urlscan.io logo urlscan.io
SecurityTrails logo

www.iglookup.com Open in urlscan Pro
2a06:98c1:3121::c  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.iglookup.com/spy
Submission: On August 23 via manual from FR — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 46 IPs in 10 countries across 40 domains to perform 137 HTTP transactions. The main IP is 2a06:98c1:3121::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.iglookup.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 12th 2022. Valid for: a year.
This is the only time www.iglookup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2a06:98c1:312... 13335 (CLOUDFLAR...)
15 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
10 142.250.185.66 15169 (GOOGLE)
1 9 142.250.185.194 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
3 178.250.2.146 44788 (ASN-CRITE...)
1 141.95.98.66 16276 (OVH)
2 2 23.75.240.210 16625 (AKAMAI-AS)
4 92.123.9.160 16625 (AKAMAI-AS)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 3 37.252.172.37 29990 (ASN-APPNEX)
1 185.184.8.90 204995 (RTB-HOUSE...)
2 3 104.18.18.126 13335 (CLOUDFLAR...)
1 178.250.0.165 44788 (ASN-CRITE...)
2 37.157.4.39 198622 (ADFORM)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 52.219.24.145 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 69.173.144.165 26667 (RUBICONPR...)
1 69.173.144.139 26667 (RUBICONPR...)
12 2a00:1450:400... 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 52.2.211.96 14618 (AMAZON-AES)
2 2 18.193.255.74 16509 (AMAZON-02)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 34.239.50.221 14618 (AMAZON-AES)
1 1 51.89.9.254 16276 (OVH)
2 3 2a02:6b8::90 208722 (GLOBAL_DC)
1 172.67.209.18 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
3 199.232.16.193 54113 (FASTLY)
1 159.89.25.223 14061 (DIGITALOC...)
4 2a00:1450:400... 15169 (GOOGLE)
2 92.205.12.223 21499 (GODADDY-SXB)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638::3 44788 (ASN-CRITE...)
1 151.101.193.108 54113 (FASTLY)
1 23.35.228.247 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
137 46
8    2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)
www.iglookup.com
15    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2606:4700:20::ac43:4951 (United States)

ASN13335 (CLOUDFLARENET, US)
npmcdn.com
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
securepubads.g.doubleclick.net
www.googletagservices.com
partner.googleadservices.com
9    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
pubads.g.doubleclick.net
cm.g.doubleclick.net
2    2606:4700:20::681a:daf (United States)

ASN13335 (CLOUDFLARENET, US)
cpabuild.com
3    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.nl
2    2606:4700::6812:1e31 (United States)

ASN13335 (CLOUDFLARENET, US)
stpd.cloud
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    141.95.98.66 (France)

ASN16276 (OVH, FR)
PTR: ns3216537.ip-141-95-98.eu
id5-sync.com
2    23.75.240.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    92.123.9.160 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-9-160.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    2606:4700:20::681a:8b2 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid-stag.setupad.net
3    37.252.172.37 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
3    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum.casalemedia.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
2    37.157.4.39 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
cm.adform.net
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
2    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:400e:800::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    52.219.24.145 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1.amazonaws.com
s3.us-west-1.amazonaws.com
3    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
12    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads4.g.doubleclick.net
6    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    52.2.211.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-211-96.compute-1.amazonaws.com
fksnk.com
2    18.193.255.74 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-255-74.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2a05:d018:d29:3602:330c:6850:f997:69b7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    34.239.50.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-50-221.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
3    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
an.yandex.ru
1    172.67.209.18 (United States)

ASN13335 (CLOUDFLARENET, US)
metrics.getrockerbox.com
1    2600:9000:223e:c600:1c:b3e3:eb40:21 (United States)

ASN16509 (AMAZON-02, US)
d13pxqgp3ixdbh.cloudfront.net
3    199.232.16.193 (Vienna, Austria)

ASN54113 (FASTLY, US)
i.imgur.com
1    159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
node.setupad.com
4    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
2    92.205.12.223 (Strasbourg, France)

ASN21499 (GODADDY-SXB, DE)
PTR: ip-92-205-12-223.ip.secureserver.net
www.erikosterberg.com
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    23.35.228.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-247.deploy.static.akamaitechnologies.com
js-sec.indexww.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
29 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
328 KB
18 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
pubads.g.doubleclick.net — Cisco Umbrella Rank: 510
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 303
cm.g.doubleclick.net — Cisco Umbrella Rank: 214
487 KB
9 google.com
adservice.google.com — Cisco Umbrella Rank: 88
www.google.com — Cisco Umbrella Rank: 9
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2210
162 KB
9 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1015
eus.rubiconproject.com — Cisco Umbrella Rank: 582
token.rubiconproject.com — Cisco Umbrella Rank: 711
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2237
22 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 407
mug.criteo.com — Cisco Umbrella Rank: 2790
bidder.criteo.com — Cisco Umbrella Rank: 759
9 KB
8 iglookup.com
www.iglookup.com
49 KB
7 amazonaws.com
s3.us-west-1.amazonaws.com — Cisco Umbrella Rank: 8094
128 KB
6 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 280
46 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 230
acdn.adnxs.com — Cisco Umbrella Rank: 604
20 KB
4 setupad.net
prebid-stag.setupad.net — Cisco Umbrella Rank: 39439
1 KB
3 imgur.com
i.imgur.com — Cisco Umbrella Rank: 5706
8 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 2470
954 B
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 219
52 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 286
fonts.googleapis.com — Cisco Umbrella Rank: 54
35 KB
3 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 539
ssum.casalemedia.com — Cisco Umbrella Rank: 1324
7 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 194
99 KB
2 gstatic.com
fonts.gstatic.com
170 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 655
57 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
20 KB
2 erikosterberg.com
www.erikosterberg.com
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
2 KB
2 google.nl
adservice.google.nl — Cisco Umbrella Rank: 14414
914 B
2 adform.net
adx.adform.net — Cisco Umbrella Rank: 3944
cm.adform.net — Cisco Umbrella Rank: 1550
592 B
2 stpd.cloud
stpd.cloud — Cisco Umbrella Rank: 42970
178 KB
2 cpabuild.com
cpabuild.com
53 KB
2 npmcdn.com
npmcdn.com — Cisco Umbrella Rank: 21448
12 KB
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 594
2 KB
1 setupad.com
node.setupad.com — Cisco Umbrella Rank: 40638
209 B
1 cloudfront.net
d13pxqgp3ixdbh.cloudfront.net
17 KB
1 getrockerbox.com
metrics.getrockerbox.com — Cisco Umbrella Rank: 5711
643 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
335 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 754
692 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 488
1 KB
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 4753
613 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 882
415 B
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6497
178 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 508
626 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
42 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 422
5 KB
0 sonobi.com Failed
sync.go.sonobi.com Failed
137 40
Domain Requested by
15 pagead2.googlesyndication.com www.iglookup.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.iglookup.com
e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
8 www.iglookup.com www.iglookup.com
7 cm.g.doubleclick.net 1 redirects www.iglookup.com
e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com
7 s3.us-west-1.amazonaws.com cpabuild.com
ajax.googleapis.com
6 s0.2mdn.net www.iglookup.com
s0.2mdn.net
6 securepubads.g.doubleclick.net www.iglookup.com
www.googletagservices.com
securepubads.g.doubleclick.net
4 fundingchoicesmessages.google.com www.iglookup.com
securepubads.g.doubleclick.net
4 prebid-stag.setupad.net stpd.cloud
www.iglookup.com
4 eus.rubiconproject.com www.iglookup.com
eus.rubiconproject.com
4 gum.criteo.com 2 redirects static.criteo.net
3 i.imgur.com cpabuild.com
3 an.yandex.ru 2 redirects www.iglookup.com
3 www.google.com e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com
tpc.googlesyndication.com
3 cdnjs.cloudflare.com cpabuild.com
3 ib.adnxs.com 1 redirects stpd.cloud
acdn.adnxs.com
3 www.googletagservices.com www.iglookup.com
e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com
3 mug.criteo.com www.iglookup.com
2 fonts.gstatic.com fonts.googleapis.com
2 static.criteo.net stpd.cloud
static.criteo.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.erikosterberg.com www.iglookup.com
2 x.bidswitch.net 2 redirects
2 token.rubiconproject.com eus.rubiconproject.com
www.iglookup.com
2 e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 fonts.googleapis.com cpabuild.com
2 ssum.casalemedia.com 2 redirects
2 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 adservice.google.nl pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 secure-assets.rubiconproject.com 2 redirects
2 stpd.cloud www.iglookup.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 cpabuild.com www.iglookup.com
cpabuild.com
2 pubads.g.doubleclick.net www.iglookup.com
2 npmcdn.com 1 redirects www.iglookup.com
1 js-sec.indexww.com stpd.cloud
1 acdn.adnxs.com stpd.cloud
1 node.setupad.com www.iglookup.com
1 d13pxqgp3ixdbh.cloudfront.net ajax.googleapis.com
1 metrics.getrockerbox.com e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com
1 onetag-sys.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 fksnk.com 1 redirects
1 googleads4.g.doubleclick.net www.iglookup.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 cm.adform.net www.iglookup.com
1 ajax.googleapis.com cpabuild.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 adx.adform.net stpd.cloud
1 bidder.criteo.com stpd.cloud
1 htlb.casalemedia.com stpd.cloud
1 prebid-eu.creativecdn.com stpd.cloud
1 id5-sync.com stpd.cloud
1 www.googletagmanager.com www.iglookup.com
1 cdn.jsdelivr.net www.iglookup.com
0 sync.go.sonobi.com Failed e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com
137 57

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-12 -
2023-06-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
cpabuild.com
Cloudflare Inc ECC CA-3		 2022-05-06 -
2023-05-06		 a year crt.sh
*.stpd.cloud
E1		 2022-07-02 -
2022-09-30		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.google.nl
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.s3-us-west-1.amazonaws.com
Amazon		 2021-12-17 -
2022-12-16		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.imgur.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-03-16		 a year crt.sh
node.setupad.com
R3		 2022-07-01 -
2022-09-29		 3 months crt.sh
erikosterberg.com
Go Daddy Secure Certificate Authority - G2		 2022-06-06 -
2023-07-08		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh

This page contains 20 frames:

Primary Page: https://www.iglookup.com/spy
Frame ID: C173D4BEC4B6EFB648811AC4047432F3
Requests: 35 HTTP requests in this frame

Frame: https://cpabuild.com/public/offers/iframe.php?it=717691&key=36098
Frame ID: A862941063430433DFCB201D04ABDB12
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220818/r20190131/zrt_lookup.html
Frame ID: C9EE2EEBC18847029E2C723BE916873B
Requests: 1 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221_light.js
Frame ID: 38FC248441F68C0A62165D14AA421C07
Requests: 24 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 31F3E0D524F70116E1088EE99E45B805
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3239635388903570&output=html&adk=1812271804&adf=3025194257&lmt=1661264312&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.iglookup.com%2Fspy&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661264312469&bpp=2&bdt=242&idt=260&shv=r20220818&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=880758654500&frm=20&pv=2&ga_vid=606917007.1661264313&ga_sid=1661264313&ga_hid=1700157312&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068487%2C31069028%2C31069063&oid=2&pvsid=1385176793903506&tmod=743594968&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=272
Frame ID: A66DFA216F805AA8FE2481DC7164DE95
Requests: 1 HTTP requests in this frame

Frame: https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 973C3BCB9E5748BF801230131B5B330A
Requests: 1 HTTP requests in this frame

Frame: https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 2E0E703B07B33FBC2B8AAB68FEB90510
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A52FC5A6F8D301EF1B652D87C8124A20
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A5B905C7826D28681AFFECE574306E9D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E22008C521D3AE4E7FB837BDEDAE0E79
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 48B81256B41D34245877790E47A9DD77
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8914876361115274780/MAR-426-HTML-callerID-970x250/index.html
Frame ID: E5E23A3CEABCB8DD04B7F3AC9EEF1984
Requests: 5 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221_light.js
Frame ID: C03DF45C1112539D139056400304CB8A
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 8990830643A4C9087E493E61FA365369
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C1E262A62F9B04F170B5D10840043D3D
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D3FB3F985A3CF6DF8F847D75D8160019
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.iglookup.com
Frame ID: AD4DEEE06249C52A1E1E2C1E7614B08C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D269844B65567E7A18ED7197AE735C9E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9E6CC69A4FBE1BABA1884246E4DE449E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online Instagram Profile Viewer - IGLookup

Detected technologies

Overall confidence: 100%
Detected patterns
  • /alpine(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • sweetalert2(?:\.all)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

137
Requests

91 %
HTTPS

51 %
IPv6

40
Domains

57
Subdomains

46
IPs

10
Countries

2006 kB
Transfer

5763 kB
Size

31
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://npmcdn.com/js-alert/dist/jsalert.min.js HTTP 302
  • https://npmcdn.com/js-alert@1.0.4/dist/jsalert.min.js
Request Chain 18
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.iglookup.com%2F&domain=www.iglookup.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=mj6v93xlSWRGclNJTVhrR1lDYTE4Sk9STlRlbENSMGlnSWw3SnViYnQ0TVM3U2EreTE3cWttTUpVb2V6TElxM3Y5cUlQRE04U3ZiVFpTalpBM2FtcWFmQWc4ekVwaS9CU3VGeGdadnovWHRQdGhqVUI3RUxEZVJXcE9GMER4S1NyOThkSkZUSW1LUURVT01lM3FnQkZMa2pidGtHK3lmRmgreEZIVWlJa2lRWnUvTlFuN0lnTmRZWUNrdVJiSk00YlpXV2w4eHZoWmVscVFKLyt0YWRkMDY3VWxOQlpla3IwckFCR2dsWWZuV1NLc1dRPXw&cppv=2
Request Chain 21
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Request Chain 35
  • https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D1%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D1%26gdpr_consent%3D%26uid%3D&s=184932&C=1 HTTP 302
  • https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=&uid=YwThuQDStQbq6fzU.QdDnQAA%261202
Request Chain 52
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=2313206554085835850
Request Chain 75
  • https://fksnk.com/cs/google?google_gid=CAESENnVxgarvOmGNoFwUsaS29E&google_cver=1&google_push=AehlK4AcZb6cZmbq8u1V1g6bzGhq31TgronbCq44bwLs2DOyR_A92DPngy1y6cYKVcsrSKfMqu5FsN_POA51eDpolpMN66IZmKxe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QjU3NzZGQTUxRDhFQjI2Nw==
Request Chain 76
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPkdgRJ5tU3hQGSpeHTFoYQ&google_cver=1&google_push=AehlK4CsrYxJTzTETuqSLAwBzBOKjsP7qKD4wKvfJ8nlmXyGSfxCfkLQDPyc6xXJOrxcUk7t99ZKVhp38PLF8e-98VulBKZ5PFuM HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPkdgRJ5tU3hQGSpeHTFoYQ&google_cver=1&google_push=AehlK4CsrYxJTzTETuqSLAwBzBOKjsP7qKD4wKvfJ8nlmXyGSfxCfkLQDPyc6xXJOrxcUk7t99ZKVhp38PLF8e-98VulBKZ5PFuM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4CsrYxJTzTETuqSLAwBzBOKjsP7qKD4wKvfJ8nlmXyGSfxCfkLQDPyc6xXJOrxcUk7t99ZKVhp38PLF8e-98VulBKZ5PFuM&google_hm=JNp6e5SLTOyhtMI4Fb1e_Q==
Request Chain 77
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHrL3_mD37oEn-c1uwJqXMY&google_cver=1&google_push=AehlK4CzA3Ui1ibjJlJW8JHcNwtd4RL24M3oYeTQBiFuEopQtflU6U2PFny4R-3H5HIofNBIqqV6aEnct60IvZvEhRLHbCBFJa8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4CzA3Ui1ibjJlJW8JHcNwtd4RL24M3oYeTQBiFuEopQtflU6U2PFny4R-3H5HIofNBIqqV6aEnct60IvZvEhRLHbCBFJa8&google_hm=NzQ3Njc1MzM2MDkwMjk1NDU4Ng%3D%3D
Request Chain 78
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEAX8uJxIUyczI35MXQgtZVU&google_cver=1&google_push=AehlK4Dff7usGUJ4CqxPsT6TEhdJ3SRVbxeuKzv1BCLHfhy-utbpFuHl7dua7U6Kqqrq5TeT2796qyC1xR9EU9bWaVy4bpo1mTxK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4GWSsd0iQ1dHJ6VA92zEqx_MmS4&google_push=AehlK4Dff7usGUJ4CqxPsT6TEhdJ3SRVbxeuKzv1BCLHfhy-utbpFuHl7dua7U6Kqqrq5TeT2796qyC1xR9EU9bWaVy4bpo1mTxK
Request Chain 80
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELel3g0axs60bnlRoCNqXUM&google_cver=1&google_push=AehlK4DD3AyqFQZe2ghqjNtNVnwjfsjJcXPp-tCigwHEjzTM-3RTFdQ9Kr3qIxjIMEs0Bj4TA2LKhZEP-lUY5rIk5KLFQRB1vKyj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DD3AyqFQZe2ghqjNtNVnwjfsjJcXPp-tCigwHEjzTM-3RTFdQ9Kr3qIxjIMEs0Bj4TA2LKhZEP-lUY5rIk5KLFQRB1vKyj
Request Chain 81
  • https://an.yandex.ru/mapuid/google/CAESEKK232xIH18R4KuKdA4OY6o?ext-param=AehlK4BPUpU3V40WtrRrhnfWFQmFRc00b7nkUkv8M8NQbFxva96U1ijg6j5sfCggd7FpV3br2BC0F7Gncy8WLYYNoJ3vXRF8vz086g&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEKK232xIH18R4KuKdA4OY6o?redir-setuniq=1&ext-param=AehlK4BPUpU3V40WtrRrhnfWFQmFRc00b7nkUkv8M8NQbFxva96U1ijg6j5sfCggd7FpV3br2BC0F7Gncy8WLYYNoJ3vXRF8vz086g&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEKK232xIH18R4KuKdA4OY6o&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 115
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Request Chain 129
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=iglookup.com&sn=ChromeSyncframe&so=3&topUrl=www.iglookup.com&bundle=3RO9l19YckhsY3BQelc0ZnNJJTJGRmlJUkZ3S2U2NjdGcmZMQjduUmJVWkMzbFBLV0RaVnhDeFhMdzBxdDRKMWZiYkZlUkZ4TENROGhyN1djeXZlWGU5ZGI3d1FkeThicHBkcnFBeVRpNnpQM0F4RVh2Z0dCdWZYakpUJTJCWFhHTDh6JTJGRzJGVA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=h0W9_nxoMHk0b24wWmI3U3NSS1dtZmZ3MnN6Y0hDbzNIQ0EwM2dnTmtxQW9tejNyTUZmNGVVZ0RMb3dOTzZlU0RVSGl1a0tRdXlZZUp6Ly9UcGRZNEFicHp5clhqZThCbTF3U0U2b1J6ZEhSaERRVEZFSHNMNWxzL24wWUFvbXFsZzRaRzc1K0t3ZUFIbnJUZFRralNCUXlMcTM4SnhPZk1LY0xDQ0hEV3UydnFJdHBEMDBuTTMrUDBEcWZWNlRpYWRkTVUxNHgyc2RMb3lkK2o5TWxhaXFKcjZjak8zcGhYNVFiSmt6N0lFTUxINGpsN0V0bnRpM1JIVFV6VTZxMDk2V1dQalpwKzdZRG15N3dRWjZMMFpxL04vbUE5aHNUTCtQZEVEYXN4NzFMSFBGYz18&cppv=2

137 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request spy
www.iglookup.com/ 		32 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.iglookup.com/spy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R) 6.0.13 PleskLin
Resource Hash
12fc61ae3a94294a815e6bb5fb8b8a1123c7c26cf2ac1f79926975c9bee16e22

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
73f47a5e5e9d1e9d-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 23 Aug 2022 14:18:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UqicKfKuv4KiivVNfrEL53DeG%2Bp7TsmNsiZnyp%2BTSgi8ewbNUF47%2F%2F1qdZyTB8rQqS1yTDeItCFA6IyorSQX9d%2F0n5thcGEqLu%2Bn9O9TISCAyas4DqpiE8%2BnoyJ9bqEBG0FzvLPs38KHG1qHWmMp"}],"group":"cf-nel","max_age":604800}
server
cloudflare
status
200 OK
vary
Accept-Encoding
x-powered-by
Phusion Passenger(R) 6.0.13 PleskLin
style.css
www.iglookup.com/css/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iglookup.com/css/style.css
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R) 6.0.13, PleskLin
Resource Hash
d71c0231e22ba808c532ef4c8bf713b03408643ce073a427de0c13634a707d72

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/spy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:32 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Phusion Passenger(R) 6.0.13, PleskLin
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 18 Aug 2021 11:40:52 GMT
server
cloudflare
etag
W/"a2fc-17b591065a0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vaRwcpqaGi21nyd4fty44t511NnmAr18KBOd%2FAHopYiny40bdc2h2yk0jNHy3Ghf4%2FrYc9JrwXfWcpzK3VSwUS6aUj99koG8Y9O3KW%2FgaL8IPr%2FdC3Ad1EwyEsVUBP9z663iKj5r8EVmO7xbxda9"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=57600
cf-ray
73f47a5f8fed1e9d-AMS
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		164 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3239635388903570
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1efaf08532e929afdd04c59a6b3215c51a0a8f67a7b23b4f6cc386a1c741ec1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iglookup.com/
Origin
https://www.iglookup.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57072
x-xss-protection
0
server
cafe
etag
3919087515914412449
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 14:18:32 GMT
insta.svg
www.iglookup.com/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iglookup.com/img/insta.svg
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R) 6.0.13, PleskLin
Resource Hash
df342ebf6fae7ecf6ecc0546f197aa1240c665deb17984eebaaa110b846d97a2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/spy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:32 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Phusion Passenger(R) 6.0.13, PleskLin
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 10 Aug 2021 14:47:52 GMT
server
cloudflare
etag
W/"9b5-17b3088b9c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sU%2BCqpgIOW8HRmfVP9%2BqZMz%2Fjkh%2FTK1tnBPngY2xf7iJ7bTfi6FKSYmijMVsUJ10QwXywlbrkT1GmMFYfbBrhgtqSvTCuOX8Yf8z1fSTGEgJtiKv7NqWqxi6tRLxERe8%2ByFVp6q6xKYvZN%2BdVoHH"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=57600
cf-ray
73f47a5fa8161e9d-AMS
click.svg
www.iglookup.com/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iglookup.com/img/click.svg
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R) 6.0.13, PleskLin
Resource Hash
cbb261f9f911fca42d9fec9a3ae6793084e3d5c1ee07ed94c5030571b969c6dd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/spy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:32 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Phusion Passenger(R) 6.0.13, PleskLin
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 10 Aug 2021 14:36:22 GMT
server
cloudflare
etag
W/"e9a-17b307e3270"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwMCvAEobrkxWDpgWt6pLKMvrLef40tgAbAEMTC1oq0h0Cp6il%2FLDVbBP3Z92ke2cwp0kRto4sD%2ByPEPgd4FEE18JO%2FblJQppMdYFCRbGXl8sVv%2BdJRF2GvmH2JPOdLfoGowm0wjTrZsIBeLLNNH"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=57600
cf-ray
73f47a5fa8171e9d-AMS
eye.svg
www.iglookup.com/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iglookup.com/img/eye.svg
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R) 6.0.13, PleskLin
Resource Hash
25721cf24e49cffc28199105526c82487631752bc0eccd391f825bffefbaa06a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/spy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:32 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Phusion Passenger(R) 6.0.13, PleskLin
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 10 Aug 2021 14:51:22 GMT
server
cloudflare
etag
W/"633-17b308bee10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Bs2Ffi0OBvsIWrXujfuWbjpXiueV3r51WD3P1o7Dbx7GERZ6ceIl5hiqTpwYzJx9O0U8Btk6duRZr4ShDVW596Mi3jelwQL34P079bnYVLsT1%2BIusXUISfXHQYe%2FYb5f52IN%2F6GGOo48ZWx9rT9"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=57600
cf-ray
73f47a5fa8181e9d-AMS
jsalert.min.js
npmcdn.com/js-alert@1.0.4/dist/
Redirect Chain
  • https://npmcdn.com/js-alert/dist/jsalert.min.js
  • https://npmcdn.com/js-alert@1.0.4/dist/jsalert.min.js
35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://npmcdn.com/js-alert@1.0.4/dist/jsalert.min.js
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Server
2606:4700:20::ac43:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
468bf232126e3959d56f01ff6d5bbb01ee894465dad2d6979271d27e42a9d187
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:35 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6570000
fly-request-id
01G51QF0Z5PTHP7J7S3WPZMWPX-ams
content-encoding
br
vary
Accept-Encoding
last-modified
Wed, 22 Jun 2016 19:03:48 GMT
server
cloudflare
etag
W/"8ba1-DNpuqBuQOERcCahHz9aezH0NhZg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kh1vNSyQOooob4yT%2FpLp8oTXFPx6%2F84UxhyMjHf%2BL8u5uXTaCmLasIUYF0kqtygsz0vbAheBvdBbJuZ6q9mTyWIOHk%2BLTA6Dc83xHVQ4h5xPeZ23jCbQ6PjdfEvDL36yTaFHXHjqjhk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
73f47a74dcd0b82e-AMS

Redirect headers

date
Tue, 23 Aug 2022 14:18:35 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept, Accept-Encoding
fly-request-id
01GB5H3E1ERNS1026NMPNQ90DH-ams
server
cloudflare
location
/js-alert@1.0.4/dist/jsalert.min.js
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Noe7xhstde9WYCTMBxvOeEYKI5vR0Na5wBwcYWVH8BWmIDBDMdhJAKqzU7lDLh%2FXeciH7H%2B9w%2FQL4sRfpIL18xmu9cYf%2BGzwOzNvj4ZOAWKtIttxF3NQ2dBEwRkfxP7mZAAtWF0cLzk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, s-maxage=600
cf-ray
73f47a601ae7b82e-AMS
animate.min.css
cdn.jsdelivr.net/npm/animate.css@3.5.2/ 		52 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/animate.css@3.5.2/animate.min.css
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6566334
x-jsd-version
3.5.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19152-FRA, cache-itm18829-ITM
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"ce35-l6+hUVafBGsuAfJ8GHFkbpzYfK8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w85jMwg7kqNOjwiUtB4g0AdB4Uke7xUaBqQQ%2FMm57eLahEfA0SAmGvKNMph0PWNKR5pGKAVdQaLf8aF5Ee2JCwDNQKJwMvo05aotLQhrtS8ryuxYbCZnvcYWA%2BxVdeFJoX%2BJHQ44eKEVUM95iR0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
73f47a5ffdd7b8c7-AMS
terminal.js
www.iglookup.com/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iglookup.com/js/terminal.js
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R) 6.0.13, PleskLin
Resource Hash
3cba1ead961a6687ea7be904c9f21a130b985770c84635d01dfafa1a59d88f37

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/spy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:32 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Phusion Passenger(R) 6.0.13, PleskLin
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 11 Aug 2021 08:07:58 GMT
server
cloudflare
etag
W/"15c6-17b3440f730-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NaFQ6ftPWY9xhk8ubuvguKCJ%2F3wfFYqJOE9tdud3x1N44qhJE3noAI6iQhNFgw0vB%2FbAlTiAHDQNqdVhybz3TUPMlyKDn9raj3Aln9DSkiaZqGj3wI42pYS9cmmcuKY8LostfEK2LdZt1NbsJZ1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=57600
cf-ray
73f47a5fa8101e9d-AMS
js
www.googletagmanager.com/gtag/ 		106 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-153660446-1
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
660e20221e638e3d4782c1a70b3a2083745cca27dfe97def80051cecffcef293
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42037
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Aug 2022 14:18:32 GMT
alpine.js
www.iglookup.com/js/ 		75 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iglookup.com/js/alpine.js
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R) 6.0.13, PleskLin
Resource Hash
f51e3857a88299557ba038af492be73e6e286188ab1fa802edfb74f484b88fea

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/spy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:32 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Phusion Passenger(R) 6.0.13, PleskLin
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 24 Mar 2021 04:42:16 GMT
server
cloudflare
etag
W/"12cc8-178628a5440-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObVKxv3xbbxw0FOE7QZgHyKb3KdLN4axC5ryDDl902V0Dd4BhFHW9BHVYkd5xurpz4IXbfgnpvHyNYiE3j2kYJI15ul6zz9i%2BCuG16Hc6UjDKpUOkYbIRotlGIsTwhUJ3zcPudNxKGCuxyj4Vf%2F7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=57600
cf-ray
73f47a5fa8111e9d-AMS
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
63985aef0fb315697e2271b9d909ee9a11042a9e8e588c42962a0c3f46269ff4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28559
x-xss-protection
0
server
sffe
etag
"1311 / 948 of 1000 / last-modified: 1661252718"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 23 Aug 2022 14:18:32 GMT
cmp.js
www.iglookup.com/js/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iglookup.com/js/cmp.js
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R) 6.0.13, PleskLin
Resource Hash
b1e007a947dbbe6717f2d64743a29b9d2f4099a9c1352b45efbc16cf110e2cea

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/spy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:32 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Phusion Passenger(R) 6.0.13, PleskLin
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 16 Mar 2022 10:23:19 GMT
server
cloudflare
etag
W/"25ff-17f9240e0b5-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KW4ygG3SgQKcc4740lxoHY5Zf2HLoG1b17hsgRJVRXyHsZRESOhiHK%2FTrx8F0cI%2FD0PYI49QSQ8M9wH7xUf04FohA%2FfYpbES4P9LLmk9ccHDlUdNLjfvuZKDv0Pyu4iH%2FDeoYT%2BVngivmJPbyZ%2Fp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=57600
cf-ray
73f47a5fa8121e9d-AMS
adx
pubads.g.doubleclick.net/gampad/ 		46 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,21880842651/iglookup.com_1200x300_responsive_1_DFP&sz=300x250%7C970x250&t=Placement_type%3Dserving&1661264312301
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
1c527b696065a1236325311d818d7c2837e1a35a9264007aaea07a9fc34d0959
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11355
x-xss-protection
0
google-lineitem-id
5757320148
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138358825379
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.iglookup.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe.php
cpabuild.com/public/offers/ Frame A862 		51 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cpabuild.com/public/offers/iframe.php?it=717691&key=36098
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.11
Resource Hash
9b81999d6a16ee78a925322e8967dc1b1e8556272b6bb38801ba38bc30b230cc

Request headers

Referer
https://www.iglookup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache, no-transform
cf-cache-status
DYNAMIC
cf-ray
73f47a6088eeb77c-AMS
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 14:18:33 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sat, 26 Jul 1997 05:00:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TonQ1TMGeGo9sFTPrULRWKttlH%2F4NiHc2B9%2Fu4fpQ94LNzqB%2F8FmBLMjJDPt9nzMa8rxomqtl%2FbAttDByF0uMHJaAd7LNuFIzoLT9%2Bfw0vSTUspafkrTItbQo0mx%2F1O%2FB%2FUipoVerPMcPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.11
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/ 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3239635388903570&plah=www.iglookup.com&bust=31069028
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3239635388903570
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
883ac9fdc367df8f5faeef8611477542ce22f5138692071da67bb6f460299a73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122625
x-xss-protection
0
server
cafe
etag
3443047666004135713
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 14:18:32 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220818/r20190131/ Frame C9EE 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220818/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3239635388903570
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iglookup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
9398
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 11:41:54 GMT
etag
8616628553774171045
expires
Tue, 06 Sep 2022 11:41:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
stpd201221_light.js
stpd.cloud/assets/postbid/ Frame 38FC 		276 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stpd.cloud/assets/postbid/stpd201221_light.js
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a24843adc2fb5bac7b02f8b2fdbb08da59a6dc2ff974714234d2831c90d40ab

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 Aug 2022 14:18:32 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
i5RZoGxWXyFeBvqwcOlq+A==
age
5546
x-ms-lease-status
unlocked
last-modified
Mon, 22 Aug 2022 10:30:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1f684753-301e-0038-6a12-b65b57000000
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
73f47a619a1cb95a-AMS
expires
Tue, 23 Aug 2022 18:18:32 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.iglookup.com%2F&domain=www.iglookup.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.iglookup.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.iglookup.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 23 Aug 2022 14:18:32 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
918
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 38FC
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.iglookup.com%2F&domain=www.iglookup.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=mj6v93xlSWRGclNJTVhrR1lDYTE4Sk9STlRlbENSMGlnSWw3SnViYnQ0TVM3U2EreTE3cWttTUpVb2V6TElxM3Y5cUlQRE04U3ZiVFpTalpBM2FtcWFmQWc4ekVwaS9CU3VGeGdadnovWHRQdGhqVUI3RUxEZVJXcE9GME...
342 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=mj6v93xlSWRGclNJTVhrR1lDYTE4Sk9STlRlbENSMGlnSWw3SnViYnQ0TVM3U2EreTE3cWttTUpVb2V6TElxM3Y5cUlQRE04U3ZiVFpTalpBM2FtcWFmQWc4ekVwaS9CU3VGeGdadnovWHRQdGhqVUI3RUxEZVJXcE9GMER4S1NyOThkSkZUSW1LUURVT01lM3FnQkZMa2pidGtHK3lmRmgreEZIVWlJa2lRWnUvTlFuN0lnTmRZWUNrdVJiSk00YlpXV2w4eHZoWmVscVFKLyt0YWRkMDY3VWxOQlpla3IwckFCR2dsWWZuV1NLc1dRPXw&cppv=2
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
c409c2e7928e422543b4e41de36048551987512144c2c4f7265b8e6986b85355
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 14:18:32 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2740
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 14:18:32 GMT
location
https://mug.criteo.com/sid?cpp=mj6v93xlSWRGclNJTVhrR1lDYTE4Sk9STlRlbENSMGlnSWw3SnViYnQ0TVM3U2EreTE3cWttTUpVb2V6TElxM3Y5cUlQRE04U3ZiVFpTalpBM2FtcWFmQWc4ekVwaS9CU3VGeGdadnovWHRQdGhqVUI3RUxEZVJXcE9GMER4S1NyOThkSkZUSW1LUURVT01lM3FnQkZMa2pidGtHK3lmRmgreEZIVWlJa2lRWnUvTlFuN0lnTmRZWUNrdVJiSk00YlpXV2w4eHZoWmVscVFKLyt0YWRkMDY3VWxOQlpla3IwckFCR2dsWWZuV1NLc1dRPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.iglookup.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1372
content-length
482
expires
0
481.json
id5-sync.com/g/v2/ Frame 38FC 		216 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/481.json
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221_light.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.66 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216537.ip-141-95-98.eu
Software
/
Resource Hash
98fd7827212d0d34f83eeeaca1e56b7d7b35746032410a941d0a0a4d4e6298e3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.iglookup.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.iglookup.com
date
Tue, 23 Aug 2022 14:18:32 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
gpt.js
www.googletagservices.com/tag/js/ Frame 38FC 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
63985aef0fb315697e2271b9d909ee9a11042a9e8e588c42962a0c3f46269ff4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28559
x-xss-protection
0
server
sffe
etag
"1311 / 58 of 1000 / last-modified: 1661252718"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 23 Aug 2022 14:18:32 GMT
usync.html
eus.rubiconproject.com/ Frame 31F3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-9-160.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.iglookup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Aug 2022 14:18:33 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 23 Aug 2022 14:18:32 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server
AkamaiGHost
cookie_sync
prebid-stag.setupad.net/ Frame 38FC 		709 B
882 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/cookie_sync
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221_light.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e8380ac06af307f5daf7366b1b7517354efc41502a72e0811403c88f93273c0

Request headers

Referer
https://www.iglookup.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 14:18:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9B%2F961cDyUw7D2JpTwCSVKaMuJiDvgiaFfZOGvWxI4Bd84N%2Fvf0CKbDx4vwcjMNRMbEheKPqa0485aLh%2FZpVM84XeReAlqA0gajADr9J6xJqEnQW3bANJFOnmGce%2B%2BEXiGiGev02Ftr6426KUElPuxHvlu9"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.iglookup.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
73f47a62faa4b97a-AMS
expires
0
auction
prebid-stag.setupad.net/openrtb2/ Frame 38FC 		141 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221_light.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
997a01a57a4490413ec29631731134298f2abb718450da19404a30ef41fe9555

Request headers

Referer
https://www.iglookup.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 14:18:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIxwqaHC9YvG1nJGEI5cA%2BTWoO7Ygv84XgMwUHup7TpMlyjywYwHhBXaCLQG0BJxXsjI0gTkN7khKXi9fhFBbsWGm9uOLn8rLrihz7%2FiTj2zax%2BCNrMUcPDQElZkKmpKazjTu5jieqFOAGrZdTUMt7erYKtU"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.iglookup.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
73f47a62faa7b97a-AMS
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 38FC 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221_light.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b78a3cd1e79a6846882e48cc4d78109495102ce1d37a46c353cee5f021160c15
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.iglookup.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 14:18:32 GMT
X-Proxy-Origin
31.204.153.46; 31.204.153.46; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
107bd3d8-4ec9-4c35-844f-9c37494ed263
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.iglookup.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 38FC 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221_light.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.iglookup.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.iglookup.com
date
Tue, 23 Aug 2022 14:18:32 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cygnus
htlb.casalemedia.com/ Frame 38FC 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=708388&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211cd60099a42587%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.iglookup.com%2Fspy%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22setupad.com%22%2C%22sid%22%3A%221148%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221209da6566864a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22708388%22%2C%22sid%22%3A%22iglookup.com_1200x300_desktop_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22132994a3da5d5af%22%2C%22ext%22%3A%7B%22siteID%22%3A%22708388%22%2C%22sid%22%3A%22iglookup.com_1200x300_desktop_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A980%2C%22h%22%3A300%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%221451f9aee36ef0e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22708388%22%2C%22sid%22%3A%22iglookup.com_1200x300_desktop_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A1200%2C%22h%22%3A200%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2215e4b15739b8cc4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22708388%22%2C%22sid%22%3A%22iglookup.com_1200x300_desktop_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A1100%2C%22h%22%3A200%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2216b814861ab84ab%22%2C%22ext%22%3A%7B%22siteID%22%3A%22708388%22%2C%22sid%22%3A%22iglookup.com_1200x300_desktop_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A1000%2C%22h%22%3A200%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2217d20d7b1d51088%22%2C%22ext%22%3A%7B%22siteID%22%3A%22708388%22%2C%22sid%22%3A%22iglookup.com_1200x300_desktop_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A1000%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2218ba17c9a01c033%22%2C%22ext%22%3A%7B%22siteID%22%3A%22708388%22%2C%22sid%22%3A%22iglookup.com_1200x300_desktop_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A300%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%221982b4ddd55cb69%22%2C%22ext%22%3A%7B%22siteID%22%3A%22708388%22%2C%22sid%22%3A%22iglookup.com_1200x300_desktop_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A980%2C%22h%22%3A240%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%222000d08870e700e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22708388%22%2C%22sid%22%3A%22iglookup.com_1200x300_desktop_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A980%2C%22h%22%3A120%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%222121bfbb47b75fa%22%2C%22ext%22%3A%7B%22siteID%22%3A%22708388%22%2C%22sid%22%3A%22iglookup.com_1200x300_desktop_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%222296d3d96f79f5c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22708388%22%2C%22sid%22%3A%22iglookup.com_1200x300_desktop_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22230b0a7978cc818%22%2C%22ext%22%3A%7B%22siteID%22%3A%22708388%22%2C%22sid%22%3A%22iglookup.com_1200x300_desktop_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A200%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%222454b96592c116d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22708388%22%2C%22sid%22%3A%22iglookup.com_1200x300_desktop_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A188%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%222596fc5d929edd6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22708388%22%2C%22sid%22%3A%22iglookup.com_1200x300_desktop_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A120%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22269ef3f6b96d5f7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22708388%22%2C%22sid%22%3A%22iglookup.com_1200x300_desktop_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A950%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2227104892308e7a7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22708388%22%2C%22sid%22%3A%22iglookup.com_1200x300_desktop_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A93%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22280b05570b7ce9b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22708388%22%2C%22sid%22%3A%22iglookup.com_1200x300_desktop_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A100%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22292ee58c6b5089e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22708388%22%2C%22sid%22%3A%22iglookup.com_1200x300_desktop_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221_light.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
726cefb4e62f5301bb01f7ad13390c6741621db0e65e71b44c14e81dcc731e73

Request headers

Referer
https://www.iglookup.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Aug 2022 14:18:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UsL8zucDQVbe45i1eLhFct7eMMYVtn0PqXgnXsGRb%2FsLoAyCIfoDH5jtorXGGGUf4dLBZywoKKpud4MHTLnyVb6GeKunW0bGBweaG9Di3Hrs%2FxNWJz9teL2kWVkogz%2BhH8%2BnAVI5"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.iglookup.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
73f47a62fa5db906-AMS
expires
0
cdb
bidder.criteo.com/ Frame 38FC 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=39721284802
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221_light.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.iglookup.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Aug 2022 14:18:32 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.iglookup.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
/
adx.adform.net/adx/ Frame 38FC 		5 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwOTMzNDgmdHJhbnNhY3Rpb25JZD0zOWEyMjFlNC1iODVjLTRlZmQtYTVlYy01ODcwZjFiN2Y3ZDY%3D&pt=gross&stid=e865566a-4309-4e07-9857-78102d1924bd&fd=1&eids=eyJwdWJjaWQub3JnIjp7IjViMGY3YTBkLTljNjQtNDEzZC05N2Y0LWJmODkyNThhMjNjMyI6WzFdfX0%3D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.iglookup.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 14:18:32 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.iglookup.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
pubads_impl_2022081701.js
securepubads.g.doubleclick.net/gpt/ Frame 38FC 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 13:30:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2861
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133512
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 08:37:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 23 Aug 2023 13:30:51 GMT
cookie.js
partner.googleadservices.com/gampad/ 		216 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.iglookup.com&callback=_gfp_s_&client=ca-pub-3239635388903570
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3239635388903570&plah=www.iglookup.com&bust=31069028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
31f0a2732d6f9b23ae8209b4563c58966cb7c9444c54f74478cb00c439073d92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
199
x-xss-protection
0
integrator.js
adservice.google.nl/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=www.iglookup.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3239635388903570&plah=www.iglookup.com&bust=31069028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 14:18:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.iglookup.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3239635388903570&plah=www.iglookup.com&bust=31069028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 14:18:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A66D 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3239635388903570&output=html&adk=1812271804&adf=3025194257&lmt=1661264312&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.iglookup.com%2Fspy&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661264312469&bpp=2&bdt=242&idt=260&shv=r20220818&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=880758654500&frm=20&pv=2&ga_vid=606917007.1661264313&ga_sid=1661264313&ga_hid=1700157312&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068487%2C31069028%2C31069063&oid=2&pvsid=1385176793903506&tmod=743594968&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=272
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3239635388903570&plah=www.iglookup.com&bust=31069028
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iglookup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 14:18:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=mj6v93xlSWRGclNJTVhrR1lDYTE4Sk9STlRlbENSMGlnSWw3SnViYnQ0TVM3U2EreTE3cWttTUpVb2V6TElxM3Y5cUlQRE04U3ZiVFpTalpBM2FtcWFmQWc4ekVwaS9CU3VGeGdadnovWHRQdGhqVUI3RUxEZVJXcE9GMER4S1NyOThkSkZUSW1LUURVT01lM3FnQkZMa2pidGtHK3lmRmgreEZIVWlJa2lRWnUvTlFuN0lnTmRZWUNrdVJiSk00YlpXV2w4eHZoWmVscVFKLyt0YWRkMDY3VWxOQlpla3IwckFCR2dsWWZuV1NLc1dRPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 23 Aug 2022 14:18:32 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
778
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
setuid
prebid-stag.setupad.net/ Frame 38FC
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D1%26gdpr_consent%3D%26uid%3D&s=184932&C=1
  • https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=&uid=YwThuQDStQbq6fzU.QdDnQAA%261202
36 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=&uid=YwThuQDStQbq6fzU.QdDnQAA%261202
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Server
2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 14:18:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdiKUe9PmlXUG34o6%2B7NzVcl2EwQNuKFZHG1%2BalYbUHxdtGq4j0k3Z6AZ8X378U8ZG4TnXh%2Br9gRUyiDOda5QZLIIyxBH9o4BIoij5SADCYxUTm5Vx9iq3%2FRL9GzlYtk6OpAouX6zVJCBEP%2BZ7l%2FwkUCJaci"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f47a653f18b97a-AMS
content-length
36
expires
0

Redirect headers

cf-ray
73f47a64d982b74e-AMS
pragma
no-cache
date
Tue, 23 Aug 2022 14:18:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcjEBwJwp4lp7oUGAVCKNaKCct2CV1OVgoCWuum0lhyK07Zjwy2kluZryqLlbFdsyVvtQ0yo70kxIMStQ%2B3VQrwV8cos1ShPTZTnomYFIhoCQc2btN%2BGkvG%2FVfp4ahlqGi6Ngn7i"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=&uid=YwThuQDStQbq6fzU.QdDnQAA%261202
cache-control
no-cache
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ Frame A862 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: cpabuild.com
URL: https://cpabuild.com/public/offers/iframe.php?it=717691&key=36098
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cpabuild.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:07:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
644
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Aug 2023 14:07:49 GMT
css
fonts.googleapis.com/ Frame A862 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700|Open+Sans:400,700|Roboto:400,700
Requested by
Host: cpabuild.com
URL: https://cpabuild.com/public/offers/iframe.php?it=717691&key=36098
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fce4013b046a25cbf94a641d6dadaf61a1ef2076c21c9bef5081e4863046952d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cpabuild.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 14:10:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Aug 2022 14:18:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Aug 2022 14:18:33 GMT
font-awesome.min.css
s3.us-west-1.amazonaws.com/cloudfls.co/themes/startui/css/lib/font-awesome/ Frame A862 		27 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.us-west-1.amazonaws.com/cloudfls.co/themes/startui/css/lib/font-awesome/font-awesome.min.css
Requested by
Host: cpabuild.com
URL: https://cpabuild.com/public/offers/iframe.php?it=717691&key=36098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.24.145 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
18a279cbb81cf6d0f22aeaa24fbe994cdf94f4fac41d26ec3850eecbcf1a0bd1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cpabuild.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 14:18:34 GMT
Last-Modified
Mon, 20 Jul 2020 19:18:06 GMT
Server
AmazonS3
x-amz-request-id
2V2SXG7CNV5QZMAK
ETag
"8f6faef8ee84c7d1bad83516f21d84a7"
Content-Type
text/css
x-amz-version-id
ePIWjfMKtCaP4bDE.eZHRaP_PF6hOabL
Accept-Ranges
bytes
Content-Length
27502
x-amz-id-2
AenzwyRLZ+AOZJOeEShyTEhjJJE/9s3NQQ3+MkWhp+yTjs9Hn3CZ8cafhFsaaKa+fz74iws48NI=
sweetalert2.min.js
cdnjs.cloudflare.com/ajax/libs/limonte-sweetalert2/6.6.6/ Frame A862 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/limonte-sweetalert2/6.6.6/sweetalert2.min.js
Requested by
Host: cpabuild.com
URL: https://cpabuild.com/public/offers/iframe.php?it=717691&key=36098
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
341326dbaf8c5609cfa4147f8dd98cd28ad17af3fb8f6e87a070b720f5bf4fe9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cpabuild.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1198558
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6413
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:12:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed1-586e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVrk%2FYFQFb8yKS0%2BDhmx7zKoYgQffYkEIpTLG4xGyKU1qL8tG7A%2FXVu2XZ5tL1dIODYdmkOfXUmeii3KF91wLByqg1hunlu5zpRbnQunIZcVDXUKb2dusrTW%2B7tDOFVp9H9SdvuNvlzxlfUSptXTgy1s"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
73f47a653d2ab7af-AMS
expires
Sun, 13 Aug 2023 14:18:33 GMT
sweetalert2.min.css
cdnjs.cloudflare.com/ajax/libs/limonte-sweetalert2/6.6.6/ Frame A862 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/limonte-sweetalert2/6.6.6/sweetalert2.min.css
Requested by
Host: cpabuild.com
URL: https://cpabuild.com/public/offers/iframe.php?it=717691&key=36098
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce068a9212a95f34ab3f25d57dccc787281c3d21f28470fe3d25a7ab72d91c7b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cpabuild.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1704018
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2411
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:12:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed1-3a93"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdO2NFFNourKBN8zsTccDN%2F7DnKDllBpr7C%2Bn%2FvAf2EmBl5a6rDIQnjClpz8Kz5QhrVaN%2BqFsow05dP25%2B1eohyDgCO0oQ7LQQP5j5Mlo814hkkAeChxGYLsDc07aj8y5nm15Ayw4zp5qJVSSO1I%2FT4M"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
73f47a653d27b7af-AMS
expires
Sun, 13 Aug 2023 14:18:33 GMT
core.js
cdnjs.cloudflare.com/ajax/libs/core-js/2.4.1/ Frame A862 		232 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/core-js/2.4.1/core.js
Requested by
Host: cpabuild.com
URL: https://cpabuild.com/public/offers/iframe.php?it=717691&key=36098
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c8bdcebfbe4caf87727b3c56442dc41a790ac80a071c4d67374f2f9bd9e2b43
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cpabuild.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2306955
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42723
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-3a1e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jvx3z64JGXgwEyxna44jiZ3izvrCKIy9jYPczdw1u5SMm2Ag994kKFptEML4nW28vi46jM9YFq0UddKuGkh8N5dSgYRUwIPL1awanXuEWuefFI25p%2FPwU6p8ODiCzfcxEPJkEqwHijKz%2FnR9LuGZlZV%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
73f47a653d2db7af-AMS
expires
Sun, 13 Aug 2023 14:18:33 GMT
colorpicker.js
s3.us-west-1.amazonaws.com/cloudfls.co/themes/startui/css/lib/colorpicker/js/ Frame A862 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.us-west-1.amazonaws.com/cloudfls.co/themes/startui/css/lib/colorpicker/js/colorpicker.js
Requested by
Host: cpabuild.com
URL: https://cpabuild.com/public/offers/iframe.php?it=717691&key=36098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.24.145 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
633dc2faf8814cf105d53e40564cca15b2dfe2e176d8c25eeb6d84d5e25d1346

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cpabuild.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 14:18:34 GMT
Last-Modified
Mon, 20 Jul 2020 19:18:06 GMT
Server
AmazonS3
x-amz-request-id
2V2XAXECAZ7A20BW
ETag
"96e6db8dd2c341f8aee73603eccea3b9"
Content-Type
text/javascript
x-amz-version-id
qFIBPe4Zod1AureDpJG1XaQIW1Qq766s
Accept-Ranges
bytes
Content-Length
17175
x-amz-id-2
j2KXIXZRChaGiDE8ZbUppsw32+kRHV3Jrm+XpObfuLRSyrvqXxLI7Pqj6RZBZ5XyYaP9GFGstR4=
colorpicker.css
s3.us-west-1.amazonaws.com/cloudfls.co/themes/startui/css/lib/colorpicker/css/ Frame A862 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.us-west-1.amazonaws.com/cloudfls.co/themes/startui/css/lib/colorpicker/css/colorpicker.css
Requested by
Host: cpabuild.com
URL: https://cpabuild.com/public/offers/iframe.php?it=717691&key=36098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.24.145 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8157923832e020c3a4ed7ef85ad7d032d7b1b03b02e5502dce8ac9af9cedea53

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cpabuild.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 14:18:34 GMT
Last-Modified
Mon, 20 Jul 2020 19:18:06 GMT
Server
AmazonS3
x-amz-request-id
2V2Z5VSBMXSNSJPB
ETag
"88ad8a6ad0054fcfa70e25a6c2474272"
Content-Type
text/css
x-amz-version-id
hOb.o1RIbFLjoUZHs0hFqKqWfq13uMQ1
Accept-Ranges
bytes
Content-Length
3181
x-amz-id-2
KuKjrhOc6nTrr1q5GmiWspt3Me4D94hrL2SEEgOkauaHPwwS0PWJ1lHPdiaC+bdtVkt3KZFn7JE=
151981978211ad81ad9b8c843e4b3c3052a8d6138c.css
s3.us-west-1.amazonaws.com/cloudfls.co/uploads/assets/ Frame A862 		22 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.us-west-1.amazonaws.com/cloudfls.co/uploads/assets/151981978211ad81ad9b8c843e4b3c3052a8d6138c.css
Requested by
Host: cpabuild.com
URL: https://cpabuild.com/public/offers/iframe.php?it=717691&key=36098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.24.145 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
27a59717d32af29935709bc2c2301d11291b4ca22dac6dd8d8741dffa6ac7ed8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cpabuild.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 14:18:34 GMT
Last-Modified
Mon, 20 Jul 2020 19:44:07 GMT
Server
AmazonS3
x-amz-request-id
2V2MAF1W3NQYC0FJ
ETag
"4ee41ce0944001dd398a94528668aa9b"
Content-Type
text/css
x-amz-version-id
mEuybZeBqZEWEnAJn0ikiMLlTy4658dV
Accept-Ranges
bytes
Content-Length
22376
x-amz-id-2
+nAGR6Raz2o1KMIWJPILRfUZUiOQNZIaEI4DxeztiYohDSHBaB/ASg/vN/52i2Qse0ZMWfGL4+U=
integrator.js
adservice.google.nl/adsid/ Frame 38FC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=www.iglookup.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 14:18:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 38FC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.iglookup.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 14:18:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 38FC 		93 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3781478668828623&correlator=2182840099842980&eid=31068830%2C44770638%2C31064018&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fifs&iu_parts=147246189%3A21880842651%2Ciglookup.com_1200x300_desktop_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C980x300%7C1200x200%7C1100x200%7C1000x200%7C1000x250%7C970x300%7C980x240%7C980x120%7C970x90%7C728x90%7C970x200%7C970x188%7C970x120%7C950x90%7C728x93%7C728x100%7C728x250&ifi=1&adks=1353836075&sfv=1-0-38&fsapi=false&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie=ID%3Dd60e656aeff43ac3-22ff9f7000ce004f%3AT%3D1661264312%3ART%3D1661264312%3AS%3DALNI_MadVHlDiw3UlDvsGgDv7CKcE5JPeQ&cdm=www.iglookup.com&abxe=1&dt=1661264313121&lmt=1661264313&dlt=1661264312485&idt=415&adxs=800&adys=319&biw=1600&bih=1200&isw=1200&ish=150&scr_x=0&scr_y=0&btvi=0&ucis=5pu6d1ipvhju&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Fwww.iglookup.com%2Fspy&top=https%3A%2F%2Fwww.iglookup.com%2Fspy&frm=23&vis=1&psz=1200x150&msz=1200x0&fws=256&ohw=0&ga_vid=1397882108.1661264313&ga_sid=1661264313&ga_hid=1700904838&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
0f8569930d1ca3c1264e70696b1d72b87bc1eab9e60d917cb48e2dee2f59cc6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39050
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.iglookup.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 973C 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iglookup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 14:18:33 GMT
expires
Wed, 23 Aug 2023 14:18:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 31F3 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-9-160.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ebf9218a016a4a06e257c70b58ebef5da0dc3ae22a3e28b9d394e688f54a228a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 14:18:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=68650
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9442
Expires
Wed, 24 Aug 2022 09:22:43 GMT
khaos.jpg
token.rubiconproject.com/ Frame 31F3 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
151999678694833b4c5a49a55ef7f9224b286820f0.js
s3.us-west-1.amazonaws.com/cloudfls.co/uploads/assets/ Frame A862 		47 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.us-west-1.amazonaws.com/cloudfls.co/uploads/assets/151999678694833b4c5a49a55ef7f9224b286820f0.js
Requested by
Host: cpabuild.com
URL: https://cpabuild.com/public/offers/iframe.php?it=717691&key=36098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.24.145 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
38b713ce7817068658fed4254cad04740e3eb5dc581f9b2100480feec4fe1622

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cpabuild.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 14:18:34 GMT
Last-Modified
Mon, 20 Jul 2020 19:44:08 GMT
Server
AmazonS3
x-amz-request-id
2V2XGBTPFERF05ZJ
ETag
"749f3a5be3474126eda77e97fbdc9d7d"
Content-Type
application/x-javascript
x-amz-version-id
JBcDJbWc5ONYvGQeSxxPJ._eBLuHPOyt
Accept-Ranges
bytes
Content-Length
47834
x-amz-id-2
1Zoh4OVuNLG4REsyXROOWBad9WkFug3MePLSzAzaX05MaJMFobDpQ5phUKpM4RJOIELDnnxchjw=
setuid
prebid-stag.setupad.net/ Frame 38FC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
  • https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=2313206554085835850
36 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=2313206554085835850
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Server
2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 14:18:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6G9yjIakIBPp2hyfVCOm5GZXs6xW30rWzArsR1wlFs6EdnbZxAdHLrKPsrctfSQpvd5uxYrrcUddxkJfJr%2FzpV0ZGOaTZAiHM6NLF2fTu1EvpAeQW%2FbiihAHIkLHWVyvPQZlSOGWTHN0oR8yoVxS5T%2Ffa%2Fi"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
cf-ray
73f47a65f8afb97a-AMS
content-length
36
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 14:18:33 GMT
X-Proxy-Origin
31.204.153.46; 31.204.153.46; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a4eaf1fe-d930-49a0-8918-2cb64dd73b73
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=2313206554085835850
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie
cm.adform.net/ Frame 38FC 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:33 GMT
server
nginx
content-length
43
content-type
image/gif
150170764295f591d2e1daeb4fda0985149aa31c04.png
s3.us-west-1.amazonaws.com/cloudfls.co/uploads/ Frame A862 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-west-1.amazonaws.com/cloudfls.co/uploads/150170764295f591d2e1daeb4fda0985149aa31c04.png
Requested by
Host: cpabuild.com
URL: https://cpabuild.com/public/offers/iframe.php?it=717691&key=36098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.24.145 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
bed61deb1c5d1bc69150d71138328e0016d956d021c0cb03973f9e915a7424db

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cpabuild.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 14:18:35 GMT
Last-Modified
Mon, 20 Jul 2020 19:22:35 GMT
Server
AmazonS3
x-amz-request-id
PHWKW5092TZW7P99
ETag
"e7ee0c509b52e0c345f24631dca0eadb"
Content-Type
image/png
x-amz-version-id
5MYnSQOqbLlzjhjhh7pOwZQ1Av0RIEEC
Accept-Ranges
bytes
Content-Length
2471
x-amz-id-2
mKID1jYRrCRrq5JUBpp9e+3Zg0uF6X4NUqVNRfB3+8rGnX790s91OOYWwawwvpcBg7h1A/2thog=
guid.js
cpabuild.com/public/external/ Frame A862 		862 B
742 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cpabuild.com/public/external/guid.js
Requested by
Host: cpabuild.com
URL: https://cpabuild.com/public/offers/iframe.php?it=717691&key=36098
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1996013bea18595368a7d2452d2a96a8a66b59bd08cde2935e36ffa0f985fda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cpabuild.com/public/offers/iframe.php?it=717691&key=36098
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Aug 2020 19:47:27 GMT
server
cloudflare
age
6974
etag
W/"35e-5ac9f574655f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQThfuqvNz8kE4Cxh6SX%2Bb4AREo7M81aiM4f7dQgY4j8CHTYbvx1ZZitVRbgszrB3zLqmpNbJfeSewVLCE8IaHlBF5miaUzig0Iv6FOhO7yyU%2FQ1GXEyjzMkwMa7OrvSId24XpXO7LTsbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
73f47a6aaa6eb77c-AMS
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 31F3 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif
sodar
pagead2.googlesyndication.com/getconfig/ Frame 38FC 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00ed92dc475e3c104156b7cb1625f5b7377638320a7ddb97e5720ca839f9fdbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 14:18:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10962
x-xss-protection
0
container.html
e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2E0E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iglookup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 14:18:33 GMT
expires
Wed, 23 Aug 2023 14:18:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 38FC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 14:18:33 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2E0E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvYLP2bgqOZ7RJqLLgsxwOMVIkviMED-OkME0o4MldFn8gJ3uBB8UrGSf5JC6Pe5eHvx-_SwEIkDcMXWODLMlWOF17F5l0mf-a_k34PmQYkUZvaO1bLxz-524FyMSA8TKax920PrrimcznlQfwzxE15-Xg16cVYFRXB3o1x7swszvz0Xb5topIaW6vzF_JZbU_f45WCYhdMtlq6P84WMYZybKWw1vBtE_WlrETd2R9GccZfXUsYa1c5JSg_AsJabL60P13On8tj-DLGqPXgN98PbbwDI0J-_jNmRDNy2f_UYjjaETD9Si5x6TTujl_tUKZYg8FwgDCX49HF1_5WwzScC5j1cOgHPs9ru5j7XtjnU4l2AtdTUu8ivO2O4XpO0868NEiVghprvS8hliH0019y5OoawrsAS-6NRqUmpBIUp9HOTDCsBge1HK7DdEgFMbBGz5_j4f22PxT1Dlqp2FKuQldWXj2PMrGh_pMlJOEJ5H63kCThojRrlELeJ__BoKyMlOecSdB-FiMSbwQ1Yqt9ZRTyfKR4crcjHilkNIA2SPlrDQucFNqKjcJTtoeT9ZXBZsh6nd-dI8GBuv5NOnqrlOC6Ih1iSTbTKtQK56tWSsE0Su8ngqmzQtHHY9O59RcgA-H4rhA4vDuqTmj5eHkD_NLaowId_jTqJtRtvEY0p27oD_akxzrGT6DPcE2gzQwUwSZbAMnq0LMMyliRv8vrSbwQtBkGEXv1wduGUslN3IMJmEsIxxEVUSuZKasKLpNsjv4gowthnT-lU9eNAqu2PHMh8vNpFvHWVU13isKqrrdj2E5_W1_ZMhPuEW8wqzG8I5_zsfHrsp7ydUdnMiH9jamTeS8Xq8sC1Lh4CQph70D1YclrmFSzJOqqkfIdZjeeYmuZCcha7d1h2UZQ2TYmT1bHEWHllSB5ncqDKfVvTizA2Y3scXhY4q7u8Tv6paI9012QZAKDzEiZOaooSLe9orFZEpaanWD4JSAUukpo-xAKG3HyAYQbFjc_iQK4zPAqD4Iyru3wYZmlpnT7Llsht_sQZ32Spun8xz00zZhgEjsEocTnzyq0lolInHJC0weK_7S2Qcdsgw9dTGM4S8dZdiJFqws9isU9I8Hqb3YBsqfpS-M-4QDFObjoy3bZgC4UXSiNr-bvY57MbsMHW0a190Ae&sai=AMfl-YQghFM4HflcKfG__Kx2nLEEOvLCKUWF2l20ITk1h8sbxfyuENjBa2uFgg&sig=Cg0ArKJSzN91VvPsF5GjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Tue, 23 Aug 2022 14:18:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 2E0E 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/
Origin
https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23257
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 24 Aug 2022 07:50:56 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220818/r20110914/elements/html/ Frame 2E0E 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220818/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com
URL: https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d4f6e28cf855271fabcd5fccb24e71ef842e3ffa3c33795d9ddd9d3a1e3a46b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 13:05:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4361
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2640
x-xss-protection
0
server
cafe
etag
4024001306453174559
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 13:05:52 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2E0E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 11:23:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10516
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Aug 2023 11:23:17 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/ Frame 2E0E 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com
URL: https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
565d050c0575bbf2b923e0dcbe3c2d5729f0254c4edf68d53b1644e61db8008b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 13:48:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1813
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14051
x-xss-protection
0
server
cafe
etag
7443058143385388256
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 13:48:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/ Frame 2E0E 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/window_focus_fy2021.js
Requested by
Host: e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com
URL: https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:11:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 14:11:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2E0E 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com
URL: https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44049
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661168302676581"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 14:18:33 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/ Frame 2E0E 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com
URL: https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:13:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
289
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 14:13:44 GMT
l
www.google.com/ads/measurement/ Frame 2E0E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR9--S9TrFW9G7usQ_c4G5CKBIsj4tTWRGdqWJiQDLJ7Mf_E6YBeVmwGxmsG_pH6Ma02V86OxSVvOOGFYQCbC5_PnR3sw
Requested by
Host: e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com
URL: https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220818/r20110914/ Frame 2E0E 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220818/r20110914/abg_lite_fy2021.js
Requested by
Host: e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com
URL: https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:16:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 14:16:09 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A52F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
519069
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Aug 2022 14:07:24 GMT
expires
Thu, 17 Aug 2023 14:07:24 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A5B9 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com
URL: https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
31587
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 05:32:06 GMT
etag
48472445140208031
expires
Wed, 24 Aug 2022 05:32:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2E0E 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1e5ce086c1dcad1be5bf2ac0c5c3d12b24f5d0fe1f8aaf2618bce269acb775f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E220 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iglookup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
213
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 14:15:00 GMT
expires
Wed, 23 Aug 2023 14:15:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 48B8 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c2b2649317a7eb5e219ca23661984ccd9117e1a1fa4167b7605f9328c7a78869
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gWWCuup2uniCUJfmzbJasw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.iglookup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
510
content-security-policy
script-src 'report-sample' 'nonce-gWWCuup2uniCUJfmzbJasw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 14:18:34 GMT
expires
Tue, 23 Aug 2022 14:18:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel
cm.g.doubleclick.net/ Frame A5B9
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESENnVxgarvOmGNoFwUsaS29E&google_cver=1&google_push=AehlK4AcZb6cZmbq8u1V1g6bzGhq31TgronbCq44bwLs2DOyR_A92DPngy1y6cYKVcsrSKfMqu5FsN_POA51eDpolpMN66IZmKxe
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QjU3NzZGQTUxRDhFQjI2Nw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QjU3NzZGQTUxRDhFQjI2Nw==
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 14:18:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QjU3NzZGQTUxRDhFQjI2Nw==
date
Tue, 23 Aug 2022 14:18:34 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame A5B9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPkdgRJ5tU3hQGSpeHTFoYQ&google_cver=1&google_push=AehlK4CsrYxJTzTETuqSLAwBzBOKjsP7qKD4wKvfJ8nlmXyGSfxCfkLQDPyc6xXJOrxcUk7t99ZKVhp38PLF8e-98Vul...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPkdgRJ5tU3hQGSpeHTFoYQ&google_cver=1&google_push=AehlK4CsrYxJTzTETuqSLAwBzBOKjsP7qKD4wKvfJ8nlmXyGSfxCfkLQDPyc6xXJOrxcUk7t99ZKVhp38PLF8e...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4CsrYxJTzTETuqSLAwBzBOKjsP7qKD4wKvfJ8nlmXyGSfxCfkLQDPyc6xXJOrxcUk7t99ZKVhp38PLF8e-98VulBKZ5PFuM&google_hm=JNp6e5SLTOyhtMI4Fb1e_Q==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4CsrYxJTzTETuqSLAwBzBOKjsP7qKD4wKvfJ8nlmXyGSfxCfkLQDPyc6xXJOrxcUk7t99ZKVhp38PLF8e-98VulBKZ5PFuM&google_hm=JNp6e5SLTOyhtMI4Fb1e_Q==
Requested by
Host: e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com
URL: https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 14:18:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4CsrYxJTzTETuqSLAwBzBOKjsP7qKD4wKvfJ8nlmXyGSfxCfkLQDPyc6xXJOrxcUk7t99ZKVhp38PLF8e-98VulBKZ5PFuM&google_hm=JNp6e5SLTOyhtMI4Fb1e_Q==
Date
Tue, 23 Aug 2022 14:18:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame A5B9
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHrL3_mD37oEn-c1uwJqXMY&google_cver=1&google_push=AehlK4CzA3Ui1ibjJlJW8JHcNwtd4RL24M3oYeTQBiFuEopQtflU6U2PFny4R-3H5HIofNBIqqV6aEnct60IvZvEhRLHbCB...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4CzA3Ui1ibjJlJW8JHcNwtd4RL24M3oYeTQBiFuEopQtflU6U2PFny4R-3H5HIofNBIqqV6aEnct60IvZvEhRLHbCBFJa8&google_hm=NzQ3Njc1MzM2MDkwMjk1NDU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4CzA3Ui1ibjJlJW8JHcNwtd4RL24M3oYeTQBiFuEopQtflU6U2PFny4R-3H5HIofNBIqqV6aEnct60IvZvEhRLHbCBFJa8&google_hm=NzQ3Njc1MzM2MDkwMjk1NDU4Ng%3D%3D
Requested by
Host: e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com
URL: https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 14:18:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 23 Aug 2022 14:18:34 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4CzA3Ui1ibjJlJW8JHcNwtd4RL24M3oYeTQBiFuEopQtflU6U2PFny4R-3H5HIofNBIqqV6aEnct60IvZvEhRLHbCBFJa8&google_hm=NzQ3Njc1MzM2MDkwMjk1NDU4Ng%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame A5B9
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEAX8uJxIUyczI35MXQgtZVU&google_cver=1&google_push=AehlK4Dff7usGUJ4CqxPsT6TEhdJ3SRVbxeuKzv1BCLHfhy-utbpFuHl7dua7U6Kqqrq5TeT2796qyC1xR9EU9b...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4GWSsd0iQ1dHJ6VA92zEqx_MmS4&google_push=AehlK4Dff7usGUJ4CqxPsT6TEhdJ3SRVbxeuKzv1BCLHfhy-utbpFuHl7dua7U6Kqqrq5TeT2796qyC1xR9EU9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4GWSsd0iQ1dHJ6VA92zEqx_MmS4&google_push=AehlK4Dff7usGUJ4CqxPsT6TEhdJ3SRVbxeuKzv1BCLHfhy-utbpFuHl7dua7U6Kqqrq5TeT2796qyC1xR9EU9bWaVy4bpo1mTxK
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 14:18:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4GWSsd0iQ1dHJ6VA92zEqx_MmS4&google_push=AehlK4Dff7usGUJ4CqxPsT6TEhdJ3SRVbxeuKzv1BCLHfhy-utbpFuHl7dua7U6Kqqrq5TeT2796qyC1xR9EU9bWaVy4bpo1mTxK
Date
Tue, 23 Aug 2022 14:18:34 GMT
Connection
keep-alive
Content-Length
242
Content-Type
text/html; charset=utf-8
us
sync.go.sonobi.com/ Frame A5B9 		0
0
pixel
cm.g.doubleclick.net/ Frame A5B9
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELel3g0axs60bnlRoCNqXUM&google_cver=1&google_push=AehlK4DD3AyqFQZe2ghqjNtNVnwjfsjJcXPp-tCigwHEjzTM-3RTFdQ9Kr3qIxjIMEs0Bj4TA2LKhZEP-lUY...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DD3AyqFQZe2ghqjNtNVnwjfsjJcXPp-tCigwHEjzTM-3RTFdQ9Kr3qIxjIMEs0Bj4TA2LKhZEP-lUY5rIk5KLFQRB1vKyj
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DD3AyqFQZe2ghqjNtNVnwjfsjJcXPp-tCigwHEjzTM-3RTFdQ9Kr3qIxjIMEs0Bj4TA2LKhZEP-lUY5rIk5KLFQRB1vKyj
Requested by
Host: e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com
URL: https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 14:18:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DD3AyqFQZe2ghqjNtNVnwjfsjJcXPp-tCigwHEjzTM-3RTFdQ9Kr3qIxjIMEs0Bj4TA2LKhZEP-lUY5rIk5KLFQRB1vKyj
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
spacer.gif
an.yandex.ru/resource/ Frame A5B9
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEKK232xIH18R4KuKdA4OY6o?ext-param=AehlK4BPUpU3V40WtrRrhnfWFQmFRc00b7nkUkv8M8NQbFxva96U1ijg6j5sfCggd7FpV3br2BC0F7Gncy8WLYYNoJ3vXRF8vz086g&partner-tag=yandex_ag...
  • https://an.yandex.ru/mapuid/google/CAESEKK232xIH18R4KuKdA4OY6o?redir-setuniq=1&ext-param=AehlK4BPUpU3V40WtrRrhnfWFQmFRc00b7nkUkv8M8NQbFxva96U1ijg6j5sfCggd7FpV3br2BC0F7Gncy8WLYYNoJ3vXRF8vz086g&partn...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEKK232xIH18R4KuKdA4OY6o&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 14:18:34 GMT
content-encoding
gzip
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif
x-xss-protection
1; mode=block
expires
Tue, 08 Aug 2023 14:18:34 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 14:18:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://an.yandex.ru/resource/spacer.gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame A5B9 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KnBuuMQ9pyd3cCkaZX1hNnLDCUFWftfURe5rmj3G0ZzILz6whulvJ8V6TM1sxcWE3XeZ-4EA
Requested by
Host: e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com
URL: https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
pagead2.googlesyndication.com/bg/ Frame A52F 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 13:19:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
3532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14092
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 13:19:41 GMT
8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
pagead2.googlesyndication.com/bg/ Frame E220 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 13:19:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
3532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14092
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 13:19:41 GMT
index.html
s0.2mdn.net/sadbundle/8914876361115274780/MAR-426-HTML-callerID-970x250/ Frame E5E2 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8914876361115274780/MAR-426-HTML-callerID-970x250/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52fd4bc227967a9b07555f2f4486284a24a60c53c2006e5032334dc598c4bf7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
62544
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1719
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Aug 2022 20:56:10 GMT
expires
Tue, 22 Aug 2023 20:56:10 GMT
last-modified
Fri, 07 Jan 2022 08:56:40 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
gdn
metrics.getrockerbox.com/track/ Frame 2E0E 		44 B
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.getrockerbox.com/track/gdn?source=been_verified&tier_one=gdn&tier_two=15622379422&tier_three=138089373104&auction_id=3529860446
Requested by
Host: e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com
URL: https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.209.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWyiEFyGuP22qPQsCBE58rcJRvH1Sko3ll71S1yc3oeGsz7nPDumK37lWnQScIgnBR0Pt4rXfxFRN9WBGsgQTBnQQHH3%2B2QWNFUoYjw%2Fz1Q64ORKcl3bpEFM25CKEpluseuif3abOKIi0ow%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
73f47a6b0d670b3f-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sodar
pagead2.googlesyndication.com/pagead/ Frame 48B8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081701&jk=3781478668828623&rc=
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
style.css
s0.2mdn.net/sadbundle/8914876361115274780/MAR-426-HTML-callerID-970x250/styles/ Frame E5E2 		2 KB
799 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8914876361115274780/MAR-426-HTML-callerID-970x250/styles/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8914876361115274780/MAR-426-HTML-callerID-970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ad6537698691727f3f6f9d85c1cddca6be7cb592e4d6e2c7800b4e8d153b84b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8914876361115274780/MAR-426-HTML-callerID-970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 10:09:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101360
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
770
x-xss-protection
0
last-modified
Fri, 07 Jan 2022 08:56:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 10:09:14 GMT
BV-logo.png
s0.2mdn.net/sadbundle/8914876361115274780/MAR-426-HTML-callerID-970x250/images/ Frame E5E2 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8914876361115274780/MAR-426-HTML-callerID-970x250/images/BV-logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8914876361115274780/MAR-426-HTML-callerID-970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9a24d8907d6bbec4b0f7bf39f3b3a71ed4b9eac9154a871e4c60632590fdc9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8914876361115274780/MAR-426-HTML-callerID-970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 10:04:43 GMT
x-content-type-options
nosniff
age
447231
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3564
x-xss-protection
0
last-modified
Fri, 07 Jan 2022 08:56:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 10:04:43 GMT
base64.js
s0.2mdn.net/sadbundle/8914876361115274780/MAR-426-HTML-callerID-970x250/scripts/ Frame E5E2 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8914876361115274780/MAR-426-HTML-callerID-970x250/scripts/base64.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8914876361115274780/MAR-426-HTML-callerID-970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d47b15f9ceed997958d2926eb66869594d088cbd2e0a9cb1903d8517ed32b86e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8914876361115274780/MAR-426-HTML-callerID-970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 14:50:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
516460
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1827
x-xss-protection
0
last-modified
Fri, 07 Jan 2022 08:56:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 14:50:54 GMT
script.js
s0.2mdn.net/sadbundle/8914876361115274780/MAR-426-HTML-callerID-970x250/scripts/ Frame E5E2 		2 KB
754 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8914876361115274780/MAR-426-HTML-callerID-970x250/scripts/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8914876361115274780/MAR-426-HTML-callerID-970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6866ca9fa9c2e0ee626b20289edbc5b68619e59b11711be19a7d094585f33c64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8914876361115274780/MAR-426-HTML-callerID-970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 01:10:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
565678
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
725
x-xss-protection
0
last-modified
Fri, 07 Jan 2022 08:56:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 01:10:36 GMT
generate_204
tpc.googlesyndication.com/ Frame E220 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?qWl0wg
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
1541527423a607b15a712c4823251c88682d1dbf54.js
s3.us-west-1.amazonaws.com/cloudfls.co/uploads/assets/ Frame A862 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.us-west-1.amazonaws.com/cloudfls.co/uploads/assets/1541527423a607b15a712c4823251c88682d1dbf54.js?_=1661264313228
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.24.145 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
3d60086efeed0e3af6d42ff624a15d1274763b994bf240da9ddec88ef83d9f66

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cpabuild.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 14:18:35 GMT
Last-Modified
Mon, 20 Jul 2020 19:44:08 GMT
Server
AmazonS3
x-amz-request-id
PHWKRQB7RHQRWEDB
ETag
"c2120b05cae0d60182021ca43c4a4727"
Content-Type
application/x-javascript
x-amz-version-id
Xq5nEZrYhQVX6cpn7Hs2O6y63bMzhXo5
Accept-Ranges
bytes
Content-Length
7816
x-amz-id-2
3GAxHKKTFtaAMfAAFApJSMUTSSHdb2zGk/msFgyQ38YxOeBMdEbn4N0Tjw2YnBGtZhCu+wy73Ac=
1514479459f53def1f1ed3bfc344f35f9587cce8ed.js
d13pxqgp3ixdbh.cloudfront.net/uploads/assets/ Frame A862 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d13pxqgp3ixdbh.cloudfront.net/uploads/assets/1514479459f53def1f1ed3bfc344f35f9587cce8ed.js?_=1661264313229
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f1b62ab44d1dfeab41c85d439e453aef3b40dc9a36d91a0b6a5dfa45f686f08

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cpabuild.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
7FcbH3ayyFBIceQfqglDQmshlJLcOupg
via
1.1 34fdfb7c7c11559df7e622af2b62f5ca.cloudfront.net (CloudFront)
last-modified
Thu, 28 Dec 2017 16:44:20 GMT
server
AmazonS3
age
37293
etag
"f7771ebcc6c9d9c6084c92438e471d09"
x-cache
Hit from cloudfront
content-type
application/x-javascript
date
Tue, 23 Aug 2022 04:05:29 GMT
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
17017
x-amz-cf-id
Tdn4F4G2ZpIhQEac98rPulb8w7Rof1NhgqP563XUCQEDsnXrRe6E5w==
HqnV16O.png
i.imgur.com/ Frame A862 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/HqnV16O.png
Requested by
Host: cpabuild.com
URL: https://cpabuild.com/public/offers/iframe.php?it=717691&key=36098
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.16.193 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9463786261a387907ed51538e899bd31f84ebbdf03daa7e5da9d43cc46934998
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cpabuild.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:34 GMT
x-content-type-options
nosniff
age
1823760
x-cache
HIT, HIT
content-length
2746
x-served-by
cache-iad-kiad7000171-IAD, cache-vie6328-VIE
last-modified
Thu, 28 Dec 2017 17:30:15 GMT
server
cat factory 1.0
x-timer
S1661264314.273130,VS0,VE1
etag
"2247841ceefe02d60f299d8693381d2e"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2, 1
eUq0zmO.png
i.imgur.com/ Frame A862 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/eUq0zmO.png
Requested by
Host: cpabuild.com
URL: https://cpabuild.com/public/offers/iframe.php?it=717691&key=36098
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.16.193 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
31595f21d840fc3e7b1524ab0c273b631c02dee673ead5b9bc81d89279cb4a3d
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cpabuild.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:34 GMT
x-content-type-options
nosniff
age
2172600
x-cache
HIT, HIT
content-length
1480
x-served-by
cache-iad-kcgs7200048-IAD, cache-vie6328-VIE
last-modified
Thu, 28 Dec 2017 17:30:26 GMT
server
cat factory 1.0
x-timer
S1661264314.273230,VS0,VE1
etag
"08f6af8d651f7190d67b1dea71be9e7d"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
wrrR1cu.png
i.imgur.com/ Frame A862 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/wrrR1cu.png
Requested by
Host: cpabuild.com
URL: https://cpabuild.com/public/offers/iframe.php?it=717691&key=36098
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.16.193 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
aef70be7da3a9d6a0208658c9ca7519e32b23955c8e61fdc935a977c8121efd2
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cpabuild.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:34 GMT
x-content-type-options
nosniff
age
1822879
x-cache
HIT, HIT
content-length
3567
x-served-by
cache-iad-kcgs7200035-IAD, cache-vie6328-VIE
last-modified
Thu, 28 Dec 2017 17:29:09 GMT
server
cat factory 1.0
x-timer
S1661264314.273229,VS0,VE1
etag
"cf55b81e80f0353604f923d2d4aa0a69"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
gen_204
pagead2.googlesyndication.com/pagead/ Frame A52F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bgmc7ueEEY9DbDY-lgQfFtJwoAAAAADgB4AQC&bg=!oaKloubNAAYUOm8VNDo7ACkAdvg8WkpE1K1psGgt4C3CDCW4-g_je2hhNPejJyGJZyu06cx1xWBeKQIAAACGUgAAAAFoAQcKADj0nahO-XO_VjWP3iDYyMzh9j6LXmSfbt-gPdOQGTNdOrSeFoTvuaWdCmsLGLolUWptLm5gp_AT9pkDUYZSZBTRPAN9PIRePtB9RtSmdN_QP6c_EUT8VGxCvEOyeNyZq_kz1KYAJ90R6mOCwVr2QxkCRc4RAIqJ3f4XER_XWLY3WqUUryPon5NCORf0nGoKe2jlL7B3snIMZNqjq0ZCrHaQnOYcPui6uUMO5t4AmW6sIrhPals961CnBwZoD1jBsaeHNUKfFSJEF-7PyoXHBjEJyn6kFbyDwWDegsBgJX5I_oqlTiQfNM1BBUdhJvl_F5SkJtoZfgqV8g08i3J0JtVrKg-chbWVAPkR250_i_tiuJKnmrDaEpCTNE-DF_97duAZGCm_FV2g4C_-Ee19vcIr7XIYTbAmNmnx8x4qYOkTS0i-sliKzYUJwuwol_qy6Mw_K5K7x1cLhuh-qvr1mjSQQpe4h8XVDXfNWbJ-3ov3S4ovnsAV8QxZyZjBdK6oA0dwtuCcBXfOXWxEIi6WRJ2bpqgh_ebo88jB3y6lr21kt99A6RrwslJ2xaKLfbIvnEhvlOio-CMHn5cvTOV9F9eQ3KAB2UEVMK6ofV2ZnW3t31tjj_6WtmlRN8JIlAYzvW6AsBuosiFtj6FspfKJq2w33BH45296MFk2mZX7qc-V1GX1-EOfy6EpNLnu_l2vWfnUgSm4CMjQkhcaY9QXtAj5QfJVIxdebIakWncAx3z4KCRi54zbRciF3BarVUNiRjoPyuGj8sUvudp8DTXYPbFU7s48EZIAxQzXin1btgpOyTton4IFNkrOT3qaDUk4FTmZGlkp2JiQo42mR4ZWMqOwztOMIHV3KZaUJisCOfPpejTPC3cNDUUdQaSniHH0moHX6mkGKCF7zWJy5Btc8I6GkTxMF4aN9XupWmJ_Qp7Rw4ZPaBUSqP-04RT7S0AI4bkbtI8jzATe5ZIyArsO0bcTgws9I92PofxbTYOPe7ltzNEkGazhhj28ODpoSGJaa2ne-JPify6szEjI_0mbX6N3AAWDgGC8h5KRIC8pifvaXPtu74IDXvQgzaBElTDq-o_3l0q91A_HCgG-_3ouKkjxBGM5JklmpWBYGmrUdMfXhZXGH1k7XijNrwnwKREScrac26bsM-o5jZrApxDB9hl4mjJWmB4fLOpTHHh-rj9B8xIBbjvnTA4z8VhnKw
Requested by
Host: e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com
URL: https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 14:18:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
node.php
node.setupad.com/node/ Frame 38FC 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.iglookup.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Tue, 23 Aug 2022 14:18:34 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ Frame 38FC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081701&jk=3781478668828623&bg=!o6CloOTNAAYUOm8VNDo7ACkAdvg8WlqqcOOQcdPGy_EUzoQu_JkFG2ukrmG0udlofkSVSIBjbBUtMQIAAABuUgAAAANoAQcKAGJ5UH5W_JME-O9teZ_SjOothgXNnAxqrUzpZMzok9toNz_JBuqm5-TQg1ufze33ps7o2aosIYhL0kQJfNlV5jwxzh9svovSkWJ6P8uqAI1AQDP724VySVShkQRLCP3mGCmNKpkDLALf5Bt_v9q6kiqpuYyNksDt1CW8gouh63KcGd0iHYVHoAl-VavUQeH3G8hxsiRAIib-Wc1FhyeQDkVhavm-IDgmolvCBOZ5-CfuWB5tEqLdNRB3VMY-MQTrlYnSxmwtgS5XXEgf3biHCCQFzEWqPxHQ0kvKEOGMWerJb1decxksGCv1vxj_KMGUAeEbl9ltKvXVL3l7jXMj9-RRxoR6Oi45hGB666vNwFICMBNUyNUwA5XHNe4CVuDbhfo0zhgtSk9zsvl3Wpn6jocqVEyhzx9dMhRPYTLoUR8WpdgoKYpMAzg65e04rt2WYOM85uxwM2buwkFxXNgMkNql4unqU2ZV9pYG8tzzs6UGJK8g4bTJfoRrlefplEUcWI8qlgFyNilMwnI193eRk3f18CAXPUDlfyN3x0XtvYkTLpByPMdQ7ZBwOcSSskyYiQAzE0G_r0hT6sUnXarFsjrj5qMSSdtPWVWPMh94_Sj83OfC-ThuG9j_1WJcsP17Rv7bGHwdLaP5fnePM-8xUutSTwIUCb6z_PAuuU4BMawiDths6cTu6VFOL-DZHoMq15Cf7_XJz7L_50WskICORufPBqpHZWVzh7tQIOeeGEEmXE7TgJhu2tprCpVW4vdSmUAzbHDlFgamO43ntEkNV-vqv74Qu-NiJyVcwN5WrzhsKhWUIeLitTPQ7_6nYzj5biv0yDuvUS84aP3CDsUd5rmvG9orTYeLry6UqNqqijA1i3ZvB_6EDEG9cCQzR8RUGEBE8orsKl_ZrXB_9OuilhsIN-kazJGBS8KqYejCeFO_xbo-AW5R4SU_aY7o7EJUS7KsBk4PvYQLZ8l9h__VvLighUBw7RjFjA_KKaGcAO6tgOKsu2_vQpx6qhdiuq3RStZL-4Tvo-uz60KDzSi-sYVCmND95m11O7P8OyoUFU9ZCNyfh5DNhpQYWnQNqZW2ic02FTlxENJw762bwymxJSQdfJVtY0Ojix5HeCnnQ0DLEHwQDKRzaIH3BMqqNJiie0gbJUk87BOJJI7QyT6o9pslvcu2skTink3frBn2TltcXQrq9L-QiQLgIhB31fSJEiVx
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 2E0E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvCK9s6a2cI2odQs_y8zqgIe8Wmikj6aflTD9PA6MJyd0pK4jKm3X_E_g0-seVd7WTyQPRx9a3uQTjRHN8NFthBqFCr9Faa1D9CNToyjMO5XoGcLRp1CsYcH6JP4wn95-BBAYx3TJWsXZkLWJ74HYEuIP_6BHCBVFp1PreleGbMl8JUkJfu1gAGCtx1Wj-IfFPUcHnDvt09sN_f9w&sai=AMfl-YSkuaQidAYUnDUTWPRiMbGDYM9-YGFVy1Ur3t2-ItD7c0pvy6sSZ6jNoqsFAyLd0syv-DvW-k6vmcoZDmrhM6BAjERd8lp1ZKHlIaR8jqauDRrqCAWNuL2B_TDY&sig=Cg0ArKJSzJJVlyk6iQ3kEAE&cid=CAASF-RoZmL12BhxT4qFa1d2ESsDntnrnLPK&id=lidar2&mcvt=1000&p=244,315,494,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220822&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1353836075&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661264313680&rpt=507&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 14:18:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adx
pubads.g.doubleclick.net/gampad/ 		46 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,21880842651/iglookup.com_970x90_anchor_responsive_DFP&sz=320x100%7C970x90&t=Placement_type%3Dserving&1661264315700
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
8e12b7b1148ac15b54aa83cf018e404eff4070e62639b4624aa39084b2dd40dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11312
x-xss-protection
0
google-lineitem-id
5759023139
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138361174917
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.iglookup.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxU1e4IVFQDjlr400RZXIpdeMVnELRzxk5pphErcvpa-1j6qilBN02V9GKxtJRzTNcd2tMfxoBjzkKdZja4gCNY=
fundingchoicesmessages.google.com/f/ 		105 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU1e4IVFQDjlr400RZXIpdeMVnELRzxk5pphErcvpa-1j6qilBN02V9GKxtJRzTNcd2tMfxoBjzkKdZja4gCNY=
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/js/cmp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e7f78aefe095c4c43933a85bf0cf22cff7869f7026a88847f0941a752796efa3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hgnX8WPesqdb4hXLkzJWHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-hgnX8WPesqdb4hXLkzJWHQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-hgnX8WPesqdb4hXLkzJWHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-hgnX8WPesqdb4hXLkzJWHQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
beep.mp3
www.erikosterberg.com/terminaljs/ 		0
0 		Media
General
Check archive.org
Download Go to
Full URL
https://www.erikosterberg.com/terminaljs/beep.mp3
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.205.12.223 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS
ip-92-205-12-223.ip.secureserver.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.iglookup.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Range
bytes=0-

Response headers
pubads_impl_2022081701.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 13:30:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133512
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 08:37:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 23 Aug 2023 13:30:51 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		128 B
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.iglookup.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
3b42908cab9d3ddf66a1f03aaadf13514518c31b6bd7ff8c5d6d6f92a744d836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 14:18:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92
x-xss-protection
0
expires
Tue, 23 Aug 2022 14:18:35 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153660446-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4358
date
Tue, 23 Aug 2022 13:05:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 23 Aug 2022 15:05:57 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 38FC 		87 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221_light.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:35 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 07:20:45 GMT
server
nginx
etag
W/"62fb454d-15cfe"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 24 Aug 2022 14:18:35 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1700157312&t=pageview&_s=1&dl=https%3A%2F%2Fwww.iglookup.com%2Fspy&ul=en-us&de=UTF-8&dt=Online%20Instagram%20Profile%20Viewer%20-%20IGLookup&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=2076570860&gjid=3247525&cid=606917007.1661264313&tid=UA-153660446-1&_gid=758014911.1661264316&_r=1&gtm=2ou8m0&z=1650196467
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.iglookup.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 14:18:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.iglookup.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 38FC 		87 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:35 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 07:20:45 GMT
server
nginx
etag
W/"62fb454d-15cfe"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 24 Aug 2022 14:18:35 GMT
147246189
fundingchoicesmessages.google.com/i/ 		105 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/147246189?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7d84b3ca82a3f1fbe33a3be928aec73288b8d73878708ff618b409aee3a9cd00
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-hjwPtux56fzdtkTNVDlWBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-hjwPtux56fzdtkTNVDlWBw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-hjwPtux56fzdtkTNVDlWBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-hjwPtux56fzdtkTNVDlWBw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
stpd201221_light.js
stpd.cloud/assets/postbid/ Frame C03D 		276 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stpd.cloud/assets/postbid/stpd201221_light.js
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a24843adc2fb5bac7b02f8b2fdbb08da59a6dc2ff974714234d2831c90d40ab

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 Aug 2022 14:18:35 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
i5RZoGxWXyFeBvqwcOlq+A==
age
5549
x-ms-lease-status
unlocked
last-modified
Mon, 22 Aug 2022 10:30:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1f684753-301e-0038-6a12-b65b57000000
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
73f47a765be3b95a-AMS
expires
Tue, 23 Aug 2022 18:18:35 GMT
AGSKWxVEP5I61-zczypo--ePpZm_g9yWFCJpFeuv2yoXlAprV-iYb3OErjILu6JVc3uis9NhKD2QmtS07eEagizPe3w=
fundingchoicesmessages.google.com/f/ 		754 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVEP5I61-zczypo--ePpZm_g9yWFCJpFeuv2yoXlAprV-iYb3OErjILu6JVc3uis9NhKD2QmtS07eEagizPe3w=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYxMjY0MzE1LDkyODAwMDAwMF0sIjQ2REE1OUFFLTFDMUEtNDAzRC1BNzQ4LURGOTFCQTI5OEZBRiIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3LmlnbG9va3VwLmNvbS9zcHkiLG51bGwsW11d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.aIsce_ORy0s.es5.O/d=1/rs=AJlcJMxrY0eGNFsgU43affrINprRkM6TTQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a1d71723bca3e4e226427f1fd25fdafc0e6f44f3fd858eccae99b47300706661
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-X6osCOcJC4SWul3yItac8Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-X6osCOcJC4SWul3yItac8Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
expires
Mon, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame C03D 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
b6aa7df8c12ac68fef96f064f4b2fb95e3078f233db65e145aa1279373d7b3c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28554
x-xss-protection
0
server
sffe
etag
"1311 / 33 of 1000 / last-modified: 1661252718"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 23 Aug 2022 14:18:35 GMT
usync.html
eus.rubiconproject.com/ Frame 8990
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-9-160.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.iglookup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Aug 2022 14:18:36 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 23 Aug 2022 14:18:35 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server
AkamaiGHost
beep.ogg
www.erikosterberg.com/terminaljs/ 		0
0 		Media
General
Check archive.org
Download Go to
Full URL
https://www.erikosterberg.com/terminaljs/beep.ogg
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.205.12.223 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS
ip-92-205-12-223.ip.secureserver.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.iglookup.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Range
bytes=0-

Response headers
pubads_impl_2022081701.js
securepubads.g.doubleclick.net/gpt/ Frame C03D 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 13:30:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2865
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133512
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 08:37:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 23 Aug 2023 13:30:51 GMT
usync.js
eus.rubiconproject.com/ Frame 8990 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-9-160.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ebf9218a016a4a06e257c70b58ebef5da0dc3ae22a3e28b9d394e688f54a228a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 14:18:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=68647
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9442
Expires
Wed, 24 Aug 2022 09:22:43 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame C1E2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221_light.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.iglookup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
34222
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 23 Aug 2022 14:18:36 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 78654
X-Served-By
cache-lga13624-LGA, cache-ewr18150-EWR
X-Timer
S1661264316.499175,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame D3FB 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221_light.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.iglookup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Aug 2022 14:18:36 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
css
fonts.googleapis.com/ 		60 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.aIsce_ORy0s.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxrY0eGNFsgU43affrINprRkM6TTQ/m=web_iab_tcf_v2_wall_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
071b2629614039f0f7ceaee23806f462fd911edc990c27a39b385dd46a6bf815
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 14:18:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Aug 2022 14:18:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Aug 2022 14:18:36 GMT
AGSKWxUOp3eBKWcCSEUT9iqJVHHSTM-Wod2HoWgLByWWvWx04ZhmK9-SVylRCTkU_i7w7LStsqLQJkYmNpZv_-xLRCwZypsgIKjrVlfsoDxKVtEIqPyZH2TNEHXuek7zL2kaPNqSOHZAKw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUOp3eBKWcCSEUT9iqJVHHSTM-Wod2HoWgLByWWvWx04ZhmK9-SVylRCTkU_i7w7LStsqLQJkYmNpZv_-xLRCwZypsgIKjrVlfsoDxKVtEIqPyZH2TNEHXuek7zL2kaPNqSOHZAKw==?dmid=a0a82bd6a35414e8
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.aIsce_ORy0s.es5.O/d=1/rs=AJlcJMxrY0eGNFsgU43affrINprRkM6TTQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6UC_xICMDt8YBHLQv_kC_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-6UC_xICMDt8YBHLQv_kC_w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.iglookup.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Aug 2022 14:18:36 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.iglookup.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-6UC_xICMDt8YBHLQv_kC_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-6UC_xICMDt8YBHLQv_kC_w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v138/ 		126 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v138/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
273f4bca58132eb580c0e132ca8f44093978a2a98eae6affe5df61c345fa3b19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.iglookup.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 04:12:58 GMT
x-content-type-options
nosniff
age
468338
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128552
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 01:42:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Aug 2023 04:12:58 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.iglookup.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 18:50:24 GMT
x-content-type-options
nosniff
age
70092
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 18:50:24 GMT
async_usersync
ib.adnxs.com/ Frame C1E2 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 14:18:36 GMT
X-Proxy-Origin
31.204.153.46; 31.204.153.46; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c9d3835d-2c69-4c8a-8e7d-e6c69c1d74a2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame 8990 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: www.iglookup.com
URL: https://www.iglookup.com/spy
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220818&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3239635388903570&plah=www.iglookup.com&bust=31069028
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c5c63a3ba232b7420ad39a7e1ea339b3454bdeae3a74e4ef8c73dcef03ce4aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 14:18:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10988
x-xss-protection
0
syncframe
gum.criteo.com/ Frame AD4D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.iglookup.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.iglookup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 14:18:36 GMT
server-processing-duration-in-ticks
2157
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame AD4D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=iglookup.com&sn=ChromeSyncframe&so=3&topUrl=www.iglookup.com&bundle=3RO9l19YckhsY3BQelc0ZnNJJTJGRmlJUkZ3S2U2NjdGcmZMQjduUmJVWkMzbFBLV0RaVn...
  • https://mug.criteo.com/sid?cpp=h0W9_nxoMHk0b24wWmI3U3NSS1dtZmZ3MnN6Y0hDbzNIQ0EwM2dnTmtxQW9tejNyTUZmNGVVZ0RMb3dOTzZlU0RVSGl1a0tRdXlZZUp6Ly9UcGRZNEFicHp5clhqZThCbTF3U0U2b1J6ZEhSaERRVEZFSHNMNWxzL24wWU...
452 B
641 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=h0W9_nxoMHk0b24wWmI3U3NSS1dtZmZ3MnN6Y0hDbzNIQ0EwM2dnTmtxQW9tejNyTUZmNGVVZ0RMb3dOTzZlU0RVSGl1a0tRdXlZZUp6Ly9UcGRZNEFicHp5clhqZThCbTF3U0U2b1J6ZEhSaERRVEZFSHNMNWxzL24wWUFvbXFsZzRaRzc1K0t3ZUFIbnJUZFRralNCUXlMcTM4SnhPZk1LY0xDQ0hEV3UydnFJdHBEMDBuTTMrUDBEcWZWNlRpYWRkTVUxNHgyc2RMb3lkK2o5TWxhaXFKcjZjak8zcGhYNVFiSmt6N0lFTUxINGpsN0V0bnRpM1JIVFV6VTZxMDk2V1dQalpwKzdZRG15N3dRWjZMMFpxL04vbUE5aHNUTCtQZEVEYXN4NzFMSFBGYz18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7b5f4707ced454c3d607bb717d37bc73329b0a71a443eda0e3bda567653425ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 14:18:36 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
6047
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 14:18:35 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=h0W9_nxoMHk0b24wWmI3U3NSS1dtZmZ3MnN6Y0hDbzNIQ0EwM2dnTmtxQW9tejNyTUZmNGVVZ0RMb3dOTzZlU0RVSGl1a0tRdXlZZUp6Ly9UcGRZNEFicHp5clhqZThCbTF3U0U2b1J6ZEhSaERRVEZFSHNMNWxzL24wWUFvbXFsZzRaRzc1K0t3ZUFIbnJUZFRralNCUXlMcTM4SnhPZk1LY0xDQ0hEV3UydnFJdHBEMDBuTTMrUDBEcWZWNlRpYWRkTVUxNHgyc2RMb3lkK2o5TWxhaXFKcjZjak8zcGhYNVFiSmt6N0lFTUxINGpsN0V0bnRpM1JIVFV6VTZxMDk2V1dQalpwKzdZRG15N3dRWjZMMFpxL04vbUE5aHNUTCtQZEVEYXN4NzFMSFBGYz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1441
content-length
567
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3239635388903570&plah=www.iglookup.com&bust=31069028
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 14:18:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D269 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.iglookup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
216
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 14:15:00 GMT
expires
Wed, 23 Aug 2023 14:15:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9E6C 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1f546f5d0917d9025d10fda22f64900b74fe22f382fbcbd13562cd1a253d3171
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Kf6yafIy7PM0_jUHCysH0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.iglookup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Kf6yafIy7PM0_jUHCysH0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 14:18:36 GMT
expires
Tue, 23 Aug 2022 14:18:36 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
pagead2.googlesyndication.com/bg/ Frame D269 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 13:19:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
3535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14092
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 13:19:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9E6C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220818&jk=1385176793903506&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame D269 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?YUMx4g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:18:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220818&jk=1385176793903506&bg=!rq2lrenNAAYUOm8VNDo7ACkAdvg8Wl6r4iTE8O_3PDItbiywmGEAeKUeSTHKnXOzmbHcZtYBzQUUtQIAAABDUgAAAAJoAQeZAtVBI2O8_-bCryMhDYG07L108EqpvRj-Ur54TJjW2YK88RiLSAsLayfY0_xtUbitlUWu9zosDsylld-8jlsHp9XqRYkEGdJnl6n6DKvOLUtiWltTMeVLHCAdEyD6ffQ4dPaSzX0uUgCGAaM_tiK0s62vIfTO8jbP_FL0R0inTyIhbUYIONYQymD6YD_a3TVnbC0xOWb1uJNXRXkEMo6OR2M_nCxPG_dC44XjjjEDXkHI4cGwaQK_VVN17ysx48XfEeWKa36GrbDAJd0i12RKSqgA7_LYdeWp50tcfi-PKuk-kbYJdc80seusynZhrzVYteU_qPo1tqF5pDUcHmXUVrScZ03CnTLzxwhNHJII5_ckAtGe9GRNJXIr3MERKVqxFB41K1pUpfjkpEK_l2o_UC_w0QYd2LzH42wDV8JCBl39gOWUUNrvtsajrNDhDfEXGYHwN_ui49ckRNGx3lDVwegDLN5pwcOePi10E9sBNdfVuNoWUeodPDAyCey-CvczSHUfXBOwimTF-pFvlLXm_kkVGTNyPAuDn7yYmdoJwWJWfSyt8k2tfZb2m4maVUlXc_fntFmRBeDaUICqCoxBDZmBSbQKgFooYKZYOtFxTkLRD2AYFlo8XNyfui4tADCM7ne2k5_VhpRzB8yfw24dF0Z8lAsD_7FzFl5KbkVwXK7QDMoBkziBD-riaVpxYnuRZ36_8S4ph4scsemDkqGL-bp6QTlgfOhwgbYGh4KBPpqG4u4_PA3TbDXhEBqUoxJyW4uCyH3MxDFKSYQgVmkJnQ_pVVbc9Ifn3dYiIWK6ByMtRXy0lCbU9hp7iJlGu8lpc1SKnPkYinjEWWhIL0p-5h4mb3gIQvBikeIvUob8lNY1bgh_OJUF--QzJYyAyMCzneoz8wM6zhpDIHnAO4kAph8hYe3fHSqFD7i-FnsF0tBhwGZN49m85KOnvtPar40Fa6kHKpJncA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.iglookup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAehlK4DyNUPgvfqiEZL3x24MtRUHHzA3NbP82Eqmv4f2nWsmRaDt2uuyEiMeLmBeAEAWxT1r7O3_GJtFAAp_Khmjkn8hP-npD6E%26google_hm%3D%5BUID%5D&google_gid=CAESEFkOIlyg3Xy6WLB7Ga57o2w&google_cver=1

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| JSAlert function| Terminal function| promptInput object| t1 function| showCaptcha function| gtag object| dataLayer object| Alpine object| googletag function| __d3lUW8vwsKlB__ object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData object| criteo_syncframe_state string| pb_iglookup.com_970x90_anchor_desktop object| us_iglookup.com_970x90_anchor_desktop object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef object| ZjI1MDVkOGQ4NDQ1YTA4YWxvYWRlcl9qcw== string| ZjI1MDVkOGQ4NDQ1YTA4YWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| GoogleGcLKhOms object| google_image_requests

31 Cookies

Domain/Path Name / Value
www.iglookup.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.iglookup.com/ Name: _pubcid
Value: 5b0f7a0d-9c64-413d-97f4-bf89258a23c3
.adnxs.com/ Name: icu
Value: ChgI8_56EAoYASABKAEwuMOTmAY4AUABSAEQuMOTmAYYAA..
.adnxs.com/ Name: uuid2
Value: 2313206554085835850
.casalemedia.com/ Name: CMID
Value: YwThuQDStQbq6fzU.QdDnQAA
.casalemedia.com/ Name: CMPS
Value: 1202
.casalemedia.com/ Name: CMPRO
Value: 1202
www.iglookup.com/ Name: cto_bidid
Value: aUvSEF9mVW1EWEdiZE1tU3FVS0x1YTBDZmlWblJsOXlKa21xZXp6aGMzN29DcEhLVkVZY1RDSGpGVzZxRkFBZXc3JTJGcnJxWEhycWQxY1kzeDJ4c0x6cHplZ2hnJTNEJTNE
www.iglookup.com/ Name: cto_bundle
Value: 3RO9l19YckhsY3BQelc0ZnNJJTJGRmlJUkZ3S2U2NjdGcmZMQjduUmJVWkMzbFBLV0RaVnhDeFhMdzBxdDRKMWZiYkZlUkZ4TENROGhyN1djeXZlWGU5ZGI3d1FkeThicHBkcnFBeVRpNnpQM0F4RVh2Z0dCdWZYakpUJTJCWFhHTDh6JTJGRzJGVA
.casalemedia.com/ Name: CMTS
Value: 5156
.doubleclick.net/ Name: IDE
Value: AHWqTUlJzroc5Jf0PoXcuwuC_agoSSUV6tCUrF59sWskUw1SoOQ64CKPbJY8to3E15g
.iglookup.com/ Name: __gads
Value: ID=d60e656aeff43ac3:T=1661264312:S=ALNI_MZdqj8oRUKoTrQrbvOh0wzeiPGRVg
.bidswitch.net/ Name: tuuid
Value: 24da7a7b-948b-4cec-a1b4-c23815bd5efd
.bidswitch.net/ Name: c
Value: 1661264314
.bidswitch.net/ Name: tuuid_lu
Value: 1661264314
.yahoo.com/ Name: A3
Value: d=AQABBLrhBGMCEM33nopFp8wNDQBrz_hJHqUFEgEBAQEzBmMOYwAAAAAA_eMAAA&S=AQAAAg48zcraZOInS9qh53wjsqw
.bidswitch.net/ Name: google_push
Value: AehlK4CsrYxJTzTETuqSLAwBzBOKjsP7qKD4wKvfJ8nlmXyGSfxCfkLQDPyc6xXJOrxcUk7t99ZKVhp38PLF8e-98VulBKZ5PFuM
.yandex.ru/ Name: yuidss
Value: 3467529041661264314
.yandex.ru/ Name: yandexuid
Value: 3467529041661264314
.getrockerbox.com/ Name: uuid
Value: rbcr-eb300560-443b-469e-958c-12e572439d40
fksnk.com/ Name: AWSALBCORS
Value: mlbN2pO+qQinH4OE0DkKpqMepbPmzEsLpuOQnbX7eEC3j6jQhQ/HZ3Td3raqWs5KtMZoXP12MZ0N9ddQIJDtRTh6BZWea1NzgeVSnGde9M65m5DCaXg+IvsraDWc
.fksnk.com/ Name: f_001
Value: B5776FA51D8EB267
.fksnk.com/ Name: g_001
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-e06592b1-dd22-4357-4727-a540f76cc4ab.w4WpsD0Kv%2Bp49n9kVPMSmpHHmBScFPlXatuV8zBhZBU
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A4GWSsd0iQ1dHJ6VA92zEqx_MmS4.bIh4n6RQ9hXKGkbJx8QjUpx8CtxWzVBPTIe44CcCMyw
.iglookup.com/ Name: _ga
Value: GA1.2.606917007.1661264313
.iglookup.com/ Name: _gid
Value: GA1.2.758014911.1661264316
.iglookup.com/ Name: _gat_gtag_UA_153660446_1
Value: 1
.criteo.com/ Name: uid
Value: 3493cadf-cc0f-486f-ae16-cac827eb9cc6
.iglookup.com/ Name: cto_bundle
Value: b41MT19YckhsY3BQelc0ZnNJJTJGRmlJUkZ3S1V6a0pyWFh6aG55UHV4bmNLNDJMNjI3blFCJTJGRElBbUhmJTJCJTJGTzZuWTdHNyUyQmZNczlZbDltQzQlMkJZdU1BRm1YckxIUWtJYyUyRmZwTjdBMmVzaDQlMkJia1I4cXBwWjdvcTl1RCUyQkExc1BSRW1HUm15WGpCS2JZWW1xYzNaTnIlMkJwVndwYnZJdyUzRCUzRA
.www.iglookup.com/ Name: cto_bundle
Value: b41MT19YckhsY3BQelc0ZnNJJTJGRmlJUkZ3S1V6a0pyWFh6aG55UHV4bmNLNDJMNjI3blFCJTJGRElBbUhmJTJCJTJGTzZuWTdHNyUyQmZNczlZbDltQzQlMkJZdU1BRm1YckxIUWtJYyUyRmZwTjdBMmVzaDQlMkJia1I4cXBwWjdvcTl1RCUyQkExc1BSRW1HUm15WGpCS2JZWW1xYzNaTnIlMkJwVndwYnZJdyUzRCUzRA

5 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3239635388903570&output=html&adk=1812271804&adf=3025194257&lmt=1661264312&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.iglookup.com%2Fspy&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661264312469&bpp=2&bdt=242&idt=260&shv=r20220818&mjsv=m202208160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=880758654500&frm=20&pv=2&ga_vid=606917007.1661264313&ga_sid=1661264313&ga_hid=1700157312&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068487%2C31069028%2C31069063&oid=2&pvsid=1385176793903506&tmod=743594968&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=272
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=&uid=YwThuQDStQbq6fzU.QdDnQAA%261202
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=2313206554085835850
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://www.erikosterberg.com/terminaljs/beep.mp3
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.erikosterberg.com/terminaljs/beep.ogg
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
adservice.google.com
adservice.google.nl
adx.adform.net
ajax.googleapis.com
an.yandex.ru
bidder.criteo.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.adform.net
cm.g.doubleclick.net
cpabuild.com
d13pxqgp3ixdbh.cloudfront.net
e8414c92dfc9a4acdfa623abcc1734fa.safeframe.googlesyndication.com
eus.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
i.imgur.com
ib.adnxs.com
id5-sync.com
js-sec.indexww.com
metrics.getrockerbox.com
mug.criteo.com
node.setupad.com
npmcdn.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
pubads.g.doubleclick.net
s0.2mdn.net
s3.us-west-1.amazonaws.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
ssum.casalemedia.com
static.criteo.net
stpd.cloud
sync.go.sonobi.com
sync.srv.stackadapt.com
token.rubiconproject.com
tpc.googlesyndication.com
www.erikosterberg.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.iglookup.com
x.bidswitch.net
sync.go.sonobi.com
104.18.18.126
141.95.98.66
142.250.181.226
142.250.185.194
142.250.185.66
151.101.193.108
159.89.25.223
172.67.209.18
178.250.0.165
178.250.2.146
18.193.255.74
185.184.8.90
199.232.16.193
23.35.228.247
23.75.240.210
2600:9000:223e:c600:1c:b3e3:eb40:21
2606:4700:20::681a:8b2
2606:4700:20::681a:daf
2606:4700:20::ac43:4951
2606:4700::6810:5914
2606:4700::6811:180e
2606:4700::6812:1e31
2a00:1450:4001:800::2008
2a00:1450:4001:803::200e
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2006
2a00:1450:4001:812::2001
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::200a
2a00:1450:400e:800::200a
2a02:2638:1::13
2a02:2638::3
2a02:6b8::90
2a05:d018:d29:3602:330c:6850:f997:69b7
2a06:98c1:3121::c
34.239.50.221
37.157.4.39
37.252.172.37
51.89.9.254
52.2.211.96
52.219.24.145
69.173.144.139
69.173.144.165
92.123.9.160
92.205.12.223
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00ed92dc475e3c104156b7cb1625f5b7377638320a7ddb97e5720ca839f9fdbe
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
071b2629614039f0f7ceaee23806f462fd911edc990c27a39b385dd46a6bf815
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d4f6e28cf855271fabcd5fccb24e71ef842e3ffa3c33795d9ddd9d3a1e3a46b
0f8569930d1ca3c1264e70696b1d72b87bc1eab9e60d917cb48e2dee2f59cc6f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12fc61ae3a94294a815e6bb5fb8b8a1123c7c26cf2ac1f79926975c9bee16e22
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
18a279cbb81cf6d0f22aeaa24fbe994cdf94f4fac41d26ec3850eecbcf1a0bd1
1c527b696065a1236325311d818d7c2837e1a35a9264007aaea07a9fc34d0959
1efaf08532e929afdd04c59a6b3215c51a0a8f67a7b23b4f6cc386a1c741ec1a
1f546f5d0917d9025d10fda22f64900b74fe22f382fbcbd13562cd1a253d3171
248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0
25721cf24e49cffc28199105526c82487631752bc0eccd391f825bffefbaa06a
273f4bca58132eb580c0e132ca8f44093978a2a98eae6affe5df61c345fa3b19
27a59717d32af29935709bc2c2301d11291b4ca22dac6dd8d8741dffa6ac7ed8
2c8bdcebfbe4caf87727b3c56442dc41a790ac80a071c4d67374f2f9bd9e2b43
31595f21d840fc3e7b1524ab0c273b631c02dee673ead5b9bc81d89279cb4a3d
31f0a2732d6f9b23ae8209b4563c58966cb7c9444c54f74478cb00c439073d92
341326dbaf8c5609cfa4147f8dd98cd28ad17af3fb8f6e87a070b720f5bf4fe9
38b713ce7817068658fed4254cad04740e3eb5dc581f9b2100480feec4fe1622
3b42908cab9d3ddf66a1f03aaadf13514518c31b6bd7ff8c5d6d6f92a744d836
3cba1ead961a6687ea7be904c9f21a130b985770c84635d01dfafa1a59d88f37
3d60086efeed0e3af6d42ff624a15d1274763b994bf240da9ddec88ef83d9f66
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
468bf232126e3959d56f01ff6d5bbb01ee894465dad2d6979271d27e42a9d187
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c5c63a3ba232b7420ad39a7e1ea339b3454bdeae3a74e4ef8c73dcef03ce4aa
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52fd4bc227967a9b07555f2f4486284a24a60c53c2006e5032334dc598c4bf7b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565d050c0575bbf2b923e0dcbe3c2d5729f0254c4edf68d53b1644e61db8008b
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5f1b62ab44d1dfeab41c85d439e453aef3b40dc9a36d91a0b6a5dfa45f686f08
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
633dc2faf8814cf105d53e40564cca15b2dfe2e176d8c25eeb6d84d5e25d1346
63985aef0fb315697e2271b9d909ee9a11042a9e8e588c42962a0c3f46269ff4
660e20221e638e3d4782c1a70b3a2083745cca27dfe97def80051cecffcef293
6866ca9fa9c2e0ee626b20289edbc5b68619e59b11711be19a7d094585f33c64
6ad6537698691727f3f6f9d85c1cddca6be7cb592e4d6e2c7800b4e8d153b84b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
726cefb4e62f5301bb01f7ad13390c6741621db0e65e71b44c14e81dcc731e73
7b5f4707ced454c3d607bb717d37bc73329b0a71a443eda0e3bda567653425ee
7d84b3ca82a3f1fbe33a3be928aec73288b8d73878708ff618b409aee3a9cd00
8157923832e020c3a4ed7ef85ad7d032d7b1b03b02e5502dce8ac9af9cedea53
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
883ac9fdc367df8f5faeef8611477542ce22f5138692071da67bb6f460299a73
8a24843adc2fb5bac7b02f8b2fdbb08da59a6dc2ff974714234d2831c90d40ab
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8e12b7b1148ac15b54aa83cf018e404eff4070e62639b4624aa39084b2dd40dd
8e8380ac06af307f5daf7366b1b7517354efc41502a72e0811403c88f93273c0
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
9463786261a387907ed51538e899bd31f84ebbdf03daa7e5da9d43cc46934998
96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd
98fd7827212d0d34f83eeeaca1e56b7d7b35746032410a941d0a0a4d4e6298e3
997a01a57a4490413ec29631731134298f2abb718450da19404a30ef41fe9555
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b81999d6a16ee78a925322e8967dc1b1e8556272b6bb38801ba38bc30b230cc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1d71723bca3e4e226427f1fd25fdafc0e6f44f3fd858eccae99b47300706661
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aef70be7da3a9d6a0208658c9ca7519e32b23955c8e61fdc935a977c8121efd2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e007a947dbbe6717f2d64743a29b9d2f4099a9c1352b45efbc16cf110e2cea
b6aa7df8c12ac68fef96f064f4b2fb95e3078f233db65e145aa1279373d7b3c9
b78a3cd1e79a6846882e48cc4d78109495102ce1d37a46c353cee5f021160c15
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bed61deb1c5d1bc69150d71138328e0016d956d021c0cb03973f9e915a7424db
c2b2649317a7eb5e219ca23661984ccd9117e1a1fa4167b7605f9328c7a78869
c409c2e7928e422543b4e41de36048551987512144c2c4f7265b8e6986b85355
cbb261f9f911fca42d9fec9a3ae6793084e3d5c1ee07ed94c5030571b969c6dd
ce068a9212a95f34ab3f25d57dccc787281c3d21f28470fe3d25a7ab72d91c7b
d47b15f9ceed997958d2926eb66869594d088cbd2e0a9cb1903d8517ed32b86e
d71c0231e22ba808c532ef4c8bf713b03408643ce073a427de0c13634a707d72
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
df342ebf6fae7ecf6ecc0546f197aa1240c665deb17984eebaaa110b846d97a2
e1996013bea18595368a7d2452d2a96a8a66b59bd08cde2935e36ffa0f985fda
e1e5ce086c1dcad1be5bf2ac0c5c3d12b24f5d0fe1f8aaf2618bce269acb775f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e7f78aefe095c4c43933a85bf0cf22cff7869f7026a88847f0941a752796efa3
ebf9218a016a4a06e257c70b58ebef5da0dc3ae22a3e28b9d394e688f54a228a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172
f51e3857a88299557ba038af492be73e6e286188ab1fa802edfb74f484b88fea
f9a24d8907d6bbec4b0f7bf39f3b3a71ed4b9eac9154a871e4c60632590fdc9c
fce4013b046a25cbf94a641d6dadaf61a1ef2076c21c9bef5081e4863046952d