hairpro.htgetrid.com Open in urlscan Pro
88.99.160.30 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hairpro-nl.cosmetius.com/
Effective URL:
https://hairpro.htgetrid.com/nl/
Submission: On December 14 via api (December 14th 2023, 5:24:43 pm UTC) from NL — Scanned from NL

Summary HTTP 149 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 13 domains to perform 149 HTTP transactions. The main IP is 88.99.160.30, located in Nuremberg, Germany and belongs to HETZNER-AS, DE. The main domain is hairpro.htgetrid.com.
TLS certificate: Issued by R3 on October 24th 2023. Valid for: 3 months.

This is the only time hairpro.htgetrid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	136.243.107.93 136.243.107.93	24940 (HETZNER-AS) (HETZNER-AS)
1 40	88.99.160.30 88.99.160.30	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
9 12	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
6 12	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9 12	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1 5	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
2	78.46.60.166 78.46.60.166	24940 (HETZNER-AS) (HETZNER-AS)
13	192.229.233.6 192.229.233.6	15133 (EDGECAST) (EDGECAST)
3	5.9.20.98 5.9.20.98	24940 (HETZNER-AS) (HETZNER-AS)
149	18

2 136.243.107.93 (Mehlingen, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.93.107.243.136.clients.your-server.de

hairpro-nl.cosmetius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 88.99.160.30 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.30.160.99.88.clients.your-server.de

hairpro.decorexpro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hairpro.htgetrid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.194 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.64.151.101 (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.252.171.52 (Frankfurt am Main, Germany) 9 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.60.166 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.166.60.46.78.clients.your-server.de

ads.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 192.229.233.6 (United States)

ASN15133 (EDGECAST, US)

cdn.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.9.20.98 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.98.20.9.5.clients.your-server.de

pix.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	554 KB
39	htgetrid.com hairpro.htgetrid.com	2 MB
27	doubleclick.net 10 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139	151 KB
18	revjet.com ads.revjet.com — Cisco Umbrella Rank: 6785 cdn.revjet.com — Cisco Umbrella Rank: 6853 pix.revjet.com — Cisco Umbrella Rank: 5801	735 KB
12	adnxs.com 9 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	9 KB
12	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	8 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	102 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	258 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	112 KB
2	cosmetius.com 2 redirects hairpro-nl.cosmetius.com	326 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	decorexpro.com 1 redirects hairpro.decorexpro.com	105 B
149	13

	Domain	Requested by
39	hairpro.htgetrid.com	hairpro.htgetrid.com
29	pagead2.googlesyndication.com	hairpro.htgetrid.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
21	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net hairpro.htgetrid.com tpc.googlesyndication.com
13	cdn.revjet.com	ads.revjet.com srcdoc
12	ib.adnxs.com	9 redirects googleads.g.doubleclick.net
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
12	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com hairpro.htgetrid.com
5	ad.doubleclick.net	1 redirects hairpro.htgetrid.com googleads.g.doubleclick.net srcdoc
4	www.googletagservices.com	hairpro.htgetrid.com googleads.g.doubleclick.net
4	fonts.googleapis.com	hairpro.htgetrid.com googleads.g.doubleclick.net
3	pix.revjet.com	srcdoc googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
2	ads.revjet.com	googleads.g.doubleclick.net ads.revjet.com
2	s0.2mdn.net	googleads.g.doubleclick.net hairpro.htgetrid.com
2	fonts.gstatic.com	fonts.googleapis.com
2	hairpro-nl.cosmetius.com	2 redirects
1	www.google.com	tpc.googlesyndication.com
1	hairpro.decorexpro.com	1 redirects
149	19

This site contains no links.

Subject Issuer	Validity	Valid
hairpro.htgetrid.com R3	`2023-10-24` - `2024-01-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.revjet.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-11`	a year	crt.sh
cdn.revjet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-03-11`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://hairpro.htgetrid.com/nl/
Frame ID: BAFCFD2789DFC8B5F7BDAEB006D911C2
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: B1CFC8FF8C879AF118BDC8AA553B2154
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116197468106665&output=html&adk=1812271804&adf=3025194257&lmt=1702574677&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fhairpro.htgetrid.com%2Fnl%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702574677522&bpp=3&bdt=298&idt=361&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2759867092311&frm=20&pv=2&ga_vid=1100574598.1702574678&ga_sid=1702574678&ga_hid=450840055&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079438%2C31079964%2C31080104%2C44795922%2C44807405%2C95320884%2C21065725&oid=2&pvsid=19711171357389&tmod=808917942&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=388
Frame ID: A571C41D1B0CD10551EE4ED5C0AA02B0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: B3363670A0F76CAC16258DF968BE1D44
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: D694ACCB7360CF09017DC2DB6D8C052C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 478BB9B864A803A1B84B91E3EF60BA4D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 675BE522854A21D9E4F064AD59414513
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEMeN_vcCGO2H8v4BMAE&v=APEucNWIboSxoeLMayGov_jjNHlWRhFZtpND8s2byJeZ3GPRxQPTAIJBtmLeWDo-8TU4mtC-pFU2awmkga0_RBgzv7tCoZqzlWIVDCO6dBZaYYbuASS0K17WXd0BBXj3FG-KuJ8vci1ZVmwB1yDy1TgF76ng0Fs3VPhHntd6xYWeL67ix0TQ8Bo
Frame ID: D4991250B2C87DFB14BC926DE578E99F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Frame ID: 3DCADEA9C050D3D58FE039A8002B99AC
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEMeN_vcCGO2H8v4BMAE&v=APEucNXRLsVxh9a2MYBljM2gu0o5QLCqxhnAivfkI8PhpMuYn-sD3oNNHR6yp9aM2N_nsfv3Gc0t_xAlo8Sxib1TdGh1dyoWpumjc4cY0UBIGqFbCQQ_jIdfnrX-ZR0AIP0rI6Yk83Gp-_34Tu6x9aCcPL5bjCh6LrFwBGKh5YXNmUBy0d-LEqE
Frame ID: F63A280D5094F8611163926A54487A81
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/simgad/12319377191168202014
Frame ID: 14B4CAE0F35748D02EA2F89412B8DD96
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNPL3d4BMAE&v=APEucNWGjUdGPJ0lyHBfngOptJKE4ySFE6ACGDjeVYrX4ZzV5X5_uVXiihazpATgJmHmSudkMQ9W2HFARUNA4LtYOijZPYgtAQLHiKXx8MG2KHCpe-796t8L2ZELPQyYwpqJ_nXe2Zvqew-7RhDF1x1MwCSi12BYwMX_QNivVK_V8hP3o7a2dP8
Frame ID: D5AF77DA367F49A9BF6870F65B0059B3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 9BB7770202E399A95B7B6421D26D9D76
Requests: 17 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: D262774D4D0B2DDB65836FC6F540EE17
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 363049A3C57422BBDDEE631132AF84FE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 34DF93E3ABB84585A5A4BE8B004183E8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4C00A31A22D8DAF38E1211F94065A908
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F80907BB15C7F63EF1418EBE2BD898FF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: E99F7E5AD5C39EA4E5E4CBC338DC5DB8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 62C648B3B2CEC0EB8EFDB0E20D6EB432
Requests: 3 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fgoogleads.g.doubleclick.net
Frame ID: BAEC35DEA3E5AF41B05B51A9C34DB58A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Frame ID: E31A3B81459D638FD4DDD43EAEB90193
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

hairpro.htgetrid.com/nl/ - niet alleen over kapsels

Page URL History Show full URLs

http://hairpro-nl.cosmetius.com/ HTTP 301
https://hairpro-nl.cosmetius.com/ HTTP 301
https://hairpro.decorexpro.com/nl/ HTTP 301
https://hairpro.htgetrid.com/nl/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

149
Requests

91 %
HTTPS

50 %
IPv6

13
Domains

19
Subdomains

18
IPs

2
Countries

3472 kB
Transfer

5959 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hairpro-nl.cosmetius.com/ HTTP 301
https://hairpro-nl.cosmetius.com/ HTTP 301
https://hairpro.decorexpro.com/nl/ HTTP 301
https://hairpro.htgetrid.com/nl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELss8j0lA-dsERWxdqAnexs&google_cver=1

Request Chain 83

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXs6V4Oqc0EjDrPCOsIlkAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBTsGpnjHPTdQaH3oGZFq8&google_cver=1

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFuJxEvfwinjYNxQ_Chzz40&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFuJxEvfwinjYNxQ_Chzz40%26google_cver%3D1

Request Chain 85

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM1NTU0MTU0MTc2NzQyMzM3Mw%3D%3D

Request Chain 93

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBTsGpnjHPTdQaH3oGZFq8&google_cver=1

Request Chain 94

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXs6V4Oqc0EjDrPCOsIlkAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBTsGpnjHPTdQaH3oGZFq8&google_cver=1

Request Chain 95

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFuJxEvfwinjYNxQ_Chzz40&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFuJxEvfwinjYNxQ_Chzz40%26google_cver%3D1

Request Chain 96

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY0MDM5MzQxOTc4NzMwNDgyNA%3D%3D

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBTsGpnjHPTdQaH3oGZFq8&google_cver=1

Request Chain 98

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXs6V4Oqc0EjDrPCOsIlkAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBTsGpnjHPTdQaH3oGZFq8&google_cver=1

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFuJxEvfwinjYNxQ_Chzz40&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFuJxEvfwinjYNxQ_Chzz40%26google_cver%3D1

Request Chain 100

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM1NTU0MTU0MTc2NzQyMzM3Mw%3D%3D

Request Chain 137

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29233589.357500362;dc_trk_aid=548521540;dc_trk_cid=185782290;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1702574680094 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29233589.357500362;dc_pre=CPLXkPi4j4MDFXCNgwcd2SoP5Q;dc_trk_aid=548521540;dc_trk_cid=185782290;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1702574680094

149 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hairpro.htgetrid.com/nl/
Redirect Chain

http://hairpro-nl.cosmetius.com/
https://hairpro-nl.cosmetius.com/
https://hairpro.decorexpro.com/nl/
https://hairpro.htgetrid.com/nl/

106 KB
15 KB

132ms
47ms

Document
text/html

88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: b7f0cc803c464c88fa7b5587050f85b6a10099f483699d871a09e7dba585f5ef

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 14 Dec 2023 17:24:37 GMT
server: nginx/1.16.1
vary: Accept-Encoding

Redirect headers

content-type: text/html; charset=iso-8859-1
date: Thu, 14 Dec 2023 17:24:37 GMT
location: https://hairpro.htgetrid.com/nl/
server: nginx/1.16.1

GET
H2 200 bun3c.css
hairpro.htgetrid.com/nl/wp-content/cache/wpfc-minified/97qjczud/ 153 KB
153 KB 27ms
25ms Stylesheet
text/css 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hairpro.htgetrid.com/nl/wp-content/cache/wpfc-minified/97qjczud/bun3c.css
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: f3af167a9eb7b67234eb7e3c03513693aba4fc4662bd09540103baad33ffdfd6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 02 Aug 2023 07:42:23 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "64ca08df-262a3"
content-length: 156323
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 3 KB
611 B 89ms
32ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700&ver=1.0.0

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c485d0a15af6264c129baf951dff3beb78d75d810ce771029566efcf5d484a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Dec 2023 17:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 16:13:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Dec 2023 17:24:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 87ms
31ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C400%2C600italic%2C600%2C700italic%2C700&ver=1.0.0

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02d7cc078e8c3cff7ec972abe528bc397bc3767c058fe7ff202bfcde2f530c03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Dec 2023 17:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 17:20:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Dec 2023 17:24:37 GMT

GET
H2 200 jquery.min.js Show response
hairpro.htgetrid.com/nl/wp-includes/js/jquery/ 87 KB
88 KB 51ms
50ms Script
application/javascript 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hairpro.htgetrid.com/nl/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 10:31:10 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d7aee-15db1"
content-length: 89521
content-type: application/javascript; charset=UTF-8

GET
H2 200 jquery-migrate.min.js Show response
hairpro.htgetrid.com/nl/wp-includes/js/jquery/ 11 KB
11 KB 51ms
50ms Script
application/javascript 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hairpro.htgetrid.com/nl/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 10:31:10 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d7aee-2bd8"
content-length: 11224
content-type: application/javascript; charset=UTF-8

GET
H2 200 abox.js Show response
hairpro.htgetrid.com/abox/ 157 B
301 B 52ms
50ms Script
application/javascript 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hairpro.htgetrid.com/abox/abox.js
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: df5cc1589afbeceb461f4cc0fd62fbb5bb9602f2736854ff8c049ff6cc06ba1e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 02 Aug 2023 07:47:14 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "64ca0a02-9d"
content-length: 157
content-type: application/javascript; charset=UTF-8

GET
H2 200 g_styles.css
hairpro.htgetrid.com/abox/ 739 B
863 B 50ms
49ms Stylesheet
text/css 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hairpro.htgetrid.com/abox/g_styles.css
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 987b2a7b2b2486f3fddea6609dca2853f0d9f233ef009bc2e5c08ebc61bd7b67

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Tue, 27 Dec 2022 14:33:26 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "63ab0236-2e3"
content-length: 739
content-type: text/css

GET
H2 200 New-Project.jpg
hairpro.htgetrid.com/wp-content/uploads/2019/01/ 9 KB
10 KB 52ms
51ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2019/01/New-Project.jpg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 5c310167e5f8fb24da40ec04a43ea8e7f447fabe03ef6ca9547cc0026259a287

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 02 Aug 2023 08:59:58 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "64ca1b0e-2596"
content-length: 9622
content-type: image/jpeg

GET
H2 200 em.js Show response
hairpro.htgetrid.com/abox/ 315 B
460 B 52ms
51ms Script
application/javascript 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hairpro.htgetrid.com/abox/em.js
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: da8c721c1794521b4aa533d121013ccb31a95f34a4ed7c0f6e70e6ea9ef3de29

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 02 Aug 2023 09:05:09 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "64ca1c45-13b"
content-length: 315
content-type: application/javascript; charset=UTF-8

GET
H2 200 front.min.js Show response
hairpro.htgetrid.com/nl/wp-content/plugins/table-of-contents-plus/ 6 KB
6 KB 25ms
24ms Script
application/javascript 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hairpro.htgetrid.com/nl/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 10:30:51 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d7adb-17cb"
content-length: 6091
content-type: application/javascript; charset=UTF-8

GET
H2 200 custom-plugins.js Show response
hairpro.htgetrid.com/nl/wp-content/themes/ashe/assets/js/ 129 KB
129 KB 28ms
28ms Script
application/javascript 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hairpro.htgetrid.com/nl/wp-content/themes/ashe/assets/js/custom-plugins.js?ver=1.8.2
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 8d4efbcfa6d3963bfda55a12a16401242b4ea64d6200fff360b0a7f7da5ba060

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 10:30:51 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d7adb-2021d"
content-length: 131613
content-type: application/javascript; charset=UTF-8

GET
H2 200 custom-scripts.js Show response
hairpro.htgetrid.com/nl/wp-content/themes/ashe/assets/js/ 17 KB
17 KB 25ms
24ms Script
application/javascript 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hairpro.htgetrid.com/nl/wp-content/themes/ashe/assets/js/custom-scripts.js?ver=1.9.7
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 98f42f13fe5bd7e4accc8da04e1d0a3e8d027a24795e2c3e67591309f2a7686e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 10:30:51 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d7adb-4314"
content-length: 17172
content-type: application/javascript; charset=UTF-8

GET
H2 200 wp-embed.min.js Show response
hairpro.htgetrid.com/nl/wp-includes/js/ 1 KB
2 KB 24ms
24ms Script
application/javascript 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hairpro.htgetrid.com/nl/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 10:31:11 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d7aef-592"
content-length: 1426
content-type: application/javascript; charset=UTF-8

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 132ms
76ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/abox/abox.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17fc43950bcc406cb05fb683271f066b945a29eafeb8822ef0e578e0e129a707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51300
x-xss-protection: 0
server: cafe
etag: 11872628863925021284
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 17:24:37 GMT

GET
H2 200 fontawesome-webfont.woff2
hairpro.htgetrid.com/nl/wp-content/themes/ashe/assets/fonts/ 75 KB
76 KB 32ms
32ms Font
application/octet-stream 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hairpro.htgetrid.com/nl/wp-content/themes/ashe/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/wp-content/cache/wpfc-minified/97qjczud/bun3c.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://hairpro.htgetrid.com/nl/wp-content/cache/wpfc-minified/97qjczud/bun3c.css
Origin: https://hairpro.htgetrid.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 10:58:46 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "12d68-5cdad07b6a580"
content-length: 77160

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 74ms
27ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C400%2C600italic%2C600%2C700italic%2C700&ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hairpro.htgetrid.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:16:33 GMT
x-content-type-options: nosniff
age: 259684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 17:16:33 GMT

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v36/ 37 KB
37 KB 111ms
64ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v36/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700&ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b06a5d272de6f4e0ba3f8db8338da394f8716987f7a7e764a22b6e903c0f94cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hairpro.htgetrid.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 01:12:01 GMT
x-content-type-options: nosniff
age: 576756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37964
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:43:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 01:12:01 GMT

GET
H2 200 img_top-1.jpg
hairpro.htgetrid.com/wp-content/uploads/2021/09/ 54 KB
54 KB 32ms
24ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2021/09/img_top-1.jpg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 874ef593202d2a4b9e4abbb7ee1d9750a23bf35cf56fe852ca08b8fb003dfa3e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 09:31:09 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d6cdd-d919"
content-length: 55577
content-type: image/jpeg

GET
H2 200 1474477194_1-30.jpg
hairpro.htgetrid.com/wp-content/uploads/2018/03/ 37 KB
37 KB 33ms
26ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2018/03/1474477194_1-30.jpg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: b2e149a6c443e8dadffb47df9bf6c703602a1219e768d5ccdd85eef5046e1ecb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 09:30:52 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d6ccc-94ef"
content-length: 38127
content-type: image/jpeg

GET
H2 200 775331__redhair_p-1-500x330.jpg
hairpro.htgetrid.com/wp-content/uploads/2019/06/ 20 KB
20 KB 35ms
27ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2019/06/775331__redhair_p-1-500x330.jpg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: b28846e755fecc758d404bf5430ed411367760c45e38f00e6429b772e6a8c22e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 09:30:56 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d6cd0-4e0c"
content-length: 19980
content-type: image/jpeg

GET
H2 200 balayazh-na-rusye-volosy-opisanie-i-sovety-po-vyboru-cveta-3-500x330.jpg
hairpro.htgetrid.com/wp-content/uploads/2019/06/ 29 KB
30 KB 35ms
28ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2019/06/balayazh-na-rusye-volosy-opisanie-i-sovety-po-vyboru-cveta-3-500x330.jpg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: c8a65435de1d6f8d40fd3c0ad0e5275616e3f76deaad471d781c4fa888885c7b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 09:30:56 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d6cd0-7596"
content-length: 30102
content-type: image/jpeg

GET
H2 200 fioletovoe-ombre-idei-dlya-raznoj-dliny-i-cveta-volos-20-1140x1524.jpg
hairpro.htgetrid.com/wp-content/uploads/2021/09/ 186 KB
186 KB 37ms
29ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2021/09/fioletovoe-ombre-idei-dlya-raznoj-dliny-i-cveta-volos-20-1140x1524.jpg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: c6c216f05e7f5e9f88aa8dc3a7c188be9c284fc7d9cec6e1a991248a5170764a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 09:31:09 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d6cdd-2e741"
content-length: 190273
content-type: image/jpeg

GET
H2 200 99999-e1562749468102-500x330.jpg
hairpro.htgetrid.com/wp-content/uploads/2019/07/ 28 KB
29 KB 39ms
32ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2019/07/99999-e1562749468102-500x330.jpg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: f552e3124d94c2f8d05b34861297dbc22c12e600f9253584f3c488fd0166adcc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 09:30:57 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d6cd1-71ed"
content-length: 29165
content-type: image/jpeg

GET
H2 200 982e32a123a7f86997b71a06e56ad21d.jpeg
hairpro.htgetrid.com/wp-content/uploads/2018/03/ 19 KB
20 KB 40ms
33ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2018/03/982e32a123a7f86997b71a06e56ad21d.jpeg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 1d2eb8c4e15fce6cf85e9c0a10269d1f415443959801787fa501ab0588aceae7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 09:30:53 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d6ccd-4db9"
content-length: 19897
content-type: image/jpeg

GET
H2 200 novyj-kollazh-500x330.jpg
hairpro.htgetrid.com/wp-content/uploads/2020/06/ 31 KB
32 KB 42ms
35ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2020/06/novyj-kollazh-500x330.jpg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: d1ecfbfca192440b94869b5a228d2510e6d3682b655e4ed0db0a4fc9c38b48c5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 09:30:59 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d6cd3-7da1"
content-length: 32161
content-type: image/jpeg

GET
H2 200 XXL.jpg
hairpro.htgetrid.com/wp-content/uploads/2021/09/ 51 KB
51 KB 42ms
33ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2021/09/XXL.jpg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 51823b8f4a2ffdedcbd17ac8d94abebd42ca65f4f6e45c6231a4a80a9fa536c9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 09:31:10 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d6cde-cb68"
content-length: 52072
content-type: image/jpeg

GET
H2 200 13-118-500x330.jpg
hairpro.htgetrid.com/wp-content/uploads/2020/03/ 24 KB
24 KB 68ms
59ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2020/03/13-118-500x330.jpg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 6e685d5e6ac31c8c38c3b98001be8674ea467aa128aaf6753785ea490084eafd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 09:30:59 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d6cd3-5f36"
content-length: 24374
content-type: image/jpeg

GET
H2 200 A200_nut_01-500x330.jpg
hairpro.htgetrid.com/wp-content/uploads/2020/05/ 18 KB
18 KB 69ms
60ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2020/05/A200_nut_01-500x330.jpg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: a84cdeb7f68965ffd3d070362b05d03ee9c19e6a5de627c3290026de184933d7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 09:30:59 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d6cd3-484a"
content-length: 18506
content-type: image/jpeg

GET
H2 200 Kimono-Inspired-Dresses-2-scaled-1-500x330.jpg
hairpro.htgetrid.com/wp-content/uploads/2020/05/ 27 KB
27 KB 70ms
61ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2020/05/Kimono-Inspired-Dresses-2-scaled-1-500x330.jpg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: c67abd432e1f1cffa025a2455bf9c8afb936e5b469f3502b5a6fe3e25772e4c3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 09:30:59 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d6cd3-6a3a"
content-length: 27194
content-type: image/jpeg

GET
H2 200 krasnoye-ombre.jpg
hairpro.htgetrid.com/wp-content/uploads/2021/09/ 41 KB
41 KB 70ms
61ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2021/09/krasnoye-ombre.jpg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 4bbdf408f0b893df64dacdf89f9f0c0825dabbc0534b89adeaffea5fe5f9091d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 09:31:10 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d6cde-a2ec"
content-length: 41708
content-type: image/jpeg

GET
H2 200 blondie.ru-647176-500x330.jpg
hairpro.htgetrid.com/wp-content/uploads/2019/08/ 20 KB
20 KB 71ms
62ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2019/08/blondie.ru-647176-500x330.jpg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 247948bbcd986eaade25b655ae26fd09a2a0268464cb1b1009c42881554ed6eb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 09:30:57 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d6cd1-5030"
content-length: 20528
content-type: image/jpeg

GET
H2 200 Okrashivanie-dlinnyh-volos-2018_modnoe-okrashivanie-na-dlinnye-volosy-8.jpg
hairpro.htgetrid.com/wp-content/uploads/2018/04/ 57 KB
57 KB 71ms
63ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2018/04/Okrashivanie-dlinnyh-volos-2018_modnoe-okrashivanie-na-dlinnye-volosy-8.jpg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: f277aab1ce341d0e445551c855531e0bcb64151a6d35d321f3b87a0dc451044a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 09:30:54 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d6cce-e3e1"
content-length: 58337
content-type: image/jpeg

GET
H2 200 e4556c_lbox.jpg
hairpro.htgetrid.com/wp-content/uploads/2021/09/ 61 KB
61 KB 72ms
64ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2021/09/e4556c_lbox.jpg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 6d290767004d37ff57529c55b2d8499f719b4af8df1c4fc3b346120b9e88fc07

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 09:31:08 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d6cdc-f4aa"
content-length: 62634
content-type: image/jpeg

GET
H2 200 maxresdefault-500x330.jpg
hairpro.htgetrid.com/wp-content/uploads/2018/12/ 26 KB
26 KB 73ms
65ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2018/12/maxresdefault-500x330.jpg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 7107515bd0443a5509bc88dbc0456ef4e3112a1a21ee12ed487c81e2218f13d7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 09:30:55 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d6ccf-6741"
content-length: 26433
content-type: image/jpeg

GET
H2 200 How-to-restore-natural-hair-color2-500x330.jpg
hairpro.htgetrid.com/wp-content/uploads/2020/04/ 26 KB
27 KB 72ms
66ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2020/04/How-to-restore-natural-hair-color2-500x330.jpg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 9d7c9042eb5f1e10202111ceec2f0d6ca78eb90482f5f622118bd66945b0418e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 09:30:59 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d6cd3-697a"
content-length: 27002
content-type: image/jpeg

GET
H2 200 gollivudskaya-volna-500x330.jpg
hairpro.htgetrid.com/wp-content/uploads/2019/05/ 32 KB
32 KB 73ms
66ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2019/05/gollivudskaya-volna-500x330.jpg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 36b262ea8621d30c71871e22f68abf1a06ebca4111c118a188c947dc3157ed56

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 09:30:55 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d6ccf-80f0"
content-length: 33008
content-type: image/jpeg

GET
H2 200 101738147.jpg
hairpro.htgetrid.com/wp-content/uploads/2021/08/ 86 KB
87 KB 74ms
67ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2021/08/101738147.jpg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 9e433a32229ae663c8e7b6a82978d74bb82928c91917643bd125888b1d124bd2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 09:31:07 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d6cdb-15999"
content-length: 88473
content-type: image/jpeg

GET
H2 200 balmain1_5f71f0704c836-500x330.jpeg
hairpro.htgetrid.com/wp-content/uploads/2021/01/ 18 KB
18 KB 75ms
68ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2021/01/balmain1_5f71f0704c836-500x330.jpeg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: a081e94d04b397653c1c7ce050e299ef74cfb562ea483b74b77361aefad0a00b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 09:31:00 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d6cd4-4920"
content-length: 18720
content-type: image/jpeg

GET
H2 200 c62f3eb6878f85cd86043c2911ee492b-500x330.jpg
hairpro.htgetrid.com/wp-content/uploads/2019/09/ 26 KB
26 KB 75ms
69ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2019/09/c62f3eb6878f85cd86043c2911ee492b-500x330.jpg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 471ab3abf9b99c0a4f65ba92150491569040436107025d6922e0279c481a7118

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 09:30:58 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d6cd2-66f5"
content-length: 26357
content-type: image/jpeg

GET
H2 200 332_large.jpg
hairpro.htgetrid.com/wp-content/uploads/2021/08/ 50 KB
50 KB 76ms
70ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2021/08/332_large.jpg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: f36c655de207a3452a813cf6ae4ec6efdd18d5fd0696b005eb200920fcb10bd5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 09:31:08 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d6cdc-c777"
content-length: 51063
content-type: image/jpeg

GET
H2 200 volos-bok-500x330.jpg
hairpro.htgetrid.com/wp-content/uploads/2019/09/ 24 KB
25 KB 76ms
70ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2019/09/volos-bok-500x330.jpg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 7cb228b46f580b4f501241c58ad060cc8354a6ea727a1a2550b627ba8f031204

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 09:30:58 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d6cd2-61e3"
content-length: 25059
content-type: image/jpeg

GET
H2 200 aaaaa5vintage-brooch-hair-500x330.jpg
hairpro.htgetrid.com/wp-content/uploads/2019/06/ 30 KB
30 KB 76ms
71ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2019/06/aaaaa5vintage-brooch-hair-500x330.jpg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: abc9aeaa8c7694de9c6f4ef7425d0f026ee470c7b00154be6bbc915e95b60518

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 09:30:56 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d6cd0-7604"
content-length: 30212
content-type: image/jpeg

GET
H2 200 573637152-500x330.jpg
hairpro.htgetrid.com/wp-content/uploads/2019/08/ 18 KB
18 KB 77ms
72ms Image
image/jpeg 88.99.160.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hairpro.htgetrid.com/wp-content/uploads/2019/08/573637152-500x330.jpg
Requested by: Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.160.30 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.160.99.88.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 039705c988e4e52c295979e7bdff8f1ae13306b4b5255961b77017f3c101abe7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
last-modified: Wed, 06 Oct 2021 09:30:57 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "615d6cd1-47d5"
content-length: 18389
content-type: image/jpeg

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 97ms
95ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9116197468106665&plah=hairpro.htgetrid.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3e3e61ffa92152c0e0663c917b4a96c43cd275c51ed795dda3978718c68e52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137956
x-xss-protection: 0
server: cafe
etag: 17465620709227418985
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 17:24:37 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame B1CF 9 KB
4 KB 77ms
23ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hairpro.htgetrid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 12899
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 13:49:38 GMT
etag: 5585625838579639069
expires: Thu, 28 Dec 2023 13:49:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A571 498 KB
107 KB 975ms
974ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116197468106665&output=html&adk=1812271804&adf=3025194257&lmt=1702574677&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fhairpro.htgetrid.com%2Fnl%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702574677522&bpp=3&bdt=298&idt=361&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2759867092311&frm=20&pv=2&ga_vid=1100574598.1702574678&ga_sid=1702574678&ga_hid=450840055&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079438%2C31079964%2C31080104%2C44795922%2C44807405%2C95320884%2C21065725&oid=2&pvsid=19711171357389&tmod=808917942&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=388

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9116197468106665&plah=hairpro.htgetrid.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d457e9067c177b832987c11179d30322b26f2f97dcc4aa74092adc712460c862

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hairpro.htgetrid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 109713
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 17:24:38 GMT
expires: Thu, 14 Dec 2023 17:24:38 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 114ms
73ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b614d5bf830bdbdf1155d376072e04f908f23888b77559d43b1ad3f23c56f104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12195
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 160 KB
55 KB 122ms
122ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bab6ae0a4c6a9a815518d305531a595d2f765bdf0f6acd075802f63b463131c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56012
x-xss-protection: 0
server: cafe
etag: 14413244254008050241
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 17:24:39 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 196ms
120ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 17:24:39 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame B336 9 KB
4 KB 20ms
20ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hairpro.htgetrid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 47252
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 04:17:07 GMT
etag: 5585625838579639069
expires: Thu, 28 Dec 2023 04:17:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame D694 9 KB
4 KB 20ms
19ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hairpro.htgetrid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 47252
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 04:17:07 GMT
etag: 5585625838579639069
expires: Thu, 28 Dec 2023 04:17:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 478B 9 KB
4 KB 20ms
19ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hairpro.htgetrid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 47252
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 04:17:07 GMT
etag: 5585625838579639069
expires: Thu, 28 Dec 2023 04:17:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 675B 9 KB
4 KB 20ms
20ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hairpro.htgetrid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 47252
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 04:17:07 GMT
etag: 5585625838579639069
expires: Thu, 28 Dec 2023 04:17:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame B336 4 KB
767 B 29ms
28ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Dec 2023 17:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 17:08:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Dec 2023 17:24:39 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B336 205 B
296 B 69ms
21ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:54:46 GMT
x-content-type-options: nosniff
age: 203393
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 11 Dec 2024 08:54:46 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B336 604 B
1 KB 68ms
20ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:54:34 GMT
x-content-type-options: nosniff
age: 225005
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 11 Dec 2024 02:54:34 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame B336 16 KB
7 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6766
x-xss-protection: 0
server: cafe
etag: 14924840246271906451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 03:25:40 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame B336 22 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:25:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9210
x-xss-protection: 0
server: cafe
etag: 13914886398874665762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 02:25:36 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D499 624 B
246 B 61ms
61ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEMeN_vcCGO2H8v4BMAE&v=APEucNWIboSxoeLMayGov_jjNHlWRhFZtpND8s2byJeZ3GPRxQPTAIJBtmLeWDo-8TU4mtC-pFU2awmkga0_RBgzv7tCoZqzlWIVDCO6dBZaYYbuASS0K17WXd0BBXj3FG-KuJ8vci1ZVmwB1yDy1TgF76ng0Fs3VPhHntd6xYWeL67ix0TQ8Bo

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 17:24:39 GMT
expires: Thu, 14 Dec 2023 17:24:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 3DCA 24 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 00:43:32 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 3DCA 7 KB
3 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 08:59:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 08:59:51 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 3DCA 41 KB
14 KB 26ms
22ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 185723
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 13:49:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 3DCA 3 KB
1 KB 31ms
28ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 16:50:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 3DCA 20 KB
8 KB 22ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 13:49:15 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3DCA 203 KB
65 KB 120ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 17:24:39 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DCA 42 B
63 B 56ms
54ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DHQL0UdH7YppkAXZzefsqZ9eFc5SgDH1-zQZa2QeOZsTRVJeNmIodbZ8_NvJOB_5FPxdTv9wxh0iBS53-q6oMHItWwhk7F2pekxbI2lx4mHRejTgo

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 12319377191168202014
s0.2mdn.net/simgad/ Frame 3DCA 56 KB
56 KB 82ms
19ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12319377191168202014

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

584dd9e6a69304d13daa328f3825675db43850b48f48f4fe71cf20688e06dc95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 07:10:45 GMT
x-content-type-options: nosniff
age: 209634
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56956
x-xss-protection: 0
last-modified: Sun, 19 Nov 2023 14:43:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 07:10:45 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F63A 624 B
246 B 63ms
62ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEMeN_vcCGO2H8v4BMAE&v=APEucNXRLsVxh9a2MYBljM2gu0o5QLCqxhnAivfkI8PhpMuYn-sD3oNNHR6yp9aM2N_nsfv3Gc0t_xAlo8Sxib1TdGh1dyoWpumjc4cY0UBIGqFbCQQ_jIdfnrX-ZR0AIP0rI6Yk83Gp-_34Tu6x9aCcPL5bjCh6LrFwBGKh5YXNmUBy0d-LEqE

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 17:24:39 GMT
expires: Thu, 14 Dec 2023 17:24:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 12319377191168202014
s0.2mdn.net/simgad/ Frame 14B4 56 KB
56 KB 86ms
50ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12319377191168202014

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

584dd9e6a69304d13daa328f3825675db43850b48f48f4fe71cf20688e06dc95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 07:10:45 GMT
x-content-type-options: nosniff
age: 209634
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56956
x-xss-protection: 0
last-modified: Sun, 19 Nov 2023 14:43:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 07:10:45 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 14B4 24 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 00:43:32 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 14B4 7 KB
3 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 08:59:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 08:59:51 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 14B4 41 KB
14 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 185723
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 13:49:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 14B4 3 KB
1 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 16:50:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 14B4 20 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 13:49:15 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 14B4 203 KB
64 KB 134ms
86ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 17:24:39 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 14B4 42 B
63 B 54ms
54ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BIDxD1wQZ1GavnOI4UvtgUhuu9uf7KFb4pkIg9YGBq4jEyFBNjgcpBejQnC7WVXyhgwatLhNUg-pa27ltbe-c782zH6d32ISfNesUho22W2clM_tA

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D5AF 624 B
242 B 62ms
60ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNPL3d4BMAE&v=APEucNWGjUdGPJ0lyHBfngOptJKE4ySFE6ACGDjeVYrX4ZzV5X5_uVXiihazpATgJmHmSudkMQ9W2HFARUNA4LtYOijZPYgtAQLHiKXx8MG2KHCpe-796t8L2ZELPQyYwpqJ_nXe2Zvqew-7RhDF1x1MwCSi12BYwMX_QNivVK_V8hP3o7a2dP8

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 17:24:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9BB7 89 KB
31 KB 80ms
78ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 17:24:39 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9BB7 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 16:50:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9BB7 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 13:49:15 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9BB7 203 KB
64 KB 96ms
73ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 17:24:39 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9BB7 42 B
63 B 57ms
56ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CjWYRteHdbO4L2CQK3fIaV0TPyImDJ9uLSbliQgFey8bSDgw7TOvz-AwjOwiniofsvOnwfCivg6Cd7uS8AIo5L2ljiklaoM721w4XCRpzLEwt_Fgo

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame D499
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELss8j0lA-dsERWxdqAnexs&google_cver=1

43 B
339 B

39ms
38ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELss8j0lA-dsERWxdqAnexs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEMeN_vcCGO2H8v4BMAE&v=APEucNWIboSxoeLMayGov_jjNHlWRhFZtpND8s2byJeZ3GPRxQPTAIJBtmLeWDo-8TU4mtC-pFU2awmkga0_RBgzv7tCoZqzlWIVDCO6dBZaYYbuASS0K17WXd0BBXj3FG-KuJ8vci1ZVmwB1yDy1TgF76ng0Fs3VPhHntd6xYWeL67ix0TQ8Bo
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rvjlEknKV3JvnPgHjbR81Kt%2B5Y3e4UgYuVUSzFxjRFLWSO0PLny01HvIscz%2BOLoI7GcTkY0XIwj0uhmhC3RQ69WEmgoM9JyIVjnbob5ZJRedPUVM6MJKuhOYyKtV%2F6HQkAWhvdWZQHlQ5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83582441fadf0e3d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELss8j0lA-dsERWxdqAnexs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D499
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXs6V4Oqc0EjDrPCOsIlkAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBTsGpnjHPTdQaH3oGZFq8&google_cver=1

43 B
730 B

63ms
61ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBTsGpnjHPTdQaH3oGZFq8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEMeN_vcCGO2H8v4BMAE&v=APEucNWIboSxoeLMayGov_jjNHlWRhFZtpND8s2byJeZ3GPRxQPTAIJBtmLeWDo-8TU4mtC-pFU2awmkga0_RBgzv7tCoZqzlWIVDCO6dBZaYYbuASS0K17WXd0BBXj3FG-KuJ8vci1ZVmwB1yDy1TgF76ng0Fs3VPhHntd6xYWeL67ix0TQ8Bo
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYjYDyOe6HOj6JHERjE30UG3%2BOexOKLY1NuYFqNOw9CRGAYlh1E1XSWwtAesjRfP3Kz1Oa8In6g8211dWoCZ9FyfmcVrYJxE9uXN9wyIPpsW3a2uzYervZxtSky0d1a2Pm78c8BDQX2lVg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 835824429bc366eb-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBTsGpnjHPTdQaH3oGZFq8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame D499
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFuJxEvfwinjYNxQ_Chzz40&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFuJxEvfwinjYNxQ_Chzz40%26google_cver%3D1

43 B
887 B

44ms
41ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFuJxEvfwinjYNxQ_Chzz40%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEMeN_vcCGO2H8v4BMAE&v=APEucNWIboSxoeLMayGov_jjNHlWRhFZtpND8s2byJeZ3GPRxQPTAIJBtmLeWDo-8TU4mtC-pFU2awmkga0_RBgzv7tCoZqzlWIVDCO6dBZaYYbuASS0K17WXd0BBXj3FG-KuJ8vci1ZVmwB1yDy1TgF76ng0Fs3VPhHntd6xYWeL67ix0TQ8Bo

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
an-x-request-uuid: cdbb1c20-1322-4945-bd3f-d7f534022c51
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 5.79.98.34; 5.79.98.34; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
an-x-request-uuid: fc799e2d-a886-40de-8405-fb4c0417b4f4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFuJxEvfwinjYNxQ_Chzz40%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 5.79.98.34; 5.79.98.34; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D499
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM1NTU0MTU0MTc2NzQyMzM3Mw%3D%3D

170 B
188 B

61ms
60ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM1NTU0MTU0MTc2NzQyMzM3Mw%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
an-x-request-uuid: 479128b5-6e46-44fd-aa80-c8169cf5c70a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM1NTU0MTU0MTc2NzQyMzM3Mw%3D%3D
x-proxy-origin: 5.79.98.34; 5.79.98.34; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D262 2 KB
480 B 28ms
28ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Dec 2023 17:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 16:18:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Dec 2023 17:24:39 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame D262 2 KB
822 B 19ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 13:49:16 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame D262 24 KB
9 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 13:49:16 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame D262 3 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 16:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 16:50:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame D262 20 KB
8 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 13:49:15 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D262 203 KB
64 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 17:24:39 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame D262 37 KB
15 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 271676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 13:56:43 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame F63A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBTsGpnjHPTdQaH3oGZFq8&google_cver=1

43 B
557 B

53ms
52ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBTsGpnjHPTdQaH3oGZFq8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEMeN_vcCGO2H8v4BMAE&v=APEucNXRLsVxh9a2MYBljM2gu0o5QLCqxhnAivfkI8PhpMuYn-sD3oNNHR6yp9aM2N_nsfv3Gc0t_xAlo8Sxib1TdGh1dyoWpumjc4cY0UBIGqFbCQQ_jIdfnrX-ZR0AIP0rI6Yk83Gp-_34Tu6x9aCcPL5bjCh6LrFwBGKh5YXNmUBy0d-LEqE
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKLVkw1l4xZMMB9YONNIBkdCqBdqmIswg1xEcYh5MM5oaQUUeO3bcmHuIetKr04MlJGNHZwXNTTyMM6fZHhGpmNJt%2Bj5Tnd8MGCJCcx2uwuxnMD%2FMLdwnh8iAJhW6ZwO1%2BU1RGvziwqBQg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 835824420af50e3d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBTsGpnjHPTdQaH3oGZFq8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F63A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXs6V4Oqc0EjDrPCOsIlkAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBTsGpnjHPTdQaH3oGZFq8&google_cver=1

43 B
733 B

61ms
61ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBTsGpnjHPTdQaH3oGZFq8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEMeN_vcCGO2H8v4BMAE&v=APEucNXRLsVxh9a2MYBljM2gu0o5QLCqxhnAivfkI8PhpMuYn-sD3oNNHR6yp9aM2N_nsfv3Gc0t_xAlo8Sxib1TdGh1dyoWpumjc4cY0UBIGqFbCQQ_jIdfnrX-ZR0AIP0rI6Yk83Gp-_34Tu6x9aCcPL5bjCh6LrFwBGKh5YXNmUBy0d-LEqE
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2BNkTwiHZPBMM8f2sbv2BgZ393QW8C4ngxP3CeHx%2FumZptReqphs2x3IhX83FydelOQWeUU3KpvqsueSrpx6uzBGQIWFUtRpghM%2Fd86QesTiPVO2Qs9yIpjP8B%2B7ntY%2FAnaIuBP4g00Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 835824430c4466eb-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBTsGpnjHPTdQaH3oGZFq8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame F63A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFuJxEvfwinjYNxQ_Chzz40&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFuJxEvfwinjYNxQ_Chzz40%26google_cver%3D1

43 B
887 B

43ms
42ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFuJxEvfwinjYNxQ_Chzz40%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEMeN_vcCGO2H8v4BMAE&v=APEucNXRLsVxh9a2MYBljM2gu0o5QLCqxhnAivfkI8PhpMuYn-sD3oNNHR6yp9aM2N_nsfv3Gc0t_xAlo8Sxib1TdGh1dyoWpumjc4cY0UBIGqFbCQQ_jIdfnrX-ZR0AIP0rI6Yk83Gp-_34Tu6x9aCcPL5bjCh6LrFwBGKh5YXNmUBy0d-LEqE

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
an-x-request-uuid: ceda8faf-bbe8-4c5d-b355-fcde7bb4be4a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 5.79.98.34; 5.79.98.34; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
an-x-request-uuid: 32448b43-a2b1-4ff3-881c-258f4e8af260
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFuJxEvfwinjYNxQ_Chzz40%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 5.79.98.34; 5.79.98.34; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F63A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY0MDM5MzQxOTc4NzMwNDgyNA%3D%3D

170 B
188 B

62ms
61ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY0MDM5MzQxOTc4NzMwNDgyNA%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
an-x-request-uuid: 470c80ef-84e9-40ae-9053-c9150ea6c184
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY0MDM5MzQxOTc4NzMwNDgyNA%3D%3D
x-proxy-origin: 5.79.98.34; 5.79.98.34; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D5AF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBTsGpnjHPTdQaH3oGZFq8&google_cver=1

43 B
732 B

44ms
44ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBTsGpnjHPTdQaH3oGZFq8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNPL3d4BMAE&v=APEucNWGjUdGPJ0lyHBfngOptJKE4ySFE6ACGDjeVYrX4ZzV5X5_uVXiihazpATgJmHmSudkMQ9W2HFARUNA4LtYOijZPYgtAQLHiKXx8MG2KHCpe-796t8L2ZELPQyYwpqJ_nXe2Zvqew-7RhDF1x1MwCSi12BYwMX_QNivVK_V8hP3o7a2dP8
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LkBAAs5%2FcOwCtEAY3Wv6TwS5WE2ZBCff1kDiBujzVxEE1zTm6HkKvH1gcFzSKF3pwsHUuihoKIxOX6YW6fZvRkrb%2FBWnse5JM0ayK85mmZO47lCr1lUfSmFRKfKONm7Nh5JUy940B0jeKA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 835824424b5566eb-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBTsGpnjHPTdQaH3oGZFq8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D5AF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXs6V4Oqc0EjDrPCOsIlkAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBTsGpnjHPTdQaH3oGZFq8&google_cver=1

43 B
734 B

63ms
62ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBTsGpnjHPTdQaH3oGZFq8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNPL3d4BMAE&v=APEucNWGjUdGPJ0lyHBfngOptJKE4ySFE6ACGDjeVYrX4ZzV5X5_uVXiihazpATgJmHmSudkMQ9W2HFARUNA4LtYOijZPYgtAQLHiKXx8MG2KHCpe-796t8L2ZELPQyYwpqJ_nXe2Zvqew-7RhDF1x1MwCSi12BYwMX_QNivVK_V8hP3o7a2dP8
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q1684dgKVmYcWeU9vHzQD%2BFFtTrW2pu1fVBBUC0%2FKfm0LUHaGS0IoEpdi7eFMpMWCi69Xwt1XhRCxL3YZXNK1sddtMPUMnvk%2B7qC7cKfznaZ4lwsqC7ZxLGTF6U7j9ofIhLtK%2BeKFjx68Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 835824430c4266eb-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBTsGpnjHPTdQaH3oGZFq8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame D5AF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFuJxEvfwinjYNxQ_Chzz40&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFuJxEvfwinjYNxQ_Chzz40%26google_cver%3D1

43 B
888 B

43ms
40ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFuJxEvfwinjYNxQ_Chzz40%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNPL3d4BMAE&v=APEucNWGjUdGPJ0lyHBfngOptJKE4ySFE6ACGDjeVYrX4ZzV5X5_uVXiihazpATgJmHmSudkMQ9W2HFARUNA4LtYOijZPYgtAQLHiKXx8MG2KHCpe-796t8L2ZELPQyYwpqJ_nXe2Zvqew-7RhDF1x1MwCSi12BYwMX_QNivVK_V8hP3o7a2dP8

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
an-x-request-uuid: ccf37596-163d-4616-9f8b-8852b385006f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 5.79.98.34; 5.79.98.34; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
an-x-request-uuid: ffc096c2-1460-40d3-bd26-f6c8e7222fc2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFuJxEvfwinjYNxQ_Chzz40%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 5.79.98.34; 5.79.98.34; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D5AF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM1NTU0MTU0MTc2NzQyMzM3Mw%3D%3D

170 B
188 B

60ms
59ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM1NTU0MTU0MTc2NzQyMzM3Mw%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
an-x-request-uuid: c1c683a7-18ea-49dc-8325-e0af422e22c8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM1NTU0MTU0MTc2NzQyMzM3Mw%3D%3D
x-proxy-origin: 5.79.98.34; 5.79.98.34; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 3630 38 KB
13 KB 19ms
19ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 185723
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 13:49:16 GMT
expires: Wed, 11 Dec 2024 13:49:16 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 34DF 38 KB
13 KB 22ms
21ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 185723
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 13:49:16 GMT
expires: Wed, 11 Dec 2024 13:49:16 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4C00 13 KB
5 KB 20ms
20ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hairpro.htgetrid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 88259
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 16:53:40 GMT
expires: Thu, 12 Dec 2024 16:53:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F809 829 B
1 KB 135ms
28ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8773adb3c20975f4ebbe3aedc367ac932f8a35ca92c5944cd9198d1af9ac2295

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pvKIQbB0G5ka3K0m6SoVLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hairpro.htgetrid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-pvKIQbB0G5ka3K0m6SoVLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 17:24:39 GMT
expires: Thu, 14 Dec 2023 17:24:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9BB7 0
20 B 92ms
92ms Ping
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2945940663744&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9BB7 0
20 B 89ms
89ms Ping
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2945940663744&version=m202309260101&ct=77&x=1&cor=1896816981111157800

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9BB7 34 KB
19 KB 315ms
314ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A3BXtBWtiWIfUoturY0SQS-vRmgl_6o6RrrPtZ5Isq2Gd-ke37Ao7is5CTYNab8aVPG354NvQkuLTPgdEcZhT1XPYw4gWyQ9cyHBgGK1qExUhCnngya0nfIXsMBTTTTiNhOPA4SpCM5-uoyEuROn8bZwGqR37309J9wX2qKe8pxDQ2i8qqRTMVHBsulwh3xbRtcq9_EhnEArk9ryRZFUYGPfqW6A&cry=1&dbm_d=AKAmf-DLI7FTE-3UhKhLRI-Gwvmz7ESaxZdHjvZKlj1OrlD8pjnhDYgKaN8jA-VfhckYfqduYOfLQFYn7G3WKZHI2NlkHf6b8ACiN3PeXGKGC2wOegtGYRS9ONJB1DkIYRFv8gp01vDeqDVcyQI6sh3gHtiHGkPM_UfOX1ee0zt16ZvywbrKOcu5rWeJ6E1WyQK_8FuqM9qQlvDLx_fQa7dzu_GYCBm-E0XmtICfOKG5u4A6V0tpVL2xUyRQm9wcVff2TAd_DZebxc_DWIfw0lOwWC2jURyluLWl71HmiLOBRyipAyrQRDbk8bYoQ2kwlPEhsaATDVKRKRxvFCoXgh_KWBo9RS34pwfxYx44RMmyR1ryG2a3eJJSiI2nWrsSIVsvNSByCqL9t1JUFVWvmiMpj17NAHxJCKJPcV0mwANVkoi2cMqHk5jkE31CFuIwC24CM-plsY34V3vWyslXv81smpFlz53xM5V0-9dEGw_i_xXmwwOpEUzubzirgk6H_6QxnwFOpOFqYbG76DbFuTZ4pQmqMjAIgDeFE23yneHsBVmbntnqdbXcIOoDsj0XXS7OIpnO6A3buAKARcrZ0k_k-nH_6HZMej47QX5qNte-SD7LH9-TkRg6sO15jmC0JmEIdtAd278qN9vXYAVTJfKMc_Su17MKqOtUPoUYZsjsb9SiTFoldcZKbcZgvD0Z5S2-tor236sAdGa4Xby3BwnAk6m5b-NykjBjqITc6HjRQ4nwNDNctkvaVpoB9pa8ycTljcKznkZ5B7J0nFOex4tkkEzzutt8Ybxf4KkMTKbicB7NpbYC0X6FjEPmELCGLz9vy6-7qvdd35TjGGxQKJv-FiJyHjw8lRk89ySfoAEsvCHXcPQbcTu9tekNMt7exuGCkdI9hovcMo4hZWkEDnTUcpKdzM3XOueSHPSvXRvFVJMTDB4NToZbn9uZjNFoXIdpPvu22oSwNSYfDNx2FVM829-4gJOzHGr-5ZZPkn-90PCQYpQGEXiNHZN-RoFtc8zBA1bLzyI00tTHcNhuSWKn5CPslJBA4_jWa5EooxgVrgNfXEKbawq_8_XFKULIRIC6Mr4w_RuWsBUCeEw8r3DT96lvGmkPsrWbKXR_TS7a9cx_wwABSpOnYD_XH1wlW5ZvTQlAv1ji8_Dt9Xl5_c2NT8W-97p-MX94nV6tG_S9eaTzvLS1NN5hED9wxrBSi8-7rm1xDJW-W0PkCy1-YgYw9ORv-k67uqGB0Kzgfa4S3Lu5Ir-eGKBdPqIyBEVN64cc2Ff7FGhM16H7x4c6Z6xClEFZSOZrQPbbnGTV5OFcZxHLNqyVqm7zNL6Tj9eMzCbMBhj6Jgt4LWosULpO_mhcq-30VexQDMQOQNCL2YwvLlij2d737CsrIHKjGmVYYuI-ocs77tzfumzmw808mPjzXXTjYcAgZnJenztsv9zNCHarVn6OqoSmurLMlHuhdXu2cbJ8su21QMb30meP3J-0PB7KtKsFifsN0uqOUn0HQgAsO9WdfMII5PInlKXqC_9QyHWRK0i2svlU6MGMSVRNhn8Jjnl50ZAd3qXZ7JiixZ1URyjtUU4ela2ZQf_kgodFSZYcC7cq_yW3IcMTY2edruG13lGs9bSk0uqzrdfJ7lmituaRLXv1wUeejSJhP5m__LKykaFnBxlGSg5LwT9oAaGs7cgkpenp36guXHZZy2G-0bVnNhV48wN-ZCwfB2a8fFTv3H383OyGBIuPyk6A0dQghadQkRJRNkp9sMLkSe_CiJ--6ixv37Pd7cIDLNhzdvhPLbt1qPoFNclq7IuPSzMhfSDMA1gIfT8Q-WD-OblE11DAp6biZrivc2sZCQmQulY3fSAFtwe2KNlbCU0GnzbMgs9V7gb8EtILO2bBfCeFtNfnw-U88UVJ1bI_qLgdXudvsy6sBoZJhjjPT9Vho8wcNXqim7QwxmrjqQ1ql6H14UdXBmQa9ad15FpzNyR2_9H1H2LJeaD274R92v1M9dEs7ntk5stk2YhdDLEtnkMQ0rct7rn8V_JOZOWXKCLSPBpfZXjJ8ovyTdKeotSY9EPt1LJgeBP9qRWM1dgSoow-fEh_CihBIUi7FluF9gIscRp6dH9IjiijbWgcUcSmTGZ2fXTBMA7mK0el_tPe56AozCzCjDPH8o8XoZSmpUeeL5NbVJh7dtTBwKi4qqLte40yhNu3oZVXNgmw05I7hbSXgUSzt3OMBimRzIPKzTHSZEquLfA_f1HALtULqt7m-FoRrzXgiWMeTii3zL9omFXypQ48CuDK_UjyGHzw4tOJyYhDsUthbtRixHwSE18i3lyofTCck0EWnm1vYkLFVYHQUhI9kGuvSDoHfpD5cT73dOseJtsNryuzxXKtLatQdOZg8-QnyOgGC8f8mYzz0wCOLd9dKdaeh4srqDgdp3MpPfEUa_ctLMhxEyRCk2QHw8zrTI6SaSW-4THTsS_zqbqiRMiKVcLxagVEUjr9UdgIip1XThOwuXmqX6oFDk9ylhJPbBF7WJStatkxT_lrVN6WdXFe10xb0ZnwUJ-rTpaAt0Cgr003q44wRFVg5V0_Z4cTZtCnuqa_LwEW4CJj9o7qLe89_67zAY0XfJgH5MP-_YlAO5w4iaOLBivQfTwkbW7sTsvGZWhfwrLvBAdhZx5u2MaFT7AyXiaAxQslA2CsVufZwsH3__tF0L0XcuZzbi6hIDseAMAvZWxyVhtJf_skqW_sMkaCMUs8XNKDsbwCwXBYEuESOz0GOLy68wVhiW5W9lpPtknkzUwWfyU2BtcvGwPvstgExds5p4GNnKnvvSMA-mtQWkti7VO2rQHeE8FOg97nvnh9hoBEGR5w1yieaBhHFWr3HPSyQc2LQ-sjLHRFkXVueH_0aFVnTaJfwJR6dV4eA5AjALet2LlpfwR8sSc6wimnWGpVglQlRzwO_WYuaMiFFTihgwyi9uTYwIEEE6DHW0WS1SuKBLOWjL0gBbxFu1Rl2BgYjNezpsXRPu02NTT_l3dKJrxKK1q7ewD7WAs3R_rWPnGQZ4OgtJa_HZLQV4hJQx8aM6a_16J4YWfZ_wqGQN5h9VHv7-FYi-vbFBBspydWjVmQKpP_3vxnuqSOI5EotgcuHWUpuOhSdLcaqqc3PozI43ZbiTyf-aXXSUt7DGn6-hgg-it7NXZSk1Qeopx8agxYEUR0tAqn1m7Xva4q6716ZL7kv8-qKGqWMsC0sCBCqGMeSYQrm6aqYPxkXy0UPtl_v3uib1ho2T-iS8S5A9TQ-7Kug8QNXNR7Jn_70ywiBqt3UfQT4Q6w1kfViBaFX4G02eCPI2QF5GCng-Mk8gAgVFlM7nGNnpBIs_XqV8lneSluB9pyHaBkR_d9A4E3r2etoQ-BUVYUGhY8N7K7fTia7VcGD4ysvYi_MhZGoPjSdt3fcoEMwT1ibvQv9xsDoWvc3qfT7D-YAwhsNymSweXcRgJQZCSjzBUvKuBzIoIlA81AOurm6GEa_5THGu88m2OAIR-VSmu_nPAx9LD8tW7qhOX7-t9CSxXCOQINunUjWpw1iaR-bvYDFNvv32BZlnv7MpEs47C8UPisSzcxLp2kRyJoOx64ttuDMSl8HmXM2_se6l6caqj8nIWpg1xQCUWb65F0VB41fXZ2wICDXR9Yb4xgOKASP4byz6C3f2EV34MW5mWU0zvpooqtbK8&cid=CAQSTwAvHhf_GMHkOPKLol61ssHT5rCVgiX0ZLMl0tOXbtIkiSp8RABGoEg47eQoJ0l8fsjev1rcll3YeL8kQ7SzArngy4Oc4bG3TKfWGN8l6pEYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fhairpro.htgetrid.com%2F&ds=l&xdt=1&iif=1&cor=1896816981111157800&adk=1726166463&idt=87&cac=0&dtd=29

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b22306fae9921c106cc34a41e47559ea06ba31933f7e21999fba0c745102cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19796
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3DCA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33fcdd63ba302261b1b673c18d66d475ffec1b45e3a1283940d0cd7a45c7694a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 3630 39 KB
15 KB 27ms
21ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 08:45:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Dec 2024 08:45:11 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 34DF 39 KB
15 KB 29ms
22ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 08:45:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Dec 2024 08:45:11 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 3DCA 0
0 272ms
70ms Fetch
image/gif 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuWJAcA1m-ss_TMdrAJxJ5a7TQPnfYQNkhMyZWzleahMxibRi2fH4QZhYMV_2FzBXoY38KV9HHLx3bc0qs7oU0o26pZHwSUBLVN0C0Hl8cd65RIwG5NmgqEs1HBdG0G9DBxxxBDco7tTBvyAOJNWmpxVMPiLv0Vr6WVA_uPtY1YdICxYtp4FVUohc0wmDO7wM_-Gc2Svub8yYpFagRMGiGYgh_zJNJ2suvPufaBxWo_7ISCp8524KGgd0vg7xsTymEjFoT9UnFhdPYsI7SBsPvhR8RJPTNglGYg2PMFRGSh9Ot9X-p3XXdYPLBh29qejI39j7Ab62DYoqBYdv1N9FVHxJWWOPyh4DBlAUHgCjqS46OZGMPTRhmY8o49cU2DHKxWgWf60-_L7Lk65QYk62XZYMRS05bPvHh6O_RT84pbXYMRZFbEMygSPzaMM1RA24rHeb3xnB1fG2m3bH1fvPVX0A1xGm4mfLAWq9W0XcFRTD2otvPxRhlzB-YSL1R6mBlAOBDHDm47HgfxHbPF1U5QJrwQhO5DisbCzEwUVPJRe6Mayfn-q2uLY49FR_ZB0OI6nWdt6_dgvqE8PoPXECEB2ppHoyfDF1g9rdEQs8ClmVZvZ4idkGxCQcN77JsrA2Y1p1nIlyfqbFPa9DxecVaMP4xmu-0EFy8LA4OawNW-GmUiqxL4uTh9oetAMc7LiOisXnraaU70nROKA3TgZgRqdC68gCLi2pTRnoLy5uMwlp-xLmbp0iRcVZT3oOLj6m44ivFFb5O1mycmC4kIvfxLEixBm7nRO0UJuE4XJj7WWhoGFlHKDfpy1XHb7xGBiBIhF89mply6_Pve5PjN6nnuJ5X-p23FjpC-8f7828NVrKyCDcc5zIKFiyLdjp971bQaS_J0HwIUvlD4CvQ9Tva7dKr23vHQxV3RntMH3N5NyRwxhDj7ypKfEUhJnm3fFzeIWZq9a2JsDu9ljKi2QH5KVTi3st_cQjSamldCfvM5_Iua8Y0Z-NvGBHtOFv0sDFmQCfCKV5ttw5pWnXAjk7XzrGIUK5oCD-kmEHHIPmbXIUqvdtuEfWjUAfiiBTCcfIggXHagQDI9FFXJtBw_XgxDaw4xgHwgfe3jpixXOWx-cYAaQ7ZIrOiqofq1sc3zz0bZtmSELVugyrBwjp1P0qJUkguWdlFeMjhx--G3pzPaxA5j4fHsvlnfFVwrL-pG20lV1pwjYBq4S_9VhSVjmZx8SnngQwfwBFApa7lpAkEUEcA-MtcMV9Rr60wWaTNZ-82dSWqKXZ9aeDebudxVvd_N2fUK7qmdEJFNcuRskM0CB9jVGbW_CK_7Vsq1_1ewuYLtB4-R_sCo2wxH9w&sai=AMfl-YSxxBn9MjZGMgpToNzV7ktTSKhkCauy29xMzfMaqBAoNM63LsHEMU1enDPdZVYYfI3c1bCzWDhjQTqswatUAxs9jIO6pxDCksgQe3zyFOdjcLFynxdZ5XMJeBdaOUplgrSp_BrVNjtgD-19e3ZywN0rmVyidPDgJpCRs5bSW2aAnVSFq1Eb8Qc0nh-u1C0IiZ4W-1tSeQmyM9sPLoF0hkpcStkGmEtKg3QSsIS_5oVkL-GAg6QP07XvtwRlBFIxKLezJ2Ui783-PH7yVIdlfylp6oq4SLRJJxji4-ZNyn-ESQEgRU55VlFSHqeg8hAYn5ovqNmP93Mh_a0zKDHPpIP5uhP-GsBR7LZi-Qy5Piwiywiz7chsuKBl2W8a_fc0q34QcRRokLsiI-tmHA0MZ7JWrNgOo8DrquybzHZuw6Zl4fsuphIgz4-68dSDlEizGv0AkBPZAfoKFGp8cfnNdtckL3PHKKrDxdCzPau-VfRc_XxvgWnKjN-f-jmMA3j2Rj0-IOlKmcRx5g&sig=Cg0ArKJSzPkpxjRirsy3EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=391&cbvp=2&dett=2&cstd=0&cisv=r20231207.07765&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 14 Dec 2023 17:24:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame E99F 50 KB
19 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:01:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 202967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 09:01:52 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 4C00 39 KB
15 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 08:45:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Dec 2024 08:45:11 GMT

GET
DATA 200
OK truncated
/ Frame 14B4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3159b8797a512ad0de00a4efece97d17bf822945796b3095a473b4b5d0dc1242

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F809 0
0 55ms
54ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=19711171357389&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 14B4 0
0 234ms
66ms Fetch
image/gif 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstDKbrE131l6qHo9KRzmSCmebnIevrV9CEKiqb6TAeZLk5GgppPNFOvWseluB7uaj-cmerY9TVfNbPXE8UtZT7yJ4dZkF1hd1W8mJUlamF5mpopNKiIloJWh9XQpGf-enbX6iIF9H7QeIcjNJbX8MhFMReRNdws9XTtlH0oq2vd6UIg07IyNI224YRXN4ISibS9s3Y8gGlWNz8U98XteQQB88UbzO1JBA-dEm6CZ-0mH13nf6kK9DdZvxlcd9xYrApDFsUug86NduA1E6EbNRjiVHO7CtX3PRLU1L-eIgLmCR4B02tyGiep7X_EpScm02FtykgBmClKSlVQ2x6ddP6VcSLf886veZD--Y6tDvlQuIzCx0n0xSTuIefJ2Y0OQbuzD8gUnQCNFT5zFpr7jwU4Himg5_knmgb39fiiO6cGOU_CNVnCTzPfhXb7jFlbaAZSpU5ZqZgMGSrTU4DC8h6k0Z5--3lAeNT7zrxOWWgv43srULTzOdflaZZVuZw9bVn0UuA_j9Kp3SrPefJeu9R5Nb78plgAaYGFeYE5d6ZBBWrFGVrXwcLApVN-0ZeUNEmkALhY-JpbbDA1jTJZgHKyJQNr5FIUkWIXdi-s0Fs47g9XNWZ0Jxf7e2hDfS_mkT1mVkVzMwVUI8dXmGX5AM_rYuUbBATjcXPoTBgGMBtluZ6b2NzaxtQRM3WjAHcuWWnpLTWlrvgoYRZcKYyLeID_B_Q4Dht3LugGFI9SicU3bW08T3-CSjvmwfJ2O2FeSmiXoLMXi0U9LXiRTw3lu0Ee9xTf1oyBCq0EPKN4mgyyHKIo1ulfFXmEMWFHY1FIRzsYnssKL7htHghHFcPdrZeFVrHTujXrHBU6gNRuibYfSwpVQWkgBIGnAiA0pzdV_8Kc9-hnjyTUw6fvpJQE6X1upiYhPy3KM_8DSkP4KJa1Bf1lVOJoD5GD1Sznuls2Wl6u0nW-ohkWvtCYi7OEvX9R8G75KT-nUiN8QQ_9tTulwwU5AL7cR8_lK1yxEroxGB0Bltt2FstXfoSBRoTXPUyDeMed_FZb8sVn443pVLVMrUC4XJhZ8HUoFldQ57ezYMQyksQJogSjZbiuw8KOq23F7IOOYkJ-byL9O3bUQQjVfUEP8_qaYak0Fl2Hn1gfRfa_kyXdHuytgZnfG2vPWaVmREvKh245gVGdT4E9X39xTucmS4x2NIxh6GQnA_DZsuczaxGb81v1qtawQVn4ZwQtBNz4TSJtd4zLA9w9gPdDHCMd2SZg0Bh_T6_JPk1iuOXrpypHM3tPEy7i9Tn3HwfJPnZlIkdJ6RmV8qSzbAZCmqx-gHvY4_GxyAhJpgscWy9gy-davVynUj6ntg&sai=AMfl-YTmAcAgntO9QsNCjjFhEYWrQdtRUpLmRXhBV_FyDkvqeFzavknN_0P74FvC6FMjjBI5-MLfKj09de6amwHzXR4PZkD47LDLGklYToBNqg0u1gpqG5yXw4fxA5aoqRL8npMXISTpFqf3O9kJzk9ppJZ_YMHAgMO6bvNReB0XaCHO2PG6R5VpZLy4DDGjM5n1DrjYjBjUBt98hMRg1tfj_vzBYpuoEmLiZEAByCLMzH0GFuVGfGokYUZwoSN6YEe43C1gOCb-3AY7W7BIoPSq-MJfdZVmm71jAvBFLH3TRsgv8iaSKJJHS38kIWiFEYYeG-yc5RBjE1DpGolbt02n2ZW7IGh6FJjoSP93CpAgXPwKM2h8fPGmMnYBmTOBsmRhhv40MpXrUOB_1JrrBJHkU5wNyM_ewnhtC5MAznVP-jB-uCE2DUf6KRkWRk2yPzoTjTIoi9DgqZkJa2bMkYgj9lF6Iv6bhJbbuLaBrj5hmOe6ONzUo66XRxuTPVF0YFEW_eASdyaF8p6YPQ&sig=Cg0ArKJSzPPnTzfVxXqkEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=393&cbvp=2&dett=2&cstd=0&cisv=r20231207.28885&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: hairpro.htgetrid.com
URL: https://hairpro.htgetrid.com/nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 14 Dec 2023 17:24:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 9BB7 31 KB
12 KB 25ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A3BXtBWtiWIfUoturY0SQS-vRmgl_6o6RrrPtZ5Isq2Gd-ke37Ao7is5CTYNab8aVPG354NvQkuLTPgdEcZhT1XPYw4gWyQ9cyHBgGK1qExUhCnngya0nfIXsMBTTTTiNhOPA4SpCM5-uoyEuROn8bZwGqR37309J9wX2qKe8pxDQ2i8qqRTMVHBsulwh3xbRtcq9_EhnEArk9ryRZFUYGPfqW6A&cry=1&dbm_d=AKAmf-DLI7FTE-3UhKhLRI-Gwvmz7ESaxZdHjvZKlj1OrlD8pjnhDYgKaN8jA-VfhckYfqduYOfLQFYn7G3WKZHI2NlkHf6b8ACiN3PeXGKGC2wOegtGYRS9ONJB1DkIYRFv8gp01vDeqDVcyQI6sh3gHtiHGkPM_UfOX1ee0zt16ZvywbrKOcu5rWeJ6E1WyQK_8FuqM9qQlvDLx_fQa7dzu_GYCBm-E0XmtICfOKG5u4A6V0tpVL2xUyRQm9wcVff2TAd_DZebxc_DWIfw0lOwWC2jURyluLWl71HmiLOBRyipAyrQRDbk8bYoQ2kwlPEhsaATDVKRKRxvFCoXgh_KWBo9RS34pwfxYx44RMmyR1ryG2a3eJJSiI2nWrsSIVsvNSByCqL9t1JUFVWvmiMpj17NAHxJCKJPcV0mwANVkoi2cMqHk5jkE31CFuIwC24CM-plsY34V3vWyslXv81smpFlz53xM5V0-9dEGw_i_xXmwwOpEUzubzirgk6H_6QxnwFOpOFqYbG76DbFuTZ4pQmqMjAIgDeFE23yneHsBVmbntnqdbXcIOoDsj0XXS7OIpnO6A3buAKARcrZ0k_k-nH_6HZMej47QX5qNte-SD7LH9-TkRg6sO15jmC0JmEIdtAd278qN9vXYAVTJfKMc_Su17MKqOtUPoUYZsjsb9SiTFoldcZKbcZgvD0Z5S2-tor236sAdGa4Xby3BwnAk6m5b-NykjBjqITc6HjRQ4nwNDNctkvaVpoB9pa8ycTljcKznkZ5B7J0nFOex4tkkEzzutt8Ybxf4KkMTKbicB7NpbYC0X6FjEPmELCGLz9vy6-7qvdd35TjGGxQKJv-FiJyHjw8lRk89ySfoAEsvCHXcPQbcTu9tekNMt7exuGCkdI9hovcMo4hZWkEDnTUcpKdzM3XOueSHPSvXRvFVJMTDB4NToZbn9uZjNFoXIdpPvu22oSwNSYfDNx2FVM829-4gJOzHGr-5ZZPkn-90PCQYpQGEXiNHZN-RoFtc8zBA1bLzyI00tTHcNhuSWKn5CPslJBA4_jWa5EooxgVrgNfXEKbawq_8_XFKULIRIC6Mr4w_RuWsBUCeEw8r3DT96lvGmkPsrWbKXR_TS7a9cx_wwABSpOnYD_XH1wlW5ZvTQlAv1ji8_Dt9Xl5_c2NT8W-97p-MX94nV6tG_S9eaTzvLS1NN5hED9wxrBSi8-7rm1xDJW-W0PkCy1-YgYw9ORv-k67uqGB0Kzgfa4S3Lu5Ir-eGKBdPqIyBEVN64cc2Ff7FGhM16H7x4c6Z6xClEFZSOZrQPbbnGTV5OFcZxHLNqyVqm7zNL6Tj9eMzCbMBhj6Jgt4LWosULpO_mhcq-30VexQDMQOQNCL2YwvLlij2d737CsrIHKjGmVYYuI-ocs77tzfumzmw808mPjzXXTjYcAgZnJenztsv9zNCHarVn6OqoSmurLMlHuhdXu2cbJ8su21QMb30meP3J-0PB7KtKsFifsN0uqOUn0HQgAsO9WdfMII5PInlKXqC_9QyHWRK0i2svlU6MGMSVRNhn8Jjnl50ZAd3qXZ7JiixZ1URyjtUU4ela2ZQf_kgodFSZYcC7cq_yW3IcMTY2edruG13lGs9bSk0uqzrdfJ7lmituaRLXv1wUeejSJhP5m__LKykaFnBxlGSg5LwT9oAaGs7cgkpenp36guXHZZy2G-0bVnNhV48wN-ZCwfB2a8fFTv3H383OyGBIuPyk6A0dQghadQkRJRNkp9sMLkSe_CiJ--6ixv37Pd7cIDLNhzdvhPLbt1qPoFNclq7IuPSzMhfSDMA1gIfT8Q-WD-OblE11DAp6biZrivc2sZCQmQulY3fSAFtwe2KNlbCU0GnzbMgs9V7gb8EtILO2bBfCeFtNfnw-U88UVJ1bI_qLgdXudvsy6sBoZJhjjPT9Vho8wcNXqim7QwxmrjqQ1ql6H14UdXBmQa9ad15FpzNyR2_9H1H2LJeaD274R92v1M9dEs7ntk5stk2YhdDLEtnkMQ0rct7rn8V_JOZOWXKCLSPBpfZXjJ8ovyTdKeotSY9EPt1LJgeBP9qRWM1dgSoow-fEh_CihBIUi7FluF9gIscRp6dH9IjiijbWgcUcSmTGZ2fXTBMA7mK0el_tPe56AozCzCjDPH8o8XoZSmpUeeL5NbVJh7dtTBwKi4qqLte40yhNu3oZVXNgmw05I7hbSXgUSzt3OMBimRzIPKzTHSZEquLfA_f1HALtULqt7m-FoRrzXgiWMeTii3zL9omFXypQ48CuDK_UjyGHzw4tOJyYhDsUthbtRixHwSE18i3lyofTCck0EWnm1vYkLFVYHQUhI9kGuvSDoHfpD5cT73dOseJtsNryuzxXKtLatQdOZg8-QnyOgGC8f8mYzz0wCOLd9dKdaeh4srqDgdp3MpPfEUa_ctLMhxEyRCk2QHw8zrTI6SaSW-4THTsS_zqbqiRMiKVcLxagVEUjr9UdgIip1XThOwuXmqX6oFDk9ylhJPbBF7WJStatkxT_lrVN6WdXFe10xb0ZnwUJ-rTpaAt0Cgr003q44wRFVg5V0_Z4cTZtCnuqa_LwEW4CJj9o7qLe89_67zAY0XfJgH5MP-_YlAO5w4iaOLBivQfTwkbW7sTsvGZWhfwrLvBAdhZx5u2MaFT7AyXiaAxQslA2CsVufZwsH3__tF0L0XcuZzbi6hIDseAMAvZWxyVhtJf_skqW_sMkaCMUs8XNKDsbwCwXBYEuESOz0GOLy68wVhiW5W9lpPtknkzUwWfyU2BtcvGwPvstgExds5p4GNnKnvvSMA-mtQWkti7VO2rQHeE8FOg97nvnh9hoBEGR5w1yieaBhHFWr3HPSyQc2LQ-sjLHRFkXVueH_0aFVnTaJfwJR6dV4eA5AjALet2LlpfwR8sSc6wimnWGpVglQlRzwO_WYuaMiFFTihgwyi9uTYwIEEE6DHW0WS1SuKBLOWjL0gBbxFu1Rl2BgYjNezpsXRPu02NTT_l3dKJrxKK1q7ewD7WAs3R_rWPnGQZ4OgtJa_HZLQV4hJQx8aM6a_16J4YWfZ_wqGQN5h9VHv7-FYi-vbFBBspydWjVmQKpP_3vxnuqSOI5EotgcuHWUpuOhSdLcaqqc3PozI43ZbiTyf-aXXSUt7DGn6-hgg-it7NXZSk1Qeopx8agxYEUR0tAqn1m7Xva4q6716ZL7kv8-qKGqWMsC0sCBCqGMeSYQrm6aqYPxkXy0UPtl_v3uib1ho2T-iS8S5A9TQ-7Kug8QNXNR7Jn_70ywiBqt3UfQT4Q6w1kfViBaFX4G02eCPI2QF5GCng-Mk8gAgVFlM7nGNnpBIs_XqV8lneSluB9pyHaBkR_d9A4E3r2etoQ-BUVYUGhY8N7K7fTia7VcGD4ysvYi_MhZGoPjSdt3fcoEMwT1ibvQv9xsDoWvc3qfT7D-YAwhsNymSweXcRgJQZCSjzBUvKuBzIoIlA81AOurm6GEa_5THGu88m2OAIR-VSmu_nPAx9LD8tW7qhOX7-t9CSxXCOQINunUjWpw1iaR-bvYDFNvv32BZlnv7MpEs47C8UPisSzcxLp2kRyJoOx64ttuDMSl8HmXM2_se6l6caqj8nIWpg1xQCUWb65F0VB41fXZ2wICDXR9Yb4xgOKASP4byz6C3f2EV34MW5mWU0zvpooqtbK8&cid=CAQSTwAvHhf_GMHkOPKLol61ssHT5rCVgiX0ZLMl0tOXbtIkiSp8RABGoEg47eQoJ0l8fsjev1rcll3YeL8kQ7SzArngy4Oc4bG3TKfWGN8l6pEYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fhairpro.htgetrid.com%2F&ds=l&xdt=1&iif=1&cor=1896816981111157800&adk=1726166463&idt=87&cac=0&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74532
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 20:42:27 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 9BB7 41 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 185723
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 13:49:16 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjU3NDY3OTQ3NDIyNAogIHNlcnZlcl9pcDogMTI2MDY5Mzk4CiAgcHJvY2Vzc19pZDogMzAwNDEwMDU5MQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3...
ad.doubleclick.net/ddm/activity/ Frame 9BB7 0
564 B 60ms
60ms Image
image/png 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjU3NDY3OTQ3NDIyNAogIHNlcnZlcl9pcDogMTI2MDY5Mzk4CiAgcHJvY2Vzc19pZDogMzAwNDEwMDU5MQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly96YWxhbmRvLmRlIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDIKZXZlbnRfaW1wcmVzc2lvbl9pZDogMjAwMTI3MzYwOTE1OTQ2OTA3NwpkZWJ1Z19rZXk6IDE3NTc4NjY0MjczOTExMjU2OTM0CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMi0xNCIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMyNzY4MTcKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzNTczNjgxMzIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExMTE3OTk3NDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMjAzMjExMTE2NzcKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0NjcxMDExMzkKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vemFsYW5kby5kZSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3phbGFuZG8uZnIiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly96YWxhbmRvLnBsIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x141be260fb57b92e0000000000000000","13":"0x2bc434d7d14cf97c0000000000000000","14":"0xeaa460854fa7efb70000000000000000","15":"0xf27ae81727e4dbd80000000000000000"},"debug_key":"17578664273911256934","debug_reporting":true,"destination":"https://zalando.de","expiry":"172800","filter_data":{"14":[],"21":[],"8":["3276817"]},"priority":"0","source_event_id":"2001273609159469077"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg Show response
ads.revjet.com/ Frame 9BB7 43 KB
18 KB 104ms
23ms Script
application/javascript 78.46.60.166
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/bg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.46.60.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.166.60.46.78.clients.your-server.de
Software: nginx /
Resource Hash: 1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="CAO PSA OUR"
date: Thu, 14 Dec 2023 17:24:39 GMT
cache-control: max-age=10800
content-encoding: gzip
content-type: application/javascript
server: nginx
expires: Thu, 14 Dec 2023 20:24:39 GMT

GET
DATA 200
OK truncated
/ Frame 9BB7 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbfce92b7e7ccbb7dfff7918f676db17c79ec95428060eab736632c6344f1f50

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 62C6 38 KB
13 KB 20ms
19ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 185723
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 13:49:16 GMT
expires: Wed, 11 Dec 2024 13:49:16 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4C00 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?yGriJw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3630 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BU-3uVjp7ZY-2BbmSvcAP66yRgAkAAAAAOAHgBAI&bg=!fX6lfjHNAAY3kmNgF5I7ADQBe5WfOMQmKwAfWykH4d6PlZPqqD3u1CEqIzawvruqaq5qqcwkTuP6jiMcMCwy5wWNvpOfAgAAAR1SAAAAAmgBB5kDP4gMMTuh7FBg0reh9c9sYDCapY8OxkbBBF1ZniIXHLnIcubtONY_khvfAsflxBSAwUtOQbTgestQXuw4b4tz-mq1TQBra_yMhsgdcnR77FOTjg_IIdngSua987hD9kT7RUf4GPVymj7TjsSjHOGR8NEsWyihJJBe1vDT3ADicu7CaTK9Di8fKyhxIW0qUYR4VJFI2zFG8t-d2TmeH7xXX0vw9612QmYIe0V6gBktlR3AuW2W56jnjDhoB5lUFLW0T0bh6gK_55o45OzPIZwv57ACgvmhabasxYxqTbwW5iZyQzOQdhQcXRjpQFsO7ZACUDzA144MxNL4rQcKUHvqIeqzMbv8E76cJILQkTi_mBonSqQn7BdN8WaHPUxUvu3X3cCO6Xiq1_TT1H7OgwZ6fPUKmcJzk44pjb48FMjueD44dsngznFHShiKWxo93OLuOdIexYfOmZaY7kqGdeLnElMJJJ_smIGC7re18_vlU8IMPhB0wrAh_XPk6jdJLfh8ezLIvEVdjO369kmXGmRT9nSE11LX9ULWDsYit1hVzvRIgeB9EEIz_MvwhTB3nq24cOf_LUyZs-ZAaCYK4brDUYHcUjPxpsAwZIYCSFFwkfOrzfzIlQpqG5XvwhcjhW2fVCjKTf6VCSxKPsPi68tWttMjN1EYst6j-phx4smYURa8U8L5CeLBSLZNWJ2_lHZStdyzYx9HHVH_36lTv1KGewkRJRl8NShyu9xK3w454VGoUwyoJ6c7o_myvrv7yDpZukafkW9vTLQ1-YqaEWi6Ez8QLQh24wJ1xEzPiQQ6Gduc2XJJQrd87P1AK0vOmIquYK2PTwbw02I829YNtNqSO4Y72v0Lzz1MhGQ0zc8VuUtuPhgYmbtb9lTxurnPPIe5KXPABW4LXTjcN8uEALV6SmEXcZdY01pEhgVCC5d86Fhze-jNFUCUQU5A_HImSJqAeM2t7u_E-3_LbH5OS4oisfBEbwEzMe2yRCrUvkKSWz2qnA5WvDPdohRhbo__q_58xO5Y3l4TczY5z0iNeLNj6Ju20hJk9Fu4PWPnJ6YxG7vloNm9wKVwbEUqTg8ZXYZU6mSRGZEBgGJbDg22zfvkFQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rectangle.js Show response
cdn.revjet.com/~cdn/JS/03/3.5.2/modules/ Frame 9BB7 20 KB
7 KB 100ms
15ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/3.5.2/modules/rectangle.js
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA2) /
Resource Hash: dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:40 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 15:25:13 GMT
server: ECS (amb/6BA2)
age: 281
etag: "64e381d9-4ee4+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 7263
expires: Thu, 14 Dec 2023 17:34:40 GMT

GET
H2 200 sync.html Show response
cdn.revjet.com/~cdn/JS/03/ Frame BAEC 2 KB
1 KB 21ms
13ms Document
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fgoogleads.g.doubleclick.net
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B83) /
Resource Hash: 71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
age: 175
cache-control: max-age=600
content-encoding: gzip
content-length: 942
content-type: text/html
date: Thu, 14 Dec 2023 17:24:40 GMT
etag: "64e38310-744+gzip"
expires: Thu, 14 Dec 2023 17:34:40 GMT
last-modified: Mon, 21 Aug 2023 15:30:24 GMT
server: ECS (amb/6B83)
vary: Accept-Encoding
x-cache: HIT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 34DF 0
20 B 60ms
60ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BeEWjVjp7ZZC2BbmSvcAP66yRgAkAAAAAOAHgBAI&bg=!AQKlAk3NAAY3kmNgF5I7ADQBe5WfOKa7sX7X_IjyIJEvGpewOGy6xtKcp5dAF9Fi3Qwpcrqd4Z8pTOqf9QloBl6dycrNAgAAAS5SAAAABGgBBwoALI7XTbbV4qM1e8Szw4HXlqxmEg8Fw-NBEiXuqkfqdZGLUFjzY_CRdwGsV10TmQNHupu6SP7sCK3HKz7seC7-mY2nMOCrKGmk2Pdo7TM6DtLdC31FD7bB8jgUwunDP6Lq9NvcOlRDVNWNZFamG9zs8moCL-WZE-KVD0hAbgOVKHQXDhiuH11GZGtsY7T42Uy5YzxwziqA9iyiUagYa-i8lbNvrpxJAZ8qnDNnPj8PXDCDjuowpMNvmdVHozYQ9Gm0Ho0SEzvwR5m7mdZwlLSXPJN9l2c8pdLoJc-weclMJeWB5LL5n2LfcnFPuDYOTRTAUC2vt7Dbs4jZqPX2UDBlVD5up0kI14r_trCm9OnEHzqJNXwXHJFCOlzSnYOoOZw-3GfRoe6JP73csWo-R5dC4tsiyxbvjC35kxzpAk3RYW4axdBnY2PpHufH-CNoEwglVp6SnvTrgqxh6AOIrYKmbdmxgHwJrxjpsv6vjVirOVdOh9TgwRb57jk9MQ40ZQRdQkNn5DEU9AfzJZPd85wt5FtXlsQ75BgzxBkCFCcUptLtT-JLyZBb5kSxRBCcweEnz-4aYKXq7QCP9FJ3Sf318AV_y4yEisahy6LGH6zqiloh9k8AG2a2hrKFm3gMkZgjhMEW248fgIS2fXyhHBXZKAZe-Sxhx8wcdmm4cBY5zVKxZbecYmZOUXMG0fP99bf0LGVwMBKgfKJZbVBI6WdODEqMBCW44FLJra5ToVNYvFuNziH7Bh2I1RJvWUvngBMOKdbYfC8vZyT08lTFWbBaiDXRvR4lcRi763aERHgs5kVlw5P9TqS5GGV5kByjz63JX1MFGA9wIWBb_sDI_xsyfT2DC1coRUU4B2dvcFQefolRbM23khoV4QuAFdCMsA2P3BxCzV-sVHaiwCwTYtW-WLAGxSqX1z026-OZXqJOHI-EFlL18HR7xAWh9BXiDYIV9IuZJq6n2NqWQlGc0eAiQIsOdcTIU3DznQ8stkZZri3BdoZa1aQeToDohjRyLTBCLAuOJm7ciP8G0qo_d2gObKBimIffkPooqr4wnwCAXwZedtBlWqI_Cw9Q-_SShT4w-gMkJKx3yfPjI-nqJY7RASGLZf7SYiVM5jDf6kPaO86gSBceianQPcYqiUemBdNrgAojYYwCD-0OeJSKxqtBhf8_cliQxPY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 62C6 39 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 08:45:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Dec 2024 08:45:11 GMT

GET
H2 200 tag236668 Show response
ads.revjet.com/ Frame 9BB7 245 KB
39 KB 42ms
40ms Script
text/javascript 78.46.60.166
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/tag236668?_plc_id=111757802&_key=d47&ct_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB_wcVjp7ZZG2BbmSvcAP66yRgAmtlJq8dIHx6NTvEcCNtwEQASDUjPsWYJGEgICMGKABuayQiynIAQmpAtTCo7LyXrI-qAMByAObBKoE-AFP0CGwZeT4Jg04ldaURKwM3xZ0owX10dosqDsXflC5RvBLrkVP4SuavX7pWJXOZNW193W2nmXnKwcW0PuNihf1NTJhwqq6ZJmaaYem3JFb22PonaEOxnQTsOFHjw0QeHTkQq0rgHLWR7dwzMC02SYXyZoL6rLutm_6xu0YSqojAaQ6UKxPgkRxSJqfyVOXNXnRyJrBlyOBRcygVRbh3nlvlijOxBzwPeG4lJLfspTxgHzGpuVTFbg11utqzZvfiVYQPV3PXC6fJazNpY_g60DsREXPY6wZV1iFrFxDBQahOAtbnqPUk7Oi-Kg1FdherCY7bj051-FAAcAEpP_G38QE4AQDiAX9nO7ZS5AGAaAGTYAHueTg6gOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljKzYf3uI-DA4AKAZgLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQKsurECqg0CTkywE_by7BXYEw2IFATYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_GMHkOPKLol61ssHT5rCVgiX0ZLMl0tOXbtIkiSp8RABGoEg47eQoJ0l8fsjev1rcll3YeL8kQ7SzArngy4Oc4bG3TKfWGN8l6pEYAQ%26sig%3DAOD64_0AMdGRf0G5vtyeA5WcQJTcc5Zdsw%26client%3Dca-pub-9116197468106665%26dbm_c%3DAKAmf-A1svy5emEljo7FDqt5rD7DuJN_W6aIRtchD9E38NiLKsMG2_4_DNVIu9rS9Fczz1AUvONmttJa1p0z6GHDInzl2uOfKbFut3tBfpnwBIagX1N2bjaexEiK71mQYzaEk2H3k7tUHrbL206xIbrhDjTaRnaW5Ct4BTtDI9oreu3TlibXQA1ECv467nA0AHP4UR4Rb84KivQsn8Gqwd_4z-v3XjSLRQ%26cry%3D1%26dbm_d%3DAKAmf-Cl4LGywA-DyX3vFPz-opxOgKLcjGIzpOEgj8Lw8gG-CfsdzHf_LR4jk3WNaV-dV9dKlCsVoj8N9uIa3ydRi85XeWZccYZULjwsN5OJwSO_5M05qmRW7WrnCpnbSdKgEp8i9Poa0S6VnJZ-tXkhEEgYTM5pJNEg6smtLNJWBnT0iG2UX2oB16bCceWQ8QZotOqi-sWqt-m4tQBWk8lVcQcpbjeYWALIWzqlsgspdarGb08Oq5ZP4tAemV7BOnCwgcAMBWPYZd51gZ5eLj6FEOC-5y4N6pOYAEJ8hGlCZY0d_R5sRMJyElhA_JG3qjMC06305cAQSIRv2OglYdZAk0yDjn-Emv9tk3laHrAYsNiMgre6_pTdqnqIMCmywgFBD-C1l4PI_JsYsUioyLYl7O1W1Yc2EluAxc1OXmAC9RCBWK0f2cafh7g2hOsgiApYXu7gIWDFr7kmoV4jEUWLYtHF2CzkaIZWDuNUxZxkpHXGZEGchxneiD0xzDe14HD6tz3mJ2OkmY72ZsHOYyzRqVo8qnkOY6g5IkqEeuPbu8MMI999yc7V-h0Q-49bt5AayXau774qw5LZ3X7UDwVvxdYlNR8PeaD585cXI8SdHWbmSYxKSmsyyzPQs8QikrylA07HckA4%26adurl%3D&dv360_cmp_id=20321111677&dv360_li_id=1013234396&dv360_crv_id=467101139&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-9116197468106665%26fa%3D1%26ifi%3D5%26uci%3Da!5%26btvi%3D3&_js_site_ref=https%3A%2F%2Fhairpro.htgetrid.com%2F&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=d948a25d2578333f1bf8_1702574680059&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fhairpro.htgetrid.com&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.2&_js_tstamp=1702574680067
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.46.60.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.166.60.46.78.clients.your-server.de
Software: nginx /
Resource Hash: 889e1fd1a3f097107db678583706b2fdeb32db2d40dcff2fd9cc3cabcdededd4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:40 GMT
content-encoding: gzip
server: nginx
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: ip52929
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 elements-2.10.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame E31A 167 KB
50 KB 54ms
13ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B72) /
Resource Hash: c3958950542c3d4350757a80f8b16785b6b72aafcccaa6deca82bb70b8be692e

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:40 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 14:15:27 GMT
server: ECS (amb/6B72)
age: 590
etag: "64ecabff-29d9b+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 50474
expires: Thu, 14 Dec 2023 17:34:40 GMT

GET
H2 200 999
pix.revjet.com/interaction/ Frame E31A 43 B
170 B 98ms
32ms Image
image/gif 5.9.20.98
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/999?__ads=f9e83d385c26f9b2ca0b19a6fd06084e&__adt=8240602519349000300&__ade=1&vid=5077254444947335187
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.9.20.98 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.98.20.9.5.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 14 Dec 2023 17:24:40 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 lifestyle_optimized.jpg
cdn.revjet.com/s3/csp/1671558630301/ Frame E31A 33 KB
33 KB 14ms
14ms Image
image/jpeg 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1671558630301/lifestyle_optimized.jpg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BAC) /
Resource Hash: 3e1406c94587637a7460b7a2089dc1db426ce759c728f4a5479215e1f9360a8b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:40 GMT
x-amz-version-id: GWmWzsiL4gZfS8p3bOBsR38yaINgc04d
age: 66502
x-amz-request-id: MGS858A7EAKJPHXX
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 33574
x-amz-id-2: mhFDUo2Jbbo0Hx8Y0Xzvoi4IIagTRVfs65gtF8IAHQlMGrXWI2kc4oQFzJiTZ0PpitLyES3EMl4=
last-modified: Tue, 20 Dec 2022 17:50:32 GMT
server: ECS (amb/6BAC)
etag: "432e30fdf56b7e1babca672b7e5398e9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Fri, 15 Dec 2023 17:24:40 GMT

GET
H2 200 gallery-2.1.9.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame E31A 56 KB
15 KB 15ms
15ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/gallery-2.1.9.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9B) /
Resource Hash: 4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:40 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 19:13:24 GMT
server: ECS (amb/6B9B)
age: 372
etag: "62717ed4-df39+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 15443
expires: Thu, 14 Dec 2023 17:34:40 GMT

GET
H2 200 logo_word_black.svg
cdn.revjet.com/s3/csp/1662732637080/ Frame E31A 3 KB
2 KB 18ms
16ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637080/logo_word_black.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B89) /
Resource Hash: c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:40 GMT
content-encoding: gzip
x-amz-version-id: 6dP9WoKtkjdaRlsO3V7DUipbqdCKLzpR
age: 40736
x-amz-request-id: JS020T9E37D4RTXN
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1556
x-amz-id-2: 2vVrqO2JJ1US1CNBOXGWnumU+1wE5BupekhlaxiPxl7Hlx5a6ISTagyZarncxCZ+wY6ZVgCz+EI=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (amb/6B89)
etag: "4e3f110ca066e6b8dc4a9827ae6e6f50+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Fri, 15 Dec 2023 17:24:40 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame E31A 632 B
628 B 18ms
17ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBA) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:40 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 66504
x-amz-request-id: G63RZHDVHPDAJ29T
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: 2EivpUN5MmFDH3cOKQYY/i7bY0/M4UHhqV3jSxm61DZ8gYbXzEVTBVB9tkdZQAbD9Nw+NxtvlyY=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (amb/6BBA)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Fri, 15 Dec 2023 17:24:40 GMT

GET
H2 200 Logo-Wordmark-White.svg
cdn.revjet.com/s3/csp/1680256735421/ Frame E31A 7 KB
4 KB 19ms
17ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1680256735421/Logo-Wordmark-White.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B72) /
Resource Hash: 63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:40 GMT
content-encoding: gzip
x-amz-version-id: AwNg3pZ_b3UTO1Gv2fLqLaH_CNFtNLJM
age: 67592
x-amz-request-id: 0WCSEAW70514JPAM
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3628
x-amz-id-2: ZduO8H68DsrEFVdF7USAVhK6y9FP+mUNRVysA4tlPdnd9BSguSz+tOuc6mdVgY5QDxr7ZdxzLmo=
last-modified: Fri, 31 Mar 2023 09:58:57 GMT
server: ECS (amb/6B72)
etag: "6802dc95d8e5a742e4e3e3e09650a7c7+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Fri, 15 Dec 2023 17:24:40 GMT

GET
H2

200

B29233589.357500362;dc_pre=CPLXkPi4j4MDFXCNgwcd2SoP5Q;dc_trk_aid=548521540;dc_trk_cid=185782290;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1702574680094
ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/ Frame E31A
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29233589.357500362;dc_trk_aid=548521540;dc_trk_cid=185782290;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17025746...
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29233589.357500362;dc_pre=CPLXkPi4j4MDFXCNgwcd2SoP5Q;dc_trk_aid=548521540;dc_trk_cid=185782290;dc_lat=;dc_rdid=;tag_for_chil...

42 B
110 B

43ms
42ms

Image
image/gif

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29233589.357500362;dc_pre=CPLXkPi4j4MDFXCNgwcd2SoP5Q;dc_trk_aid=548521540;dc_trk_cid=185782290;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1702574680094

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29233589.357500362;dc_pre=CPLXkPi4j4MDFXCNgwcd2SoP5Q;dc_trk_aid=548521540;dc_trk_cid=185782290;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1702574680094
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 162455845.woff
cdn.revjet.com/s3/fonts/162455845/ Frame E31A 470 KB
470 KB 16ms
15ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162455845/162455845.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB1) /
Resource Hash: 6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:40 GMT
x-amz-version-id: kVq59ccinPiVDgarv_TkFQgofQrkf2s4
age: 5388
x-amz-request-id: 66S14XC4ZM62PA5V
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 480984
x-amz-id-2: MU5zZexEf+Fp6LF4wLi8bGI3oOZCRzPXvN70BUx2MeByYNC37zsBUKwRCifJSwWwwDUn9ol97aw=
last-modified: Thu, 16 Nov 2023 19:47:31 GMT
server: ECS (amb/6BB1)
etag: "a7d9ee6baf67661e8e26d1e5c04f7fd5"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Fri, 15 Dec 2023 17:24:40 GMT

GET
H2 200 GeorgiaW01Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/ Frame E31A 33 KB
33 KB 37ms
36ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/GeorgiaW01Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB1) /
Resource Hash: ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:40 GMT
last-modified: Fri, 04 Mar 2022 15:24:09 GMT
server: ECS (amb/6BB1)
age: 385
etag: "62222f19-842c"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 33836
expires: Thu, 14 Dec 2023 17:34:40 GMT

GET
H2 200 162453298.woff
cdn.revjet.com/s3/fonts/162453298/ Frame E31A 13 KB
13 KB 37ms
36ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162453298/162453298.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B88) /
Resource Hash: 489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:40 GMT
x-amz-version-id: .Is8JR1jYDeMhMM7ZjPhsnsyUTdaBiJa
age: 84780
x-amz-request-id: TTVDS3Z2RSQ5ENPA
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 12940
x-amz-id-2: ESIxTdUhItmvh91pqbxlM+O2rn+7IhTQNmPSh4LR+5lFa7rY+HkFnb1372h1H3TD6B0LjNcoJ58=
last-modified: Thu, 16 Nov 2023 19:31:22 GMT
server: ECS (amb/6B88)
etag: "31b663ffd91c821398bdd07236df4b22"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Fri, 15 Dec 2023 17:24:40 GMT

GET
H2 200 arrow_grey.svg
cdn.revjet.com/s3/csp/1662732236308/ Frame E31A 286 B
457 B 23ms
22ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732236308/arrow_grey.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9E) /
Resource Hash: d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:40 GMT
content-encoding: gzip
x-amz-version-id: xvWQ2m3sdbfn_7tiBj4ob78SzYdaK8j7
age: 67591
x-amz-request-id: N08SFKCD1K4RAF2M
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 237
x-amz-id-2: yr73izF1a+k9oQG0HXplbA5peqUoJseG9dYcQ/Ep/1o1nIqtHEJPLujMuuP1mBJ5a+eJnrRU/+U=
last-modified: Fri, 09 Sep 2022 14:03:58 GMT
server: ECS (amb/6B9E)
etag: "7744a5e73070172a2534ddcbd966d020+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Fri, 15 Dec 2023 17:24:40 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 62C6 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BAKBPVzp7ZfD4HJbVjuwP79-7mAsAAAAAOAHgBAI&bg=!jY6ljsHNAAY3kmNgF5I7ADQBe5WfOIaer2Ijchzvcye7LH6nTN9hZiI_xx-17-RpWC1p_-xUwA_t2yI6zsGbbS2C4kv7AgAAAIRSAAAAA2gBB5kDQz-dPf3PoXDQcfNQ1E-b8sIvz59obu4eQIV9zsGteliOATAYe8lZUgHP2ZmfCb2hbRg8bJn1n2j-VXyTWeWyuIA-glFZNTxsLGvovKpfNXx9R0iTA1qRozNFKzpNXu3TdneWDgsM1G9Ok4h5AnGB4O2dziuTG18wrrrWBWS0QexdgNEl3lZ1WbMr7nZx7_b-y5NgOw8yYKOPu1K_Vlop0oHM20el6s4G3WFGGzBIw8NM7WkJ4tXyF9m6ltL2yXMvfz8ftSJSGM6FDWqUC--CVQGxu57I3kwcI_5AuR4o3QpTnAyVqtJ0LGom791kMTWACVGA_DuOjRze7VU0O0ssZEFKT_s_eyZ2-msr_4LdL76RKb0ZartT88lzMT_J6XiJqY_fVKUlg6NxuSBdPSPEPidh_QYcCagMqgtTGEdTVjX9TrA-wsTTVrzkZXWeSi6km2cGtggY1W7CMtJ829qiPEaETlIdRrM2KbDlWU1aa9ELLY45G1hGQK4yt-i0rJASDzud0PJbRhQ9bEp9LmWEZsK7MlOW-iUVUxQ_jAoSsi31h7StEmohutpcFJD85gTqda9QW_am0f69Fsg9JePflDHsskKB-wlbAS9qejbWF7UE23vm-V1u7FRgyzbut_oV8r6lffHynUUvh0vohNKkSel5Q8ImaQw4nw1hfZEvMcp0jh0ecMXfu5bJRRAi2kKsk0HJ9z-VnbqyLS3BV9xyED0EVF2i8lCRQ0dnouAZngyqCboMZTi6WFNY7VuFlsN-CKkGPlksSoPCL22nNQjgPQu9ZxWytEIvZFJSZ8CxUrhTurDcbCXuUO0ErCjca_-Jj5vffFEJKjzW1JjfeRmhR2wD2WdAWezKMo6KjUZ6xi7mgc52myk3lkLKIYP2iAH9TebKfVV1fcyr6mgQA87r8L6yXiy2_muh9YVUD0VIq-HfNhEI5A3G4dJWjzEeWX_vYNVtnN3aNgs14n6aR4-7RoOfsYkc44pGBRO804r5AYVVhJ0aZ8fNW7qbLtXH4gohDekKv7-xCqRQZWvZ1gOg3thO1ZXUYTXCnlFTTKtAgpzq83b7T9bcqbsP7GOs-zercAWS0fZmgi2RAncSjp3BAb2bqgY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1000
pix.revjet.com/interaction/ Frame E31A 43 B
169 B 25ms
25ms Image
image/gif 5.9.20.98
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/1000?__ads=f9e83d385c26f9b2ca0b19a6fd06084e&__adt=8240602519349000300&__ade=1&vid=5077254444947335187&__clstampdif=151&__stamp=1702574680298
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.9.20.98 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.98.20.9.5.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 14 Dec 2023 17:24:40 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 200744105_uc
cdn.revjet.com/s3/csp/1702543806647/ Frame E31A 48 KB
49 KB 15ms
14ms Image
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1702543806647/200744105_uc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB3) /
Resource Hash: fcdf76efe4b8ffe7e4a8cbc48251210604e5da35e849f9f621a24910a52e305f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 17:24:40 GMT
x-amz-version-id: OFUW._ysQ4yXpupcsQnhMbBsc1idupM_
age: 30805
x-amz-request-id: QK9S3QBAG6WK8X10
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 49411
x-amz-id-2: xmUmx06yENAPhwbjp6QWRVuAweiMHhRp03fz9e3bbdNlfZHfSbz8fIt8Sf6ZwzBiaGTBNb4pgZg=
last-modified: Thu, 14 Dec 2023 08:50:07 GMT
server: ECS (amb/6BB3)
etag: "826f5a45f7835ab7426f9b3aba044847"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Fri, 15 Dec 2023 17:24:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=19711171357389&bg=!IyClIG_NAAY3kmNgF5I7ADQBe5WfODeKTkKu0l2bJgUfa2Vd4cTNzs6Ok8b-kL9eejef3cE_DQHbfHK34dm03EuHW9-FAgAAAN5SAAAABGgBB5kDCUu1TBHNTsxsFvtCwXrFNKCOCsPIkLpVJrH_aghROu7uM-Fl-ECb2BWIwL3Kp7ctGZtvVqYkoQ2MIAYlftJ97YmLQsfVaADgrkEvdlkJJwsqSXd405wDVvp2qyhi9KCjlqfsyFVnQp59P6esY34OjXSi0AXlHucboPnoSADsgkGs1eFmyztBceTqYP_5X4a15F7tYOdD8DwuzALQsyOwclOKf8iXeRftfg-7tXNncQmeNFF-_WvVOi8Nx0HG_Hct5o44zh3Pz28L6ENBHjYiL9LkV7vdioBdqhTDGIIz_FovOZawKgp2mAAIOdWHZFhkysTSOH_OlxoJmQIH-uZCEA89IHja1dqzynbFOYtmOGVW-PDuFtKUI699E6m7nUylZWzzinohHc4YVJLABksDXB7oRKPA68UeBkiIwmPQsJu9VAMJsEZdOj_iYeoEfHpNxXwIwaCvXrpGr3xe_FPvrqn-DrMaImKi8Coz-icEPoJXZusarLKT5qJIcvyNfYUIhd6SgAU-2cfv4gGaKmWpSn1dn-lvJVVhYHyzf4cQR4-rW4s_PhgA6p8w-O2w54mSLLnLxLcr0WmWOqvkXZaGPRzJqdmUYGLueSIAPiXdgsNKkmxe2uyePOFl23flB-1UtbYS7uVEkkR8OFmZW9XulumX0AK3Y1MxwU9xyAWbvXrNFeumXI3TL9zGv0zU_1WXpcqEqbPIBBLju43K-ZJzNzCya6XP9V4Y_9gCTHeMtzr9bodSWR51kUOsW0m2lFM1NEJbJSxU9XsdRXxmK0u2WJGZVRm5KsR6WlfBfm8cZ5tdtPt9pkmCiT4pTeJ8S6ilje1yWKXH3hKG-1i4qznpo-oKmIlg4gsnyyKHrUlTlNqZVo-pr99R5gcKppeGh2ZMYklJ3FT9LHEu2WF3FxzK51z_b9MORs-MbEjmUlVac49vysN86KOGw0vo1eJ6iC6ZIfb4Kt9UaSVE54IwkjXqEIBwXll-FYmnmh-5wSEbqM3MtwtBykaZICp7p-wds57Lj6jUdKUGkchAZw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hairpro.htgetrid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3DCA 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviGLUvG9-erDiYpCagF4aYiA094CUG5twhZqo0x-nTRjayKVtthxKt6RZ6nLLRjzz_-_xSgEmuyC8WuabHluGW4RR-aK0W0xrhMuy8-9QnlPf_zyYDhPx2xR1lnBNG-chrOjE1UaOs9Z5xLUE_bU-V8svc&sai=AMfl-YSGmmxcSF3OjoRVTxcJLyzykka2ckB9F8y2FklihtlE5XAL3RRVUUAl1fkg1USREyLk_Agn8wIf-02lWBvU-dsJ0H8Z3c4VqP27P1RdtH2iU6jz7Szc0Xk4L8QyVJamJxmuqz_0bi0vi_dYw5yZOA&sig=Cg0ArKJSzFygRXbYuF2MEAE&cid=CAQSTwAvHhf_GMHkOPKLol61ssHT5rCVgiX0ZLMl0tOXbtIkiSp8RABGoEg47eQoJ0l8fsjev1rcll3YeL8kQ7SzArngy4Oc4bG3TKfWGN8l6pEYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702574679173&rpt=372&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 14B4 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstW_5m8y2zvHFN2Us3IH5R91pHUp3Ijr9_DjKulWj5fRT1LT_tij5kQvGidgTARVDVFwgLyVOFhfFclP6Tu4SfW38exo-7aKreHsXppY_zTtQvL0i_ExVpYo_PpzViVMyqwC9w28ayOAQW92PT4FWLjZP1m&sai=AMfl-YSSoXR64iuTmqJG06_bKtHCadi45efNZsjBt28kS4wcbQg2n889uNN1-lh5fPEyXAlRIbrCjsEv-g7dISmkpomSOxNft978asHR_Wi4ObRCsD5dRtKqa-GeFNmTjUhdMNZz6_w09lRflOt9Sil4yw&sig=Cg0ArKJSzFSQyfxJSfFYEAE&cid=CAQSTwAvHhf_GMHkOPKLol61ssHT5rCVgiX0ZLMl0tOXbtIkiSp8RABGoEg47eQoJ0l8fsjev1rcll3YeL8kQ7SzArngy4Oc4bG3TKfWGN8l6pEYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702574679205&rpt=389&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9BB7 42 B
64 B 59ms
58ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvg6VwNErYM-i8d_DWi2mfT7coV2hTVZmW2z4w6pJbsQiCdJzSdOu92plVgj7Rh0QCLehU54oRVr4Wi5-pGTK6ki-FvA5g97HjMDXcwI4_bAOr6T-1KvtoWxh5-3hE-3mHMDoShpVDtO3op1H7wsiUtEmEj&sai=AMfl-YSyfyjfBXJFzkrA0IX6GoHK4M4iND6g8B2Ab-BiT9VUWCYmxYnE-HPVX6QKqwTsHSqgrgf54Wxz0V1omoR46gbBkCCDqJW_vTfAO4FJXBy3Swbn777hEcuMH6GyHx8_quzbiPIKHcuLZ-O_tvnUUg&sig=Cg0ArKJSzGxlxvuR1EwxEAE&cid=CAQSTwAvHhf_GMHkOPKLol61ssHT5rCVgiX0ZLMl0tOXbtIkiSp8RABGoEg47eQoJ0l8fsjev1rcll3YeL8kQ7SzArngy4Oc4bG3TKfWGN8l6pEYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=670,1000,1000,1000,1000&tos=670,330,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702574679237&rpt=567&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9BB7 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2945940663744&version=m202309260101&ct=77&x=1&cor=1896816981111157800

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 17:24:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 900
pix.revjet.com/interaction/ Frame E31A 43 B
169 B 25ms
25ms Image
image/gif 5.9.20.98
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/900?__ads=f9e83d385c26f9b2ca0b19a6fd06084e&vid=5077254444947335187&__adt=8240602519349000300&__ade=1&latent=0&vis_type=8&__stamp=1702574681333
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.9.20.98 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.98.20.9.5.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 14 Dec 2023 17:24:41 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-21 02:17:50	Name: IDE Value: AHWqTUlAVZ2hTcYlRXtK3LHKzs_OFoFG26ehgSTfGNDKiFT6ZlwMpw8KeMH0icre
.htgetrid.com/	1970-01-21 02:17:50	Name: __gads Value: ID=88427cc997ebe028:T=1702574677:RT=1702574677:S=ALNI_MadJcC3cGOOUnBYhig1LYEsQSngnw
.htgetrid.com/	1970-01-21 02:17:50	Name: __gpi Value: UID=00000d1a20a882ac:T=1702574677:RT=1702574677:S=ALNI_MZf9m0nAJt0IJWkj5Zxdf27OT75NA
.casalemedia.com/	1970-01-20 19:05:50	Name: CMPS Value: 2190
.casalemedia.com/	1970-01-21 01:41:50	Name: CMID Value: ZXs6V4Oqc0EjDrPCOsIlkAAA
.casalemedia.com/	1970-01-20 19:05:50	Name: CMPRO Value: 5186
.adnxs.com/	1970-01-20 19:05:50	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVUoo!-V!]tbPl1M>e)ZlrFUfJ+tGXxoH[I7imAc%+dC@6p2:>@hP:XKd4Nacv6Hh]5=3If)y3KL9D3I?-0?Ed>q
.adnxs.com/	1970-01-20 19:05:50	Name: uuid2 Value: 4640393419787304824
.doubleclick.net/	1970-01-20 21:15:26	Name: APC Value: AfxxVi73fDEvIiWPCIJiAG7yayqBcxNdGLs0mqLJnraqKQxmhk7ILA
.doubleclick.net/	1970-01-20 17:39:26	Name: ar_debug Value: 1
.revjet.com/	1970-01-21 02:32:14	Name: trx Value: 5077254444947335187
.revjet.com/	1970-01-20 16:57:41	Name: ads Value: f9e83d385c26f9b2ca0b19a6fd06084e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.revjet.com
cdn.revjet.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hairpro-nl.cosmetius.com
hairpro.decorexpro.com
hairpro.htgetrid.com
ib.adnxs.com
pagead2.googlesyndication.com
pix.revjet.com
s0.2mdn.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
136.243.107.93
142.250.185.194
142.250.186.70
172.64.151.101
192.229.233.6
2a00:1450:4001:801::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:831::2001
2a00:1450:4001:831::2006
37.252.171.52
5.9.20.98
78.46.60.166
88.99.160.30
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02d7cc078e8c3cff7ec972abe528bc397bc3767c058fe7ff202bfcde2f530c03
039705c988e4e52c295979e7bdff8f1ae13306b4b5255961b77017f3c101abe7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
17fc43950bcc406cb05fb683271f066b945a29eafeb8822ef0e578e0e129a707
1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea
1d2eb8c4e15fce6cf85e9c0a10269d1f415443959801787fa501ab0588aceae7
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
247948bbcd986eaade25b655ae26fd09a2a0268464cb1b1009c42881554ed6eb
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3159b8797a512ad0de00a4efece97d17bf822945796b3095a473b4b5d0dc1242
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33fcdd63ba302261b1b673c18d66d475ffec1b45e3a1283940d0cd7a45c7694a
36b262ea8621d30c71871e22f68abf1a06ebca4111c118a188c947dc3157ed56
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3e1406c94587637a7460b7a2089dc1db426ce759c728f4a5479215e1f9360a8b
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
471ab3abf9b99c0a4f65ba92150491569040436107025d6922e0279c481a7118
489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6
4bbdf408f0b893df64dacdf89f9f0c0825dabbc0534b89adeaffea5fe5f9091d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
51823b8f4a2ffdedcbd17ac8d94abebd42ca65f4f6e45c6231a4a80a9fa536c9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
584dd9e6a69304d13daa328f3825675db43850b48f48f4fe71cf20688e06dc95
5b22306fae9921c106cc34a41e47559ea06ba31933f7e21999fba0c745102cbc
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c310167e5f8fb24da40ec04a43ea8e7f447fabe03ef6ca9547cc0026259a287
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c
6d290767004d37ff57529c55b2d8499f719b4af8df1c4fc3b346120b9e88fc07
6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35
6e685d5e6ac31c8c38c3b98001be8674ea467aa128aaf6753785ea490084eafd
7107515bd0443a5509bc88dbc0456ef4e3112a1a21ee12ed487c81e2218f13d7
71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7
7cb228b46f580b4f501241c58ad060cc8354a6ea727a1a2550b627ba8f031204
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
874ef593202d2a4b9e4abbb7ee1d9750a23bf35cf56fe852ca08b8fb003dfa3e
8773adb3c20975f4ebbe3aedc367ac932f8a35ca92c5944cd9198d1af9ac2295
889e1fd1a3f097107db678583706b2fdeb32db2d40dcff2fd9cc3cabcdededd4
8d4efbcfa6d3963bfda55a12a16401242b4ea64d6200fff360b0a7f7da5ba060
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
987b2a7b2b2486f3fddea6609dca2853f0d9f233ef009bc2e5c08ebc61bd7b67
98f42f13fe5bd7e4accc8da04e1d0a3e8d027a24795e2c3e67591309f2a7686e
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9d7c9042eb5f1e10202111ceec2f0d6ca78eb90482f5f622118bd66945b0418e
9e433a32229ae663c8e7b6a82978d74bb82928c91917643bd125888b1d124bd2
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a081e94d04b397653c1c7ce050e299ef74cfb562ea483b74b77361aefad0a00b
a84cdeb7f68965ffd3d070362b05d03ee9c19e6a5de627c3290026de184933d7
abc9aeaa8c7694de9c6f4ef7425d0f026ee470c7b00154be6bbc915e95b60518
b06a5d272de6f4e0ba3f8db8338da394f8716987f7a7e764a22b6e903c0f94cf
b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b28846e755fecc758d404bf5430ed411367760c45e38f00e6429b772e6a8c22e
b2e149a6c443e8dadffb47df9bf6c703602a1219e768d5ccdd85eef5046e1ecb
b614d5bf830bdbdf1155d376072e04f908f23888b77559d43b1ad3f23c56f104
b7f0cc803c464c88fa7b5587050f85b6a10099f483699d871a09e7dba585f5ef
bab6ae0a4c6a9a815518d305531a595d2f765bdf0f6acd075802f63b463131c8
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966
c3958950542c3d4350757a80f8b16785b6b72aafcccaa6deca82bb70b8be692e
c485d0a15af6264c129baf951dff3beb78d75d810ce771029566efcf5d484a91
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c67abd432e1f1cffa025a2455bf9c8afb936e5b469f3502b5a6fe3e25772e4c3
c6c216f05e7f5e9f88aa8dc3a7c188be9c284fc7d9cec6e1a991248a5170764a
c8a65435de1d6f8d40fd3c0ad0e5275616e3f76deaad471d781c4fa888885c7b
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532
d1ecfbfca192440b94869b5a228d2510e6d3682b655e4ed0db0a4fc9c38b48c5
d457e9067c177b832987c11179d30322b26f2f97dcc4aa74092adc712460c862
da8c721c1794521b4aa533d121013ccb31a95f34a4ed7c0f6e70e6ea9ef3de29
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
dbfce92b7e7ccbb7dfff7918f676db17c79ec95428060eab736632c6344f1f50
dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02
df5cc1589afbeceb461f4cc0fd62fbb5bb9602f2736854ff8c049ff6cc06ba1e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f277aab1ce341d0e445551c855531e0bcb64151a6d35d321f3b87a0dc451044a
f36c655de207a3452a813cf6ae4ec6efdd18d5fd0696b005eb200920fcb10bd5
f3af167a9eb7b67234eb7e3c03513693aba4fc4662bd09540103baad33ffdfd6
f3e3e61ffa92152c0e0663c917b4a96c43cd275c51ed795dda3978718c68e52c
f552e3124d94c2f8d05b34861297dbc22c12e600f9253584f3c488fd0166adcc
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
fcdf76efe4b8ffe7e4a8cbc48251210604e5da35e849f9f621a24910a52e305f

hairpro.htgetrid.com Open in urlscan Pro 88.99.160.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

149 Requests

91 %HTTPS

50 %IPv6

13 Domains

19 Subdomains

18 IPs

2 Countries

3472 kBTransfer

5959 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hairpro.htgetrid.com Open in urlscan Pro
88.99.160.30 Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

91 %
HTTPS

50 %
IPv6

13
Domains

19
Subdomains

18
IPs

2
Countries

3472 kB
Transfer

5959 kB
Size

12
Cookies

149 HTTP transactions
3 data transactions