com/avatar/ 138 B
298 B 233ms
232ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/28dbabd70695792ef7854d915d8d9bc6?s=80&d=blank&r=g
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c6ae70d8b4c011aeed79480feb0a1718b7606eea9f08f685b3839aa61a952aed

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: MISS mxp 3
date: Sun, 14 Nov 2021 17:18:35 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="28dbabd70695792ef7854d915d8d9bc6.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/28dbabd70695792ef7854d915d8d9bc6?s=80&d=blank&r=g>; rel="canonical"
content-length: 138
expires: Sun, 14 Nov 2021 17:23:35 GMT

GET
H2 200 bf96cd3ab8c1dc52939b0c45d0941fc0
secure.gravatar.com/avatar/ 138 B
297 B 256ms
255ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/bf96cd3ab8c1dc52939b0c45d0941fc0?s=80&d=blank&r=g
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c6ae70d8b4c011aeed79480feb0a1718b7606eea9f08f685b3839aa61a952aed

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: MISS mxp 3
date: Sun, 14 Nov 2021 17:18:35 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="bf96cd3ab8c1dc52939b0c45d0941fc0.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/bf96cd3ab8c1dc52939b0c45d0941fc0?s=80&d=blank&r=g>; rel="canonical"
content-length: 138
expires: Sun, 14 Nov 2021 17:23:35 GMT

GET
H2 200 1aeffdb9aada39fafa7ec0b761fbd999
secure.gravatar.com/avatar/ 138 B
297 B 256ms
255ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/1aeffdb9aada39fafa7ec0b761fbd999?s=80&d=blank&r=g
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c6ae70d8b4c011aeed79480feb0a1718b7606eea9f08f685b3839aa61a952aed

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: MISS mxp 3
date: Sun, 14 Nov 2021 17:18:35 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="1aeffdb9aada39fafa7ec0b761fbd999.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/1aeffdb9aada39fafa7ec0b761fbd999?s=80&d=blank&r=g>; rel="canonical"
content-length: 138
expires: Sun, 14 Nov 2021 17:23:35 GMT

GET
H2 200 102352607a18f91c6226d0ad14dfd01d
secure.gravatar.com/avatar/ 138 B
296 B 257ms
256ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/102352607a18f91c6226d0ad14dfd01d?s=80&d=blank&r=g
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c6ae70d8b4c011aeed79480feb0a1718b7606eea9f08f685b3839aa61a952aed

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: MISS mxp 3
date: Sun, 14 Nov 2021 17:18:35 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="102352607a18f91c6226d0ad14dfd01d.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/102352607a18f91c6226d0ad14dfd01d?s=80&d=blank&r=g>; rel="canonical"
content-length: 138
expires: Sun, 14 Nov 2021 17:23:35 GMT

GET
H2 200 3261671e37cee89379a5a830bfc2bbb8
secure.gravatar.com/avatar/ 138 B
297 B 233ms
232ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/3261671e37cee89379a5a830bfc2bbb8?s=80&d=blank&r=g
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c6ae70d8b4c011aeed79480feb0a1718b7606eea9f08f685b3839aa61a952aed

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: MISS mxp 3
date: Sun, 14 Nov 2021 17:18:35 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="3261671e37cee89379a5a830bfc2bbb8.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/3261671e37cee89379a5a830bfc2bbb8?s=80&d=blank&r=g>; rel="canonical"
content-length: 138
expires: Sun, 14 Nov 2021 17:23:35 GMT

GET
H3-Q050 200 autoptimize_906dbeb97cd2998eaa8cf71c3c2cdee3.js Show response
www.uspslitebluelogin.net/wp-content/cache/autoptimize/js/ 25 KB
9 KB 15ms
15ms Script
application/javascript 45.148.121.89
SKB-ENTERPRISE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.uspslitebluelogin.net/wp-content/cache/autoptimize/js/autoptimize_906dbeb97cd2998eaa8cf71c3c2cdee3.js
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 45.148.121.89 , Netherlands, ASN64425 (SKB-ENTERPRISE, NL),
Reverse DNS: server51rang.flaunt7.com
Software: LiteSpeed /
Resource Hash: a99030150a96d05b46c5f8aa410e8519fedb29dc05c200827bfd55fa5cba8602

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:18:34 GMT
content-encoding: br
last-modified: Sun, 28 Mar 2021 12:57:41 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=30672000,public, immutable
accept-ranges: bytes
content-length: 8793
expires: Fri, 04 Nov 2022 17:18:34 GMT

GET
H3-Q050 200 wp-emoji-release.min.js Show response
www.uspslitebluelogin.net/wp-includes/js/ 12 KB
4 KB 16ms
16ms Script
application/javascript 45.148.121.89
SKB-ENTERPRISE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.uspslitebluelogin.net/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 45.148.121.89 , Netherlands, ASN64425 (SKB-ENTERPRISE, NL),
Reverse DNS: server51rang.flaunt7.com
Software: LiteSpeed /
Resource Hash: d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:18:34 GMT
content-encoding: br
last-modified: Wed, 22 May 2019 13:39:44 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4032
expires: Sun, 21 Nov 2021 17:18:34 GMT

GET
H3-Q050 200 hgmc9.css
www.uspslitebluelogin.net/wp-content/cache/wpfc-minified/kc7ukg6t/ 53 KB
53 KB 16ms
16ms Image
text/css 45.148.121.89
SKB-ENTERPRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.uspslitebluelogin.net/wp-content/cache/wpfc-minified/kc7ukg6t/hgmc9.css
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/wp-content/cache/wpfc-minified/kc7ukg6t/hgmc9.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 45.148.121.89 , Netherlands, ASN64425 (SKB-ENTERPRISE, NL),
Reverse DNS: server51rang.flaunt7.com
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/wp-content/cache/wpfc-minified/kc7ukg6t/hgmc9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:18:34 GMT
content-encoding: br
last-modified: Sun, 28 Mar 2021 12:57:41 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11331
expires: Sun, 21 Nov 2021 17:18:34 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ 46 KB
47 KB 74ms
22ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Slab%3A300%2C400%7CRaleway%3A400%2C500%2C700&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.uspslitebluelogin.net
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 21:19:24 GMT
x-content-type-options: nosniff
age: 244750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 47312
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:40:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 21:19:24 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v16/ 32 KB
32 KB 90ms
38ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Slab%3A300%2C400%7CRaleway%3A400%2C500%2C700&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.uspslitebluelogin.net
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 14:55:48 GMT
x-content-type-options: nosniff
age: 267766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 32876
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:12:04 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 14:55:48 GMT

GET
H3-Q050 200 frontend.min.css
www.uspslitebluelogin.net/wp-content/plugins/icegram/assets/css/ 19 KB
2 KB 15ms
15ms Stylesheet
text/css 45.148.121.89
SKB-ENTERPRISE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.uspslitebluelogin.net/wp-content/plugins/icegram/assets/css/frontend.min.css?var=1.10.47
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/wp-content/cache/wpfc-minified/l09e8i1x/hgmc9.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 45.148.121.89 , Netherlands, ASN64425 (SKB-ENTERPRISE, NL),
Reverse DNS: server51rang.flaunt7.com
Software: LiteSpeed /
Resource Hash: 057e5577fd8181db248cb6ee56fd507172611c393853c04dbd6355dbcb5f6561

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:18:34 GMT
content-encoding: br
last-modified: Thu, 11 Mar 2021 15:17:42 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2178
expires: Sun, 21 Nov 2021 17:18:34 GMT

GET
H3-Q050 200 action-bar.min.css
www.uspslitebluelogin.net/wp-content/plugins/icegram/message-types/action-bar/themes/ 19 KB
3 KB 15ms
15ms Stylesheet
text/css 45.148.121.89
SKB-ENTERPRISE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.uspslitebluelogin.net/wp-content/plugins/icegram/message-types/action-bar/themes/action-bar.min.css?var=1.10.47
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/wp-content/cache/wpfc-minified/l09e8i1x/hgmc9.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 45.148.121.89 , Netherlands, ASN64425 (SKB-ENTERPRISE, NL),
Reverse DNS: server51rang.flaunt7.com
Software: LiteSpeed /
Resource Hash: 381093f4655a83f1409f487814cc2ccc81312573f334ba265a3789222a62853b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:18:34 GMT
content-encoding: br
last-modified: Thu, 11 Mar 2021 15:17:42 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2559
expires: Sun, 21 Nov 2021 17:18:34 GMT

GET
H3-Q050 200 icegram.min.js Show response
www.uspslitebluelogin.net/wp-content/plugins/icegram/assets/js/ 45 KB
13 KB 16ms
16ms Script
application/javascript 45.148.121.89
SKB-ENTERPRISE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.uspslitebluelogin.net/wp-content/plugins/icegram/assets/js/icegram.min.js?var=1.10.47
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/wp-content/cache/wpfc-minified/l09e8i1x/hgmc9.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 45.148.121.89 , Netherlands, ASN64425 (SKB-ENTERPRISE, NL),
Reverse DNS: server51rang.flaunt7.com
Software: LiteSpeed /
Resource Hash: c5c899ad19d1b2d3fb954bafbaacb90f7d8f29bf9d43e67c20eb8a2de2368769

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:18:34 GMT
content-encoding: br
last-modified: Thu, 11 Mar 2021 15:17:42 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12839
expires: Sun, 21 Nov 2021 17:18:34 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/ 267 KB
96 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9762239975249383&plah=www.uspslitebluelogin.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df2b9ac3d23bf2614c32dec227992069641c256db67d2fa94176588ed049894f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 98310
x-xss-protection: 0
server: cafe
etag: 12439290168209339836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 17:18:34 GMT

GET
H2 200 sprite_close_02_white_48.png
www.icegram.com/gallery/wp-content/uploads/2017/07/ 16 KB
16 KB 108ms
29ms Image
image/png 23.88.35.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.icegram.com/gallery/wp-content/uploads/2017/07/sprite_close_02_white_48.png
Requested by: Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.88.35.13 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.13.35.88.23.clients.your-server.de
Software: nginx /
Resource Hash: 8864cb0ec0fa908c3e6a15c5a5718e126f8520bcd28335f864af56b8de3289c2

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:19:11 GMT
last-modified: Wed, 15 Nov 2017 06:57:50 GMT
server: nginx
etag: "5a0be56e-3e6b"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public, no-transform
accept-ranges: bytes
content-length: 15979
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/ Frame 48ED 11 KB
5 KB 73ms
21ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 14 Nov 2021 08:20:20 GMT
expires: Sun, 28 Nov 2021 08:20:20 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 32294
cache-control: public, max-age=1209600
alt-svc: clear

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 211 B
517 B 82ms
30ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.uspslitebluelogin.net&callback=_gfp_s_&client=ca-pub-9762239975249383

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9762239975249383&plah=www.uspslitebluelogin.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e1d82285823cb8da76edda4ae9e4fc79863fdd67c824f5b662091c77b0fc39d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:18:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: clear
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
424 B 96ms
31ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.uspslitebluelogin.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 17:18:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
424 B 83ms
30ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.uspslitebluelogin.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 17:18:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 47BB 82 KB
29 KB 467ms
467ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&slotname=3539237290&adk=2124115515&adf=647587806&pi=t.ma~as.3539237290&w=696&fwrn=4&fwrnh=100&lmt=1636909658&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910314837&bpp=7&bdt=229&idt=88&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&correlator=4346608245516&frm=20&pv=2&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=193&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=4174965133456260&pem=703&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oQoiS6FAuz&p=https%3A//www.uspslitebluelogin.net&dtd=103

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

334cf66b0c39d73adb2fb21e66d9420a55e31c2eba0502cce27d487aefcb4806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 14 Nov 2021 17:18:35 GMT
server: cafe
content-length: 29672
x-xss-protection: 0
alt-svc: clear
expires: Sun, 14 Nov 2021 17:18:35 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 64B4 70 KB
28 KB 673ms
673ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&slotname=3539237290&adk=2124115515&adf=1790951028&pi=t.ma~as.3539237290&w=696&fwrn=4&fwrnh=100&lmt=1636909658&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910314845&bpp=1&bdt=237&idt=117&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&correlator=4346608245516&frm=20&pv=1&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=4174965133456260&pem=703&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=v1RJLwoPho&p=https%3A//www.uspslitebluelogin.net&dtd=120

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b28be67c2ed72e448fe33e78396262371e1b8052d76966cbe0649dde772d0f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 14 Nov 2021 17:18:35 GMT
server: cafe
content-length: 28177
x-xss-protection: 0
alt-svc: clear
expires: Sun, 14 Nov 2021 17:18:35 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D78A 79 KB
29 KB 629ms
629ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&slotname=6249161112&adk=1885983945&adf=351507405&pi=t.ma~as.6249161112&w=696&fwrn=4&fwrnh=100&lmt=1636909658&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910314846&bpp=1&bdt=239&idt=121&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280%2C696x280&correlator=4346608245516&frm=20&pv=1&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=1874&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=4174965133456260&pem=703&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ake5reX2DQ&p=https%3A//www.uspslitebluelogin.net&dtd=123

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48475864d9f8f273c2c7aef9e209ae4cfaaeaa65acf578ba6d16f2d4553e379a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 14 Nov 2021 17:18:35 GMT
server: cafe
content-length: 29460
x-xss-protection: 0
alt-svc: clear
expires: Sun, 14 Nov 2021 17:18:35 GMT
cache-control: private

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 54ms
54ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&tn=DIV&id=icegram_message_320&cls=ig_action_bar%20ig_container%20ig_hello%20ig_no_hide%20ig_bottom%20ig_no_icon%20ig_show%20ig_anim_no-anim_in&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 17:18:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1B8F 287 KB
64 KB 614ms
613ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&adk=1812271804&adf=3025194257&lmt=1636909658&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910314855&bpp=1&bdt=248&idt=118&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280%2C696x280%2C696x280&nras=1&correlator=4346608245516&frm=20&pv=1&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=4174965133456260&pem=703&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=121

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fea427eb227c9adb45f9abcfd32c7ce022e566b12102665a55ef64adf9737b7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 14 Nov 2021 17:18:35 GMT
server: cafe
content-length: 65315
x-xss-protection: 0
alt-svc: clear
expires: Sun, 14 Nov 2021 17:18:35 GMT
cache-control: private

GET
H2 200 css
fonts.googleapis.com/ Frame 47BB 3 KB
674 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&slotname=3539237290&adk=2124115515&adf=647587806&pi=t.ma~as.3539237290&w=696&fwrn=4&fwrnh=100&lmt=1636909658&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910314837&bpp=7&bdt=229&idt=88&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&correlator=4346608245516&frm=20&pv=2&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=193&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=4174965133456260&pem=703&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oQoiS6FAuz&p=https%3A//www.uspslitebluelogin.net&dtd=103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 16:01:35 GMT
server: ESF
date: Sun, 14 Nov 2021 17:18:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Nov 2021 17:18:35 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 47BB 1 KB
960 B 98ms
31ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:12:07 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 47BB 0
0 64ms
64ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cp2bk6kSRYfvOO4Pitwe-9I_4BKe8zKNmzfvJoNgOx_zd298PEAEgrofkIGCRhJOF_BegAYDa2f0CyAEJqQILlPdm_jKzPqgDAcgDywSqBNEBT9BB4j6KqD2f-gCTGLKwHMuF_PfFr2rja0-H82A6urCcEp2LoIasLEbhwr7fGqk9fL-YLiQKIR5TlBgi6zR4dum5fgU5TCi5WbzHwsBFGPkjxOpu01zQyqPuNoaAPc8uJ1pxAt5sHodxMDgr0kh1P_mocIyWXCZuVxZzXbDI4-xskDc_vzPTOzIRjKeze-ICEE5vPJftVv_24wyJnmPbl5aLwbtgS_7iM3W4AuFlfsDL61fwMheWy3kCIjhBOuohiIwu6hFnbsVcUvhd9Zz1qi7ABKm_sdDnA5IFBAgEGAGSBQQIBRgEoAYugAfopaaCAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEPWsS9IICQiA4YAQEAEYX4AKAcgLAbgTiCfYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItOTc2MjIzOTk3NTI0OTM4MxgA&sigh=Ap-kmaHQHyM&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&slotname=3539237290&adk=2124115515&adf=647587806&pi=t.ma~as.3539237290&w=696&fwrn=4&fwrnh=100&lmt=1636909658&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910314837&bpp=7&bdt=229&idt=88&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&correlator=4346608245516&frm=20&pv=2&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=193&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=4174965133456260&pem=703&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oQoiS6FAuz&p=https%3A//www.uspslitebluelogin.net&dtd=103
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 14 Nov 2021 17:18:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Sun, 14 Nov 2021 17:18:35 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 47BB 19 KB
8 KB 83ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:08:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 2787528384799239804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:08:06 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 47BB 2 KB
1 KB 94ms
31ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:17:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 47BB 119 KB
37 KB 110ms
44ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:18:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Nov 2021 17:18:35 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 47BB 15 KB
6 KB 85ms
23ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:14:03 GMT

GET
H2 200 c5d443f94f59031b290788a54ae3dbc2.js Show response
www.gstatic.com/mysidia/ Frame 47BB 27 KB
12 KB 75ms
23ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 11508
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 03:19:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 09 Feb 2022 17:41:23 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15071018226869350678/ Frame 47BB 11 KB
12 KB 93ms
32ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15071018226869350678/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

897db727e43e460507d14cbef9ecdb6ceb0d0b298fbbe6679b2e6405761bee50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:19:03 GMT
x-content-type-options: nosniff
age: 219572
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 11766
x-xss-protection: 0
last-modified: Fri, 05 Nov 2021 09:04:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 12 Nov 2022 04:19:03 GMT

GET
DATA 200
OK truncated
/ Frame 47BB 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 47BB 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfd0d10d2d6451df70f03ea99f07e835d526581c04fdcceb5b695615fa6af552

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 47BB 21 KB
21 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 22:45:31 GMT
x-content-type-options: nosniff
age: 239584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 22:45:31 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 47BB 21 KB
21 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 22:11:08 GMT
x-content-type-options: nosniff
age: 241647
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 22:11:08 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D78A 4 KB
691 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&slotname=6249161112&adk=1885983945&adf=351507405&pi=t.ma~as.6249161112&w=696&fwrn=4&fwrnh=100&lmt=1636909658&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910314846&bpp=1&bdt=239&idt=121&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280%2C696x280&correlator=4346608245516&frm=20&pv=1&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=1874&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=4174965133456260&pem=703&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ake5reX2DQ&p=https%3A//www.uspslitebluelogin.net&dtd=123

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 16:02:37 GMT
server: ESF
date: Sun, 14 Nov 2021 17:18:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Nov 2021 17:18:35 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame D78A 1 KB
914 B 21ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:12:07 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame D78A 19 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:08:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 2787528384799239804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:08:06 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame D78A 2 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:17:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D78A 119 KB
36 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:18:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Nov 2021 17:18:35 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame D78A 15 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:14:03 GMT

GET
H2 200 c5d443f94f59031b290788a54ae3dbc2.js Show response
www.gstatic.com/mysidia/ Frame D78A 27 KB
11 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 11508
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 03:19:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 09 Feb 2022 17:41:23 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame D78A 0
0 76ms
76ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkyLZ60SRYaJLpsXMBoqKoJABp7zMo2aV_cmg2A7H_N3b3w8QASCuh-QgYJGEk4X8F6ABgNrZ_QLIAQmpAguU92b-MrM-qAMByAPLBKoE1QFP0EcObkTE6cx3aK-AQiyZyrck9lIyFJnqBexF7r1Ru1jwAIyMxzgL2lOlyXzZyrwPmXDWvYMqvItPgZk_bjh44VJfXwAkfdoI71zH23-oKU_EcaA2stw8TCfleDJkhe3BK6Lyb6tIhtilWl4XHyyU9eLM4ckaVRkvuw0Qv6UZQtigICu9sFpH1ymZcrxsry1UyBooPRrFp9r0Xw_VCsm5pM8a5Lv8y_FdcH2dCIg7Scas2wx9Mb94KwVpICt12zQA3EFP_0s7MCMitoc5s9-cGwBvdy_ABKm_sdDnA5IFBAgEGAGSBQQIBRgEoAYugAfopaaCAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEENGfI9IICQiA4YAQEAEYX4AKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi05NzYyMjM5OTc1MjQ5MzgzGAA&sigh=WSiRGuIjouw&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&slotname=6249161112&adk=1885983945&adf=351507405&pi=t.ma~as.6249161112&w=696&fwrn=4&fwrnh=100&lmt=1636909658&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910314846&bpp=1&bdt=239&idt=121&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280%2C696x280&correlator=4346608245516&frm=20&pv=1&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=1874&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=4174965133456260&pem=703&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ake5reX2DQ&p=https%3A//www.uspslitebluelogin.net&dtd=123
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 14 Nov 2021 17:18:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 0

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/383177648925637533/ Frame D78A 5 KB
5 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/383177648925637533/downsize_200k_v1?w=200&h=200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14381812074bc0a364f1d7a9e5b08c86c8d406c60d7b73ba2957d3da82767276

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:24:37 GMT
x-content-type-options: nosniff
age: 125638
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 5240
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 16:52:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 13 Nov 2022 06:24:37 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15071018226869350678/ Frame D78A 20 KB
21 KB 23ms
22ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15071018226869350678/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f78a13b518c0c53b5ccaa7c5b7617e44d59eabd3ba56298f18893635d58aff7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 12:23:34 GMT
x-content-type-options: nosniff
age: 536101
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 20979
x-xss-protection: 0
last-modified: Fri, 05 Nov 2021 09:04:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Nov 2022 12:23:34 GMT

GET
DATA 200
OK truncated
/ Frame D78A 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 109E 35 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 20:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 421081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 20:20:34 GMT

GET
H2 200 17471307738178569144
tpc.googlesyndication.com/daca_images/simgad/ Frame 64B4 133 KB
133 KB 23ms
22ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/17471307738178569144

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&slotname=3539237290&adk=2124115515&adf=1790951028&pi=t.ma~as.3539237290&w=696&fwrn=4&fwrnh=100&lmt=1636909658&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910314845&bpp=1&bdt=237&idt=117&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&correlator=4346608245516&frm=20&pv=1&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=4174965133456260&pem=703&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=v1RJLwoPho&p=https%3A//www.uspslitebluelogin.net&dtd=120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02e1f56443f4680ee0aa8f2a3e6faf20c1fb126405a2d4922be0c2402129d4a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 13:29:48 GMT
x-content-type-options: nosniff
age: 186527
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 135956
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 13:53:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 12 Nov 2022 13:29:48 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 64B4 19 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&slotname=3539237290&adk=2124115515&adf=1790951028&pi=t.ma~as.3539237290&w=696&fwrn=4&fwrnh=100&lmt=1636909658&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910314845&bpp=1&bdt=237&idt=117&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&correlator=4346608245516&frm=20&pv=1&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=4174965133456260&pem=703&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=v1RJLwoPho&p=https%3A//www.uspslitebluelogin.net&dtd=120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:08:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 2787528384799239804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:08:06 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 64B4 2 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&slotname=3539237290&adk=2124115515&adf=1790951028&pi=t.ma~as.3539237290&w=696&fwrn=4&fwrnh=100&lmt=1636909658&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910314845&bpp=1&bdt=237&idt=117&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&correlator=4346608245516&frm=20&pv=1&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=4174965133456260&pem=703&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=v1RJLwoPho&p=https%3A//www.uspslitebluelogin.net&dtd=120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:17:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 64B4 119 KB
36 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&slotname=3539237290&adk=2124115515&adf=1790951028&pi=t.ma~as.3539237290&w=696&fwrn=4&fwrnh=100&lmt=1636909658&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910314845&bpp=1&bdt=237&idt=117&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&correlator=4346608245516&frm=20&pv=1&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=4174965133456260&pem=703&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=v1RJLwoPho&p=https%3A//www.uspslitebluelogin.net&dtd=120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:18:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Nov 2021 17:18:35 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 64B4 15 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&slotname=3539237290&adk=2124115515&adf=1790951028&pi=t.ma~as.3539237290&w=696&fwrn=4&fwrnh=100&lmt=1636909658&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910314845&bpp=1&bdt=237&idt=117&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&correlator=4346608245516&frm=20&pv=1&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=4174965133456260&pem=703&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=v1RJLwoPho&p=https%3A//www.uspslitebluelogin.net&dtd=120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:14:03 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 64B4 27 KB
11 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&slotname=3539237290&adk=2124115515&adf=1790951028&pi=t.ma~as.3539237290&w=696&fwrn=4&fwrnh=100&lmt=1636909658&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910314845&bpp=1&bdt=237&idt=117&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&correlator=4346608245516&frm=20&pv=1&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=4174965133456260&pem=703&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=v1RJLwoPho&p=https%3A//www.uspslitebluelogin.net&dtd=120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39b209b9b9dda47f5ab83993311092d861d5c3347876521cc6b9847c93411e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32643
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 11380
x-xss-protection: 0
server: cafe
etag: 3114995264824872082
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:14:32 GMT

GET
H2 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/ 147 KB
52 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/reactive_library_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

076094a62b7589ac8f83b9d6080bb0164a6ab7cb1142bd18135fc951e735d4ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:18:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 53467
x-xss-protection: 0
server: cafe
etag: 13289280669127885705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 17:18:35 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
165 B 31ms
31ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.uspslitebluelogin.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 17:18:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 32ms
32ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.uspslitebluelogin.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 17:18:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CC4C 73 KB
24 KB 953ms
952ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&adk=644660767&adf=2823959481&pi=t.aa~a.638164068~i.32~rp.4&w=696&fwrn=4&fwrnh=100&lmt=1636909658&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9641277406&psa=1&ad_type=text_image&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&pra=3&rh=174&rw=696&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910315714&bpp=1&bdt=1107&idt=1&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De9c744bb64417721-226044d7b7cb0083%3AT%3D1636910314%3ART%3D1636910314%3AS%3DALNI_MadpZiVl8q-R6cjX9h5c19oTd7gIw&prev_fmts=696x280%2C696x280%2C696x280%2C0x0&nras=2&correlator=4346608245516&frm=20&pv=1&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&psts=AGkb-H-CnPtinTY9tQEZBaOrEPthRtknAGa3T4DWxmVLEE-65_Q1gxRPfLQxXXK6aPuU7aE0syZseBlHPMm_PA&pvsid=4174965133456260&pem=703&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=yJlwzHUdki&p=https%3A//www.uspslitebluelogin.net&dtd=16

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

878385140ab4a96f6b92d5801a12961128d487b9b9b7dd6919f86688c034e4e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 14 Nov 2021 17:18:36 GMT
server: cafe
content-length: 23999
x-xss-protection: 0
alt-svc: clear

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 64B4 0
0 70ms
69ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cy-yl60SRYeMwz5vMBpnjvOAM4tqmumS7gInipA6DtKmQkBoQASCuh-QgYJGEk4X8F6ABs5-foQPIAQKoAwHIA8kEqgTVAU_Q4quC9VJcKdR8rJltYaw9YLDJoGPiCCNekJzzf4l1AVl1f0SL4-5puvnlYUakNu_nH-gJC1OqRjMLXKrpOktKTiy8DybqQgOVpzVbAJRZVhPb3ks3bkJqpI-SxaAF7BOeYu6MuvcSEUgjl1JsWG6dVaa_vercQcvdtv8Cm8nGJC2OptaNo0zzzkbk8okXpS7w84AQFNZKkJrBd7BatEIFRAXeTxVqLehgXfqbHX8cQgLza7NFU_FnN2W4CP3BKB0ahNZOF63kiF-cK5RA4EMFBniXKsAEm8zv0N4DoAYCgAe14OBeqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ8NBI0ggJCIDhgBAQARhfgAoByAsB2BMD0BUBmBYBgBcBshccChoIABIUcHViLTk3NjIyMzk5NzUyNDkzODMYAA&sigh=ugY8KRdtNEc&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&slotname=3539237290&adk=2124115515&adf=1790951028&pi=t.ma~as.3539237290&w=696&fwrn=4&fwrnh=100&lmt=1636909658&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910314845&bpp=1&bdt=237&idt=117&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&correlator=4346608245516&frm=20&pv=1&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=4174965133456260&pem=703&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=v1RJLwoPho&p=https%3A//www.uspslitebluelogin.net&dtd=120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&slotname=3539237290&adk=2124115515&adf=1790951028&pi=t.ma~as.3539237290&w=696&fwrn=4&fwrnh=100&lmt=1636909658&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910314845&bpp=1&bdt=237&idt=117&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&correlator=4346608245516&frm=20&pv=1&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=4174965133456260&pem=703&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=v1RJLwoPho&p=https%3A//www.uspslitebluelogin.net&dtd=120
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 14 Nov 2021 17:18:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D78A 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09b39f18c04f859dfabd1f0f675743fc4eebc03c31ecc6997552b09cc0c98e4d

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame D78A 15 KB
16 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:36:17 GMT
x-content-type-options: nosniff
age: 258138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 17:36:17 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D5F3 143 B
222 B 22ms
21ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&slotname=3539237290&adk=2124115515&adf=1790951028&pi=t.ma~as.3539237290&w=696&fwrn=4&fwrnh=100&lmt=1636909658&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910314845&bpp=1&bdt=237&idt=117&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&correlator=4346608245516&frm=20&pv=1&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=4174965133456260&pem=703&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=v1RJLwoPho&p=https%3A//www.uspslitebluelogin.net&dtd=120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&slotname=3539237290&adk=2124115515&adf=1790951028&pi=t.ma~as.3539237290&w=696&fwrn=4&fwrnh=100&lmt=1636909658&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910314845&bpp=1&bdt=237&idt=117&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&correlator=4346608245516&frm=20&pv=1&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=4174965133456260&pem=703&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=v1RJLwoPho&p=https%3A//www.uspslitebluelogin.net&dtd=120

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 14 Nov 2021 16:37:41 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2454
alt-svc: clear

GET
H2 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame D37F 35 KB
13 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 20:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 421081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 20:20:34 GMT

GET
DATA 200
OK truncated
/ Frame 64B4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77d864f4aa873bebd3ef0290446490c5365b350727ad04a25e63463ee3912e93

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
165 B 31ms
31ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.uspslitebluelogin.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 17:18:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 30ms
30ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.uspslitebluelogin.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 17:18:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/ Frame BC0B 11 KB
5 KB 21ms
21ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 14 Nov 2021 06:42:24 GMT
expires: Sun, 28 Nov 2021 06:42:24 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 38171
cache-control: public, max-age=1209600
alt-svc: clear

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/ Frame 6D6D 11 KB
5 KB 20ms
20ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 14 Nov 2021 06:42:24 GMT
expires: Sun, 28 Nov 2021 06:42:24 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 38171
cache-control: public, max-age=1209600
alt-svc: clear

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D5F3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
248 B

119ms
119ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&slotname=3539237290&adk=2124115515&adf=1790951028&pi=t.ma~as.3539237290&w=696&fwrn=4&fwrnh=100&lmt=1636909658&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910314845&bpp=1&bdt=237&idt=117&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&correlator=4346608245516&frm=20&pv=1&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=4174965133456260&pem=703&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=v1RJLwoPho&p=https%3A//www.uspslitebluelogin.net&dtd=120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 14 Nov 2021 17:18:36 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: clear
expires: Sun, 14 Nov 2021 17:18:36 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 14 Nov 2021 17:18:36 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: clear

GET
H2 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 3DCF 35 KB
13 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&slotname=3539237290&adk=2124115515&adf=1790951028&pi=t.ma~as.3539237290&w=696&fwrn=4&fwrnh=100&lmt=1636909658&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910314845&bpp=1&bdt=237&idt=117&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&correlator=4346608245516&frm=20&pv=1&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=4174965133456260&pem=703&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=v1RJLwoPho&p=https%3A//www.uspslitebluelogin.net&dtd=120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 20:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 421081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 20:20:34 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame BC0B 4 KB
706 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 16:03:22 GMT
server: ESF
date: Sun, 14 Nov 2021 17:18:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Nov 2021 17:18:35 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BC0B 205 B
519 B 25ms
25ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 14:45:10 GMT
x-content-type-options: nosniff
age: 95605
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 13 Nov 2022 14:45:10 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BC0B 604 B
694 B 26ms
25ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 15:27:10 GMT
x-content-type-options: nosniff
age: 6685
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 14 Nov 2022 15:27:10 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame BC0B 18 KB
8 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fb21b68aa33aef8b3b83a7677cdd0439bd297729677ca8a8ac9f125e60de57c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 735
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 8107
x-xss-protection: 0
server: cafe
etag: 4972561305884240788
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:06:20 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6D6D 4 KB
691 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 16:00:09 GMT
server: ESF
date: Sun, 14 Nov 2021 17:18:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Nov 2021 17:18:35 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 6D6D 1 KB
914 B 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:12:07 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 6D6D 19 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:08:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 2787528384799239804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:08:06 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 6D6D 2 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:17:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6D6D 119 KB
36 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:18:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Nov 2021 17:18:35 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 6D6D 15 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:14:03 GMT

GET
H2 200 c5d443f94f59031b290788a54ae3dbc2.js Show response
www.gstatic.com/mysidia/ Frame 6D6D 27 KB
11 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 11508
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 03:19:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 09 Feb 2022 17:41:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A058 3 KB
674 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 16:01:27 GMT
server: ESF
date: Sun, 14 Nov 2021 17:18:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Nov 2021 17:18:36 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame A058 1 KB
918 B 23ms
23ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:12:07 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame A058 19 KB
8 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:08:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 2787528384799239804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:08:06 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame A058 2 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:17:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A058 119 KB
36 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Nov 2021 17:18:36 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame A058 15 KB
6 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:14:03 GMT

GET
H2 200 c5d443f94f59031b290788a54ae3dbc2.js Show response
www.gstatic.com/mysidia/ Frame A058 27 KB
11 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 11508
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 03:19:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 09 Feb 2022 17:41:23 GMT

GET
H2 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame BFF3 35 KB
13 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 20:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 421082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 20:20:34 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A058 0
56 B 54ms
54ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=26&version=r20211109&sample=0.01

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/load_preloaded_resource_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 17:18:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B9A 35 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 20:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 421082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 20:20:34 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 47BB 42 B
372 B 106ms
57ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNs-jmuyXuGMUMaAeDqoDfvUb0Uxnl5kqxKzMO3NX5B6Me0TIKmpUrwLUHvnwRybuYgAun-uCvJPNumeqLIQQ7iqgVrVNWsW48IeW1KKNO4LWhpPagkw&sai=AMfl-YSUefs_fF_fcckM7cVffisD30XxvE0vnwtUow8nMyMl98J9Ykli4jTxTlrn1IwFG24O3oe_8S_Ri2IR&sig=Cg0ArKJSzJO7zaOudxciEAE&id=lidar2&mcvt=1000&p=0,0,280,696&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2124115515&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636910314941&rpt=725&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 17:18:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 41da6f2331623d3b8845889ffd3555e0.js Show response
www.gstatic.com/mysidia/ Frame CC4C 8 KB
3 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/41da6f2331623d3b8845889ffd3555e0.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&adk=644660767&adf=2823959481&pi=t.aa~a.638164068~i.32~rp.4&w=696&fwrn=4&fwrnh=100&lmt=1636909658&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9641277406&psa=1&ad_type=text_image&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&pra=3&rh=174&rw=696&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910315714&bpp=1&bdt=1107&idt=1&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De9c744bb64417721-226044d7b7cb0083%3AT%3D1636910314%3ART%3D1636910314%3AS%3DALNI_MadpZiVl8q-R6cjX9h5c19oTd7gIw&prev_fmts=696x280%2C696x280%2C696x280%2C0x0&nras=2&correlator=4346608245516&frm=20&pv=1&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&psts=AGkb-H-CnPtinTY9tQEZBaOrEPthRtknAGa3T4DWxmVLEE-65_Q1gxRPfLQxXXK6aPuU7aE0syZseBlHPMm_PA&pvsid=4174965133456260&pem=703&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=yJlwzHUdki&p=https%3A//www.uspslitebluelogin.net&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb656577f4277a4ded7b312fe6d4a32f3aabbeff803485b75a66fdea67b678af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 3349
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 03:19:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 09 Feb 2022 17:41:23 GMT

GET
H2 200 14124406fad786a642fdcdf0d5e513a8.js Show response
www.gstatic.com/mysidia/ Frame CC4C 8 KB
4 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/14124406fad786a642fdcdf0d5e513a8.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82892a54c4d7dbea6d54652b28a2b6d9e96844970239dfe0147356409917c136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 3767
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 03:19:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 09 Feb 2022 17:41:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CC4C 3 KB
652 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 15:56:46 GMT
server: ESF
date: Sun, 14 Nov 2021 17:18:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Nov 2021 17:18:36 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame CC4C 1 KB
914 B 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:12:07 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame CC4C 19 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:08:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 2787528384799239804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:08:06 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame CC4C 2 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:17:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CC4C 119 KB
36 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Nov 2021 17:18:36 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame CC4C 15 KB
6 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:14:03 GMT

GET
H2 200 c5d443f94f59031b290788a54ae3dbc2.js Show response
www.gstatic.com/mysidia/ Frame CC4C 27 KB
11 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 11508
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 03:19:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 09 Feb 2022 17:41:23 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame CC4C 0
0 63ms
63ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIso760SRYY-hL4un-wazwKywA-bY5Zxm3bm8utUOyK-5iJ4iEAEgrofkIGCRhJOF_BegAY_2-fYDyAEBqAMBqgTQAU_QNcFs-sM6BBHSOiyk20ulfzgri_Q2pIOYXjux76zUrbuWJNGFs__aZi2IaWEIOJrEOCWQtLLOTapm1QCrcihOE2PtFqw2xIUxTTOwCwFLtwWrdTDQ8uyp3KzBDvmSnxfh5XECYyXhDoNgwIVcgcSemKf-owwohA8P-Nu31v8H1KjSka0G9QfRql_AYiJnUlY7ISMRk7iP3ag6IZLYArifsY-5oC-9KUkgTxAyF2L1IkOjX7OJpWoUHDv7ZqGTawYttBNn5qBxU9YSYQSQgLTABOeQgtDdA5IFBAgEGAGSBQQIBRgEgAfEy99iqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQic4h0ggJCIDhgBAQARhfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTk3NjIyMzk5NzUyNDkzODMYAA&sigh=6tIJlmYoJH8&uach_m=[UACH]&template_id=5001

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&adk=644660767&adf=2823959481&pi=t.aa~a.638164068~i.32~rp.4&w=696&fwrn=4&fwrnh=100&lmt=1636909658&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9641277406&psa=1&ad_type=text_image&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&pra=3&rh=174&rw=696&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910315714&bpp=1&bdt=1107&idt=1&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De9c744bb64417721-226044d7b7cb0083%3AT%3D1636910314%3ART%3D1636910314%3AS%3DALNI_MadpZiVl8q-R6cjX9h5c19oTd7gIw&prev_fmts=696x280%2C696x280%2C696x280%2C0x0&nras=2&correlator=4346608245516&frm=20&pv=1&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&psts=AGkb-H-CnPtinTY9tQEZBaOrEPthRtknAGa3T4DWxmVLEE-65_Q1gxRPfLQxXXK6aPuU7aE0syZseBlHPMm_PA&pvsid=4174965133456260&pem=703&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=yJlwzHUdki&p=https%3A//www.uspslitebluelogin.net&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 14 Nov 2021 17:18:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 0

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DBF3 143 B
202 B 21ms
21ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&adk=644660767&adf=2823959481&pi=t.aa~a.638164068~i.32~rp.4&w=696&fwrn=4&fwrnh=100&lmt=1636909658&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9641277406&psa=1&ad_type=text_image&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&pra=3&rh=174&rw=696&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910315714&bpp=1&bdt=1107&idt=1&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De9c744bb64417721-226044d7b7cb0083%3AT%3D1636910314%3ART%3D1636910314%3AS%3DALNI_MadpZiVl8q-R6cjX9h5c19oTd7gIw&prev_fmts=696x280%2C696x280%2C696x280%2C0x0&nras=2&correlator=4346608245516&frm=20&pv=1&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&psts=AGkb-H-CnPtinTY9tQEZBaOrEPthRtknAGa3T4DWxmVLEE-65_Q1gxRPfLQxXXK6aPuU7aE0syZseBlHPMm_PA&pvsid=4174965133456260&pem=703&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=yJlwzHUdki&p=https%3A//www.uspslitebluelogin.net&dtd=16

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 14 Nov 2021 16:37:41 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2455
alt-svc: clear

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D784 1 KB
864 B 21ms
21ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 13 Nov 2021 18:26:41 GMT
expires: Sun, 14 Nov 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 82315
cache-control: public, max-age=86400
alt-svc: clear

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3583809752976327291/ Frame CC4C 2 KB
2 KB 21ms
21ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3583809752976327291/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df7a15a85346a5e5d7f8252bf44d1331a4b8677606ddec8b2ed315d95695acd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:13:52 GMT
x-content-type-options: nosniff
age: 295484
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 1701
x-xss-protection: 0
last-modified: Thu, 14 Feb 2019 04:59:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 11 Nov 2022 07:13:52 GMT

GET
DATA 200
OK truncated
/ Frame CC4C 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 594f25fae1773b9c903868e65ca7f37654b1621f8f81737763a2bc683523fd44

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame CC4C 21 KB
21 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 22:45:31 GMT
x-content-type-options: nosniff
age: 239585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 22:45:31 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame CC4C 21 KB
21 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 22:11:08 GMT
x-content-type-options: nosniff
age: 241648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 22:11:08 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame D784 35 B
463 B 78ms
24ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELbp6kH6z6J2MlDNfg-zM6E&google_cver=1&google_push=AYg5qPLbFzSjwHarOy8SecD1-pHaI8rlgjVbZ-x092Hpx94pQW2IKsLYWwvpSbieItF_X1X7Tj20tAs_qcA-dIHW7Dy4bQpdLEQO

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 17:18:36 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D784
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKqYSi95Ac8nnu5cWmWbldEbWgI1FCyDEYCoppnGDL2CHzC82uOaXTnsyB81j0o-LCWKianVAbio9zq66CHFUggJ575w1cB&google_gid=CAESEGMFNdeYRhksYQeZw6oLyzA&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOyJxYwGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBLcVlTaTk1QWM4bm51NWNXbVdibGRFYldnSTFGQ3lERVlDb3BwbkdETDJDSHpDODJ1T2FYVG5zeUI4MWowby1MQ1dLaWFuVkFiaW85enE2Nk...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwak1MSFVGLW95clMzc3VNNWJYQnB1QnM1NnM3S1JobDR1TDFnbGRuaFpDSQ==&google_push

170 B
329 B

30ms
30ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwak1MSFVGLW95clMzc3VNNWJYQnB1QnM1NnM3S1JobDR1TDFnbGRuaFpDSQ==&google_push

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 17:18:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 14 Nov 2021 17:18:36 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwak1MSFVGLW95clMzc3VNNWJYQnB1QnM1NnM3S1JobDR1TDFnbGRuaFpDSQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D784
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLRCe-O...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLRCe-O...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMTQxNzE4MzcwMDAxMjU0ODY3MjI3Ng%3D%3D&google_push=AYg5qPLRCe-Oplb1Lk1wpAYJnVO0M6MCg41-D7TB1JILzd4JdQfj3ASgNWaItekO4cx5Ue...

170 B
232 B

32ms
31ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMTQxNzE4MzcwMDAxMjU0ODY3MjI3Ng%3D%3D&google_push=AYg5qPLRCe-Oplb1Lk1wpAYJnVO0M6MCg41-D7TB1JILzd4JdQfj3ASgNWaItekO4cx5UeDAdVTNi-1s_JZQlK_nNaNTvBKd2KM

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 17:18:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMTQxNzE4MzcwMDAxMjU0ODY3MjI3Ng%3D%3D&google_push=AYg5qPLRCe-Oplb1Lk1wpAYJnVO0M6MCg41-D7TB1JILzd4JdQfj3ASgNWaItekO4cx5UeDAdVTNi-1s_JZQlK_nNaNTvBKd2KM
pragma: no-cache
date: Sun, 14 Nov 2021 17:18:37 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sun, 14 Nov 2021 17:18:37 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D784
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEE98AWAJx5JiOV1suzuf4qM&google_cver=1&google_push=AYg5qPLygRIMhtOXnz8nZkHc0eU1Tz5XTjWfAdN8TRSa2Dx7-Q16nDuiD9BRRMt4G2RF8Kk1UU97oDgTb6Np13QbHRD5MAKjpE1m
https://rtb.openx.net/sync/dds?google_gid=CAESEE98AWAJx5JiOV1suzuf4qM&google_cver=1&google_push=AYg5qPLygRIMhtOXnz8nZkHc0eU1Tz5XTjWfAdN8TRSa2Dx7-Q16nDuiD9BRRMt4G2RF8Kk1UU97oDgTb6Np13QbHRD5MAKjpE1m&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLygRIMhtOXnz8nZkHc0eU1Tz5XTjWfAdN8TRSa2Dx7-Q16nDuiD9BRRMt4G2RF8Kk1UU97oDgTb6Np13QbHRD5MAKjpE1m&google_hm=SXPS4XS9z0QJVVk38dil3w==

170 B
232 B

30ms
30ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLygRIMhtOXnz8nZkHc0eU1Tz5XTjWfAdN8TRSa2Dx7-Q16nDuiD9BRRMt4G2RF8Kk1UU97oDgTb6Np13QbHRD5MAKjpE1m&google_hm=SXPS4XS9z0QJVVk38dil3w==

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 17:18:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 17:18:36 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLygRIMhtOXnz8nZkHc0eU1Tz5XTjWfAdN8TRSa2Dx7-Q16nDuiD9BRRMt4G2RF8Kk1UU97oDgTb6Np13QbHRD5MAKjpE1m&google_hm=SXPS4XS9z0QJVVk38dil3w==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: 2fs01e2929tvs195njrj80htot0s5nle

GET

pixel
cm.g.doubleclick.net/ Frame D784
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc...

0
0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D784
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECqcDycmsDeQm3XJbin05Eg&google_cver=1&google_push=AYg5qPLlPnMCyWd3TcLTHM6G...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLlPnMCyWd3TcLTHM6Go6keGVUvEeqshamv39kr4-bhDuf0Ljtb2QWIXbkTUnPCMFhgiNJXuOP-x43rYrPxu3tK_JqFUs1iuQ&google_hm=

170 B
232 B

32ms
32ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLlPnMCyWd3TcLTHM6Go6keGVUvEeqshamv39kr4-bhDuf0Ljtb2QWIXbkTUnPCMFhgiNJXuOP-x43rYrPxu3tK_JqFUs1iuQ&google_hm=

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 17:18:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 17:18:36 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLlPnMCyWd3TcLTHM6Go6keGVUvEeqshamv39kr4-bhDuf0Ljtb2QWIXbkTUnPCMFhgiNJXuOP-x43rYrPxu3tK_JqFUs1iuQ&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sat, 13 Nov 2021 17:18:36 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D784 0
107 B 95ms
30ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lpqr3dNYyMbBP1oGZIC-AO6_dpeVZSEmiJ_BM2Lb7GV_NBvtGSqCX8HHC_Ed5fDog

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:18:36 GMT
server: HTTP server (unknown)
alt-svc: clear
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DBF3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
144 B

116ms
116ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 14 Nov 2021 17:18:36 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: clear
expires: Sun, 14 Nov 2021 17:18:36 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 14 Nov 2021 17:18:36 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: clear

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 64B4 0
0 91ms
90ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1j6S60SRYeMwz5vMBpnjvOAM4tqmumS7gInipA6DtKmQkBoQASCuh-QgYJGEk4X8F6ABs5-foQPIAQKoAwGqBNUBT9Diq4L1Ulwp1HysmW1hrD1gsMmgY-III16QnPN_iXUBWXV_RIvj7mm6-eVhRqQ27-cf6AkLU6pGMwtcquk6S0pOLLwPJupCA5WnNVsAlFlWE9veSzduQmqkj5LFoAXsE55i7oy69xIRSCOXUmxYbp1Vpr-96txBy922_wKbycYkLY6m1o2jTPPORuTyiRelLvDzgBAU1kqQmsF3sFq0QgVEBd5PFWot6GBd-psdfxxCAvNrs0VT8Wc3ZbgI_cEoHRqE1k4XreSIX5wrlEDgQwUGeJcqwASbzO_Q3gOgBgKAB7Xg4F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDw0EjSCAkIgOGAEBABGF-ACgHICwHYEwPQFQGYFgGAFwGyFxwKGggAEhRwdWItOTc2MjIzOTk3NTI0OTM4MxgA&sigh=4ZNNaMlXjJE&vt=1&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9762239975249383&output=html&h=280&slotname=3539237290&adk=2124115515&adf=1790951028&pi=t.ma~as.3539237290&w=696&fwrn=4&fwrnh=100&lmt=1636909658&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fwww.uspslitebluelogin.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636910314845&bpp=1&bdt=237&idt=117&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&correlator=4346608245516&frm=20&pv=1&ga_vid=344223254.1636910315&ga_sid=1636910315&ga_hid=580940574&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=254&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=4174965133456260&pem=703&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=v1RJLwoPho&p=https%3A//www.uspslitebluelogin.net&dtd=120
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 14 Nov 2021 17:18:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 64B4 42 B
108 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5ylxpSwLROqy1iak563AqdmZR0myteAdAiAKBqcnh9hhI-pCLyAb1D_a7vpmZShjQoaX9ZTzbkuzY0_mGBHxDlDYEvAkrKAX1m48Ua6IxKPp03RGHHQ&sai=AMfl-YQZkYRMmKCA45cD03SzaKJ0AR3pU7kiUD7xD4lYA9WrZFxLrtOylYiKD_esSBtTgiYC-0EP8ZGYWMba&sig=Cg0ArKJSzExojrDyhLFsEAE&id=lidar2&mcvt=1000&p=0,138,280,558&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2124115515&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&pay=1&rst=1636910314966&rpt=882&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 17:18:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 36ms
36ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211109&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cab42fda31aea0d6e205dfb6bc4298da6aa807f10ba9a92392545986de392040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 17:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: clear
content-length: 9266
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 17:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: clear
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 14 Nov 2021 17:18:37 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame D6B2 12 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sun, 14 Nov 2021 16:47:31 GMT
expires: Mon, 14 Nov 2022 16:47:31 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1866
alt-svc: clear

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 625E 783 B
1002 B 31ms
30ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

38d380766f9f095d0ea9d87be4e6a8d84f6d53c9ace50d777539408e608a9986

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OZAE25yy4XiGm1SzEnXW8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 14 Nov 2021 17:18:37 GMT
date: Sun, 14 Nov 2021 17:18:37 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-OZAE25yy4XiGm1SzEnXW8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: clear

GET
H2 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame D6B2 35 KB
13 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 20:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 421083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 20:20:34 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 625E 0
0 61ms
61ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211109&jk=4174965133456260&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 56ms
56ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211109&jk=4174965133456260&bg=!5Oel56PNAAZQLpa_UC47ACkAdvg8WnIRmTUHyLRSzyyG3Nkho_xDUeqcmAmsCctdqGRXOiarguChZwIAAABMUgAAAAloAQcKADDlVDKrDGMPMJvJYBsrNpYymOb45Ts8LrjKJJNzVfbjcwrbULabKYfHGPAxw25CTXuZArFb3KNypsOB1ZSuFh2D2s6UxvdG4YD9NFUHD0PxurolQ1jaIvRBo_9HrSO26jqPjSXgwIM5-tzeaaY2TjAz6IWSPFirsWsXR74G209HzXYYjfGl4Q5OQrdEGhlBJhGFGy4wIpgzih578aW3p9UliQDzTB9_tA6EgXVZXtrcr0TdwSRw8GhvYa9Frt5Pp9vxbfalvG9hVxGnH28YrvFLEvKZYLapRMiRVS7PerzP2r5GtFKwjuT_eko4jQjJVRRJ1hq4PnJJpna8r2dRQFd2zSiKWFfxqtrxQIGH5sMtwZmVx8FZPwy9RlKPGJ6ZXT-x6qSwAAcRX4tjihTPJmd1AucHkezftQttETQqCDsTbu2KAdhGjgwr2w7zAdBepbJWOfMpQjN0DkpXb37yXfVAOzOb-j5DPzjjfsBa1EJmGUb_TMomCCI8uzhj0QMW3VJE96efNytq-KZLxsCYKGHxvgi4F2hoFJuwMc8FOGqOs7kIUhGhLy8Q-7NC6UxDIwVoq3G3inCIYRYRjm6-r1sY5QNMRWiUrfCyKRGOCHunPaMmJsOzKskoYwDdGMFU50h69dglkNCt-7_r25xjzbYyBI_-nZqMKYIbL2XS-mOrB46-oCU256wd2mujxmydNos21ylMQ8hsmCLxk8XouHcSUnimIYxzO4SGhfxblvPZR9GONYXsDjr-d_IMQ0a-vxD0zzHwvYU-BRn1vm8OZzI6kQrcN_hM2QVZpLJkJ5t4d44ywSYoXdt2oWBTnPiytXxAXxN4p04y0J2DbC8ogXrVE1sdJ8XpvvXcmEoFf9BOeWVMkVBq69-eMsNJQpLwnNlSEaAGd-ziIoSud8LRM4jNFCJuf6X9G4n9lhIiW5dymqoK_MeEisiQDXFElw1r901m_gR9ZzeOAoEIk35tLPzP3S7LLw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.uspslitebluelogin.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 17:18:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 admin-ajax.php Show response
www.uspslitebluelogin.net/wp-admin/ 0
345 B 93ms
93ms XHR
text/html 45.148.121.89
SKB-ENTERPRISE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uspslitebluelogin.net/wp-admin/admin-ajax.php

Requested by

Host: www.uspslitebluelogin.net
URL: https://www.uspslitebluelogin.net/wp-content/cache/wpfc-minified/l09e8i1x/hgmc9.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

45.148.121.89 , Netherlands, ASN64425 (SKB-ENTERPRISE, NL),

Reverse DNS

server51rang.flaunt7.com

Software

LiteSpeed /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.uspslitebluelogin.net/
X-Requested-With: XMLHttpRequest
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 14 Nov 2021 17:18:39 GMT
referrer-policy: strict-origin-when-cross-origin
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.uspslitebluelogin.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc6DiR7nOWdAjC8gCEztvKxtDZGGUxrhoF9Sx8Qm68cvwFfHk20xZINEMJM0KFD4V

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.uspslitebluelogin.net/	1970-01-20 08:03:26	Name: __gads Value: ID=e9c744bb64417721-226044d7b7cb0083:T=1636910314:RT=1636910314:S=ALNI_MadpZiVl8q-R6cjX9h5c19oTd7gIw
.doubleclick.net/	1970-01-20 08:03:26	Name: IDE Value: AHWqTUkCPmOHY_zs-LI_uwoI3sNuJD2YtfkCey4L1MfJ2mKt_Qh2fWpBEQCT9rXwiKU
.doubleclick.net/	1970-01-19 22:41:53	Name: DSID Value: NO_DATA
.openx.net/	1970-01-20 07:27:26	Name: i Value: 45896784-74bc-499d-b5f7-dd6846e6ac98\|1636910316
.rlcdn.com/	1970-01-20 07:27:26	Name: rlas3 Value: 9NwtIT/dzFXIVn6ZqMOdcP1Po31hisNvG+G6+IsA7TM=
.quantserve.com/	1970-01-20 00:51:26	Name: d Value: EGABCQHcJIEA
.quantserve.com/	1970-01-20 08:12:04	Name: mc Value: 619144ec-cf157-2e7ba-d74db
.rlcdn.com/	1970-01-20 00:08:14	Name: pxrc Value: COyJxYwGEgUI6AcQABIGCOndKhAA
.casalemedia.com/	1970-01-20 07:27:26	Name: CMID Value: YZFE7ENQ1lKdd5xNDVzICgAA
.casalemedia.com/	1970-01-20 00:51:26	Name: CMPS Value: 5184
.casalemedia.com/	1970-01-20 00:51:26	Name: CMPRO Value: 1176
.casalemedia.com/	1970-01-19 22:43:16	Name: CMST Value: YZFE7GGRROwA
.e.dlx.addthis.com/	1970-01-20 08:12:04	Name: na_tc Value: Y
.addthis.com/	1970-01-20 08:12:04	Name: na_id Value: 2021111417183700012548672276
.addthis.com/	1970-01-20 08:12:04	Name: na_tc Value: Y
.addthis.com/	1970-01-20 08:12:04	Name: uid Value: 619144ed1c99dc21
.addthis.com/	1970-01-20 08:12:04	Name: ouid Value: 619144ed0001df3391fe82bce1ff8e584ff56b2b4e6098ee1e13
.dlx.addthis.com/	1970-01-19 23:25:02	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-19 23:25:02	Name: na_sr Value: 20211114
.dlx.addthis.com/	1970-01-19 22:41:50	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-19 23:25:02	Name: na_sc_e Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFE7ENQ1lKdd5xNDVzICgAABJgAAAAB&google_gid=CAESEElVjuA2HzrpiT1S2Uedcqc&google_cver=1&google_push=AYg5qPI6QgqQcAbtmSmJmyN4izHw56CWNZ0Pc6DiR7nOWdAjC8gCEztvKxtDZGGUxrhoF9Sx8Qm68cvwFfHk20xZINEMJM0KFD4V Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271802&client=ca-pub-9762239975249383&fa=2&ifi=11&uci=a!b&btvi=3 Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
cm.g.doubleclick.net
cms.quantserve.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
rtb.openx.net
secure.gravatar.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.icegram.com
www.signinsupport.net
www.uspslitebluelogin.net
cm.g.doubleclick.net
104.111.215.191
142.250.184.194
142.250.186.98
23.88.35.13
2606:4700:3036::ac43:9c42
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::2004
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a04:fa87:fffe::c000:4902
35.186.253.211
35.244.174.68
45.148.121.89
79.137.69.91
01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d
02e1f56443f4680ee0aa8f2a3e6faf20c1fb126405a2d4922be0c2402129d4a8
057e5577fd8181db248cb6ee56fd507172611c393853c04dbd6355dbcb5f6561
076094a62b7589ac8f83b9d6080bb0164a6ab7cb1142bd18135fc951e735d4ee
09b39f18c04f859dfabd1f0f675743fc4eebc03c31ecc6997552b09cc0c98e4d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
14381812074bc0a364f1d7a9e5b08c86c8d406c60d7b73ba2957d3da82767276
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
334cf66b0c39d73adb2fb21e66d9420a55e31c2eba0502cce27d487aefcb4806
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
381093f4655a83f1409f487814cc2ccc81312573f334ba265a3789222a62853b
38d380766f9f095d0ea9d87be4e6a8d84f6d53c9ace50d777539408e608a9986
48475864d9f8f273c2c7aef9e209ae4cfaaeaa65acf578ba6d16f2d4553e379a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fb21b68aa33aef8b3b83a7677cdd0439bd297729677ca8a8ac9f125e60de57c
594f25fae1773b9c903868e65ca7f37654b1621f8f81737763a2bc683523fd44
5ba5a747b6bb70f14752f815aff731d6d34eecbd7faf2a2a3dd4c9afedb193e3
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
69cb5a70320620054ce14ccb7349e1840dd71448dcbc253164ea698167ec0f78
777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b
77d864f4aa873bebd3ef0290446490c5365b350727ad04a25e63463ee3912e93
81e9e3dc4ac99c7f876aa3dcb22a457a3df5afbc022a631ae9ef1f3fdc611408
82892a54c4d7dbea6d54652b28a2b6d9e96844970239dfe0147356409917c136
878385140ab4a96f6b92d5801a12961128d487b9b9b7dd6919f86688c034e4e7
8864cb0ec0fa908c3e6a15c5a5718e126f8520bcd28335f864af56b8de3289c2
897db727e43e460507d14cbef9ecdb6ceb0d0b298fbbe6679b2e6405761bee50
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
8b28be67c2ed72e448fe33e78396262371e1b8052d76966cbe0649dde772d0f1
9056f87fe0f7a601f2b63ba77a11a8767d838ab97cd2d7a8b6661e7809c81569
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f78a13b518c0c53b5ccaa7c5b7617e44d59eabd3ba56298f18893635d58aff7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a39b209b9b9dda47f5ab83993311092d861d5c3347876521cc6b9847c93411e2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a99030150a96d05b46c5f8aa410e8519fedb29dc05c200827bfd55fa5cba8602
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ade8114f51e6fcd0fd31969c858151dbefb16a416aa0b8679e8f4971ef635e24
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c5c899ad19d1b2d3fb954bafbaacb90f7d8f29bf9d43e67c20eb8a2de2368769
c6ae70d8b4c011aeed79480feb0a1718b7606eea9f08f685b3839aa61a952aed
cab42fda31aea0d6e205dfb6bc4298da6aa807f10ba9a92392545986de392040
cb656577f4277a4ded7b312fe6d4a32f3aabbeff803485b75a66fdea67b678af
ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
df2b9ac3d23bf2614c32dec227992069641c256db67d2fa94176588ed049894f
df7a15a85346a5e5d7f8252bf44d1331a4b8677606ddec8b2ed315d95695acd0
dfd0d10d2d6451df70f03ea99f07e835d526581c04fdcceb5b695615fa6af552
e1d82285823cb8da76edda4ae9e4fc79863fdd67c824f5b662091c77b0fc39d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8c6b0d68efab7cd6288a6f6b332b34423ae0a1172da7ac736eaafd81a53c152
fea427eb227c9adb45f9abcfd32c7ce022e566b12102665a55ef64adf9737b7f

www.uspslitebluelogin.net Open in urlscan Pro 45.148.121.89 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

142 Requests

96 %HTTPS

62 %IPv6

17 Domains

21 Subdomains

18 IPs

5 Countries

1518 kBTransfer

3497 kBSize

21 Cookies

7 Outgoing links

Page URL History

Redirected requests

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.uspslitebluelogin.net Open in urlscan Pro
45.148.121.89 Public Scan

Screenshot
Live screenshot

Full Image

142
Requests

96 %
HTTPS

62 %
IPv6

17
Domains

21
Subdomains

18
IPs

5
Countries

1518 kB
Transfer

3497 kB
Size

21
Cookies

142 HTTP transactions
6 data transactions