br.atsit.in Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://br.atsit.in/
Effective URL:
https://br.atsit.in/
Submission: On June 04 via manual (June 4th 2023, 11:42:41 pm UTC) from BR — Scanned from NL

Summary HTTP 181 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 30 IPs in 8 countries across 26 domains to perform 181 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is br.atsit.in.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 9th 2022. Valid for: a year.

This is the only time br.atsit.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
10	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a02:2638:d::13 2a02:2638:d::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:d::11 2a02:2638:d::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 5	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
3 17	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	35.158.42.58 35.158.42.58	16509 (AMAZON-02) (AMAZON-02)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
20	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
4 4	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
2 2	213.155.156.181 213.155.156.181	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
181	30

14 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

br.atsit.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.185.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.141 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.158.49 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Bad Durrheim, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.42.58 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-42-58.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.234 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.181 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	464 KB
38	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 51 cm.g.doubleclick.net — Cisco Umbrella Rank: 231 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 351	152 KB
20	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 324	2 MB
18	criteo.net static.criteo.net — Cisco Umbrella Rank: 569 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 7995 csm.eu.criteo.net — Cisco Umbrella Rank: 7845	253 KB
14	atsit.in 1 redirects br.atsit.in	147 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	133 KB
8	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 3	2 KB
6	criteo.com rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 13847 ads.eu.criteo.com — Cisco Umbrella Rank: 7804 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9220 dis.criteo.com — Cisco Umbrella Rank: 587	51 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	266 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 598	3 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568	3 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 66	4 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 239	3 KB
3	google.nl adservice.google.nl — Cisco Umbrella Rank: 13768	864 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 1866	21 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5220	653 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 340	1 KB
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1588	1 KB
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 870	1 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 773	802 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	127 KB
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 43979	610 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 365	266 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 518	875 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 249	5 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1056	602 B
181	26

	Domain	Requested by
25	tpc.googlesyndication.com	googleads.g.doubleclick.net br.atsit.in tpc.googlesyndication.com pagead2.googlesyndication.com s0.2mdn.net
24	pagead2.googlesyndication.com	br.atsit.in pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
20	s0.2mdn.net	br.atsit.in s0.2mdn.net
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
17	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net br.atsit.in
14	br.atsit.in	1 redirects br.atsit.in
10	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
6	imageproxy.eu.criteo.net	ads.eu.criteo.com googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
5	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.googletagservices.com	googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
4	c1.adform.net	4 redirects
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	fonts.googleapis.com	br.atsit.in googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.nl	pagead2.googlesyndication.com
2	googleads4.g.doubleclick.net	br.atsit.in
2	d5p.de17a.com	2 redirects
2	x.bidswitch.net	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	um.simpli.fi	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	csm.eu.criteo.net	ads.eu.criteo.com
2	cat.nl3.eu.criteo.com	ads.eu.criteo.com googleads.g.doubleclick.net
2	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	br.atsit.in www.googletagmanager.com
1	gcm.ctnsnet.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	sync.mathtag.com	1 redirects
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
181	37

This site contains links to these domains. Also see Links.

Domain
themeisle.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-09` - `2023-07-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-18` - `2023-08-18`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-13` - `2023-08-10`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-26` - `2023-06-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://br.atsit.in/
Frame ID: 72010C53A5D1F85DDEC5C401D5AE5B6A
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/zrt_lookup.html
Frame ID: EA8374FFA9174DDA34C8F241384635A2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5533026247140662&output=html&adk=1812271804&adf=3025194257&lmt=1685922155&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Fbr.atsit.in%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685922154723&bpp=7&bdt=1194&idt=355&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3860851752660&frm=20&pv=2&ga_vid=2042981811.1685922155&ga_sid=1685922155&ga_hid=294017789&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44792109%2C44759842%2C44759927%2C31075003%2C44788442&oid=2&pvsid=404447995171631&tmod=2054248182&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=378
Frame ID: 9C1EF6D38F1C3C2A42AE43FBE8F02B40
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5533026247140662&output=html&h=280&adk=1213588912&adf=3574913033&pi=t.aa~a.938140757~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1685922155&rafmt=1&to=qs&pwprc=5518319850&format=1200x280&url=https%3A%2F%2Fbr.atsit.in%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685922154730&bpp=2&bdt=1200&idt=377&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3860851752660&frm=20&pv=1&ga_vid=2042981811.1685922155&ga_sid=1685922155&ga_hid=294017789&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44792109%2C44759842%2C44759927%2C31075003%2C44788442&oid=2&pvsid=404447995171631&tmod=2054248182&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=etVx2hixZq&p=https%3A//br.atsit.in&dtd=381
Frame ID: 96CF13AD97A46C589B68234143D20FE9
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZH0hawACZMEKiwgbAAXO3R_xacO9Xf2gQ1GW4g&u=%7CauEmzGU2KQc%2FPQsVOwF%2F4KhgyESl2fjvpYQAB4Ghzac%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sT7q43MK0LUngIVuOoIkSBx7jIaw0YFer8aUuT7YNeukM8zUgLa-qD-q9BeveMsv_Cx4ArNLR6fZ3HKeOyqy6Qv5BeQHDZX0ss4PFCjWv9jLdXBrrZp7oxdljeuc0g6Dmzrk7Y0wBU9bxCMkh7y3ohTErpDq7FTg6ugUGo5y-GR6MjVd-CIxtpyINWk_vLW4S1DjXyFn8BKwyEJNlMsBCg8INWQs-JbtTzm1hVgw5vytmi1QZwHiIFnIzl0s6ubzHJjdIMyYkxpaEIjqkOmO5c-LzZr31LByumDp2Cjey3E_W5vPT8_EX7Bs2_W7qFx6NqQFG4-gx-UBfqGSQRfEvqV67xks_C_ud1E50sAzYCZs27QZiNtWgE68lXCBzVWfFHM40Z1FiP5e2M7tGaZVpveqz4zL-escPpZx-N3C_9kHI7ePJlR6qnb1qRiRiKzwgpRTO797kL-plmGS5gjinqWb-WkJPeF6h1bo11p3IYM2jEVcACPntB_rf2ENF9RJtji6eclJTqjexR5PEhLU6plKGhHp7FigfaCu_crz2lYn40AW38W5Sls&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpwtZayF9ZMHJCZuQrATdnZewDsme0rFc1fbi1pMBwI23ARABIABgkYSghYwYggEXY2EtcHViLTU1MzMwMjYyNDcxNDA2NjLIAQmpArh38lz19rE-qAMBqgS0AU_Qhc_lLs5fhNN44FJfwIGrSfpNSZ-M6xaE5XvlDheUGxzTZOsE7M3xCikdcL5mNx-j8InlvcqMdiEoQ34pDFdXR4s0PpWzRHVGstCBdm0dZ4zoQG6vK2cdO1RfGfI1Y3PLTt4_RxmLtNB1aVSKjgbUQexLuYWyFRoqCyqcKyYTssn7uLok2K96l7s2FKnT1AR0bmiD6BxZ6YU5sANIgGIxVMPL-r1GzNvvoJJvFO2Von8QMYAGzNW5ssGx_YdYoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0rOWdKuBD5XnsGPXZPFoLbn7U2vw%26client%3Dca-pub-5533026247140662%26adurl%3D
Frame ID: 2CFB495AF7BFC42E7A20D87781898749
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5533026247140662&output=html&h=600&adk=3451972497&adf=2498633431&pi=t.aa~a.2594507593~rp.4&w=263&fwrn=4&fwrnh=100&lmt=1685922155&rafmt=1&to=qs&pwprc=5518319850&format=263x600&url=https%3A%2F%2Fbr.atsit.in%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685922155762&bpp=1&bdt=2233&idt=1&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee0fb367013cdeee-2211974433e100a8%3AT%3D1685922155%3ART%3D1685922155%3AS%3DALNI_MZlTwUXVyUTJJwLdpCad3Zm1ax9bg&gpic=UID%3D00000c4399df8a35%3AT%3D1685922155%3ART%3D1685922155%3AS%3DALNI_MaSO5ytgK00D4_Kxp3e-BqtEODqzw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3860851752660&frm=20&pv=1&ga_vid=2042981811.1685922155&ga_sid=1685922155&ga_hid=294017789&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=1472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44792109%2C44759842%2C44759927%2C31075003%2C44788442&oid=2&pvsid=404447995171631&tmod=2054248182&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=fuz7yNvkBt&p=https%3A//br.atsit.in&dtd=11
Frame ID: CD708757172F2DCF924F5C093B933AA4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5533026247140662&output=html&h=192&adk=1587331879&adf=1300684125&pi=t.aa~a.662479323~rp.4&w=750&lmt=1685922155&nsk=63c37da6&rafmt=11&pwprc=5518319850&ad_type=text_image&format=750x192&url=https%3A%2F%2Fbr.atsit.in%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685922155791&bpp=2&bdt=2261&idt=2&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee0fb367013cdeee-2211974433e100a8%3AT%3D1685922155%3ART%3D1685922155%3AS%3DALNI_MZlTwUXVyUTJJwLdpCad3Zm1ax9bg&gpic=UID%3D00000c4399df8a35%3AT%3D1685922155%3ART%3D1685922155%3AS%3DALNI_MaSO5ytgK00D4_Kxp3e-BqtEODqzw&prev_fmts=0x0%2C1200x280%2C263x600&nras=4&correlator=3860851752660&frm=20&pv=1&ga_vid=2042981811.1685922155&ga_sid=1685922155&ga_hid=294017789&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2449&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44792109%2C44759842%2C44759927%2C31075003%2C44788442&oid=2&pvsid=404447995171631&tmod=2054248182&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=DpxreSbg0X&p=https%3A//br.atsit.in&dtd=14
Frame ID: D35AA1A862B659C9B5D8399CAE6D9417
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1
Frame ID: 23831C8BE5E2E553E48CA3C48BED4B8D
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1
Frame ID: AA8353FFEF1B035AC21AE60DEDFB1722
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 5786D2019F7A4C4C660C0F339A1C2468
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C4C5667643C19B7DE7C7870753904053
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BDA7ADB6DD5FC6791BEAB7032D8AB8DD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGPHwp90BMAE&v=APEucNU-5S10IDRigSE5DxoumgT9jfWH6C4oi9z8Qdx8ppaErWMDi0lOURwJbdlByMDTIg23t75zX3doBCKo91GCGw2LdH4EX78tO7fnt2BJfrt9vvW1C24tNIeTQ34eZRclLqB0w6oiwSRiz5KQybhbJXvr5F0H4eSH6XminrMUGueOyF601R8
Frame ID: 6E9FAC481A51417F4B111B4599DBE02F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: A955D44E85C77FCB8B46FB7F25CCF80C
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4632AE7E6DF721CD5BF694DA3BBC8D8F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0593FB3B59FA5F31371DB082C6A38663
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D7E0CCDB815E79BAAB76D21BA4C39D73
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F4F2434B6D683C48F851FB795843F1E5
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250
Frame ID: 9B8C624A0A99DC9B370CE2E828B49228
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A8D5EEA9335CC8F4165648DB4DD15772
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1D0AF60475DDDF931D7903391B6E4044
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js
Frame ID: AD2A3DF0CCB1F6BEAE037DFCCCEB6B51
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BR Atsit - All Things IT

Page URL History Show full URLs

http://br.atsit.in/ HTTP 301
https://br.atsit.in/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

181
Requests

92 %
HTTPS

61 %
IPv6

26
Domains

37
Subdomains

30
IPs

8
Countries

3237 kB
Transfer

6093 kB
Size

28
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://themeisle.com/
Title: ThemeIsle

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://br.atsit.in/ HTTP 301
https://br.atsit.in/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 108

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 115

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbzzegTV_vTcpo6y6978f0&google_cver=1

Request Chain 116

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH0hbAFZm.z7bHRLGicfegAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbzzegTV_vTcpo6y6978f0&google_cver=1&google_hm=2

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEG30iCfittCQsiJCNjWQ0_I&google_cver=1

Request Chain 118

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkwNTc3NTc0NDU0ODQ1NzQ5NQ%3D%3D

Request Chain 120

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 125

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMxkeJC9rrTIYT3IEjZX9R4&google_cver=1&google_push=ATf1kGN5Bz8rsu5zlkJ2H5SvOhl6XpofmpkH7cevZwBIexYIOiysnFHS2w21zDistx01j_0LrCU0pckfta17jiyCqtLJEuGWPkArcQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGN5Bz8rsu5zlkJ2H5SvOhl6XpofmpkH7cevZwBIexYIOiysnFHS2w21zDistx01j_0LrCU0pckfta17jiyCqtLJEuGWPkArcQ

Request Chain 126

https://um.simpli.fi/gp_match?google_gid=CAESEKs-nfdEhgwHYqDCtfJZXqE&google_cver=1&google_push=ATf1kGNdUGGS-IWouxfROUxSP8UR9TvqHLvk-sZGuCkev1E0c45ZQHydHLoOyATY0HQ9DV-rmnuA5cxxheVqqSMYw_evjbbpJSR22Lk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D3B3A293824D41629E8734C2F420E2FF&google_push=ATf1kGNdUGGS-IWouxfROUxSP8UR9TvqHLvk-sZGuCkev1E0c45ZQHydHLoOyATY0HQ9DV-rmnuA5cxxheVqqSMYw_evjbbpJSR22Lk

Request Chain 128

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENbHLRxJ7NKGAm2Mr2649_U&google_cver=1&google_push=ATf1kGNBufDfxtE6nln5sYDAAUrsGc3nxJ5Mh4RoSyJlPCLQ07q9ZfBlf8MYRzzRiH0sQQcx3Qi91ISzz4hbowOqqwSWDoNIRqSryHM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0MDk4MDUyMzYyODgyMDYzNQ%3D%3D&google_push=ATf1kGNBufDfxtE6nln5sYDAAUrsGc3nxJ5Mh4RoSyJlPCLQ07q9ZfBlf8MYRzzRiH0sQQcx3Qi91ISzz4hbowOqqwSWDoNIRqSryHM

Request Chain 129

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKzeUxOh-IDRayuW8hvHgQI&google_cver=1&google_push=ATf1kGNDUy0hhGrhlbELzxxFtOMLIOqioqLEuKkfgAzcxEvpyzrV0kXbwTVJR-rv6dCTQUycLLgekVo3pEYApHSWR3eiosSPP095dXI HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEKzeUxOh-IDRayuW8hvHgQI&google_cver=1&google_push=ATf1kGNDUy0hhGrhlbELzxxFtOMLIOqioqLEuKkfgAzcxEvpyzrV0kXbwTVJR-rv6dCTQUycLLgekVo3pEYApHSWR3eiosSPP095dXI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNDUy0hhGrhlbELzxxFtOMLIOqioqLEuKkfgAzcxEvpyzrV0kXbwTVJR-rv6dCTQUycLLgekVo3pEYApHSWR3eiosSPP095dXI&google_hm=QuoyCfQ0QCm1Uf7bghnCgA==

Request Chain 139

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGtNJMLSDwWmAK-gA41cA8s&google_cver=1&google_push=ATf1kGM4KpIM_Ejq2GqeukH6RekyPvyaSdex-gztAQy4YFBLyZMRoGRU6EiTZLK-kqo_L4RKwyBXpSHpr-SCX4UTvcNMLnF04voO58Y HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGM4KpIM_Ejq2GqeukH6RekyPvyaSdex-gztAQy4YFBLyZMRoGRU6EiTZLK-kqo_L4RKwyBXpSHpr-SCX4UTvcNMLnF04voO58Y&google_hm=Yz_OMuM8-zxFoZcqJCLewA

Request Chain 140

https://um.simpli.fi/gp_match?google_gid=CAESELVC8K074fzd3dGX8KkR6UA&google_cver=1&google_push=ATf1kGNiXULFnSyKSvH7tOqdCK1nKyzlqlst-IIx0qQDwoyDWGbtbYsKLQiTtPI02Ft6nVxArwCxvzBWL41H6HfWMebaelqM533vWw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D3B3A293824D41629E8734C2F420E2FF&google_push=ATf1kGNiXULFnSyKSvH7tOqdCK1nKyzlqlst-IIx0qQDwoyDWGbtbYsKLQiTtPI02Ft6nVxArwCxvzBWL41H6HfWMebaelqM533vWw

Request Chain 141

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFuFbHbjoSqBGJJtbM97PrE&google_cver=1&google_push=ATf1kGNgrNr6ogPtEo-5U5NWyZD7-dDtl0Kku02UEcSck-hHro2hJBRiFtoW5fSPhYbsgy2-Ev1XANq--Wd-1IacbXS69X9Tnt-uP14 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGNgrNr6ogPtEo-5U5NWyZD7-dDtl0Kku02UEcSck-hHro2hJBRiFtoW5fSPhYbsgy2-Ev1XANq--Wd-1IacbXS69X9Tnt-uP14&google_hm=19Wtq8UlTtyyNY8cypu2bLo

Request Chain 142

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGOlwUMcwHvPlZUTZwwitdU&google_cver=1&google_push=ATf1kGNO4KDOkm6LDSo6xB-He1XM27K8uSpeM7OYN6Qvc-HS8Lbm_g9YCMUB3BwbJplMOgHNUdGJbFcIcR-r0DTE7oQULVX0Y_tYBtg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0MDk4MDUyMzYyODgyMDYzNQ%3D%3D&google_push=ATf1kGNO4KDOkm6LDSo6xB-He1XM27K8uSpeM7OYN6Qvc-HS8Lbm_g9YCMUB3BwbJplMOgHNUdGJbFcIcR-r0DTE7oQULVX0Y_tYBtg

Request Chain 143

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEa7OVPwpOow-DklhblTX7Q&google_cver=1&google_push=ATf1kGMSz-0vjBOBRDSiI6_Ig_x_IMhK7JyLJLrjMxtTQ87ErXGGz0NTR96yhq0X1jU2KfBA1swEV9q8KkLOURbCWjgHm7XAbB4c8Ww HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEa7OVPwpOow-DklhblTX7Q&google_cver=1&google_push=ATf1kGMSz-0vjBOBRDSiI6_Ig_x_IMhK7JyLJLrjMxtTQ87ErXGGz0NTR96yhq0X1jU2KfBA1swEV9q8KkLOURbCWjgHm7XAbB4c8Ww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzg0MTY1NTY2NjU0NDM0Nzg3OQ&google_push=ATf1kGMSz-0vjBOBRDSiI6_Ig_x_IMhK7JyLJLrjMxtTQ87ErXGGz0NTR96yhq0X1jU2KfBA1swEV9q8KkLOURbCWjgHm7XAbB4c8Ww

Request Chain 144

https://d5p.de17a.com/cookies/google?google_gid=CAESEB8yfkaxYYpO-r-J95HYOXw&google_cver=1&google_push=ATf1kGM8IcLPvdkdC348s_G87IOSzdaFO9WcUNmEk8teg6HzZ-ZzWjHNcWkGZwbzVRsPn4dTdJ4yW6HsIXg-uHPIZWcF49fPkfdyzBM HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEB8yfkaxYYpO-r-J95HYOXw&google_cver=1&google_push=ATf1kGM8IcLPvdkdC348s_G87IOSzdaFO9WcUNmEk8teg6HzZ-ZzWjHNcWkGZwbzVRsPn4dTdJ4yW6HsIXg-uHPIZWcF49fPkfdyzBM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGM8IcLPvdkdC348s_G87IOSzdaFO9WcUNmEk8teg6HzZ-ZzWjHNcWkGZwbzVRsPn4dTdJ4yW6HsIXg-uHPIZWcF49fPkfdyzBM

Request Chain 145

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEa7OVPwpOow-DklhblTX7Q&google_cver=1&google_push=ATf1kGNQFBKAJ9exstVhsJCXGpRE61r2MSkPymtZ1I_mIpmfPjVJx2W_EnzysHq_qagogwlFPK0jgpUVJuV2T1xu1shV6IydgELmJuI HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEa7OVPwpOow-DklhblTX7Q&google_cver=1&google_push=ATf1kGNQFBKAJ9exstVhsJCXGpRE61r2MSkPymtZ1I_mIpmfPjVJx2W_EnzysHq_qagogwlFPK0jgpUVJuV2T1xu1shV6IydgELmJuI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODM1MzkxNzk3MjkwMzcyNDE5MQ&google_push=ATf1kGNQFBKAJ9exstVhsJCXGpRE61r2MSkPymtZ1I_mIpmfPjVJx2W_EnzysHq_qagogwlFPK0jgpUVJuV2T1xu1shV6IydgELmJuI

181 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
br.atsit.in/
Redirect Chain

http://br.atsit.in/
https://br.atsit.in/

54 KB
11 KB

1328ms
1270ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://br.atsit.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ef983ff0702b8c2672f36f8f263ea7c194852d0b0385d2cd06930093511dc8f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d24086bbd2eb91e-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 04 Jun 2023 23:42:33 GMT
link: <https://br.atsit.in/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=taTuVorQWefiEWPIWCrm6liRqixZBS%2FYMR8WlQR2KLXWAkbqGTJsRQiXb1%2FccJef39oa3DOxK8kzMo8ZxAYhM95sngUMr0YJvVIOphVoKXej1MrX4hoIUvaN4AkpWHiz7lc5YathK6mf0w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7d240867eee50b40-AMS
Connection: keep-alive
Content-Type: text/html
Date: Sun, 04 Jun 2023 23:42:32 GMT
Location: https://br.atsit.in/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DchQTOQkgR5XEuWh0LEyzPXWw%2FL3YLxPNf29MTe5ZfFdPLdXeCsB7u4C7BM2uDY4v9Ks24aNx58ftpCIijoKhn5E13jWmHF7eJxw3QrQ8mFs2girpeqwBpqtiZowhaVm%2FmTtOSqBgwuN7A%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.min.css
br.atsit.in/wp-includes/css/dist/block-library/ 95 KB
13 KB 797ms
794ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://br.atsit.in/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: br.atsit.in
URL: https://br.atsit.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:34 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 29 Mar 2023 22:17:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6424b904-17ced"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IL3OzQ6YJsAhRtv5kg2wTl%2BSCsBPd0kLYcv0ru07%2F5gW78F4QhJa3HbXkPpk%2B2E7iFSxgzjjQZKluteCDRBRDe%2BE2ZILHVS4KyHzfGJFwT9OpfMu70beO6fiIxENI%2Bo62JPSLqPIp1RHww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7d240873bb2fb91e-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 classic-themes.min.css
br.atsit.in/wp-includes/css/ 291 B
496 B 786ms
784ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://br.atsit.in/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: br.atsit.in
URL: https://br.atsit.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:34 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 29 Mar 2023 22:17:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6424b904-123"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AK%2BYzx%2B%2BNQiFK1iD8JQruMR5LUuEZyhCGrYHcfFAXu12uS99opNUP1m5XU6xW2zIyhU7OmCZgHezw12tnAU%2BoCS39vKcsormYZ%2Fv4qEZ3xpEXksYW0214vUzFPAGuScM3M99kLG1fgGDCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7d240873bb32b91e-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.min.css
br.atsit.in/wp-content/themes/hestia/assets/bootstrap/css/ 71 KB
13 KB 865ms
863ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://br.atsit.in/wp-content/themes/hestia/assets/bootstrap/css/bootstrap.min.css?ver=1.0.2
Requested by: Host: br.atsit.in
URL: https://br.atsit.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f1e2ab1e239967c7acfcf1e9329e7bd1bae7482954c108b0c7ba042c65380a4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:34 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Mar 2023 22:16:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"640a5ad1-11d28"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gz1retcRn%2F20zKWoYWbZjG2wHPeUu6AjBZL2pGPJGyCwJiRcBIFQhWNcW7rDCeazmkX3BqytMAVrgoxTtgedol6Vj0X9dEPmR4%2BZ7x2JqNH8bWyAcOj5K4NRGMXQQWwOAgKEKV9w5b9lIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7d240873bb33b91e-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 font-sizes.min.css
br.atsit.in/wp-content/themes/hestia/assets/css/ 4 KB
1 KB 785ms
783ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://br.atsit.in/wp-content/themes/hestia/assets/css/font-sizes.min.css?ver=3.0.29
Requested by: Host: br.atsit.in
URL: https://br.atsit.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 955c9994638a653c13afda75fcd1640664c3036243f8aa80bdd6fc606bbb61a7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:34 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Mar 2023 22:16:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"640a5ad1-f38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nefE0EjM7RenlM5XSzgPK5iI78ysDEXO6EoyTQ5U9kftZ2Lr19Qtz50DUGW2SVxJep%2BQniIGryRn5ggZyIc8ObCp9bAc0qmjTyygbCmbi7deIQkmv7%2BxVmplLBF3bHnU0RTNAAfXmXCkYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7d240873bb34b91e-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.min.css
br.atsit.in/wp-content/themes/hestia/ 141 KB
24 KB 37ms
36ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://br.atsit.in/wp-content/themes/hestia/style.min.css?ver=3.0.29
Requested by: Host: br.atsit.in
URL: https://br.atsit.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4582e233f3de59cfe9647d2a6b96fbd6e5a2727b7bc90aec373550ec35470b20

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Mar 2023 22:16:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2750
etag: W/"640a5ad1-23544"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWGtqVzLF3oJDo3sPeZlZGkJ%2FuiIh1Qg3NiVUPM91XyQPy%2F0h7ksnQOb%2Fqxv3foBaMmTvknVyOe%2BREkLpd8fuQPzSYhbDV%2F0ArFP%2FTUZK3YOBXSXJIvczMgihw1GaDlOah%2B9xSICXfyDDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7d240873bb35b91e-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 129ms
45ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700%7CRoboto+Slab%3A400%2C700&subset=latin%2Clatin-ext&ver=3.0.29

Requested by

Host: br.atsit.in
URL: https://br.atsit.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c5ed8a7fb32a2c52e81d39d46f233d6eb200737a2715a6e9e0b4782bc1ee949

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 04 Jun 2023 23:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 04 Jun 2023 22:05:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Jun 2023 23:42:33 GMT

GET
H2 200 jquery.min.js Show response
br.atsit.in/wp-includes/js/jquery/ 88 KB
32 KB 806ms
805ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://br.atsit.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: br.atsit.in
URL: https://br.atsit.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:34 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 29 Mar 2023 22:17:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6424b904-15ed7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rah4qAWXX7ipE1EzWYuE3qFBt4qzY%2Fj7GVva8B2ZWIyWz0o%2FMYPqVvZ%2F4E%2B7wZNTghJwDkXPy70KvLyEhXCBtnDzJH3reS%2Bd16GzC2vcdCK3CLXNbPQ5leM6tp%2BWh%2B5WTURtHHcdnrwIYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7d240873bb36b91e-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
br.atsit.in/wp-includes/js/jquery/ 13 KB
5 KB 839ms
838ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://br.atsit.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: br.atsit.in
URL: https://br.atsit.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:34 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 29 Mar 2023 22:17:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6424b904-3470"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZT6%2FQVWreAWhccytmcXefw%2FpVMt184%2FFvKMw7ja%2FfEyEKZ%2Br1f7Q4DVaFn70ON1rRYHCvzpzGtkVoCumTqI5mUrXpY%2Ba%2FXma2mijqwJs8D%2Fj6NLOF%2BRb6brIlQYVDscy5xTGZZXCr9v6Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7d240873bb37b91e-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
47 KB 227ms
83ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5533026247140662

Requested by

Host: br.atsit.in
URL: https://br.atsit.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bad9db0fe6045f3782708d98fcad07dead5c28007c3b5a25f7876fff6051812a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://br.atsit.in/
Origin: https://br.atsit.in
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47869
x-xss-protection: 0
server: cafe
etag: 5892683057558808021
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 23:42:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 122 KB
48 KB 118ms
45ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-188333969-1

Requested by

Host: br.atsit.in
URL: https://br.atsit.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c454cabfb557ae10b843719e89d1d8d1ae98ab3089aed2f4806df68ac782fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 48396
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 04 Jun 2023 23:42:34 GMT

GET
H2 200 bootstrap.min.js Show response
br.atsit.in/wp-content/themes/hestia/assets/bootstrap/js/ 23 KB
7 KB 851ms
850ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://br.atsit.in/wp-content/themes/hestia/assets/bootstrap/js/bootstrap.min.js?ver=1.0.2
Requested by: Host: br.atsit.in
URL: https://br.atsit.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ebecd8afd2424508ba7ee31ec8cf590613f0f316548badaf2c11d3be79b2d89

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:34 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Mar 2023 22:16:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"640a5ad1-5b46"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sv8xgDEfGiVha4lZO67oCVWZAzW7vZJiKH4nhchu3aFDHKR3%2B5PeFDGbnZqKToJvf7gUQQTLneARuqwqoWaWHcgCL1oZNEe%2BMVk0H090TtGBcUQUke2i60Z8GTMMef2Y6dEemhWk%2FME6ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7d240873bb38b91e-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 core.min.js Show response
br.atsit.in/wp-includes/js/jquery/ui/ 21 KB
7 KB 803ms
802ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://br.atsit.in/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: br.atsit.in
URL: https://br.atsit.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:34 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 29 Mar 2023 22:17:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6424b904-53be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L7yabV8VDrYky3uAQXVspxpX3KzM1DRhLy1HvufouocjwM8H%2BtF0%2F021BTf%2Be6Cp9Yc9MBKdPnLJHSUf2xnzC%2FjCOE9Jhb6%2FGiYvyokegP6W5qN%2B1wRcpK2jca%2FkX2XkIi8hyDVnB6NjWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7d240873bb39b91e-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 script.min.js Show response
br.atsit.in/wp-content/themes/hestia/assets/js/ 21 KB
6 KB 858ms
857ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://br.atsit.in/wp-content/themes/hestia/assets/js/script.min.js?ver=3.0.29
Requested by: Host: br.atsit.in
URL: https://br.atsit.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fae8d3cc8ea231dfe5f28dbfb82b186ebd61f9a02139af7318c1bbc70209d702

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:34 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Mar 2023 22:16:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"640a5ad1-5309"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mn0Hf4QgZ0cIGIZJt2AmGsAUk1ZyLi8QES7MmkTAsXJ7s%2BRTNIB3upCx4oWSnBs1gCJ9SD2TPZh7DeUXm5esqTAPpE%2F%2BTMQKbuTlhvTHJFvtMtv9oEOWuQStDSbVzB00bR8P0Mc7ocYsPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7d240873bb3ab91e-AMS
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 681 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f05a3c94997e4c7bce64f87e4d3b816d7a3802780724511aece427781fb73f33

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 160ms
71ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700%7CRoboto+Slab%3A400%2C700&subset=latin%2Clatin-ext&ver=3.0.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://br.atsit.in
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:14:12 GMT
x-content-type-options: nosniff
age: 174502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jun 2024 23:14:12 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 132ms
43ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700%7CRoboto+Slab%3A400%2C700&subset=latin%2Clatin-ext&ver=3.0.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://br.atsit.in
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:10:14 GMT
x-content-type-options: nosniff
age: 459140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 16:10:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 172ms
83ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700%7CRoboto+Slab%3A400%2C700&subset=latin%2Clatin-ext&ver=3.0.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://br.atsit.in
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 18:58:23 GMT
x-content-type-options: nosniff
age: 103451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 18:58:23 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v25/ 34 KB
34 KB 182ms
93ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v25/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700%7CRoboto+Slab%3A400%2C700&subset=latin%2Clatin-ext&ver=3.0.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20b588b86dac6a605b4baefd6a9d46f2c1ac84dd78a230dfb4b962c3155096f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://br.atsit.in
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:47:27 GMT
x-content-type-options: nosniff
age: 114907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34432
x-xss-protection: 0
last-modified: Tue, 02 May 2023 17:01:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 15:47:27 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 123ms
34ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700%7CRoboto+Slab%3A400%2C700&subset=latin%2Clatin-ext&ver=3.0.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://br.atsit.in
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 22:48:48 GMT
x-content-type-options: nosniff
age: 435226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 22:48:48 GMT

GET
H3 200 pegue-o-pixel-7-pro-premium-a-precos-intermediarios-360x240.webp
br.atsit.in/wp-content/uploads/2023/06/ 21 KB
22 KB 1060ms
1059ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://br.atsit.in/wp-content/uploads/2023/06/pegue-o-pixel-7-pro-premium-a-precos-intermediarios-360x240.webp
Requested by: Host: br.atsit.in
URL: https://br.atsit.in/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bb88b45ce515202bfebde831e06f86250587cefe731d6eb8027b7f79f3630a9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:35 GMT
cf-cache-status: MISS
last-modified: Sun, 04 Jun 2023 22:56:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "647d16ae-5540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ir%2FbHL11w9LhEwIUq5B60pVJZ4rAAfgGJwfoH%2BoZV4obzfOBYa373km6xBmiWI96e9Ku3LwC%2FFqIY4trXvSe5XshMI%2B1OwPRYz3gRWdHFJ%2FZsJg9CUST0s2X5DAezmvYxuMv8F9VXBVMWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7d2408796f91d0c1-AMS
alt-svc: h3=":443"; ma=86400
content-length: 21824

GET
H3 200 debian-12bookwormsera-lancado-na-proxima-semana-com-cerca-de-100-bugs-conhecidos-300x240.webp
br.atsit.in/wp-content/uploads/2023/06/ 5 KB
5 KB 838ms
838ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://br.atsit.in/wp-content/uploads/2023/06/debian-12bookwormsera-lancado-na-proxima-semana-com-cerca-de-100-bugs-conhecidos-300x240.webp
Requested by: Host: br.atsit.in
URL: https://br.atsit.in/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66b598d9412e6066017767c927d671b882e1f75ff0fcd394efc212978d7ef87b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:35 GMT
cf-cache-status: MISS
last-modified: Sun, 04 Jun 2023 22:39:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "647d12bc-12fe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaV6AaMI0dXKDnO7%2BFuyJ38AJtnIi5ZgSC7qTJ1hVpY2tpEBfymNfbbSay7z6LcaEGpBvvVs4W22CVqiKXBEDwMjpJgeGl%2B5jPD9VSSyYkdzdPiVrWcl5dCtePBMcsN62SlUfeLCgWxUPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7d2408796f92d0c1-AMS
alt-svc: h3=":443"; ma=86400
content-length: 4862

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
79 KB 48ms
47ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KRKT8F82RN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-188333969-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ccb932a4793b5d2678b11b2aa8cf9f44a120276314775e8d19e5e39235b34a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81053
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 04 Jun 2023 23:42:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 106ms
32ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-188333969-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 04 Jun 2023 23:04:48 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2266
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 05 Jun 2023 01:04:48 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 100ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KRKT8F82RN&gtm=45je35v0&_p=294017789&cid=2042981811.1685922155&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1685922154&sct=1&seg=0&dl=https%3A%2F%2Fbr.atsit.in%2F&dt=BR%20Atsit%20-%20All%20Things%20IT&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KRKT8F82RN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://br.atsit.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/ 351 KB
118 KB 218ms
97ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5533026247140662&plah=br.atsit.in&bust=31075003

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5533026247140662

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

366dc2c5a48b169de361364147fda834f1b812cfd3b29457de0d6746ff089cc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120666
x-xss-protection: 0
server: cafe
etag: 4494373013523071537
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 23:42:34 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/ Frame EA83 10 KB
5 KB 126ms
33ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5533026247140662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://br.atsit.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 23899
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 17:04:15 GMT
etag: 15057649708203361565
expires: Sun, 18 Jun 2023 17:04:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
204 B 40ms
40ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=294017789&t=pageview&_s=1&dl=https%3A%2F%2Fbr.atsit.in%2F&ul=en-us&de=UTF-8&dt=BR%20Atsit%20-%20All%20Things%20IT&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1213858965&gjid=570755981&cid=2042981811.1685922155&tid=UA-188333969-1&_gid=608592764.1685922155&_r=1&gtm=457e35v0&jsscut=1&z=2084072901

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://br.atsit.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://br.atsit.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
602 B 314ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=br.atsit.in&callback=_gfp_s_&client=ca-pub-5533026247140662

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5533026247140662&plah=br.atsit.in&bust=31075003

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cf868238b2b745a7c1b38e17e32affbaf48594751e3d179ed982ceb9ff71c76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
532 B 306ms
43ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=br.atsit.in

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
457 B 305ms
42ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=br.atsit.in

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 93ms
93ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20navbar-default%20navbar-fixed-top%20%20hestia_left%20navbar-not-transparent&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: br.atsit.in
URL: https://br.atsit.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9C1E 268 KB
54 KB 563ms
563ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5533026247140662&output=html&adk=1812271804&adf=3025194257&lmt=1685922155&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Fbr.atsit.in%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685922154723&bpp=7&bdt=1194&idt=355&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3860851752660&frm=20&pv=2&ga_vid=2042981811.1685922155&ga_sid=1685922155&ga_hid=294017789&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44792109%2C44759842%2C44759927%2C31075003%2C44788442&oid=2&pvsid=404447995171631&tmod=2054248182&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=378

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d807934c9a270d7c2409117495801c5871f2fd8961778f7f9280a00a6cbdc781

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://br.atsit.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 54728
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 23:42:35 GMT
expires: Sun, 04 Jun 2023 23:42:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 96CF 28 KB
12 KB 602ms
602ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5533026247140662&output=html&h=280&adk=1213588912&adf=3574913033&pi=t.aa~a.938140757~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1685922155&rafmt=1&to=qs&pwprc=5518319850&format=1200x280&url=https%3A%2F%2Fbr.atsit.in%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685922154730&bpp=2&bdt=1200&idt=377&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3860851752660&frm=20&pv=1&ga_vid=2042981811.1685922155&ga_sid=1685922155&ga_hid=294017789&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44792109%2C44759842%2C44759927%2C31075003%2C44788442&oid=2&pvsid=404447995171631&tmod=2054248182&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=etVx2hixZq&p=https%3A//br.atsit.in&dtd=381

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712b8c749b0871fe31b31f1ea0c584710a0050522eeca4254b4fb084ed28b557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://br.atsit.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11662
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 23:42:35 GMT
expires: Sun, 04 Jun 2023 23:42:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 96CF 3 KB
1 KB 142ms
37ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5533026247140662&output=html&h=280&adk=1213588912&adf=3574913033&pi=t.aa~a.938140757~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1685922155&rafmt=1&to=qs&pwprc=5518319850&format=1200x280&url=https%3A%2F%2Fbr.atsit.in%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685922154730&bpp=2&bdt=1200&idt=377&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3860851752660&frm=20&pv=1&ga_vid=2042981811.1685922155&ga_sid=1685922155&ga_hid=294017789&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44792109%2C44759842%2C44759927%2C31075003%2C44788442&oid=2&pvsid=404447995171631&tmod=2054248182&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=etVx2hixZq&p=https%3A//br.atsit.in&dtd=381

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 12:22:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 12:22:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 96CF 19 KB
8 KB 137ms
33ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11745
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:26:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 96CF 171 KB
54 KB 139ms
45ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Jun 2023 23:42:35 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/ 152 KB
52 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/reactive_library_fy2021.js?bust=31075003

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f9581c7640c238b9d8d934812e4dfdd2ecd55f95a9c7d1ab727fe7830c12100

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52794
x-xss-protection: 0
server: cafe
etag: 727254458348853864
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 23:42:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 96CF 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cb62oayF9ZMHJCZuQrATdnZewDsme0rFc1fbi1pMBwI23ARABIABgkYSghYwYggEXY2EtcHViLTU1MzMwMjYyNDcxNDA2NjLIAQmpArh38lz19rE-qAMBqgSxAU_Qhc_lLs5fhNN44FJfwIGrSfpNSZ-M6xaE5XvlDheUGxzTZOsE7M3xCikdcL5mNx-j8InlvcqMdiEoQ34pDFdXR4s0PpWzRHVGstCBdm0dZ4zoQG6vK2cdO1RfGfI1Y3PLTt4_RxmLtNB1aVSKjgbUQexLuYWyFRoqCyqcKyYTssn7uLok2K96l7t0FohBU4vofdcf_L-J1CPBuRdCNmgfTEF_MoDgPmTxjIrqvmmGHYAGzNW5ssGx_YdYoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01NTMzMDI2MjQ3MTQwNjYyGAA&sigh=s-5drQgPQY0&uach_m=[UACH]&cid=CAQSGwBygQiDGxpB_IXg8n0KIxnAfVntjIw-vwLNahgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5533026247140662&output=html&h=280&adk=1213588912&adf=3574913033&pi=t.aa~a.938140757~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1685922155&rafmt=1&to=qs&pwprc=5518319850&format=1200x280&url=https%3A%2F%2Fbr.atsit.in%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685922154730&bpp=2&bdt=1200&idt=377&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3860851752660&frm=20&pv=1&ga_vid=2042981811.1685922155&ga_sid=1685922155&ga_hid=294017789&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44792109%2C44759842%2C44759927%2C31075003%2C44788442&oid=2&pvsid=404447995171631&tmod=2054248182&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=etVx2hixZq&p=https%3A//br.atsit.in&dtd=381
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 04 Jun 2023 23:42:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Jun 2023 23:42:35 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 96CF 0
0 107ms
27ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kMr2Drz6RLAJmAKdg2ICAgAAAPb4Gza7ZHmsEGohfWTNRQGwoPu4IHa2AAASAAAKCkFRVUJBUUVCQVE&wp=ZH0hawACZMEKiwgbAAXO3R_xacO9Xf2gQ1GW4g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:35 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 133310
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 2CFB 146 KB
50 KB 159ms
68ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZH0hawACZMEKiwgbAAXO3R_xacO9Xf2gQ1GW4g&u=%7CauEmzGU2KQc%2FPQsVOwF%2F4KhgyESl2fjvpYQAB4Ghzac%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sT7q43MK0LUngIVuOoIkSBx7jIaw0YFer8aUuT7YNeukM8zUgLa-qD-q9BeveMsv_Cx4ArNLR6fZ3HKeOyqy6Qv5BeQHDZX0ss4PFCjWv9jLdXBrrZp7oxdljeuc0g6Dmzrk7Y0wBU9bxCMkh7y3ohTErpDq7FTg6ugUGo5y-GR6MjVd-CIxtpyINWk_vLW4S1DjXyFn8BKwyEJNlMsBCg8INWQs-JbtTzm1hVgw5vytmi1QZwHiIFnIzl0s6ubzHJjdIMyYkxpaEIjqkOmO5c-LzZr31LByumDp2Cjey3E_W5vPT8_EX7Bs2_W7qFx6NqQFG4-gx-UBfqGSQRfEvqV67xks_C_ud1E50sAzYCZs27QZiNtWgE68lXCBzVWfFHM40Z1FiP5e2M7tGaZVpveqz4zL-escPpZx-N3C_9kHI7ePJlR6qnb1qRiRiKzwgpRTO797kL-plmGS5gjinqWb-WkJPeF6h1bo11p3IYM2jEVcACPntB_rf2ENF9RJtji6eclJTqjexR5PEhLU6plKGhHp7FigfaCu_crz2lYn40AW38W5Sls&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpwtZayF9ZMHJCZuQrATdnZewDsme0rFc1fbi1pMBwI23ARABIABgkYSghYwYggEXY2EtcHViLTU1MzMwMjYyNDcxNDA2NjLIAQmpArh38lz19rE-qAMBqgS0AU_Qhc_lLs5fhNN44FJfwIGrSfpNSZ-M6xaE5XvlDheUGxzTZOsE7M3xCikdcL5mNx-j8InlvcqMdiEoQ34pDFdXR4s0PpWzRHVGstCBdm0dZ4zoQG6vK2cdO1RfGfI1Y3PLTt4_RxmLtNB1aVSKjgbUQexLuYWyFRoqCyqcKyYTssn7uLok2K96l7s2FKnT1AR0bmiD6BxZ6YU5sANIgGIxVMPL-r1GzNvvoJJvFO2Von8QMYAGzNW5ssGx_YdYoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0rOWdKuBD5XnsGPXZPFoLbn7U2vw%26client%3Dca-pub-5533026247140662%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

09e712f1fc9b1af1762b423bc6242d7214c85b1e518053c3b419897b313987f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 23:42:35 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ashTU9NDEt2OWkpSxZ7WC1x0mteVYYBGzCHKluMiL6O_w4vhuFhMBOjUNZ8lWvCVUymRgMrHXie_AGG7G3cPV38bDC-QPH2dHxQkibc8uvfdCdsR7wpPuZmgP8rMwyHBl18kqOI5wRzGTG1Vr2dyO1hRIulgpu2raCLDnBVjAiBuI932oad-IaOaVBykHdpz3TP97DxRAPBDEH7btFivIIQlj56qSz_DG10v_dXRkL5nQjA5rR3yGjwqJpivL-czX7v1NA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 40919336
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
166 B 44ms
43ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=br.atsit.in

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
166 B 45ms
44ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=br.atsit.in

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CD70 25 KB
11 KB 327ms
327ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5533026247140662&output=html&h=600&adk=3451972497&adf=2498633431&pi=t.aa~a.2594507593~rp.4&w=263&fwrn=4&fwrnh=100&lmt=1685922155&rafmt=1&to=qs&pwprc=5518319850&format=263x600&url=https%3A%2F%2Fbr.atsit.in%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685922155762&bpp=1&bdt=2233&idt=1&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee0fb367013cdeee-2211974433e100a8%3AT%3D1685922155%3ART%3D1685922155%3AS%3DALNI_MZlTwUXVyUTJJwLdpCad3Zm1ax9bg&gpic=UID%3D00000c4399df8a35%3AT%3D1685922155%3ART%3D1685922155%3AS%3DALNI_MaSO5ytgK00D4_Kxp3e-BqtEODqzw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3860851752660&frm=20&pv=1&ga_vid=2042981811.1685922155&ga_sid=1685922155&ga_hid=294017789&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=1472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44792109%2C44759842%2C44759927%2C31075003%2C44788442&oid=2&pvsid=404447995171631&tmod=2054248182&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=fuz7yNvkBt&p=https%3A//br.atsit.in&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acca347c029f470791806e4b5596c92c0475f6e9b49725d61650156fe8c7461d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://br.atsit.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10836
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 23:42:36 GMT
expires: Sun, 04 Jun 2023 23:42:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D35A 70 KB
23 KB 247ms
246ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5533026247140662&output=html&h=192&adk=1587331879&adf=1300684125&pi=t.aa~a.662479323~rp.4&w=750&lmt=1685922155&nsk=63c37da6&rafmt=11&pwprc=5518319850&ad_type=text_image&format=750x192&url=https%3A%2F%2Fbr.atsit.in%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685922155791&bpp=2&bdt=2261&idt=2&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee0fb367013cdeee-2211974433e100a8%3AT%3D1685922155%3ART%3D1685922155%3AS%3DALNI_MZlTwUXVyUTJJwLdpCad3Zm1ax9bg&gpic=UID%3D00000c4399df8a35%3AT%3D1685922155%3ART%3D1685922155%3AS%3DALNI_MaSO5ytgK00D4_Kxp3e-BqtEODqzw&prev_fmts=0x0%2C1200x280%2C263x600&nras=4&correlator=3860851752660&frm=20&pv=1&ga_vid=2042981811.1685922155&ga_sid=1685922155&ga_hid=294017789&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2449&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44792109%2C44759842%2C44759927%2C31075003%2C44788442&oid=2&pvsid=404447995171631&tmod=2054248182&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=DpxreSbg0X&p=https%3A//br.atsit.in&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1fcb2a4a74b3b5c14cf0081a9aef66a92f46a0bba98fdce69be6814fb198f2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://br.atsit.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 23086
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 23:42:36 GMT
expires: Sun, 04 Jun 2023 23:42:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
166 B 42ms
42ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=br.atsit.in

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
166 B 43ms
43ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=br.atsit.in

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/ Frame 2383 10 KB
4 KB 33ms
32ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://br.atsit.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 16346
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 19:10:09 GMT
etag: 15057649708203361565
expires: Sun, 18 Jun 2023 19:10:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/ Frame AA83 10 KB
4 KB 33ms
32ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://br.atsit.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 16346
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 19:10:09 GMT
etag: 15057649708203361565
expires: Sun, 18 Jun 2023 19:10:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 96CF 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afd49839d66892f3d60b91bdc0a5b21a0c8ac02a86f37823458ee2d1cd5133ab

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css2
fonts.googleapis.com/ Frame 2383 4 KB
769 B 43ms
43ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 04 Jun 2023 23:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 04 Jun 2023 22:52:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Jun 2023 23:42:35 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2383 205 B
519 B 131ms
39ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:35:21 GMT
x-content-type-options: nosniff
age: 11235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 03 Jun 2024 20:35:21 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2383 604 B
695 B 159ms
66ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:20:30 GMT
x-content-type-options: nosniff
age: 12126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 03 Jun 2024 20:20:30 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame 2383 13 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdb8889029e112e6178e400c7b7b4b900ca01e12f08089e994a055236b4b74d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 21:37:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5756
x-xss-protection: 0
server: cafe
etag: 6942144704403180717
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 21:37:24 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame 2383 20 KB
8 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

410f4228aa677eb20622c6f1e0f67966fcecca198ad07bb096f0265b2689ded7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 21:05:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8300
x-xss-protection: 0
server: cafe
etag: 2697337515266134059
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 21:05:41 GMT

GET
H2 200 ef33bde3b6f53b5d50fc677805f1b9fa.js Show response
www.gstatic.com/mysidia/ Frame AA83 8 KB
4 KB 116ms
35ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef33bde3b6f53b5d50fc677805f1b9fa.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3674
x-xss-protection: 0
last-modified: Wed, 31 May 2023 20:13:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 01 Sep 2023 03:30:30 GMT

GET
H2 200 ee89b602e2534f412f73bbda73fe42b2.js Show response
www.gstatic.com/mysidia/ Frame AA83 9 KB
4 KB 115ms
35ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ee89b602e2534f412f73bbda73fe42b2.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79b7ea99abb66869005319b8443ee41c65ae93a3ecdfebdc6cee9df87d87b8dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 18:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4066
x-xss-protection: 0
last-modified: Sat, 27 May 2023 00:00:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 31 Aug 2023 18:25:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AA83 14 KB
1 KB 45ms
42ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 04 Jun 2023 23:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 04 Jun 2023 22:58:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Jun 2023 23:42:35 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame AA83 2 KB
945 B 42ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11745
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:26:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame AA83 22 KB
9 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:25:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11797
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:25:58 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame AA83 3 KB
1 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 12:22:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 12:22:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame AA83 19 KB
8 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11745
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:26:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AA83 171 KB
53 KB 73ms
71ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Jun 2023 23:42:35 GMT

GET
H2 200 0a0369f67a094afc57e3321b90807283.js Show response
www.gstatic.com/mysidia/ Frame AA83 32 KB
13 KB 118ms
39ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0a0369f67a094afc57e3321b90807283.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 29 May 2023 17:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 541612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13649
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:52:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 27 Aug 2023 17:15:44 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 2CFB 2 KB
1 KB 171ms
51ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZH0hawACZMEKiwgbAAXO3R_xacO9Xf2gQ1GW4g&u=%7CauEmzGU2KQc%2FPQsVOwF%2F4KhgyESl2fjvpYQAB4Ghzac%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sT7q43MK0LUngIVuOoIkSBx7jIaw0YFer8aUuT7YNeukM8zUgLa-qD-q9BeveMsv_Cx4ArNLR6fZ3HKeOyqy6Qv5BeQHDZX0ss4PFCjWv9jLdXBrrZp7oxdljeuc0g6Dmzrk7Y0wBU9bxCMkh7y3ohTErpDq7FTg6ugUGo5y-GR6MjVd-CIxtpyINWk_vLW4S1DjXyFn8BKwyEJNlMsBCg8INWQs-JbtTzm1hVgw5vytmi1QZwHiIFnIzl0s6ubzHJjdIMyYkxpaEIjqkOmO5c-LzZr31LByumDp2Cjey3E_W5vPT8_EX7Bs2_W7qFx6NqQFG4-gx-UBfqGSQRfEvqV67xks_C_ud1E50sAzYCZs27QZiNtWgE68lXCBzVWfFHM40Z1FiP5e2M7tGaZVpveqz4zL-escPpZx-N3C_9kHI7ePJlR6qnb1qRiRiKzwgpRTO797kL-plmGS5gjinqWb-WkJPeF6h1bo11p3IYM2jEVcACPntB_rf2ENF9RJtji6eclJTqjexR5PEhLU6plKGhHp7FigfaCu_crz2lYn40AW38W5Sls&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpwtZayF9ZMHJCZuQrATdnZewDsme0rFc1fbi1pMBwI23ARABIABgkYSghYwYggEXY2EtcHViLTU1MzMwMjYyNDcxNDA2NjLIAQmpArh38lz19rE-qAMBqgS0AU_Qhc_lLs5fhNN44FJfwIGrSfpNSZ-M6xaE5XvlDheUGxzTZOsE7M3xCikdcL5mNx-j8InlvcqMdiEoQ34pDFdXR4s0PpWzRHVGstCBdm0dZ4zoQG6vK2cdO1RfGfI1Y3PLTt4_RxmLtNB1aVSKjgbUQexLuYWyFRoqCyqcKyYTssn7uLok2K96l7s2FKnT1AR0bmiD6BxZ6YU5sANIgGIxVMPL-r1GzNvvoJJvFO2Von8QMYAGzNW5ssGx_YdYoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0rOWdKuBD5XnsGPXZPFoLbn7U2vw%26client%3Dca-pub-5533026247140662%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 29 May 2024 23:42:36 GMT

GET
H2 200 adchoices_nl.svg
static.criteo.net/flash/icon/ Frame 2CFB 2 KB
1 KB 172ms
53ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_nl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-754"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 29 May 2024 23:42:36 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 2CFB 308 B
636 B 168ms
53ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 29 May 2024 23:42:36 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 2CFB 293 B
621 B 208ms
92ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 29 May 2024 23:42:36 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 2CFB 43 B
348 B 105ms
29ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=iPjWmeeuBOPyPkLuAi9SHtBXgSkl3OB0XYxLJpJZAjfohqHz85rg46NXK5xBGxW1X9yvmvYvowwXdmOI4G2ZHdkJMv_nzVXMjPFbMSuUFHULwUAwX3yUF7ZOam1deJEmcQhZMg0vsNXUT2nMOOEvgkNbCaxowqf7j6jg5ub8x2ycM7CD1uY6lSwQx6xyPSIQV5AY4UtiZCDyLIDIM_9880FLp7GsnWfq9f0eXWVBxuPLOmL5eawhI9On1keSM-IWWA_DW6DRWEmPnxPyydAJ19mNDt75ED-tARHCbU07QnQO0M4b1gDTo0wlT_aUfh9mfF4MlFUbN_1W6wvlKCS9UiNuYvFj1uwIq3h3Nug7L9v8bVE7JHhgAym2rtC56tt9drxo4zkMp8MIZCi1ECXyp3xQ5v_GtTQvYXFo7SX5naxCljBvKexvn_lkJ795ES7BusCdyA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2328713
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 2CFB 12 KB
5 KB 100ms
32ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 440223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Q%2FEUGunBL8D9j6HBNqkKXvUH9zb4OVyBKif0S60Ka6NUwjOziN0z%2BPmCVB00g66hFuQPCCvG48wuyfEkWrPLY9V5plRM32%2Bf%2FqYYHdGl7mybBob6Hu3GNOyNlVjcuKGJzR%2FyZofZftaL2Ro8AFGDe15"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d2408830a600b81-AMS
expires: Fri, 24 May 2024 23:42:36 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5786 14 KB
1 KB 46ms
45ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 04 Jun 2023 23:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 04 Jun 2023 22:46:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Jun 2023 23:42:36 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 5786 2 KB
931 B 35ms
33ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:26:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame 5786 22 KB
9 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:25:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11798
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:25:58 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C4C5 143 B
166 B 35ms
34ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1574
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 23:16:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 5786 3 KB
1 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 12:22:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40814
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 12:22:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 5786 19 KB
8 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:26:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5786 171 KB
53 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Jun 2023 23:42:36 GMT

GET
H2 200 0a0369f67a094afc57e3321b90807283.js Show response
www.gstatic.com/mysidia/ Frame 5786 32 KB
13 KB 67ms
65ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0a0369f67a094afc57e3321b90807283.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 29 May 2023 17:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 541612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13649
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:52:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 27 Aug 2023 17:15:44 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 2CFB 12 KB
6 KB 127ms
91ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 29 May 2024 23:42:36 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2CFB 6 KB
6 KB 169ms
44ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=80316&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F80316%2F210216%2Fdd3a924a66b4466696587ee88716c34b_logo_n_horizontal_2.png&v=3&w=196&s=7BwDFinG0GxKU41loQnaTTjx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a6b3bc760a4a93c8ba1b5581cced28f511d5d23fcd909e455c578ff7675a502c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 6002
expires: Wed, 15 May 2024 00:56:51 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2CFB 105 KB
105 KB 211ms
86ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=80316&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F80316%2F220330%2Ff8504c0ad5184ec88301d97172527f70_img_horizontal_1.png&v=3&w=1200&s=fVo3qCJd8pxBoaJVIMQcJU7K

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

250d195bc836ba04598ee30b15927eb4507eda10555693012685f5eda5d15867

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 107222
expires: Sat, 18 May 2024 10:47:54 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2CFB 22 KB
22 KB 214ms
90ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=80316&q=80&r=0&u=http%3A%2F%2Fimages.ctfassets.net%2F46m72ccr1qqx%2F5vlF4Yab8tlMo83akixVCD%2F21624cbea968818627b7e89e1464cb25%2FBoekenleggers_Featured.png&v=3&w=800&s=_6VYQws6yYnWJXM7RFXyPX4F&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3e19f8da5bb7fabb0e1913fb25e40de2680ce84d8e8ab40926e3f20ef310b6a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 22722
expires: Fri, 17 May 2024 05:11:32 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2CFB 11 KB
11 KB 255ms
131ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=80316&q=80&r=0&u=http%3A%2F%2Fimages.ctfassets.net%2F46m72ccr1qqx%2F1ei5cfGMHIMpnXs6Te5LjV%2F56280869bcc5e3726497e41f88bbbd00%2Fwenskaartcare-featured2.jpg&v=3&w=800&s=uSoiWKXyjZ8D180KpZg5lxvF&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

def8bf0bb128cc2b28345d741b3be508acc231f4130b3e90c9ed1caff5b296df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 10854
expires: Wed, 29 May 2024 08:30:05 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2CFB 12 KB
12 KB 303ms
179ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=80316&q=80&r=0&u=http%3A%2F%2Fimages.ctfassets.net%2F46m72ccr1qqx%2F4RTpFfQCe6CoNTpAZD52db%2F4d7a8cef0d11a4ace648400ff0009921%2Fspandoeken-ringen-hoek-featured.jpg&v=3&w=800&s=dsUKpv9VT-3XQeq9FRiZ5i91&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b9d476e554d0e742469d2fd8dfbf0e0f672fe27cd7deed52b707eb6ccdc05305

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 11838
expires: Sat, 18 May 2024 08:29:06 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 2CFB 0
128 B 165ms
41ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=ashTU9NDEt2OWkpSxZ7WC1x0mteVYYBGzCHKluMiL6O_w4vhuFhMBOjUNZ8lWvCVUymRgMrHXie_AGG7G3cPV38bDC-QPH2dHxQkibc8uvfdCdsR7wpPuZmgP8rMwyHBl18kqOI5wRzGTG1Vr2dyO1hRIulgpu2raCLDnBVjAiBuI932oad-IaOaVBykHdpz3TP97DxRAPBDEH7btFivIIQlj56qSz_DG10v_dXRkL5nQjA5rR3yGjwqJpivL-czX7v1NA&sds=2&rev=86437.3&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 04 Jun 2023 23:42:35 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 2CFB 2 KB
1 KB 64ms
52ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 29 May 2024 23:42:36 GMT

GET
H2 200 notosans-400.css
static.criteo.net/design/googlefont/notosans/ Frame 2CFB 2 KB
909 B 61ms
51ms Stylesheet
text/css 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/notosans/notosans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

129a290a99ebb0fefca93c231ff570e5d496939fb47694eba452a8f93e5d93b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:10:23 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f04f-985"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 29 May 2024 23:42:36 GMT

GET
H2 200 notosans-700.css
static.criteo.net/design/googlefont/notosans/ Frame 2CFB 2 KB
909 B 61ms
52ms Stylesheet
text/css 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/notosans/notosans-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b30910be1ad191e5d735b1427fec09a0692ed03440945e106ab913ddcdb43a15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:10:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f051-985"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 29 May 2024 23:42:36 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C4C5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

47ms
47ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 23:42:36 GMT
expires: Sun, 04 Jun 2023 23:42:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 23:42:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/157265771700299621/ Frame AA83 2 KB
2 KB 47ms
47ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/157265771700299621/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba9a544d41918615e4f136038f87f029b6e99925b3689d83101f4b009189acfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 05:25:49 GMT
x-content-type-options: nosniff
age: 65807
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1574
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 11:29:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 03 Jun 2024 05:25:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AA83 0
0 76ms
76ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4_asayF9ZMGECpiH-cAPncWg4AfQkPrZcKnR0O_NEQoQASCkuo8LYJGEoIWMGKABmeHluinIAQGpArh38lz19rE-qAMBqgS9AU_QHC0OU-9Qp57ijhLLdBPbZiOLef2N04JHp3k0_XSiwfj3z4kelkdOmgKzEfgsxATXYHthzmUhphN2c3KQgkzb22nBQuei2ZrTwbQPGASTFYndFS4j6Nz_Y3hjVQzfVsEvzwKyi-fXWQPt7I75kf8yYdjJLYUsXcMMFD3MIhKFkhiPIChF15mJ4ZDMkdn39emUMwXJH32jgsrN5n_SRmcEcZseXbABIoPgzNH7s2DX6QWhR1fCdIPPEh-RBcAEhejWhaUEkgUECAQYAZIFBAgFGASAB5mZtpoEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQluIS0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi01NTMzMDI2MjQ3MTQwNjYyGAA&sigh=nu1NRSyXWlQ&uach_m=[UACH]&cid=CAQSGwBygQiDS7OohGkFkVVKB57SRImMC-6vCfI0sxgB&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 04 Jun 2023 23:42:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BDA7 143 B
166 B 34ms
33ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1574
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 23:16:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AA83 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 005b12bf65f5e736490d697c7c51d1463544db1c1ca66a1681628ce10f30af67

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame D35A 34 KB
13 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5533026247140662&output=html&h=192&adk=1587331879&adf=1300684125&pi=t.aa~a.662479323~rp.4&w=750&lmt=1685922155&nsk=63c37da6&rafmt=11&pwprc=5518319850&ad_type=text_image&format=750x192&url=https%3A%2F%2Fbr.atsit.in%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685922155791&bpp=2&bdt=2261&idt=2&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee0fb367013cdeee-2211974433e100a8%3AT%3D1685922155%3ART%3D1685922155%3AS%3DALNI_MZlTwUXVyUTJJwLdpCad3Zm1ax9bg&gpic=UID%3D00000c4399df8a35%3AT%3D1685922155%3ART%3D1685922155%3AS%3DALNI_MaSO5ytgK00D4_Kxp3e-BqtEODqzw&prev_fmts=0x0%2C1200x280%2C263x600&nras=4&correlator=3860851752660&frm=20&pv=1&ga_vid=2042981811.1685922155&ga_sid=1685922155&ga_hid=294017789&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2449&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44792109%2C44759842%2C44759927%2C31075003%2C44788442&oid=2&pvsid=404447995171631&tmod=2054248182&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=DpxreSbg0X&p=https%3A//br.atsit.in&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

787ed1e9f233b4252d8ed16a2ffe349ae6d520261f22eac2d2d543740878db1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 21:10:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13388
x-xss-protection: 0
server: cafe
etag: 12354464270641361980
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 21:10:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D35A 171 KB
53 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Jun 2023 23:42:36 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame D35A 58 KB
58 KB 143ms
142ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=800&m=0&partner=46957&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F46957%2F230526%2Fa89158cad24e4188841b0a33ea70849f_model_image_1080_x_1080_%285%29.png&ups=1&v=3&w=800&s=oQHqJiZnKGLl8AkFnREOL4GV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b6829637d786b6ea86c8abd19a4e6e545802c8161586883033e4e65988f20082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 59390
expires: Mon, 20 May 2024 14:14:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame D35A 22 KB
9 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:25:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11798
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:25:58 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame D35A 3 KB
1 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 12:22:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40814
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 12:22:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame D35A 19 KB
8 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:26:50 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D35A 0
0 42ms
42ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSqDGhEpvXIb0cW7OoVfqkb6vpS-vxkWW4m3cS34N4QE0e4XqO7PmyxspN9k-OPfYFBRki-YFCiqCDNImNRpiBZ3e2wMw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5533026247140662&output=html&h=192&adk=1587331879&adf=1300684125&pi=t.aa~a.662479323~rp.4&w=750&lmt=1685922155&nsk=63c37da6&rafmt=11&pwprc=5518319850&ad_type=text_image&format=750x192&url=https%3A%2F%2Fbr.atsit.in%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685922155791&bpp=2&bdt=2261&idt=2&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee0fb367013cdeee-2211974433e100a8%3AT%3D1685922155%3ART%3D1685922155%3AS%3DALNI_MZlTwUXVyUTJJwLdpCad3Zm1ax9bg&gpic=UID%3D00000c4399df8a35%3AT%3D1685922155%3ART%3D1685922155%3AS%3DALNI_MaSO5ytgK00D4_Kxp3e-BqtEODqzw&prev_fmts=0x0%2C1200x280%2C263x600&nras=4&correlator=3860851752660&frm=20&pv=1&ga_vid=2042981811.1685922155&ga_sid=1685922155&ga_hid=294017789&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2449&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44792109%2C44759842%2C44759927%2C31075003%2C44788442&oid=2&pvsid=404447995171631&tmod=2054248182&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=DpxreSbg0X&p=https%3A//br.atsit.in&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 200 notosans-400-latin.woff2
static.criteo.net/design/googlefont/notosans/ Frame 2CFB 13 KB
13 KB 169ms
83ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/notosans/notosans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/notosans/notosans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

23a3864a191ddf4b3ef4ca961489364620e1f485a265bfb9ae28efe792cddfb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/notosans/notosans-400.css
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:10:23 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f04f-323c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 29 May 2024 23:42:36 GMT

GET
H2 200 notosans-700-latin.woff2
static.criteo.net/design/googlefont/notosans/ Frame 2CFB 12 KB
13 KB 182ms
96ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/notosans/notosans-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/notosans/notosans-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b4902bebe74f9da0b70ce059e621949311673a3ad2d35c96fcadc960894a7c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/notosans/notosans-700.css
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:10:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f051-318c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 29 May 2024 23:42:36 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6E9F 624 B
242 B 51ms
48ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGPHwp90BMAE&v=APEucNU-5S10IDRigSE5DxoumgT9jfWH6C4oi9z8Qdx8ppaErWMDi0lOURwJbdlByMDTIg23t75zX3doBCKo91GCGw2LdH4EX78tO7fnt2BJfrt9vvW1C24tNIeTQ34eZRclLqB0w6oiwSRiz5KQybhbJXvr5F0H4eSH6XminrMUGueOyF601R8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5533026247140662&output=html&h=600&adk=3451972497&adf=2498633431&pi=t.aa~a.2594507593~rp.4&w=263&fwrn=4&fwrnh=100&lmt=1685922155&rafmt=1&to=qs&pwprc=5518319850&format=263x600&url=https%3A%2F%2Fbr.atsit.in%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685922155762&bpp=1&bdt=2233&idt=1&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee0fb367013cdeee-2211974433e100a8%3AT%3D1685922155%3ART%3D1685922155%3AS%3DALNI_MZlTwUXVyUTJJwLdpCad3Zm1ax9bg&gpic=UID%3D00000c4399df8a35%3AT%3D1685922155%3ART%3D1685922155%3AS%3DALNI_MaSO5ytgK00D4_Kxp3e-BqtEODqzw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3860851752660&frm=20&pv=1&ga_vid=2042981811.1685922155&ga_sid=1685922155&ga_hid=294017789&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=1472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44792109%2C44759842%2C44759927%2C31075003%2C44788442&oid=2&pvsid=404447995171631&tmod=2054248182&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=fuz7yNvkBt&p=https%3A//br.atsit.in&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5533026247140662&output=html&h=600&adk=3451972497&adf=2498633431&pi=t.aa~a.2594507593~rp.4&w=263&fwrn=4&fwrnh=100&lmt=1685922155&rafmt=1&to=qs&pwprc=5518319850&format=263x600&url=https%3A%2F%2Fbr.atsit.in%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685922155762&bpp=1&bdt=2233&idt=1&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee0fb367013cdeee-2211974433e100a8%3AT%3D1685922155%3ART%3D1685922155%3AS%3DALNI_MZlTwUXVyUTJJwLdpCad3Zm1ax9bg&gpic=UID%3D00000c4399df8a35%3AT%3D1685922155%3ART%3D1685922155%3AS%3DALNI_MaSO5ytgK00D4_Kxp3e-BqtEODqzw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3860851752660&frm=20&pv=1&ga_vid=2042981811.1685922155&ga_sid=1685922155&ga_hid=294017789&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=1472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44792109%2C44759842%2C44759927%2C31075003%2C44788442&oid=2&pvsid=404447995171631&tmod=2054248182&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=fuz7yNvkBt&p=https%3A//br.atsit.in&dtd=11
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 23:42:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A955 78 KB
27 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 23:42:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame A955 3 KB
1 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 12:22:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40814
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 12:22:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame A955 19 KB
8 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:26:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A955 171 KB
53 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Jun 2023 23:42:36 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A955 42 B
63 B 108ms
107ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AecGjqQoJWbaERJtvlATxpg1z-C-lnRblLohgVj9sAfKajX-bAYjo9DENVssNDU0wrxcHF7FSzK8yNWHsQSrKDKbgscj-1dgIWdbTKixjEsXSaZyA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A955 0
20 B 108ms
107ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3988426872373517432&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BDA7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

79ms
78ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 23:42:36 GMT
expires: Sun, 04 Jun 2023 23:42:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 23:42:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D35A 0
0 80ms
79ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfoAmayF9ZKDpNO-UiQa7n4IgyZ7SsVzFjIvgmgHAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItNTUzMzAyNjI0NzE0MDY2MsgBCakCuHfyXPX2sT6oAwHIAwKqBLUBT9DbO3kK4Xszc359VTkx93LFcUxO-cQcLQUgVrYy5yxP3OQo50w362YglsjY3BUoI_GbPuKTfokDqDACuv2ZO5nVIXamluw5NU0yfnrC1dPu-PnUQx4jUZ92JTCfskKaFX2JxuvuEhtxcBEDQuC9oWo1cAadxE0Z8EVwEcOa6quFkTYo38mFrhlU0tdsbW0hG_Dr5SuueE6fYJDy_KUeozLZfG0sOaEd9gYeYluaJ4_JT0-6TIAGi-Kj0I-D_tDkAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTUzMzAyNjI0NzE0MDY2MhgA&sigh=6Oi6OPBzUsg&uach_m=[UACH]&cid=CAQSPABygQiDDw55p4iQB_j7NpYcDRoeT9P-mYU3JGeXI1NSyNI8TwG33oZcoKjsGg4JQVB44sQ6IN7Dzbk_jBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5533026247140662&output=html&h=192&adk=1587331879&adf=1300684125&pi=t.aa~a.662479323~rp.4&w=750&lmt=1685922155&nsk=63c37da6&rafmt=11&pwprc=5518319850&ad_type=text_image&format=750x192&url=https%3A%2F%2Fbr.atsit.in%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685922155791&bpp=2&bdt=2261&idt=2&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee0fb367013cdeee-2211974433e100a8%3AT%3D1685922155%3ART%3D1685922155%3AS%3DALNI_MZlTwUXVyUTJJwLdpCad3Zm1ax9bg&gpic=UID%3D00000c4399df8a35%3AT%3D1685922155%3ART%3D1685922155%3AS%3DALNI_MaSO5ytgK00D4_Kxp3e-BqtEODqzw&prev_fmts=0x0%2C1200x280%2C263x600&nras=4&correlator=3860851752660&frm=20&pv=1&ga_vid=2042981811.1685922155&ga_sid=1685922155&ga_hid=294017789&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2449&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44792109%2C44759842%2C44759927%2C31075003%2C44788442&oid=2&pvsid=404447995171631&tmod=2054248182&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=DpxreSbg0X&p=https%3A//br.atsit.in&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 04 Jun 2023 23:42:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 lgn.php Show response
cat.nl3.eu.criteo.com/delivery/ Frame D35A 43 B
347 B 29ms
28ms Fetch
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://cat.nl3.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=4OWvb97LJvLhYIJxLTBI_yQ-XW9MeFHSe-sYBYyznQ8MgKKPvUXiLmTZ3kcP0wX2tO46KIX7kCQCARyDBe43SdVpUmktnSS1gCQEHTu5LNnVPsXCfzzXMuPNXLHmyxbXOkA_iOY-GVcG8FFqZrNpa1gJBfHAz6rHtsPYX1cvgdz-Nrq8ReKl5KI5BLXwV4wyMpJ382P5JH4zijDJMLXfxdIOlm4lmiwvYVbIVFkW1P0A5mddDdEP7fYqiizJcEucpDyM0SR43vsWR2RwfqYRc4_iZbOZQ6m-twdfbJvgDlagjFZ8lsE6gK7SRaCleoojj6PLJsbMYU8gb5EUCB9HU_hez0QPrE8qZVYU6zIdZuESKcHlVPgj_qrR-yeqAv6W-C-Kis_OGjtXtW4vGW6wB8z_4rEZl-2G4plJKNR-idyJBmDl&z=ZH0hawANNKAKwkpvAACPuwch12rmDFk_Aqbvuw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1983793
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame D35A 0
0 27ms
26ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKKUF5LGMAAAnYNiAgIAAAD2-Bs2u2R5rBBrIX1k00E0pwHM4kqoLAAAEgMBCgpBUVVCQVFFQkFR&wp=ZH0hawANNKAKwkpvAACPuwch12rmDFk_Aqbvuw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:35 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 149351
server: Kestrel
content-length: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D35A 0
0 74ms
74ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CujEJayF9ZKDpNO-UiQa7n4IgyZ7SsVzFjIvgmgHAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItNTUzMzAyNjI0NzE0MDY2MsgBCakCuHfyXPX2sT6oAwGqBLUBT9DbO3kK4Xszc359VTkx93LFcUxO-cQcLQUgVrYy5yxP3OQo50w362YglsjY3BUoI_GbPuKTfokDqDACuv2ZO5nVIXamluw5NU0yfnrC1dPu-PnUQx4jUZ92JTCfskKaFX2JxuvuEhtxcBEDQuC9oWo1cAadxE0Z8EVwEcOa6quFkTYo38mFrhlU0tdsbW0hG_Dr5SuueE6fYJDy_KUeozLZfG0sOaEd9gYeYluaJ4_JT0-6TIAGi-Kj0I-D_tDkAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTUzMzAyNjI0NzE0MDY2MhgA&sigh=_dYPsaXSIvk&uach_m=[UACH]&cid=CAQSPABygQiDDw55p4iQB_j7NpYcDRoeT9P-mYU3JGeXI1NSyNI8TwG33oZcoKjsGg4JQVB44sQ6IN7Dzbk_jBgB&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5533026247140662&output=html&h=192&adk=1587331879&adf=1300684125&pi=t.aa~a.662479323~rp.4&w=750&lmt=1685922155&nsk=63c37da6&rafmt=11&pwprc=5518319850&ad_type=text_image&format=750x192&url=https%3A%2F%2Fbr.atsit.in%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685922155791&bpp=2&bdt=2261&idt=2&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee0fb367013cdeee-2211974433e100a8%3AT%3D1685922155%3ART%3D1685922155%3AS%3DALNI_MZlTwUXVyUTJJwLdpCad3Zm1ax9bg&gpic=UID%3D00000c4399df8a35%3AT%3D1685922155%3ART%3D1685922155%3AS%3DALNI_MaSO5ytgK00D4_Kxp3e-BqtEODqzw&prev_fmts=0x0%2C1200x280%2C263x600&nras=4&correlator=3860851752660&frm=20&pv=1&ga_vid=2042981811.1685922155&ga_sid=1685922155&ga_hid=294017789&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2449&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44792109%2C44759842%2C44759927%2C31075003%2C44788442&oid=2&pvsid=404447995171631&tmod=2054248182&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=DpxreSbg0X&p=https%3A//br.atsit.in&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 04 Jun 2023 23:42:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4632 143 B
166 B 34ms
33ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5533026247140662&output=html&h=192&adk=1587331879&adf=1300684125&pi=t.aa~a.662479323~rp.4&w=750&lmt=1685922155&nsk=63c37da6&rafmt=11&pwprc=5518319850&ad_type=text_image&format=750x192&url=https%3A%2F%2Fbr.atsit.in%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685922155791&bpp=2&bdt=2261&idt=2&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee0fb367013cdeee-2211974433e100a8%3AT%3D1685922155%3ART%3D1685922155%3AS%3DALNI_MZlTwUXVyUTJJwLdpCad3Zm1ax9bg&gpic=UID%3D00000c4399df8a35%3AT%3D1685922155%3ART%3D1685922155%3AS%3DALNI_MaSO5ytgK00D4_Kxp3e-BqtEODqzw&prev_fmts=0x0%2C1200x280%2C263x600&nras=4&correlator=3860851752660&frm=20&pv=1&ga_vid=2042981811.1685922155&ga_sid=1685922155&ga_hid=294017789&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2449&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44792109%2C44759842%2C44759927%2C31075003%2C44788442&oid=2&pvsid=404447995171631&tmod=2054248182&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=DpxreSbg0X&p=https%3A//br.atsit.in&dtd=14
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1574
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 23:16:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0593 1 KB
643 B 62ms
61ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 19645
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 18:15:11 GMT
etag: 48472445140208031
expires: Mon, 05 Jun 2023 18:15:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6E9F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbzzegTV_vTcpo6y6978f0&google_cver=1

43 B
766 B

33ms
33ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbzzegTV_vTcpo6y6978f0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGPHwp90BMAE&v=APEucNU-5S10IDRigSE5DxoumgT9jfWH6C4oi9z8Qdx8ppaErWMDi0lOURwJbdlByMDTIg23t75zX3doBCKo91GCGw2LdH4EX78tO7fnt2BJfrt9vvW1C24tNIeTQ34eZRclLqB0w6oiwSRiz5KQybhbJXvr5F0H4eSH6XminrMUGueOyF601R8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Jun 2023 23:42:36 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbzzegTV_vTcpo6y6978f0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6E9F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH0hbAFZm.z7bHRLGicfegAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbzzegTV_vTcpo6y6978f0&google_cver=1&google_hm=2

43 B
766 B

33ms
33ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbzzegTV_vTcpo6y6978f0&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGPHwp90BMAE&v=APEucNU-5S10IDRigSE5DxoumgT9jfWH6C4oi9z8Qdx8ppaErWMDi0lOURwJbdlByMDTIg23t75zX3doBCKo91GCGw2LdH4EX78tO7fnt2BJfrt9vvW1C24tNIeTQ34eZRclLqB0w6oiwSRiz5KQybhbJXvr5F0H4eSH6XminrMUGueOyF601R8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Jun 2023 23:42:36 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbzzegTV_vTcpo6y6978f0&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 6E9F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEG30iCfittCQsiJCNjWQ0_I&google_cver=1

43 B
1 KB

27ms
27ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEG30iCfittCQsiJCNjWQ0_I&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPvCzOgCGPHwp90BMAE&v=APEucNU-5S10IDRigSE5DxoumgT9jfWH6C4oi9z8Qdx8ppaErWMDi0lOURwJbdlByMDTIg23t75zX3doBCKo91GCGw2LdH4EX78tO7fnt2BJfrt9vvW1C24tNIeTQ34eZRclLqB0w6oiwSRiz5KQybhbJXvr5F0H4eSH6XminrMUGueOyF601R8

Protocol

HTTP/1.1

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Jun 2023 23:42:36 GMT
AN-X-Request-Uuid: 57db9c37-1672-4e7a-9c0d-c3cc95408308
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 31.204.153.186; 31.204.153.186; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEG30iCfittCQsiJCNjWQ0_I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6E9F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkwNTc3NTc0NDU0ODQ1NzQ5NQ%3D%3D

170 B
244 B

71ms
70ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkwNTc3NTc0NDU0ODQ1NzQ5NQ%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 04 Jun 2023 23:42:36 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 31.204.153.186; 31.204.153.186; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 78dcc56c-b054-4df8-a5bd-d4a92c7f8897
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkwNTc3NTc0NDU0ODQ1NzQ5NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame D35A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec40d0143f0a1289724e04a49be6d706eca3a8d043757c8adffb0c7458c380c5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4632
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

44ms
44ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 23:42:36 GMT
expires: Sun, 04 Jun 2023 23:42:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 23:42:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A955 0
20 B 94ms
94ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3392090660109&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A955 0
20 B 93ms
93ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3392090660109&version=m202301230201&ct=76&x=1&cor=3988426872373517300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A955 90 KB
36 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A2RUb_5j-XWXy0A8_O9KimYUsNm3O3Stz-Ivea7sx28nLCXUrDlZzEyeipO4RlT_TpDYezZ682qCw26defekTm511HSv4Pluky5LsVsJA2pfF0Lhk&cry=1&dbm_d=AKAmf-ADnX_Z6kpruVLHijevvMAE0vfNgW9P-jxMHGRPg_XpQYowf8E3XWGVgwMm4EYCwvxNQytJyDiftqR2u8yM07Q4fwOrrGQu0fd-m48zcETMNkRumvbBdHCnfoB1lXgm14xf49HNaXLU37UQhE036F7WqyJt9hdZKGWlQkYWVojHYPa-q48fXdyvbWwg_gz8nJ3zPTnBRklxQzfDoRdtc0ugfLtqYkpz9jF40IXCMw0yHwoqC_Bm6KJYWol1Nrd3M1uupANBpUNgS9KCglUlCLgIajagU8Thmno26THnooAkAmSc2yFZpeQBPc-qk4txZNt6hJZ6E4WoF16ke70ZzN5TRj8FWUYsVjH3bpRC-eCCKPk-btHv-G9BaoIWVZDGiZy7JfzGDtb9koEUOD8eyvjNXQdoOHxFWA9zQY3ceFwHBFnq-c72SjLm4jJTYDSV51a1YWxjCGreB6f9ZETHDBWBaRQj6khIumRudYN-R-3_OqmrjSZ2QB5m0fE4QJQsXDbtEzK5UU0SsFlWTVYJItY0dsahdfUBew80oSVsJLn0pdPjdFqG-2Q2lp_sb2M9litfwzFFizHGbWZxj6lCLot5qnvLoCRqu9-E3I-5zX0uLn-5LYXGUreinw-adJfM8j0g-Emo35g9zTWyjdHpHxQ5aLTNR689Ud-5X9ycN8pNzmv19RMAoCPtstAzop5ZMc-IwMBIN6IOsyartJyu8d6CziDlBFJOqiyaglF7bKNQr7MoPSt4ZvMdQwa-IRkBad3E0OqxJZOjn4IY8ok_-Yk_97RBA2Giazt8IdeV6hEP67RsGBmTNrlT5sLAz8i_WsPs8OmstJ4e2bwlOoJyFS--fcQisDu7tqzmLGfQE99nwTUsjqGpaq2A7PE_e8UcTg6KE9nC4IVJAzMAa6ykCI69L-pCu3p0JntvIXLWbxZ9-kKrKrqHiupeiphWhIEFqohdEDcpbAztwfdOffFvlQRATp7eQu1TqLlJZSydLowtzSUQzdXFVjW6w77_WRO56fUD1WtyevnD7NnWsUpWeX-tZ-Yky92NbfPt_9Sa4QLGoU_h7mpkGOiZK-RXHdDIbjHgGFlpclJP9PR9-IUCR-WADJn0JnnIZ9vlKQzrXd-vvX8NnI-_tt2Jji2kfA3R-IV1P63GaBpFNI3XfHzdBpiA225OzPkxwKl26jRK-TY2SzjRReRFuseEpHPfh6MSNI8HAsgf0UCF62hZMGk_HdBRIlpk592kr_thmHQ5bG0hccDfMbIyQlCS2sckvoD8OEFvovd2Thj8k23g3fRh-rhttjPwKz-Hs4DW2xHTMHDrlRh3lAHMMEfccs8E80H-ZNuQ4oM4ALHzJlB-OTWN_P6EBn47iugrckHjFNV_7HALfZchT7_SI_iZFZnZ53-ONYc_husY6_MJh-rSDIp9kVY73IybvecNvFniouMDWamQKlFxplkyf2hYPjOSJWh2FQ8ftV2EJ9eOmGSF-B9jqU6KKw3NHmn4MWjlm2-almlEmZbXiuR22RfBPth0wkSpp3dFiVsBLHnVhic6Wp4Wo8jNUI_u35ojGH55ASrWOiivzU3WcWlCnuoYpPfJ5MkPOvctWk_z03gfsKahV6Zm3FJuiSVaMOLmEa2GdbYQtSJb4z2lDJV01e4XXafSazoxP8XoI264p4nOrRcptxuBOxt8Ccjvq7lwbYXaITUPCgyn9nvsYPbHXm5PnTnEdw3tao3MQJgXXKfJJHCwBKoZ3LjTRKeS9HjIWxpxfd9dqIXfjKjyPkIc6CA8hcB1NEhUo5A6wlkrAQd9U4J1VCeHE2AnYemUe5oQJUkFC3-d5tv1kqGN7ELHH0YtNj6-0TPX4fuC2lwaVsnAitvKbuzZEEvM_TOObLfQSrccZmtntsLoEOmgKpdGWE1C_pQTLTug_Op1Ilgl5TLojSJsWfBXHkyNA_vYvnLszCPSPlfVnPX_GZTrH_5Z-x4no9BLEsbHgr5BXacHppa-UmvybVWJKaEtnBoHyy_fYYk0O6V7SCozcVz4XJrpFkiixvPfodROSYghdt3k3JN8bxyje8kR7K7aHWeCuEyGG6v7EpLv3cb53fw7xoFgjsQyJcZyX8wb0pe-Y-Dt95EUroe4beaiGrpiX1h4skgR-VZY2xehB7wp2qLiq0UtvyKm0oQRxjFy0cUaev_mXiiCLA8KohpMAp3j8GpMNbOrCBRZRzatEuhtMBfsGg5yulL3fHJDuH-U78QSH5eg2QaI1181Hrg32kOg_FofNDPWgdiOKJfjU0V9S8jxIg4kZ-ogMnQrFiGesHgZPuoKnYo2mz9EhPNmTt7UMGn1LQ2eFL9P-dxU2oDdwD2ef0QrW2-y5X-KPjSsUgrc1L1i8jl_TM-qjN2c8tL9Jewkt8mX-G-DhaA0aG3D08l7eXzJumWF-Rd3W8Kvc1rYW8TQUz3EHLN7_WL2OY-Pb4t3Symy-XsG2yC5i-q6-fvfWbOs_v8brS5bI5Z7_jKmRlhKU2kdHBEk_9k7U9taPdyKD6L6-mnofB8lWftwt2Ccj0yEjh9HwdiBc3RBPfD7EFuPvZoswwOi9AxXLqBhEVttdoGxv4GB4_4JRRKM3mrz2AY2EijNYkCTomGT3TcZQB92eRQlsKHC5smEXk0CU5adOMzIjhzeqKzHAdVRwHLO2-eLubl-gONyLAwbp70Idz3TGStJVK7SzvSH0nDD3adTHaGfuzTnCa0GS8ybeF7dVmFQcXdOco0-wDX1LaPEVZzHbXBWrWMB79CxUAWP2yd_60N-QV9YO_UwrrbPjYu2KbTp9kyCIEt-vZoxY1U8JZiuwrzxhJfmuaeXwsSBZkOOHqyan44D2w3oJq-cXUANM6FFGaeU1QTpr817fWkNYjMDxDs6dDkv0sIJvE9TCug0XzW-ZJc_u4MGtqeS3LMHLfo5W-Cd6phyHca-oL1a42-1bU7paX-9K661boW-Gi67HMVB2g15IhydPqSJekzm8bxnavQrQ3ktBzDzYdxOb6W-PtTpnN3ZZQe_51mK1w-G6OSagCNYw4BnABzUTpF4eSi3y0lacBb3ZcDoBZXNpLy0QFlAPdH4vceqZFeaVvisnfIS14IUd6Mrz20S8ZJ7ZR25qDo93c5owgByE8bSf91ZBpz1MhHldg3xjj_YLzhXr0ClKTJMqC-LvJEjysKFhboKp1GJXlMhkDD346Z74Rz5FoVm19st-tuxnWUOa8kwICKV5JXhpy2ywk2_gqf3RAz_T7FuYhlj8ZFBbPCTQbghh8LPe1thO5vhhryMiVb0o1sxLgjnL9DwZV3HiI_36WbzJKVN1DMxct3ysNyLQCWzHBmoziNtoCYVTMYi7UwSlDitKWubt5Z_kXM4gF24mMS0qZrlZ8p0YCjnv8UqafJcA5ZsZEJ-fSHZV2H3wzevdWVqGHv02XzDaxVpn4L_hwM_KNOg3o1wo2DzIoew3YTAptwKXKuSw-wwXUTbB-HCPg&cid=CAQSPABygQiDV_difxRYZCNLFntQ11hKd70U09Rl_jp-AY9h7Tl28zfeTPw86vWOVDw8kdVYz9bdU_rVxwa9qBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fbr.atsit.in%2F&ds=l&xdt=1&iif=1&cor=3988426872373517300&adk=497053795&idt=93&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c57ea43cb15e193d09c6956d0f9115f6ea9c548207f0ed9104b84fdce8a29154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5533026247140662&output=html&h=600&adk=3451972497&adf=2498633431&pi=t.aa~a.2594507593~rp.4&w=263&fwrn=4&fwrnh=100&lmt=1685922155&rafmt=1&to=qs&pwprc=5518319850&format=263x600&url=https%3A%2F%2Fbr.atsit.in%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685922155762&bpp=1&bdt=2233&idt=1&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee0fb367013cdeee-2211974433e100a8%3AT%3D1685922155%3ART%3D1685922155%3AS%3DALNI_MZlTwUXVyUTJJwLdpCad3Zm1ax9bg&gpic=UID%3D00000c4399df8a35%3AT%3D1685922155%3ART%3D1685922155%3AS%3DALNI_MaSO5ytgK00D4_Kxp3e-BqtEODqzw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3860851752660&frm=20&pv=1&ga_vid=2042981811.1685922155&ga_sid=1685922155&ga_hid=294017789&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=1472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44792109%2C44759842%2C44759927%2C31075003%2C44788442&oid=2&pvsid=404447995171631&tmod=2054248182&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=fuz7yNvkBt&p=https%3A//br.atsit.in&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36925
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 0593 35 B
466 B 112ms
33ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEE6RUawdT1DwivXYuoXJ7v8&google_cver=1&google_push=ATf1kGPPA5y_SKaL99dHZN4i6gX7v-D6si-WhIjiack87hYR7CQW20u4CBK1A0Td942OZ8iS9_AWKrrzYq9_j9IpjtaG8jKJ2OYlbFo

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0593
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMxkeJC9rrTIYT3IEjZX9R4&google_cver=1&google_push=ATf1kGN5Bz8rsu5zlkJ2H5SvOhl6XpofmpkH7cevZwBIexYIOiysnFHS2w21zDistx01j_0LrCU0pckfta17jiyC...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGN5Bz8rsu5zlkJ2H5SvOhl6XpofmpkH7cevZwBIexYIOiysnFHS2w21zDistx01j_0LrCU0pckfta17jiyCqtLJEuGWPkArcQ

170 B
233 B

70ms
69ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGN5Bz8rsu5zlkJ2H5SvOhl6XpofmpkH7cevZwBIexYIOiysnFHS2w21zDistx01j_0LrCU0pckfta17jiyCqtLJEuGWPkArcQ

Requested by

Host: br.atsit.in
URL: https://br.atsit.in/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 04 Jun 2023 23:42:36 GMT
Server: MT3 851 9bd98ae master zrh-pixel-x13 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGN5Bz8rsu5zlkJ2H5SvOhl6XpofmpkH7cevZwBIexYIOiysnFHS2w21zDistx01j_0LrCU0pckfta17jiyCqtLJEuGWPkArcQ
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 04 Jun 2023 23:42:35 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0593
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKs-nfdEhgwHYqDCtfJZXqE&google_cver=1&google_push=ATf1kGNdUGGS-IWouxfROUxSP8UR9TvqHLvk-sZGuCkev1E0c45ZQHydHLoOyATY0HQ9DV-rmnuA5cxxheVqqSMYw_evjbbpJSR22Lk
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D3B3A293824D41629E8734C2F420E2FF&google_push=ATf1kGNdUGGS-IWouxfROUxSP8UR9TvqHLvk-sZGuCkev1E0c45ZQHydHLoOyATY0HQ9DV-rmnuA5cxxheVqqSM...

170 B
233 B

69ms
69ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D3B3A293824D41629E8734C2F420E2FF&google_push=ATf1kGNdUGGS-IWouxfROUxSP8UR9TvqHLvk-sZGuCkev1E0c45ZQHydHLoOyATY0HQ9DV-rmnuA5cxxheVqqSMYw_evjbbpJSR22Lk

Requested by

Host: br.atsit.in
URL: https://br.atsit.in/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 04 Jun 2023 23:42:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D3B3A293824D41629E8734C2F420E2FF&google_push=ATf1kGNdUGGS-IWouxfROUxSP8UR9TvqHLvk-sZGuCkev1E0c45ZQHydHLoOyATY0HQ9DV-rmnuA5cxxheVqqSMYw_evjbbpJSR22Lk
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 03 Jun 2023 23:42:36 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 0593 70 B
266 B 137ms
42ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFy7K4NN3zIuOcM8mTb3kBc&google_cver=1&google_push=ATf1kGOC1jF_wm-YM1LKxAfHMvC7HWJ5wirl8TFOcH6ptiFAGrfR-hlDev2yaxElXQRXm_EN379llktnhziZntCjHmmhv8ee2CG1QMY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5533026247140662&output=html&h=192&adk=1587331879&adf=1300684125&pi=t.aa~a.662479323~rp.4&w=750&lmt=1685922155&nsk=63c37da6&rafmt=11&pwprc=5518319850&ad_type=text_image&format=750x192&url=https%3A%2F%2Fbr.atsit.in%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685922155791&bpp=2&bdt=2261&idt=2&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dee0fb367013cdeee-2211974433e100a8%3AT%3D1685922155%3ART%3D1685922155%3AS%3DALNI_MZlTwUXVyUTJJwLdpCad3Zm1ax9bg&gpic=UID%3D00000c4399df8a35%3AT%3D1685922155%3ART%3D1685922155%3AS%3DALNI_MaSO5ytgK00D4_Kxp3e-BqtEODqzw&prev_fmts=0x0%2C1200x280%2C263x600&nras=4&correlator=3860851752660&frm=20&pv=1&ga_vid=2042981811.1685922155&ga_sid=1685922155&ga_hid=294017789&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2449&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44792109%2C44759842%2C44759927%2C31075003%2C44788442&oid=2&pvsid=404447995171631&tmod=2054248182&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=DpxreSbg0X&p=https%3A//br.atsit.in&dtd=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0593
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENbHLRxJ7NKGAm2Mr2649_U&google_cver=1&google_push=ATf1kGNBufDfxtE6nln5sYDAAUrsGc3nxJ5Mh4RoSyJlPCLQ07q9ZfBlf8MYRzzRiH0sQQcx3Qi91ISzz4hbow...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0MDk4MDUyMzYyODgyMDYzNQ%3D%3D&google_push=ATf1kGNBufDfxtE6nln5sYDAAUrsGc3nxJ5Mh4RoSyJlPCLQ07q9ZfBlf8MYRzzRiH0sQQcx3Qi91ISzz4hbowOqqw...

170 B
233 B

70ms
69ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0MDk4MDUyMzYyODgyMDYzNQ%3D%3D&google_push=ATf1kGNBufDfxtE6nln5sYDAAUrsGc3nxJ5Mh4RoSyJlPCLQ07q9ZfBlf8MYRzzRiH0sQQcx3Qi91ISzz4hbowOqqwSWDoNIRqSryHM

Requested by

Host: br.atsit.in
URL: https://br.atsit.in/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0MDk4MDUyMzYyODgyMDYzNQ%3D%3D&google_push=ATf1kGNBufDfxtE6nln5sYDAAUrsGc3nxJ5Mh4RoSyJlPCLQ07q9ZfBlf8MYRzzRiH0sQQcx3Qi91ISzz4hbowOqqwSWDoNIRqSryHM
Date: Sun, 04 Jun 2023 23:42:36 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0593
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKzeUxOh-IDRayuW8hvHgQI&google_cver=1&google_push=ATf1kGNDUy0hhGrhlbELzxxFtOMLIOqioqLEuKkfgAzcxEvpyzrV0kXbwTVJR-rv6dCTQUycLLgekVo3pEYApHSWR3ei...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEKzeUxOh-IDRayuW8hvHgQI&google_cver=1&google_push=ATf1kGNDUy0hhGrhlbELzxxFtOMLIOqioqLEuKkfgAzcxEvpyzrV0kXbwTVJR-rv6dCTQUycLLgekVo3pEYApH...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNDUy0hhGrhlbELzxxFtOMLIOqioqLEuKkfgAzcxEvpyzrV0kXbwTVJR-rv6dCTQUycLLgekVo3pEYApHSWR3eiosSPP095dXI&google_hm=QuoyCfQ0QCm1Uf7bghnC...

170 B
233 B

69ms
68ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNDUy0hhGrhlbELzxxFtOMLIOqioqLEuKkfgAzcxEvpyzrV0kXbwTVJR-rv6dCTQUycLLgekVo3pEYApHSWR3eiosSPP095dXI&google_hm=QuoyCfQ0QCm1Uf7bghnCgA==

Requested by

Host: br.atsit.in
URL: https://br.atsit.in/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNDUy0hhGrhlbELzxxFtOMLIOqioqLEuKkfgAzcxEvpyzrV0kXbwTVJR-rv6dCTQUycLLgekVo3pEYApHSWR3eiosSPP095dXI&google_hm=QuoyCfQ0QCm1Uf7bghnCgA==
date: Sun, 04 Jun 2023 23:42:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 0593 43 B
363 B 159ms
43ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEOw-autLz3_U1rfDEt9EOT0&google_cver=1&google_push=ATf1kGNhmo6Y3jxjWmEueuwz5fIl5-yyDaFlHzceke-XyzqlBzrseXhEpbzH56hLlbfTUbJYyF8pIWzxuI7I_rjkZA1c5k2oLXNFMQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 350755
expires: Sun, 04 Jun 2023 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0593 0
131 B 128ms
68ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ikpsd8U5j4MzdqAWGSuWJ1_jY0qGQXHN3TMprSkoynVJ5UaPTDWEDsUXMpnuX7Hx1716Bu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame A955 170 KB
59 KB 128ms
32ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: br.atsit.in
URL: https://br.atsit.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 05:06:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Jun 2023 05:06:03 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame A955 11 KB
4 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A2RUb_5j-XWXy0A8_O9KimYUsNm3O3Stz-Ivea7sx28nLCXUrDlZzEyeipO4RlT_TpDYezZ682qCw26defekTm511HSv4Pluky5LsVsJA2pfF0Lhk&cry=1&dbm_d=AKAmf-ADnX_Z6kpruVLHijevvMAE0vfNgW9P-jxMHGRPg_XpQYowf8E3XWGVgwMm4EYCwvxNQytJyDiftqR2u8yM07Q4fwOrrGQu0fd-m48zcETMNkRumvbBdHCnfoB1lXgm14xf49HNaXLU37UQhE036F7WqyJt9hdZKGWlQkYWVojHYPa-q48fXdyvbWwg_gz8nJ3zPTnBRklxQzfDoRdtc0ugfLtqYkpz9jF40IXCMw0yHwoqC_Bm6KJYWol1Nrd3M1uupANBpUNgS9KCglUlCLgIajagU8Thmno26THnooAkAmSc2yFZpeQBPc-qk4txZNt6hJZ6E4WoF16ke70ZzN5TRj8FWUYsVjH3bpRC-eCCKPk-btHv-G9BaoIWVZDGiZy7JfzGDtb9koEUOD8eyvjNXQdoOHxFWA9zQY3ceFwHBFnq-c72SjLm4jJTYDSV51a1YWxjCGreB6f9ZETHDBWBaRQj6khIumRudYN-R-3_OqmrjSZ2QB5m0fE4QJQsXDbtEzK5UU0SsFlWTVYJItY0dsahdfUBew80oSVsJLn0pdPjdFqG-2Q2lp_sb2M9litfwzFFizHGbWZxj6lCLot5qnvLoCRqu9-E3I-5zX0uLn-5LYXGUreinw-adJfM8j0g-Emo35g9zTWyjdHpHxQ5aLTNR689Ud-5X9ycN8pNzmv19RMAoCPtstAzop5ZMc-IwMBIN6IOsyartJyu8d6CziDlBFJOqiyaglF7bKNQr7MoPSt4ZvMdQwa-IRkBad3E0OqxJZOjn4IY8ok_-Yk_97RBA2Giazt8IdeV6hEP67RsGBmTNrlT5sLAz8i_WsPs8OmstJ4e2bwlOoJyFS--fcQisDu7tqzmLGfQE99nwTUsjqGpaq2A7PE_e8UcTg6KE9nC4IVJAzMAa6ykCI69L-pCu3p0JntvIXLWbxZ9-kKrKrqHiupeiphWhIEFqohdEDcpbAztwfdOffFvlQRATp7eQu1TqLlJZSydLowtzSUQzdXFVjW6w77_WRO56fUD1WtyevnD7NnWsUpWeX-tZ-Yky92NbfPt_9Sa4QLGoU_h7mpkGOiZK-RXHdDIbjHgGFlpclJP9PR9-IUCR-WADJn0JnnIZ9vlKQzrXd-vvX8NnI-_tt2Jji2kfA3R-IV1P63GaBpFNI3XfHzdBpiA225OzPkxwKl26jRK-TY2SzjRReRFuseEpHPfh6MSNI8HAsgf0UCF62hZMGk_HdBRIlpk592kr_thmHQ5bG0hccDfMbIyQlCS2sckvoD8OEFvovd2Thj8k23g3fRh-rhttjPwKz-Hs4DW2xHTMHDrlRh3lAHMMEfccs8E80H-ZNuQ4oM4ALHzJlB-OTWN_P6EBn47iugrckHjFNV_7HALfZchT7_SI_iZFZnZ53-ONYc_husY6_MJh-rSDIp9kVY73IybvecNvFniouMDWamQKlFxplkyf2hYPjOSJWh2FQ8ftV2EJ9eOmGSF-B9jqU6KKw3NHmn4MWjlm2-almlEmZbXiuR22RfBPth0wkSpp3dFiVsBLHnVhic6Wp4Wo8jNUI_u35ojGH55ASrWOiivzU3WcWlCnuoYpPfJ5MkPOvctWk_z03gfsKahV6Zm3FJuiSVaMOLmEa2GdbYQtSJb4z2lDJV01e4XXafSazoxP8XoI264p4nOrRcptxuBOxt8Ccjvq7lwbYXaITUPCgyn9nvsYPbHXm5PnTnEdw3tao3MQJgXXKfJJHCwBKoZ3LjTRKeS9HjIWxpxfd9dqIXfjKjyPkIc6CA8hcB1NEhUo5A6wlkrAQd9U4J1VCeHE2AnYemUe5oQJUkFC3-d5tv1kqGN7ELHH0YtNj6-0TPX4fuC2lwaVsnAitvKbuzZEEvM_TOObLfQSrccZmtntsLoEOmgKpdGWE1C_pQTLTug_Op1Ilgl5TLojSJsWfBXHkyNA_vYvnLszCPSPlfVnPX_GZTrH_5Z-x4no9BLEsbHgr5BXacHppa-UmvybVWJKaEtnBoHyy_fYYk0O6V7SCozcVz4XJrpFkiixvPfodROSYghdt3k3JN8bxyje8kR7K7aHWeCuEyGG6v7EpLv3cb53fw7xoFgjsQyJcZyX8wb0pe-Y-Dt95EUroe4beaiGrpiX1h4skgR-VZY2xehB7wp2qLiq0UtvyKm0oQRxjFy0cUaev_mXiiCLA8KohpMAp3j8GpMNbOrCBRZRzatEuhtMBfsGg5yulL3fHJDuH-U78QSH5eg2QaI1181Hrg32kOg_FofNDPWgdiOKJfjU0V9S8jxIg4kZ-ogMnQrFiGesHgZPuoKnYo2mz9EhPNmTt7UMGn1LQ2eFL9P-dxU2oDdwD2ef0QrW2-y5X-KPjSsUgrc1L1i8jl_TM-qjN2c8tL9Jewkt8mX-G-DhaA0aG3D08l7eXzJumWF-Rd3W8Kvc1rYW8TQUz3EHLN7_WL2OY-Pb4t3Symy-XsG2yC5i-q6-fvfWbOs_v8brS5bI5Z7_jKmRlhKU2kdHBEk_9k7U9taPdyKD6L6-mnofB8lWftwt2Ccj0yEjh9HwdiBc3RBPfD7EFuPvZoswwOi9AxXLqBhEVttdoGxv4GB4_4JRRKM3mrz2AY2EijNYkCTomGT3TcZQB92eRQlsKHC5smEXk0CU5adOMzIjhzeqKzHAdVRwHLO2-eLubl-gONyLAwbp70Idz3TGStJVK7SzvSH0nDD3adTHaGfuzTnCa0GS8ybeF7dVmFQcXdOco0-wDX1LaPEVZzHbXBWrWMB79CxUAWP2yd_60N-QV9YO_UwrrbPjYu2KbTp9kyCIEt-vZoxY1U8JZiuwrzxhJfmuaeXwsSBZkOOHqyan44D2w3oJq-cXUANM6FFGaeU1QTpr817fWkNYjMDxDs6dDkv0sIJvE9TCug0XzW-ZJc_u4MGtqeS3LMHLfo5W-Cd6phyHca-oL1a42-1bU7paX-9K661boW-Gi67HMVB2g15IhydPqSJekzm8bxnavQrQ3ktBzDzYdxOb6W-PtTpnN3ZZQe_51mK1w-G6OSagCNYw4BnABzUTpF4eSi3y0lacBb3ZcDoBZXNpLy0QFlAPdH4vceqZFeaVvisnfIS14IUd6Mrz20S8ZJ7ZR25qDo93c5owgByE8bSf91ZBpz1MhHldg3xjj_YLzhXr0ClKTJMqC-LvJEjysKFhboKp1GJXlMhkDD346Z74Rz5FoVm19st-tuxnWUOa8kwICKV5JXhpy2ywk2_gqf3RAz_T7FuYhlj8ZFBbPCTQbghh8LPe1thO5vhhryMiVb0o1sxLgjnL9DwZV3HiI_36WbzJKVN1DMxct3ysNyLQCWzHBmoziNtoCYVTMYi7UwSlDitKWubt5Z_kXM4gF24mMS0qZrlZ8p0YCjnv8UqafJcA5ZsZEJ-fSHZV2H3wzevdWVqGHv02XzDaxVpn4L_hwM_KNOg3o1wo2DzIoew3YTAptwKXKuSw-wwXUTbB-HCPg&cid=CAQSPABygQiDV_difxRYZCNLFntQ11hKd70U09Rl_jp-AY9h7Tl28zfeTPw86vWOVDw8kdVYz9bdU_rVxwa9qBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fbr.atsit.in%2F&ds=l&xdt=1&iif=1&cor=3988426872373517300&adk=497053795&idt=93&cac=0&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 14:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34045
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 6053914914909336730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 14:15:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame A955 29 KB
11 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 21:03:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9537
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11027
x-xss-protection: 0
server: cafe
etag: 5492578185836041520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 21:03:39 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A955 41 KB
15 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: br.atsit.in
URL: https://br.atsit.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 18:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191840
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jun 2024 18:25:16 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D7E0 1 KB
643 B 59ms
58ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 19645
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 18:15:11 GMT
etag: 48472445140208031
expires: Mon, 05 Jun 2023 18:15:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A955 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37b19dfe3b9e2d819ccfcb51f01ab17335a59d7ce0f0e4e0717c2ddf07cdc623

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F4F2 22 KB
8 KB 34ms
33ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 144354
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 07:36:42 GMT
expires: Sun, 02 Jun 2024 07:36:42 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D7E0
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGtNJMLSDwWmAK-gA41cA8s&google_cver=1&google_push=ATf1kGM4KpIM_Ejq2GqeukH6RekyPvyaSdex-gztAQy4YFBLyZMRoGRU6E...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGM4KpIM_Ejq2GqeukH6RekyPvyaSdex-gztAQy4YFBLyZMRoGRU6EiTZLK-kqo_L4RKwyBXpSHpr-SCX4UTvcNMLnF04voO58Y&google_hm=Yz_OMuM8-...

170 B
233 B

69ms
69ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGM4KpIM_Ejq2GqeukH6RekyPvyaSdex-gztAQy4YFBLyZMRoGRU6EiTZLK-kqo_L4RKwyBXpSHpr-SCX4UTvcNMLnF04voO58Y&google_hm=Yz_OMuM8-zxFoZcqJCLewA

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGM4KpIM_Ejq2GqeukH6RekyPvyaSdex-gztAQy4YFBLyZMRoGRU6EiTZLK-kqo_L4RKwyBXpSHpr-SCX4UTvcNMLnF04voO58Y&google_hm=Yz_OMuM8-zxFoZcqJCLewA
pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D7E0
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESELVC8K074fzd3dGX8KkR6UA&google_cver=1&google_push=ATf1kGNiXULFnSyKSvH7tOqdCK1nKyzlqlst-IIx0qQDwoyDWGbtbYsKLQiTtPI02Ft6nVxArwCxvzBWL41H6HfWMebaelqM533vWw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D3B3A293824D41629E8734C2F420E2FF&google_push=ATf1kGNiXULFnSyKSvH7tOqdCK1nKyzlqlst-IIx0qQDwoyDWGbtbYsKLQiTtPI02Ft6nVxArwCxvzBWL41H6Hf...

170 B
233 B

69ms
69ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D3B3A293824D41629E8734C2F420E2FF&google_push=ATf1kGNiXULFnSyKSvH7tOqdCK1nKyzlqlst-IIx0qQDwoyDWGbtbYsKLQiTtPI02Ft6nVxArwCxvzBWL41H6HfWMebaelqM533vWw

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 04 Jun 2023 23:42:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D3B3A293824D41629E8734C2F420E2FF&google_push=ATf1kGNiXULFnSyKSvH7tOqdCK1nKyzlqlst-IIx0qQDwoyDWGbtbYsKLQiTtPI02Ft6nVxArwCxvzBWL41H6HfWMebaelqM533vWw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 03 Jun 2023 23:42:36 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D7E0
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFuFbHbjoSqBGJJtbM97PrE&google_cver=1&google_push=ATf1kGNgrNr6ogPtEo-5U5NWyZD7-dDtl0Kku02UEcSck-hHro2hJBRiFtoW5fSPhYbsgy2-Ev1XANq--Wd...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGNgrNr6ogPtEo-5U5NWyZD7-dDtl0Kku02UEcSck-hHro2hJBRiFtoW5fSPhYbsgy2-Ev1XANq--Wd-1IacbXS69X9Tnt-uP14&google_hm=19Wtq8UlTtyyNY8cy...

170 B
233 B

69ms
68ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGNgrNr6ogPtEo-5U5NWyZD7-dDtl0Kku02UEcSck-hHro2hJBRiFtoW5fSPhYbsgy2-Ev1XANq--Wd-1IacbXS69X9Tnt-uP14&google_hm=19Wtq8UlTtyyNY8cypu2bLo

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:35 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGNgrNr6ogPtEo-5U5NWyZD7-dDtl0Kku02UEcSck-hHro2hJBRiFtoW5fSPhYbsgy2-Ev1XANq--Wd-1IacbXS69X9Tnt-uP14&google_hm=19Wtq8UlTtyyNY8cypu2bLo
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D7E0
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGOlwUMcwHvPlZUTZwwitdU&google_cver=1&google_push=ATf1kGNO4KDOkm6LDSo6xB-He1XM27K8uSpeM7OYN6Qvc-HS8Lbm_g9YCMUB3BwbJplMOgHNUdGJbFcIcR-r0D...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0MDk4MDUyMzYyODgyMDYzNQ%3D%3D&google_push=ATf1kGNO4KDOkm6LDSo6xB-He1XM27K8uSpeM7OYN6Qvc-HS8Lbm_g9YCMUB3BwbJplMOgHNUdGJbFcIcR-r0DTE7o...

170 B
233 B

69ms
69ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0MDk4MDUyMzYyODgyMDYzNQ%3D%3D&google_push=ATf1kGNO4KDOkm6LDSo6xB-He1XM27K8uSpeM7OYN6Qvc-HS8Lbm_g9YCMUB3BwbJplMOgHNUdGJbFcIcR-r0DTE7oQULVX0Y_tYBtg

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0MDk4MDUyMzYyODgyMDYzNQ%3D%3D&google_push=ATf1kGNO4KDOkm6LDSo6xB-He1XM27K8uSpeM7OYN6Qvc-HS8Lbm_g9YCMUB3BwbJplMOgHNUdGJbFcIcR-r0DTE7oQULVX0Y_tYBtg
Date: Sun, 04 Jun 2023 23:42:36 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D7E0
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEa7OVPwpOow-DklhblTX7Q&google_cver=1&google_push=ATf1kGMSz-0vjBOBRDSiI6_Ig_x_IMhK7JyLJLrjMxtTQ87ErXGGz0NTR96yhq0X1jU2KfBA1swEV9q8...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEa7OVPwpOow-DklhblTX7Q&google_cver=1&google_push=ATf1kGMSz-0vjBOBRDSiI6_Ig_x_IMhK7JyLJLrjMxtTQ87ErXGGz0NTR96yhq0X1jU2KfBA1sw...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzg0MTY1NTY2NjU0NDM0Nzg3OQ&google_push=ATf1kGMSz-0vjBOBRDSiI6_Ig_x_IMhK7JyLJLrjMxtTQ87ErXGGz0NTR96yhq0X1jU2KfBA1swEV9...

170 B
188 B

74ms
74ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzg0MTY1NTY2NjU0NDM0Nzg3OQ&google_push=ATf1kGMSz-0vjBOBRDSiI6_Ig_x_IMhK7JyLJLrjMxtTQ87ErXGGz0NTR96yhq0X1jU2KfBA1swEV9q8KkLOURbCWjgHm7XAbB4c8Ww

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzg0MTY1NTY2NjU0NDM0Nzg3OQ&google_push=ATf1kGMSz-0vjBOBRDSiI6_Ig_x_IMhK7JyLJLrjMxtTQ87ErXGGz0NTR96yhq0X1jU2KfBA1swEV9q8KkLOURbCWjgHm7XAbB4c8Ww
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D7E0
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEB8yfkaxYYpO-r-J95HYOXw&google_cver=1&google_push=ATf1kGM8IcLPvdkdC348s_G87IOSzdaFO9WcUNmEk8teg6HzZ-ZzWjHNcWkGZwbzVRsPn4dTdJ4yW6HsIXg-uHPIZWcF49f...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEB8yfkaxYYpO-r-J95HYOXw&google_cver=1&google_push=ATf1kGM8IcLPvdkdC348s_G87IOSzdaFO9WcUNmEk8teg6HzZ-ZzWjHNcWkGZwbzVRsPn4dTdJ4yW6HsIXg-uHPIZWcF4...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGM8IcLPvdkdC348s_G87IOSzdaFO9WcUNmEk8teg6HzZ-ZzWjHNcWkGZwbzVRsPn4dTdJ4yW6HsIXg-uHPIZWcF49fPkfdyzBM

170 B
188 B

73ms
73ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGM8IcLPvdkdC348s_G87IOSzdaFO9WcUNmEk8teg6HzZ-ZzWjHNcWkGZwbzVRsPn4dTdJ4yW6HsIXg-uHPIZWcF49fPkfdyzBM

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGM8IcLPvdkdC348s_G87IOSzdaFO9WcUNmEk8teg6HzZ-ZzWjHNcWkGZwbzVRsPn4dTdJ4yW6HsIXg-uHPIZWcF49fPkfdyzBM
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D7E0
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEa7OVPwpOow-DklhblTX7Q&google_cver=1&google_push=ATf1kGNQFBKAJ9exstVhsJCXGpRE61r2MSkPymtZ1I_mIpmfPjVJx2W_EnzysHq_qagogwlFPK0jgpUV...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEa7OVPwpOow-DklhblTX7Q&google_cver=1&google_push=ATf1kGNQFBKAJ9exstVhsJCXGpRE61r2MSkPymtZ1I_mIpmfPjVJx2W_EnzysHq_qagogwlFPK0...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODM1MzkxNzk3MjkwMzcyNDE5MQ&google_push=ATf1kGNQFBKAJ9exstVhsJCXGpRE61r2MSkPymtZ1I_mIpmfPjVJx2W_EnzysHq_qagogwlFPK0jgp...

170 B
188 B

74ms
73ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODM1MzkxNzk3MjkwMzcyNDE5MQ&google_push=ATf1kGNQFBKAJ9exstVhsJCXGpRE61r2MSkPymtZ1I_mIpmfPjVJx2W_EnzysHq_qagogwlFPK0jgpUVJuV2T1xu1shV6IydgELmJuI

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODM1MzkxNzk3MjkwMzcyNDE5MQ&google_push=ATf1kGNQFBKAJ9exstVhsJCXGpRE61r2MSkPymtZ1I_mIpmfPjVJx2W_EnzysHq_qagogwlFPK0jgpUVJuV2T1xu1shV6IydgELmJuI
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D7E0 0
41 B 67ms
66ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KHm3-l0RZm0JRC1z-XCHn-i3f17hkfriYVWs4JDX8y8Ml64QdOkxJN1vgEJS8gcfVaoRCt

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js Show response
pagead2.googlesyndication.com/bg/ Frame F4F2 38 KB
15 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55074348e774e542235c2295a27f17fc0480a95a5d5f671c645d810e2ef0f06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 160395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14834
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 03:09:21 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/ Frame 9B8C 13 KB
3 KB 128ms
42ms Document
text/html 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182bf50f8ab9e1453a9a6c71f4b47271fcc182d7d5a04072d9927c1ef5d7afa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3275
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 23:42:36 GMT
expires: Mon, 03 Jun 2024 23:42:36 GMT
last-modified: Fri, 23 Dec 2022 09:31:07 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A955 0
0 174ms
88ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsupXP5sl_x99NgDoZ4UdPDMFZoLXNtvE5H7bomdn9-1P3Q7rbxzVY6d2Yo_oQ4vI49MPXt02Oq7Z9Q2pFbqpYx20BLjTKCkTvLtvR7apCqM5An4pl2uqyZr9A7VvI8RTSrLuCuHsWqiOKBhQ8TdU5uLY9hOQtosTr8LzXX5ZJLf_Z5Qwrv9wsaPwR6Ji5iFBUTaCeKOwGUuqCixw6KENw1HEDTmRdhCwe0C6yxNIVpDXXsZex0sGbvIFBc2FHXU2d1scOAh6Mt43BozH2LI3A8soGafLuc8C9joLeVYySJf00wvmPZbSk-0WlHa6rbF3CD1b9eZX3MXI0bUHQ0OaIGtghmFHfFbrCVLcN_Oy7IJ5khn4YQ7l9SEHSmuiJBrWcclRUcYuoCM6JTfzy8grUMUSYVSjWAP2CfUCSdQbe1k6fb3sa3RLbhSbFgh0olMeqVlSOovH7T56U5aV4xR2xwRYTdtApZntsuMAlrYmQu4-_fb3CtThgs8azAXNo70KfODbnaoy0XNLF-4NaYtcnGXOtQHtOpiHITSSNm5v7hU8UEB-ObUZpctOr3FGapm8ao4CUYHozOShPahk8o_EOcfpt8VBI3CwEabKFtzQCPDYoBdFsKhFgCRGpc6RiKQAcr3dyh-srlbMYIdBcKEIuhLdZUQWpgYqHF-nXdI-axpAy-TKTsF3bI8RuoMfnSkt_ZIMQSU91HuJhuvrPclqV9_2KBVvJ88fqZr30SBhdbDsLHnYqXryQ8nfXAy3VRyQzTg2FUnSS9fMKTkaSMoX167TmCxyxvNSbgacm9SbxdVrI2tL1Psi1c6OwZbKz99Tolmk-WRoNS2E88-HAKNwJRW_K8KHzYfo8g3EVIMPSE6GvA7rrHhTgAtYL2hY1EnmXcvsernUH-jKEjlGqqzlAQ6jiW3nmKWH2Lx9rP9H9KpZ3vKY5qtKrDr0MFU2dIVmGftfa7Mtw80WeBMiwtguk8UT6GexUc09UJ5-DrJW7-pF_nrgyl8PFSnFvPJhio6V-cDLqYrIFmcsctZlsMHNpBRHk0VvyCzBO2tEBc9qsIoKAu8NaZ1rYVBlp_Rf8EcsQY4lo4gY59VSLsi76EwkwLA1Q9UNtuJ8fOjvPB6lvg5Xb7xkpkEDj5Le4n8yC-kplFNn-xlR3Iz8ATKdSrsbZbWzrvwR7FgzLktEauKPy3BrRjEbBfAw3OzbhLkM-qKu6GDu3JkFMx_ng&sai=AMfl-YStID7mZ4rRdpXmW3ur4Xe-CTzwf2xoKrbMNVjV74DYHYTqg-QRqwE8hMHDmkLoaQUHtRkWYh_UGxzM7fzOkwv3YxdVRs8El_eQRenNnzSVg0Ve6Fh-WgOL1ZrIkg636NNPES2N6QtQvlO-MekU8nZUkACPPFIwzT7ImOzI_ZuWS5SWMuChPw4-86yX09XE6_0SUAtP43LM8j656GWnx35iIYX4hjd4YxPuF-uI8Y5E2Tq4ZIG2baqOSo6CSGNazfTtIDm1CRkXu3f3ZTGJO3owJjMI7VF2qA&sig=Cg0ArKJSzDPY-r3XeFqBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=203&cbvp=1&cstd=194&cisv=r20230531.86531&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: br.atsit.in
URL: https://br.atsit.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 04 Jun 2023 23:42:36 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 04 Jun 2023 23:42:36 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F4F2 0
20 B 96ms
95ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDQw0bCF9ZIDZEuDmx_AP5ciauAQAAAAAOAHgBAI&bg=!l5SllMDNAAY9J7QfHSc7ADkAdvg8WjCd811bqIxNrkWwLW7f1MsWLxOQthr5sxTrN_xfp3KLDR-mFTpeiDefo1ECvTyvWpObetMCAAAAglIAAAACaAEHmQMpDRyyauKIJVCA7CiqR1K6OVGe6cQUmplf-Pi7sKm7v-ILPDtuOOf4Vbvw3lOjYs8pRQQqTSO6Tu4RANSIRrq1WVmBaV22JnuG1sgnoh_RkoslOp87Dvl8SUclEgUc5DaRPRroP1tjX1EjTirgi25qbjvPudGkkJo_p47TJkKFaUc66tdynHnouHzUBOmFTJNMq-fq7O4Om7aZNZ7_ZOGx6zrJUucVpiPybe5nFW3-tJrts7Etcv2MxbSCxJVyNZ-DsWnE_MU-rmT9f8ILeGR0iemkKEG1ql2a94jOOgsdmgFzgeVdf2sfpnLVQHWJhyLzsEEp7nrn7XTKqIsK-_eh9ohhU2Pe86iiR1Y3yU9QuG8gJTLIaGVljnZGpLa0nBtJh1T3y8j0gA7ARQNqqOlXnRMVBVq7JRHVEnWEGklMxG1lGfj_zRI7A1wO-X9hzLNxpjmEvDYJhgmDiLvbz15i5clYqD0VPSky5fAGluDu8yguif6IIk6Am8rKhVWmwlgt9SyR_S-yVfCq1e5Y77V9xvWgsqAjHNyr73jkAWakH_Tepsa1f1TC0xPXjYTgSkWOx--zVa4mWQTRwC7jxhcYgRTRVOrfbBfiHtDwxHKtG_wZqgYmMqztjXlnMpPeY7FcsXeZ32WITxNmhRv7JxK8VZmxW3dP0CjuQgEEa_jF-_GbbVnjzZ-fJkJ8EON2fMIOVBorn6Lxo33xuwNBZO3EDZBbuMvxFocZQwkXdN-bBbutHGySB_4TEAfiuoYHFfKjQw2uCEUs9ggUz5ft3KwerCmf2gZDIRP3L-ptMtPpLhf7bV6J0Hsi2qcqk1z-EdR5ZER2_8avtu_AUsyCpV3xObDXDyAJ19GMHKLCMOPU9uFmcsO0zt7ynm3vZggXtjg-PPSQ-NUkdXXsKlpKaA53_lZulJu0LLl3S0JzyJ4ZLSt6nGPPKjgVVs2s0C8Ml3k0-1ylyHZMl7K3etzkKyME9tbPyVvrZIbfDs6JKXC80NVTymBCu0-9_MQ1mkRGux-zCyhwXnYrQkPxxk7xKkFADJyNy9K3Go2IQDPzUs4VzkNujESd52YsDiw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/ Frame 9B8C 6 KB
2 KB 36ms
35ms Stylesheet
text/css 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c821ac5b54d6356aa81644902d5fad10603c9a415679c081d7760dde7f7bdbd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 15:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201703
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1924
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 09:31:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 01 Jun 2024 15:40:53 GMT

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/ Frame 9B8C 3 KB
754 B 39ms
38ms Stylesheet
text/css 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/adStyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa044d7262a0ceaf60684b2cf17eef7c27511fe99af0babe41a355d558eabfa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 16:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110890
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 725
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 09:31:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 16:54:26 GMT

GET
H3 200 CanvaSansDisplayBold.woff
s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/ Frame 9B8C 37 KB
37 KB 53ms
51ms Font
font/woff 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/CanvaSansDisplayBold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79630aa66a2fd742af143103e8114c9ea35d4308fd3523bd101a89d8b908923a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:37:20 GMT
x-content-type-options: nosniff
age: 101116
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37712
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 09:31:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 19:37:20 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 9B8C 118 KB
40 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 10:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47175
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Jun 2023 10:36:21 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 9B8C 57 KB
23 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Jun 2023 23:42:36 GMT

GET
H3 200 textFit.js Show response
s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/ Frame 9B8C 8 KB
3 KB 66ms
64ms Script
application/x-javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/textFit.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8e48ea465007a8f3473fecfbcfe2e31e0d807e98f8ab65f8b0e655779ae2b72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 23:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2875
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 09:31:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 23:04:38 GMT

GET
H3 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/ Frame 9B8C 25 KB
11 KB 67ms
66ms Script
application/x-javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/adlibUtils-v3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aefdb07258782fc3aa84dc518ab2052e5b1dad3405867fb1f9d65f816b03c12a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157826
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10802
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 09:31:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 03:52:10 GMT

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/ Frame 9B8C 2 KB
912 B 73ms
72ms Script
application/x-javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c48f0d85c8f75166f15724ec0b481bb514a9d018cfca07cbdc44bb335bd2fb55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:42:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100833
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 883
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 09:31:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 19:42:03 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A955 0
0 73ms
72ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsupXP5sl_x99NgDoZ4UdPDMFZoLXNtvE5H7bomdn9-1P3Q7rbxzVY6d2Yo_oQ4vI49MPXt02Oq7Z9Q2pFbqpYx20BLjTKCkTvLtvR7apCqM5An4pl2uqyZr9A7VvI8RTSrLuCuHsWqiOKBhQ8TdU5uLY9hOQtosTr8LzXX5ZJLf_Z5Qwrv9wsaPwR6Ji5iFBUTaCeKOwGUuqCixw6KENw1HEDTmRdhCwe0C6yxNIVpDXXsZex0sGbvIFBc2FHXU2d1scOAh6Mt43BozH2LI3A8soGafLuc8C9joLeVYySJf00wvmPZbSk-0WlHa6rbF3CD1b9eZX3MXI0bUHQ0OaIGtghmFHfFbrCVLcN_Oy7IJ5khn4YQ7l9SEHSmuiJBrWcclRUcYuoCM6JTfzy8grUMUSYVSjWAP2CfUCSdQbe1k6fb3sa3RLbhSbFgh0olMeqVlSOovH7T56U5aV4xR2xwRYTdtApZntsuMAlrYmQu4-_fb3CtThgs8azAXNo70KfODbnaoy0XNLF-4NaYtcnGXOtQHtOpiHITSSNm5v7hU8UEB-ObUZpctOr3FGapm8ao4CUYHozOShPahk8o_EOcfpt8VBI3CwEabKFtzQCPDYoBdFsKhFgCRGpc6RiKQAcr3dyh-srlbMYIdBcKEIuhLdZUQWpgYqHF-nXdI-axpAy-TKTsF3bI8RuoMfnSkt_ZIMQSU91HuJhuvrPclqV9_2KBVvJ88fqZr30SBhdbDsLHnYqXryQ8nfXAy3VRyQzTg2FUnSS9fMKTkaSMoX167TmCxyxvNSbgacm9SbxdVrI2tL1Psi1c6OwZbKz99Tolmk-WRoNS2E88-HAKNwJRW_K8KHzYfo8g3EVIMPSE6GvA7rrHhTgAtYL2hY1EnmXcvsernUH-jKEjlGqqzlAQ6jiW3nmKWH2Lx9rP9H9KpZ3vKY5qtKrDr0MFU2dIVmGftfa7Mtw80WeBMiwtguk8UT6GexUc09UJ5-DrJW7-pF_nrgyl8PFSnFvPJhio6V-cDLqYrIFmcsctZlsMHNpBRHk0VvyCzBO2tEBc9qsIoKAu8NaZ1rYVBlp_Rf8EcsQY4lo4gY59VSLsi76EwkwLA1Q9UNtuJ8fOjvPB6lvg5Xb7xkpkEDj5Le4n8yC-kplFNn-xlR3Iz8ATKdSrsbZbWzrvwR7FgzLktEauKPy3BrRjEbBfAw3OzbhLkM-qKu6GDu3JkFMx_ng&sai=AMfl-YStID7mZ4rRdpXmW3ur4Xe-CTzwf2xoKrbMNVjV74DYHYTqg-QRqwE8hMHDmkLoaQUHtRkWYh_UGxzM7fzOkwv3YxdVRs8El_eQRenNnzSVg0Ve6Fh-WgOL1ZrIkg636NNPES2N6QtQvlO-MekU8nZUkACPPFIwzT7ImOzI_ZuWS5SWMuChPw4-86yX09XE6_0SUAtP43LM8j656GWnx35iIYX4hjd4YxPuF-uI8Y5E2Tq4ZIG2baqOSo6CSGNazfTtIDm1CRkXu3f3ZTGJO3owJjMI7VF2qA&sig=Cg0ArKJSzDPY-r3XeFqBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=451&vt=11&dtpt=248&dett=3&cstd=194&cisv=r20230531.86531&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: br.atsit.in
URL: https://br.atsit.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Jun 2023 23:42:36 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 78ms
77ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230531&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b80a912d0fc01c2557815ae9054b55dbe8824708881eb28e1f3a9e942a545c7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11093
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9B8C 7 KB
6 KB 75ms
75ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53be706207ed2c4fe94aaf1dfd069a5ed400b543fd2456ecfc58bf14b307d52e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5720
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Jun 2023 23:42:36 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 96CF 42 B
64 B 72ms
72ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiqnmmg3S93SaaOJ_NXLmHKkOr2HUr8D-KDx7LZf9nmI9y0Xn-xMKl7XHQnLpjFjh-IDbQSq90hArFJTkGd2pGJAlw&sig=Cg0ArKJSzDXz8nOHkiltEAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1213588912&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685922155113&rpt=845&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A8D5 13 KB
5 KB 34ms
34ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://br.atsit.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 40814
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 12:22:22 GMT
expires: Mon, 03 Jun 2024 12:22:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1D0A 783 B
534 B 43ms
43ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

152161a10a998af8da0ba58be2ec1b3c6ada8f57a2a6d4af42a5847e9451d421

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ilF_B4Y-0na7tAP09-knig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://br.atsit.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-ilF_B4Y-0na7tAP09-knig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 23:42:37 GMT
expires: Sun, 04 Jun 2023 23:42:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9B8C 17 KB
6 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Jun 2023 23:42:37 GMT

GET
H3 200 Blue%20Dark.png_1682319839930_Blue%20Dark.png
s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v3/partners/633cdb43c2dff55335fd416b/assets/singleFiles/63e5162bb9902100cf171eb6/original/ Frame 9B8C 19 KB
19 KB 37ms
36ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v3/partners/633cdb43c2dff55335fd416b/assets/singleFiles/63e5162bb9902100cf171eb6/original/Blue%20Dark.png_1682319839930_Blue%20Dark.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fadc2074fdbb60d7f34bd18f346391f6c8c44f65e3e80f1b21599add4a84f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 29 May 2023 07:59:46 GMT
x-content-type-options: nosniff
age: 574971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19197
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 07:04:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 May 2024 07:59:46 GMT

GET
H3 200 blank.png_1671714812913_blank.png
s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v3/partners/633cdb43c2dff55335fd416b/assets/singleFiles/63a3f0cb03497090adda2da6/original/ Frame 9B8C 191 B
216 B 39ms
37ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v3/partners/633cdb43c2dff55335fd416b/assets/singleFiles/63a3f0cb03497090adda2da6/original/blank.png_1671714812913_blank.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80a466c320c6c23384298a00c8a1192195225a11d1bce68328cf37a6bce29aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 23:34:46 GMT
x-content-type-options: nosniff
age: 86871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 13:13:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 23:34:46 GMT

GET
H3 200 logo2.png_1671714812913_logo2.png
s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/63a162bd011c427999e929ca/content/ Frame 9B8C 2 KB
2 KB 41ms
39ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/63a162bd011c427999e929ca/content/logo2.png_1671714812913_logo2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b637f74287deb446673f569a1f3b0f19e2dc029a29317633f7f7d54182d2e9fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 14:25:19 GMT
x-content-type-options: nosniff
age: 119838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1871
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 13:13:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 14:25:19 GMT

GET
H3 200 logo3.png_1671714812913_logo3.png
s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/63a162bd011c427999e929ca/content/ Frame 9B8C 1 KB
1 KB 42ms
40ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

309071ae32f766a46f7ef67879df757151aadb442110048361ff04060960b5f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 16:27:01 GMT
x-content-type-options: nosniff
age: 112536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1432
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 13:13:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 16:27:01 GMT

GET
H3 200 spritesheet.png_1671714812913_spritesheet.png
s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v3/partners/633cdb43c2dff55335fd416b/assets/singleFiles/63a3fc1b0349706994dac3a8/original/ Frame 9B8C 628 KB
629 KB 39ms
37ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v3/partners/633cdb43c2dff55335fd416b/assets/singleFiles/63a3fc1b0349706994dac3a8/original/spritesheet.png_1671714812913_spritesheet.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2decfcea631dc6e5a39e44aa0bf4be206b10870490d78d75996c896b5a6825df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 02:39:46 GMT
x-content-type-options: nosniff
age: 248571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 643531
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 13:13:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Jun 2024 02:39:46 GMT

GET
H3 200 frame1Image2.png_1671714812913_frame1Image2.png
s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/63a162bd011c427999e929ca/content/ Frame 9B8C 8 KB
8 KB 45ms
43ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70db1e095481a3a84124e4973e9df4fdacc325d593face5488bf43edb9f36ab9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 18:05:13 GMT
x-content-type-options: nosniff
age: 106644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8121
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 13:13:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 18:05:13 GMT

GET
H3 200 blank.png_1671714812913_blank.png
s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/63a162bd011c427999e929ca/content/ Frame 9B8C 927 B
956 B 42ms
40ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 16:36:17 GMT
x-content-type-options: nosniff
age: 111980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 927
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 13:13:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 16:36:17 GMT

GET
H3 200 frame1Image4.png_1671714812913_frame1Image4.png
s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/63a162bd011c427999e929ca/content/ Frame 9B8C 17 KB
17 KB 42ms
40ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2a3d5595778f744d74958eb4a5c7fd681a6e6b3a450919717441d2d20665898

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:12:44 GMT
x-content-type-options: nosniff
age: 116993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17846
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 13:13:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 15:12:44 GMT

GET
H3 200 spritesheet-a3a282.png_1683680545788_spritesheet-a3a282.png
s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v3/partners/633cdb43c2dff55335fd416b/assets/singleFiles/6445ebeb177b6707164f01f7/original/ Frame 9B8C 748 KB
748 KB 47ms
46ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v3/partners/633cdb43c2dff55335fd416b/assets/singleFiles/6445ebeb177b6707164f01f7/original/spritesheet-a3a282.png_1683680545788_spritesheet-a3a282.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80ac66f9090a6b5f8c9fa401f7e66b06af00f10c229627f98a8dac6dd53746e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 06:28:17 GMT
x-content-type-options: nosniff
age: 407660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 765712
x-xss-protection: 0
last-modified: Wed, 10 May 2023 01:02:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 May 2024 06:28:17 GMT

GET
H3 200 logo.png_1671714812913_logo.png
s0.2mdn.net/dynamic/2/11032346/cdn.ad-lib.io/v2/partners/633cdb43c2dff55335fd416b/assets/concepts/634e1187c2dff56bd63c1f5d/templates/63a162bd011c427999e929ca/content/ Frame 9B8C 5 KB
5 KB 44ms
42ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b6fb2ca3d8a62dc30d855edb61cc44646e3677c26053047469c79866677f4ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13158047565041631232/160x600-Canva-Evergreen/index.html?e=69&leftOffset=0&topOffset=0&c=OyM6TkE2kw&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 17:21:51 GMT
x-content-type-options: nosniff
age: 195646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4914
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 13:13:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Jun 2024 17:21:51 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 2CFB 0
127 B 42ms
42ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 04 Jun 2023 23:42:36 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js Show response
pagead2.googlesyndication.com/bg/ Frame AD2A 38 KB
15 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55074348e774e542235c2295a27f17fc0480a95a5d5f671c645d810e2ef0f06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 160396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14834
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 03:09:21 GMT

GET
H3 200 VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js Show response
pagead2.googlesyndication.com/bg/ Frame A8D5 38 KB
15 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VQdDSOd05UIjXCKVon8X_ASAqVpdX2ccZF2BDi7w8G4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55074348e774e542235c2295a27f17fc0480a95a5d5f671c645d810e2ef0f06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 160396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14834
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 03:09:21 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1D0A 0
0 94ms
94ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230531&jk=404447995171631&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A8D5 0
10 B 34ms
33ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?VVK0dA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:42:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AA83 42 B
64 B 71ms
71ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstc5P6e5YE-Ec7xhY6iwJAbf1JkhyYU3NcddiAwrQA6O0rckh0ycSaW7neoasN4LovBf0AS1f5PoiaNjg9tnCsKn-hwo4vnKe5xckXhtlbCdqFjcM2DD_AHSxcU5Xa4gVhi42CYyQ&sai=AMfl-YSYLHe7xYA00LUt3KF__-3Si80FdPTLT0kiIIDDbJ0cxFZWx9n3pgcfvST7gM5z-br8x2aML-eJliUM&sig=Cg0ArKJSzLpJsHsFbp6AEAE&cid=CAQSGwBygQiDS7OohGkFkVVKB57SRImMC-6vCfI0sxgB&id=lidar2&mcvt=1020&p=0,0,124,1005&mtos=73,786,1020,1095,1095&tos=73,713,234,75,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685922155850&rpt=312&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 96ms
96ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230531&jk=404447995171631&bg=!aWqlaj7NAAY9J7QfHSc7ADkAdvg8WmbPKtFf6wBAUbzStgCseb6hqixu6rAKRKTBA1oNmgk9ktNPiFYds8S3GRL0G6xcUbDfH3YCAAAAbVIAAAAEaAEHCgBWvyd51Szy3y2e7GQmV51o6I4RM9z4v5FOXQLxEt5Awm5mcj9gdRNq8zFwx_AgQy5c1MLCs1O9O8nhfODRmaM80NbEBUFHPWmGhF9h2VJD8rILR_vtHiiZAu8f2bQ2n9jBipZCCyuCmM1iNGeKOIH5-FXFu1Ys1TfUEf-5lt8EaC9EOod-9VZut05-GeWwADdpNNCncoZvoQP-KLyi0T-sBFL0pTVfSAsGbJbOtd2cO63_m1F5NpkJJwru4iI4Y3ap2Bo39UgVHRU4k6xd9PCQkvODLJcGuFKXyiL6U49BGdsJsm50VUo5dJbT59eQg_Ht5LPRg4fZFzeL3SyMuhzEWBxV6uqR6lQb4nClnH4niN9mkLZCeLW-zX0BnZwLcOiWHqdKqjSKlTlHYJXBfY3bcPVMdVzxBGfzhr8n6xgWMF4sY_19WgjprMU5g79GlUTyUMUZDEexaRAPuN-mjr5sW1hpQB1Ky9JP7YUTNZkFTIdIgMC2Dszv6W2nLtCjaZ9IC1CW2ti9k5ADA0sQcaQyuc80NlWLSibFyY6zi411ZM-yH3DXB32JE1dUNohT9IBTPeFYe_Z2YxSuF-neAprezwxs--Grmv7dlLOB7C6LIjsijCf8K9AGR0CBHaQ5I-msJl2pizxiRUB0_2fBNyKJgk8wJ-r4OxKA24gZdaqXpD3Fbfl2zb-GgUxrmk3gu5XRW6739fs_RDqT2QLKILRehQx_L2zJEazf6gMf7qGOvhTazlB4358i7-bbMv_u6K1V-G0q267k5_EA74nIJrEXrrleJqdFBp-wvBCq8R36DwzKtFZjNfC4OPCcI7prBW22fMpKVXiqSVQoeDonFhZmAdaXWQ7DZhTixS5ITFg9eqMexATMbl-iXvdIlOKOc_Jv-E6g7EYsF0GZ89m3Upfrj3wJIlDSdrpKEGzFqmwLPQ6ntWAE5J97yhO6oySEm2_KWE30eKgEEJWsbMDUaZ-5aHa_vmzxWgjYGvUt4fr8F66c-A7j_DvouOz78ZpxJg_qrb8U2JwzzXei41gcsFhOw8eOO3RlbOe6sCIxPKxsJ9JUHwc7T41_iu_zn5wJ4MoZDwHSC8yQDflzZucT_IHh5dBA_SjcqOk1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://br.atsit.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A955 0
20 B 93ms
93ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3392090660109&version=m202301230201&ct=76&x=1&cor=3988426872373517300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Jun 2023 23:42:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.atsit.in/	1970-01-20 21:54:42	Name: _ga_KRKT8F82RN Value: GS1.1.1685922154.1.0.1685922154.0.0.0
.atsit.in/	1970-01-20 21:54:42	Name: _ga Value: GA1.2.2042981811.1685922155
.atsit.in/	1970-01-20 12:20:08	Name: _gid Value: GA1.2.608592764.1685922155
.atsit.in/	1970-01-20 12:18:42	Name: _gat_gtag_UA_188333969_1 Value: 1
.atsit.in/	1970-01-20 21:40:18	Name: __gads Value: ID=ee0fb367013cdeee-2211974433e100a8:T=1685922155:RT=1685922155:S=ALNI_MZlTwUXVyUTJJwLdpCad3Zm1ax9bg
.atsit.in/	1970-01-20 21:40:18	Name: __gpi Value: UID=00000c4399df8a35:T=1685922155:RT=1685922155:S=ALNI_MaSO5ytgK00D4_Kxp3e-BqtEODqzw
.doubleclick.net/	1970-01-20 21:40:18	Name: IDE Value: AHWqTUlb680TIACL78D1qfGDYSGIzAluxHJMAzYs0jxSW-HJ-TMmWeuR4SuhoAMVq3s
.doubleclick.net/	1970-01-20 12:18:45	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 14:28:18	Name: uuid2 Value: 3905775744548457495
.casalemedia.com/	1970-01-20 21:04:18	Name: CMID Value: ZH0hbAFZm.z7bHRLGicfegAA
.casalemedia.com/	1970-01-20 14:28:18	Name: CMPS Value: 3262
.casalemedia.com/	1970-01-20 14:28:18	Name: CMPRO Value: 3262
.simpli.fi/	1970-01-20 21:05:44	Name: suid Value: D3B3A293824D41629E8734C2F420E2FF
.adfarm1.adition.com/	1970-01-20 14:28:18	Name: UserID1 Value: 7240980523628820635
.quantserve.com/	1970-01-20 14:28:18	Name: d Value: ECIBCQGTKYEA
.quantserve.com/	1970-01-20 21:48:56	Name: mc Value: 647d216c-644e7-1860d-98b0e
.mathtag.com/	1970-01-20 21:44:37	Name: uuid Value: bc1a647d-216d-4000-9f09-97dc0963d14d
.mathtag.com/	1970-01-20 13:01:54	Name: mt_mop Value: 4:1685922157
.adnxs.com/	1970-01-20 14:28:18	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>uu$Y3:!@wnfH8K6pQK`!5=E<L5?%M<kLE])2`Q:p6RyOqgPsS!7SB80?wKtt3<sP2bpRzqF1`b`@]*?FmP
.bidswitch.net/	1970-01-20 21:04:18	Name: tuuid Value: 42ea3209-f434-4029-b551-fedb8219c280
.bidswitch.net/	1970-01-20 21:04:18	Name: c Value: 1685922156
.bidswitch.net/	1970-01-20 21:04:18	Name: tuuid_lu Value: 1685922156
.bidswitch.net/	1970-01-20 12:18:42	Name: google_push Value: ATf1kGNDUy0hhGrhlbELzxxFtOMLIOqioqLEuKkfgAzcxEvpyzrV0kXbwTVJR-rv6dCTQUycLLgekVo3pEYApHSWR3eiosSPP095dXI
.ctnsnet.com/	1970-01-20 21:04:18	Name: gid_CAESEFuFbHbjoSqBGJJtbM97PrE Value: 1
.ctnsnet.com/	1970-01-20 21:04:18	Name: cid_d7d5adabc5254edcb2358f1cca9bb66c Value: 1
.adform.net/	1970-01-20 13:01:54	Name: C Value: 1
.de17a.com/	1970-01-20 20:57:06	Name: guid Value: 1.1073294791506971776
.adform.net/	1970-01-20 13:45:06	Name: uid Value: 7841655666544347879

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5533026247140662&output=html&h=280&adk=1213588912&adf=3574913033&pi=t.aa~a.938140757~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1685922155&rafmt=1&to=qs&pwprc=5518319850&format=1200x280&url=https%3A%2F%2Fbr.atsit.in%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685922154730&bpp=2&bdt=1200&idt=377&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3860851752660&frm=20&pv=1&ga_vid=2042981811.1685922155&ga_sid=1685922155&ga_hid=294017789&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44792109%2C44759842%2C44759927%2C31075003%2C44788442&oid=2&pvsid=404447995171631&tmod=2054248182&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=etVx2hixZq&p=https%3A//br.atsit.in&dtd=381 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-5533026247140662&fa=1&ifi=6&uci=a!6&btvi=3&xpc=byk4urvucP&p=https%3A//br.atsit.in Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.nl
br.atsit.in
c1.adform.net
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imageproxy.eu.criteo.net
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
rtb.nl3.eu.criteo.com
s0.2mdn.net
static.criteo.net
sync.mathtag.com
tpc.googlesyndication.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.250.185.162
142.250.186.98
178.250.1.6
178.250.7.11
185.29.132.245
185.80.39.216
185.89.210.141
2001:4860:4802:32::36
213.155.156.181
2606:4700::6811:180e
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:803::2002
2a00:1450:4001:806::2004
2a00:1450:4001:806::2006
2a00:1450:4001:806::2008
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:827::200e
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2003
2a02:2638:3::12
2a02:2638:3::9
2a02:2638:d::11
2a02:2638:d::13
2a02:2638:d::2
2a06:98c1:3121::3
3.33.220.150
35.158.42.58
35.186.193.173
35.204.158.49
37.157.2.234
85.114.159.93
005b12bf65f5e736490d697c7c51d1463544db1c1ca66a1681628ce10f30af67
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09e712f1fc9b1af1762b423bc6242d7214c85b1e518053c3b419897b313987f7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
129a290a99ebb0fefca93c231ff570e5d496939fb47694eba452a8f93e5d93b1
152161a10a998af8da0ba58be2ec1b3c6ada8f57a2a6d4af42a5847e9451d421
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
182bf50f8ab9e1453a9a6c71f4b47271fcc182d7d5a04072d9927c1ef5d7afa8
1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1
20b588b86dac6a605b4baefd6a9d46f2c1ac84dd78a230dfb4b962c3155096f4
23a3864a191ddf4b3ef4ca961489364620e1f485a265bfb9ae28efe792cddfb3
250d195bc836ba04598ee30b15927eb4507eda10555693012685f5eda5d15867
2bb88b45ce515202bfebde831e06f86250587cefe731d6eb8027b7f79f3630a9
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2decfcea631dc6e5a39e44aa0bf4be206b10870490d78d75996c896b5a6825df
309071ae32f766a46f7ef67879df757151aadb442110048361ff04060960b5f8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
366dc2c5a48b169de361364147fda834f1b812cfd3b29457de0d6746ff089cc0
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
37b19dfe3b9e2d819ccfcb51f01ab17335a59d7ce0f0e4e0717c2ddf07cdc623
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3e19f8da5bb7fabb0e1913fb25e40de2680ce84d8e8ab40926e3f20ef310b6a0
410f4228aa677eb20622c6f1e0f67966fcecca198ad07bb096f0265b2689ded7
4582e233f3de59cfe9647d2a6b96fbd6e5a2727b7bc90aec373550ec35470b20
4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6fb2ca3d8a62dc30d855edb61cc44646e3677c26053047469c79866677f4ff
4cf868238b2b745a7c1b38e17e32affbaf48594751e3d179ed982ceb9ff71c76
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ebecd8afd2424508ba7ee31ec8cf590613f0f316548badaf2c11d3be79b2d89
4f1e2ab1e239967c7acfcf1e9329e7bd1bae7482954c108b0c7ba042c65380a4
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53be706207ed2c4fe94aaf1dfd069a5ed400b543fd2456ecfc58bf14b307d52e
55074348e774e542235c2295a27f17fc0480a95a5d5f671c645d810e2ef0f06e
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ccb932a4793b5d2678b11b2aa8cf9f44a120276314775e8d19e5e39235b34a1
5f9581c7640c238b9d8d934812e4dfdd2ecd55f95a9c7d1ab727fe7830c12100
5fadc2074fdbb60d7f34bd18f346391f6c8c44f65e3e80f1b21599add4a84f01
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
66b598d9412e6066017767c927d671b882e1f75ff0fcd394efc212978d7ef87b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c454cabfb557ae10b843719e89d1d8d1ae98ab3089aed2f4806df68ac782fd0
70db1e095481a3a84124e4973e9df4fdacc325d593face5488bf43edb9f36ab9
712b8c749b0871fe31b31f1ea0c584710a0050522eeca4254b4fb084ed28b557
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
787ed1e9f233b4252d8ed16a2ffe349ae6d520261f22eac2d2d543740878db1f
79630aa66a2fd742af143103e8114c9ea35d4308fd3523bd101a89d8b908923a
79b7ea99abb66869005319b8443ee41c65ae93a3ecdfebdc6cee9df87d87b8dc
80a466c320c6c23384298a00c8a1192195225a11d1bce68328cf37a6bce29aa9
80ac66f9090a6b5f8c9fa401f7e66b06af00f10c229627f98a8dac6dd53746e4
88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4
8c5ed8a7fb32a2c52e81d39d46f233d6eb200737a2715a6e9e0b4782bc1ee949
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ef983ff0702b8c2672f36f8f263ea7c194852d0b0385d2cd06930093511dc8f
955c9994638a653c13afda75fcd1640664c3036243f8aa80bdd6fc606bbb61a7
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1fcb2a4a74b3b5c14cf0081a9aef66a92f46a0bba98fdce69be6814fb198f2a
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6b3bc760a4a93c8ba1b5581cced28f511d5d23fcd909e455c578ff7675a502c
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
aa044d7262a0ceaf60684b2cf17eef7c27511fe99af0babe41a355d558eabfa2
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
acca347c029f470791806e4b5596c92c0475f6e9b49725d61650156fe8c7461d
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
aefdb07258782fc3aa84dc518ab2052e5b1dad3405867fb1f9d65f816b03c12a
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
afd49839d66892f3d60b91bdc0a5b21a0c8ac02a86f37823458ee2d1cd5133ab
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b30910be1ad191e5d735b1427fec09a0692ed03440945e106ab913ddcdb43a15
b4902bebe74f9da0b70ce059e621949311673a3ad2d35c96fcadc960894a7c40
b637f74287deb446673f569a1f3b0f19e2dc029a29317633f7f7d54182d2e9fc
b6829637d786b6ea86c8abd19a4e6e545802c8161586883033e4e65988f20082
b80a912d0fc01c2557815ae9054b55dbe8824708881eb28e1f3a9e942a545c7c
b9d476e554d0e742469d2fd8dfbf0e0f672fe27cd7deed52b707eb6ccdc05305
ba9a544d41918615e4f136038f87f029b6e99925b3689d83101f4b009189acfd
bad9db0fe6045f3782708d98fcad07dead5c28007c3b5a25f7876fff6051812a
c48f0d85c8f75166f15724ec0b481bb514a9d018cfca07cbdc44bb335bd2fb55
c57ea43cb15e193d09c6956d0f9115f6ea9c548207f0ed9104b84fdce8a29154
c821ac5b54d6356aa81644902d5fad10603c9a415679c081d7760dde7f7bdbd4
c8e48ea465007a8f3473fecfbcfe2e31e0d807e98f8ab65f8b0e655779ae2b72
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cdb8889029e112e6178e400c7b7b4b900ca01e12f08089e994a055236b4b74d6
d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee
d807934c9a270d7c2409117495801c5871f2fd8961778f7f9280a00a6cbdc781
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
def8bf0bb128cc2b28345d741b3be508acc231f4130b3e90c9ed1caff5b296df
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ec40d0143f0a1289724e04a49be6d706eca3a8d043757c8adffb0c7458c380c5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05a3c94997e4c7bce64f87e4d3b816d7a3802780724511aece427781fb73f33
f2a3d5595778f744d74958eb4a5c7fd681a6e6b3a450919717441d2d20665898
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fae8d3cc8ea231dfe5f28dbfb82b186ebd61f9a02139af7318c1bbc70209d702

br.atsit.in Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

181 Requests

92 %HTTPS

61 %IPv6

26 Domains

37 Subdomains

30 IPs

8 Countries

3237 kBTransfer

6093 kBSize

28 Cookies

1 Outgoing links

Page URL History

Redirected requests

181 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

br.atsit.in Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

181
Requests

92 %
HTTPS

61 %
IPv6

26
Domains

37
Subdomains

30
IPs

8
Countries

3237 kB
Transfer

6093 kB
Size

28
Cookies

181 HTTP transactions
5 data transactions