batstractor.all.biz Open in urlscan Pro
94.75.248.129 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://batstractor.all.biz/
Effective URL:
https://batstractor.all.biz/
Submission: On December 23 via api (December 23rd 2022, 3:05:08 am UTC) from US — Scanned from NL

Summary HTTP 137 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 27 IPs in 7 countries across 14 domains to perform 137 HTTP transactions. The main IP is 94.75.248.129, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is batstractor.all.biz.
TLS certificate: Issued by R3 on November 7th 2022. Valid for: 3 months.

This is the only time batstractor.all.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	94.75.248.129 94.75.248.129	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
26	2606:4700:303... 2606:4700:3035::ac43:da10	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1 3	195.209.108.49 195.209.108.49	52007 (ADRIVER-AS) (ADRIVER-AS)
14	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
2	23.111.96.36 23.111.96.36	39134 (UNITEDNET) (UNITEDNET)
1	188.42.149.180 188.42.149.180	39134 (UNITEDNET) (UNITEDNET)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:402... 2a00:1450:4025:401::9c	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:807::2003	15169 (GOOGLE) (GOOGLE)
6	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
16	2a02:2638:1::8 2a02:2638:1::8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::17 2a02:2638:1::17	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
137	27

2 94.75.248.129 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

batstractor.all.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700:3035::ac43:da10 (United States)

ASN13335 (CLOUDFLARENET, US)

s.all.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
md.all.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
count.all.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.all.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.209.108.49 (Russian Federation) 1 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.96.36 (Russian Federation)

ASN39134 (UNITEDNET, RU)

content.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.149.180 (Luxembourg)

ASN39134 (UNITEDNET, RU)

servers2.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4025:401::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	384 KB
28	all.biz 1 redirects batstractor.all.biz s.all.biz md.all.biz count.all.biz api.all.biz	2 MB
23	criteo.net static.criteo.net — Cisco Umbrella Rank: 637 pix.eu.criteo.net — Cisco Umbrella Rank: 7930 csm.eu.criteo.net — Cisco Umbrella Rank: 8005	402 KB
15	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 77	132 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	122 KB
7	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	adriver.ru 1 redirects ad.adriver.ru — Cisco Umbrella Rank: 19590 content.adriver.ru — Cisco Umbrella Rank: 33349 servers2.adriver.ru — Cisco Umbrella Rank: 129741	39 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	187 KB
4	google.nl adservice.google.nl — Cisco Umbrella Rank: 13489 www.google.nl — Cisco Umbrella Rank: 8983	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
3	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14173 ads.eu.criteo.com — Cisco Umbrella Rank: 7675 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9848	61 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9559	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 830	694 B
137	14

	Domain	Requested by
19	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	pix.eu.criteo.net	ads.eu.criteo.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
13	md.all.biz	batstractor.all.biz
12	pagead2.googlesyndication.com	batstractor.all.biz pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	s.all.biz	batstractor.all.biz s.all.biz
7	www.gstatic.com	googleads.g.doubleclick.net
6	static.criteo.net	ads.eu.criteo.com
5	www.google.com	2 redirects batstractor.all.biz tpc.googlesyndication.com
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
4	www.google-analytics.com	batstractor.all.biz www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
3	ad.adriver.ru	1 redirects batstractor.all.biz
2	www.google.nl	batstractor.all.biz
2	stats.g.doubleclick.net	www.google-analytics.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.nl	pagead2.googlesyndication.com
2	content.adriver.ru	ad.adriver.ru
2	counter.yadro.ru	1 redirects batstractor.all.biz
2	batstractor.all.biz	1 redirects
1	api.all.biz	s.all.biz
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	servers2.adriver.ru	ad.adriver.ru
1	count.all.biz	batstractor.all.biz
137	29

This site contains links to these domains. Also see Links.

Domain
md.all.biz
www.liveinternet.ru
all.biz
about.all.biz

Subject Issuer	Validity	Valid
all.biz R3	`2022-11-07` - `2023-02-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-22` - `2023-04-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-07` - `2023-03-12`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-22` - `2023-03-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-19` - `2023-03-24`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-01` - `2023-02-04`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://batstractor.all.biz/
Frame ID: 29FE276F2F544F15378B263068D19DB4
Requests: 53 HTTP requests in this frame

Frame: https://ad.adriver.ru/cgi-bin/erle.cgi?sid=130420&target=blank&bt=43&pz=0&tail256=unknown&sz=/batstractor/lng-ru/unknown&rnd=15234858&tuid=-4985701910
Frame ID: 523AADE69AC4E50F5C0E5EA7518C92CA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: F090D37343BCFB6DD099B0DE65F7F2B8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6030997613457848&output=html&adk=1812271804&adf=3025194257&lmt=1671764702&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fbatstractor.all.biz%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764702246&bpp=3&bdt=362&idt=214&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4866421144642&frm=20&pv=2&ga_vid=839697643.1671764702&ga_sid=1671764702&ga_hid=922729907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531848%2C31071277%2C44779794%2C44780792&oid=2&pvsid=942591905873660&tmod=943459021&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=240
Frame ID: AC1DD6CAA36D2D3D49816979865615FD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6030997613457848&output=html&h=600&slotname=7969440011&adk=120163721&adf=11028415&pi=t.ma~as.7969440011&w=300&lmt=1671764702&format=300x600&url=https%3A%2F%2Fbatstractor.all.biz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764702249&bpp=1&bdt=365&idt=242&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4866421144642&frm=20&pv=1&ga_vid=839697643.1671764702&ga_sid=1671764702&ga_hid=922729907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531848%2C31071277%2C44779794%2C44780792&oid=2&pvsid=942591905873660&tmod=943459021&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mGpwLytxO5&p=https%3A//batstractor.all.biz&dtd=246
Frame ID: 8C131870A7F1B7A973D83C80A37876FC
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6030997613457848&output=html&h=490&slotname=9779843710&adk=1327367211&adf=1789175765&pi=t.ma~as.9779843710&w=210&lmt=1671764702&rafmt=12&format=210x490&url=https%3A%2F%2Fbatstractor.all.biz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764702250&bpp=1&bdt=366&idt=249&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=4866421144642&frm=20&pv=1&ga_vid=839697643.1671764702&ga_sid=1671764702&ga_hid=922729907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=655&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531848%2C31071277%2C44779794%2C44780792&oid=2&pvsid=942591905873660&tmod=943459021&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pr3NuPXSD0&p=https%3A//batstractor.all.biz&dtd=252
Frame ID: A83EF87CDDCE0B0F3524939C17B1F0BD
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6030997613457848&output=html&h=280&slotname=4679170329&adk=1351908506&adf=1274559115&pi=t.ma~as.4679170329&w=1200&fwrn=4&fwrnh=100&lmt=1671764702&rafmt=1&format=1200x280&url=https%3A%2F%2Fbatstractor.all.biz%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764702251&bpp=1&bdt=367&idt=253&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C210x490&nras=1&correlator=4866421144642&frm=20&pv=1&ga_vid=839697643.1671764702&ga_sid=1671764702&ga_hid=922729907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531848%2C31071277%2C44779794%2C44780792&oid=2&pvsid=942591905873660&tmod=943459021&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=6ajAxsbO4l&p=https%3A//batstractor.all.biz&dtd=256
Frame ID: C1A54145D8894A6FDE035BC738FF88BA
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6Ua3gAJnxEIu8cdAAZkjN2kRM8UrXHp3rvv9w&u=%7CJ4AttFVqD9AczdOAi%2B%2BeH8RnUTzuNZZmIuSikklwPsE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wDnaYjQBoqIkt17YFGJRPtSge7eLCqhbh0idQwsFRBB2L3LLR9Ixgu62bDVW2Ic24yaau4T23Pup7rAYgoBPfbMFGPXu2Mpy9VWNC_agi0UeNNV07lfMwoev8RD_aOXYI3zZctFP3e9s4SkYBypGU6Ls0ErIBzIGH6mrPw-6SFiRrVeXdxWpKdLTgAam-qNWWmMgXJpHfnyTaMsjGk6S7I8ao6zlLYaCDgb16_yzAL6Z9CeszS0MwlR272TSG-6RODJrRXX2J3ri-EvM1wWqcTMcFrcKSCf7iPKvZroR5s7B7DqOF15M46rTFuIq8ipHYDVGIV7pnSraZbyxmBwCLYffnci_0aNAthUQjZ_YYqmL53e_ZUm4pcYHQqmvWNfneOBSaA_ezpIkJr_WQjg8OwTtwbCIZ1grHCdXdBASdNkgZ2Z1NBBfctN0c-8uv8JacTJ9WJcbHOPPlC0U6oD2WSkNtCbOaAKuzoeMMCGet22paOfrifAMFUjTDgN0BxFfV1dhHl8fDIkLtMJwgKXHeCj8WpK8834P9q0bfwkd1Poo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_3Zs3hqlY5G-Jp2O7_UPjMmZsA3JntKxXLWY49aTAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi02MDMwOTk3NjEzNDU3ODQ4yAEJqQJGBtdv48ixPqgDAaoEzQFP0EG9rsBxgY3ax2Fun_z81BeRESFBrM1BpgKtOfrTW1Epja68zvixP-36R7sf3oZtuLJNKh5_npP7SaM6OQSJLQ6OWEA1SBLImbgCGkmM040na79_u6J9xwLCF9IeAuQYosSW1r7S5gshIMZPP-HATmgzDWL5lwyFYQvH59clvbIC0F6Z-mvUA0PSXUGGh6FbCIiTHoB1iWPt1p_dvTRgQYCc41HAFHAqUC8fy7LFT5NrVPpRZD89tCfERuqIim7OYQgQ8jVOgyZS0ZL6gAam4uH_1sCKtYgBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3yAmbAvsxdj8kv4pk_Iepq2s4arA%26client%3Dca-pub-6030997613457848%26adurl%3D
Frame ID: 52451A4EFBDE2CBB6BBC251F762B7EB9
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 44A6002CDD7A885779099E266E3B1311
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B66374A805C6B1FBC3CED8BF1B0DBB6F
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: AB81AB69E37F66A82981C618B27A5C79
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: 39B3ACA8ABCB6CDDB58656737E76B20D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7DA826847D21F6FAD4CE8FA734793605
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: 388E5E6B4B085C7994D082ED6F1E0E06
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: D4414C0E772D9FF277C2656CAB1E4ABB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5B9A8E322A701E0A5E92D03C65C83105
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 95B6C5BB9D3631B89F9713125ED71D8F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BATSTRACTOR, SRL на Allbiz - Томай (Молдова) - Товары и услуги компании BATSTRACTOR, SRL

Page URL History Show full URLs

http://batstractor.all.biz/ HTTP 301
https://batstractor.all.biz/ Page URL

Detected technologies

AdRiver (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Liveinternet (Analytics) Expand

Overall confidence: 100%
Detected patterns

<script[^<>]*>[^]{0,128}?src\s*=\s*['"]//counter\.yadro\.ru/hit(?:;\S+)?\?(?:t\d+\.\d+;)?r

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

137
Requests

99 %
HTTPS

77 %
IPv6

14
Domains

29
Subdomains

27
IPs

7
Countries

3698 kB
Transfer

5892 kB
Size

18
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://md.all.biz/
Title: Allbiz

Search URL Search Domain Scan URL

URL: https://md.all.biz/reviews-list6751
Title: Отзывов: 10

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/rating/industry/

Search URL Search Domain Scan URL

URL: https://all.biz/

Search URL Search Domain Scan URL

URL: https://about.all.biz/feedback
Title: Сообщить о нарушении

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://batstractor.all.biz/ HTTP 301
https://batstractor.all.biz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://counter.yadro.ru/hit;all-biz?r;s1600*1200*24;uhttps%3A//batstractor.all.biz/;h;0.4729880278849281 HTTP 302
https://counter.yadro.ru/hit;all-biz?q;r;s1600*1200*24;uhttps%3A//batstractor.all.biz/;h;0.4729880278849281

Request Chain 27

https://ad.adriver.ru/cgi-bin/erle.cgi?sid=130420&target=blank&bt=43&pz=0&tail256=unknown&sz=/batstractor/lng-ru/unknown&rnd=15234858 HTTP 302
https://ad.adriver.ru/cgi-bin/erle.cgi?sid=130420&target=blank&bt=43&pz=0&tail256=unknown&sz=/batstractor/lng-ru/unknown&rnd=15234858&tuid=-4985701910

Request Chain 116

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 128

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

137 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
batstractor.all.biz/
Redirect Chain

http://batstractor.all.biz/
https://batstractor.all.biz/

84 KB
18 KB

303ms
250ms

Document
text/html

94.75.248.129
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://batstractor.all.biz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.75.248.129 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4e9e38030580c4b658dc25dc26230fb5e20042da06ded2cbdae886d95f3fe282

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 23 Dec 2022 03:05:01 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

Connection: close
Content-Type: text/html; charset=utf-8
Date: Fri, 23 Dec 2022 03:05:01 GMT
Location: https://batstractor.all.biz/
Server: nginx
Transfer-Encoding: chunked

GET
H2 200 compiled_default.css
s.all.biz/public/css/minisites/ 156 KB
30 KB 132ms
42ms Stylesheet
text/css 2606:4700:3035::ac43:da10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.all.biz/public/css/minisites/compiled_default.css?v=46555
Requested by: Host: batstractor.all.biz
URL: https://batstractor.all.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:da10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab8cec541fe623ae88436b67bf5879bfe43dc40490c5308c2bc2496cb2d08709

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 226360
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 08 Jun 2021 11:41:13 GMT
server: cloudflare
etag: W/"60bf5759-26eba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VNKNyVCBtia3byL8EOJ%2F6pm7p3KLWoCkHpPNfv5YDnYEoCiN4gXFptlWKALS3kitdzqSUrH4MaKGC2Z5vHZ7%2Bd2PMahx062To2ktDVqLvcDgjg3AyR5uRS12VgYZRtpy3qbZGC8a49Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 77dddf8b880bbbf5-FRA
expires: Fri, 30 Dec 2022 11:12:25 GMT

GET
H2 200 compiled_free.css
s.all.biz/public/css/minisites/ 41 KB
9 KB 141ms
51ms Stylesheet
text/css 2606:4700:3035::ac43:da10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.all.biz/public/css/minisites/compiled_free.css?v=46555
Requested by: Host: batstractor.all.biz
URL: https://batstractor.all.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:da10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0314902cd0c28fa09092704d3725650c564251e148cf13dcf2cc0c6e717bd76c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 225096
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 08 Jun 2021 11:41:16 GMT
server: cloudflare
etag: W/"60bf575c-a4dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMHk2kbdAGnDWL9%2Bo23lAXdrotCAoTlqkDp6S0aPEwDhY0RIeGl1T4NftPN68F5GJmJGWjOzDolx2sNukd%2Fa3espFU0LOb11DkHIohJEGhZQB2Ii3Qpzn%2BxcbKR7nDyVhigSazbRrEs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 77dddf8b880cbbf5-FRA
expires: Fri, 30 Dec 2022 11:33:29 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 126ms
51ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: batstractor.all.biz
URL: https://batstractor.all.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a4e1b06d7d315d0b271772be66033929e3c81444b8ce8a2bd1588cd219ffbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49450
x-xss-protection: 0
server: cafe
etag: 6863275918834057064
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 23 Dec 2022 03:05:02 GMT

GET
H2 200 preloader-dark.gif
s.all.biz/__tmp/domain_allbiz_mobile/img/ 28 KB
29 KB 40ms
38ms Image
image/gif 2606:4700:3035::ac43:da10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.all.biz/__tmp/domain_allbiz_mobile/img/preloader-dark.gif
Requested by: Host: batstractor.all.biz
URL: https://batstractor.all.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:da10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26aae688f9b00e9b3545dc3e6520836989a72f4b48552720a6250dd32dc80740

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 346462
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28834
last-modified: Tue, 08 Jun 2021 11:41:03 GMT
server: cloudflare
etag: "60bf574f-70a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KN9qsq%2BhZgzybAbeL6WX6MqfsGUJmrhH77%2BxSdBI%2FHvLliTzQd%2F0fSeWzoAZQzXZ0LfS%2FyZeSM%2FVDQJvFiv4mF40ymkWtFP70gJGSGGv2PYdk6LlhFpLFpeyKz7lafn5HZMojbHWWhw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77dddf8bf88cbbf5-FRA
expires: Thu, 29 Dec 2022 01:50:43 GMT

GET
H2 200 191638.jpeg
md.all.biz/img/md/catalog/middle/ 81 KB
81 KB 93ms
76ms Image
image/jpeg 2606:4700:3035::ac43:da10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://md.all.biz/img/md/catalog/middle/191638.jpeg
Requested by: Host: batstractor.all.biz
URL: https://batstractor.all.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:da10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 276a14e327c7469f8a88475d92adca19c1480045d6eede20a412db0afc93399f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 14 Nov 2016 07:33:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "582968c9-14386"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7bUwchKdyoWXzh7S3kbuphSgXx1PuUUIaNgI56PbQxhjjA5sfDMUoVy4%2B7bL5p9MKwd6Xw5RXck6dbR1OGRRAqUxzFyRYMOQ9TCXQtjSdrHrl%2B8acK9ld%2Blu7gS5jCPJM6vt5r3D1i6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77dddf8c18b0bbf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 82822
expires: Fri, 23 Dec 2022 04:05:02 GMT

GET
H2 200 191639.png
md.all.biz/img/md/catalog/middle/ 53 KB
53 KB 158ms
142ms Image
image/png 2606:4700:3035::ac43:da10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://md.all.biz/img/md/catalog/middle/191639.png
Requested by: Host: batstractor.all.biz
URL: https://batstractor.all.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:da10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e679bece98d4fc1e2df889adbdf495a7463bd6dbc525c8b13faaa8f3d06d521

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
cf-cache-status: MISS
last-modified: Sun, 03 May 2020 07:50:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5eae77b6-d421"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAIbj6QFG1hXJtnnhu8ROyHbJteIONS9UIoH%2BnRcOU8Tj3XQI6NiA29gydxj59d7rUaEfXCmIs%2BjpNcZwyUbLAulTZavwy0swUpysIr0rC79hBfkHiHFu%2BnQphyj99OV3cPQVpB%2FNI2X"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77dddf8c18b4bbf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54305
expires: Fri, 23 Dec 2022 04:05:02 GMT

GET
H2 200 191642.jpeg
md.all.biz/img/md/catalog/middle/ 105 KB
106 KB 145ms
130ms Image
image/jpeg 2606:4700:3035::ac43:da10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://md.all.biz/img/md/catalog/middle/191642.jpeg
Requested by: Host: batstractor.all.biz
URL: https://batstractor.all.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:da10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c37fc77e26776c7e95ecd42988ab8262a1739ac3c3218655a0faa3e614afe72

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
cf-cache-status: MISS
last-modified: Tue, 28 Apr 2020 14:45:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5ea8418b-1a450"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jp%2FNv5A0kAtpt9ofpM3GejHHPmdR0ZR2r3NIixZXcuCHfNrWc%2BK5ZUDYAcSuZhCHBMeujYD3QpOfYszefCAi2VWUu%2Bd1HWoI99HZ0Oa5daZs7KaDXuSteOiqSjVddI2eN2Os%2FwOw29K5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77dddf8c18b2bbf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 107600
expires: Fri, 23 Dec 2022 04:05:02 GMT

GET
H2 200 191643.png
md.all.biz/img/md/catalog/middle/ 44 KB
45 KB 127ms
112ms Image
image/png 2606:4700:3035::ac43:da10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://md.all.biz/img/md/catalog/middle/191643.png
Requested by: Host: batstractor.all.biz
URL: https://batstractor.all.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:da10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcbe17f0efc34cd73263a16d825f7bdb2949dc96841a53bf79f6ed8b04c9961d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
cf-cache-status: MISS
last-modified: Tue, 28 Apr 2020 14:45:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5ea8418d-b05d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1LXijlG%2FKJUpUw5BZ4rYRPQ2n22HWzAVN%2Fg3gihJPAMT%2B6un81LeteuEsAZs5MrduFj43ZoPlhazCYo2FFyePk79W9Olj2OvZRKbTVXWiAH%2Bkvj81%2BGueDMw8dAPy7SbLJJxnyWSQh6D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77dddf8c18b1bbf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45149
expires: Fri, 23 Dec 2022 04:05:02 GMT

GET
H2 200 191644.png
md.all.biz/img/md/catalog/middle/ 58 KB
58 KB 132ms
117ms Image
image/png 2606:4700:3035::ac43:da10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://md.all.biz/img/md/catalog/middle/191644.png
Requested by: Host: batstractor.all.biz
URL: https://batstractor.all.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:da10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1b31d2c759b70feb323517763d42345c6ea668259d71eebd1383c7fcf71e162

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
cf-cache-status: MISS
last-modified: Tue, 09 Jul 2019 06:33:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d243521-e714"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W30FLnIy24ccqXSf0SgHaVi7eIyf309nMQh1ZNikuVXJXB%2BL1x9DHs08EOuQi8Fh9%2F5fedPBdXNhXriR0BWlIhc09XgPY49ybnq8oCEpACseN9gVmOBhHRSWH%2Btp%2BFCGlN9GbXKJWA8k"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77dddf8c18afbbf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59156
expires: Fri, 23 Dec 2022 04:05:02 GMT

GET
H2 200 191640.png
md.all.biz/img/md/catalog/middle/ 47 KB
48 KB 138ms
124ms Image
image/png 2606:4700:3035::ac43:da10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://md.all.biz/img/md/catalog/middle/191640.png
Requested by: Host: batstractor.all.biz
URL: https://batstractor.all.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:da10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e6f521e620cda671d13e0681e8839adb44dc03194e7b65e17386c4356938a9f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
cf-cache-status: MISS
last-modified: Thu, 19 May 2016 10:03:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "573d8f58-bdf2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7F%2Fxu6HiUXKPqDcZtrK3j13gNFJJmcFcFnjIqxnfuYTJz9wgCUv1dcvzJqMbhytxk%2BSWx7OwqEoLRRkoCSWw1kpySsK%2BFWxXe79XonbVlMnQMlQCyJU0z3VRedxbSB8MSyWq1dbNE%2FIN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77dddf8c18b3bbf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48626
expires: Fri, 23 Dec 2022 04:05:02 GMT

GET
H2 200 191641.png
md.all.biz/img/md/catalog/middle/ 31 KB
32 KB 92ms
91ms Image
image/png 2606:4700:3035::ac43:da10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://md.all.biz/img/md/catalog/middle/191641.png
Requested by: Host: batstractor.all.biz
URL: https://batstractor.all.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:da10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f13ada807d5ce9f911ee02becb1c05e269bbe720d4148bab9c81028d59ce8567

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
cf-cache-status: MISS
last-modified: Sun, 03 May 2020 07:50:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5eae77ba-7db4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYOlutlsAGDID3X1c7Z1VOH4eAFCB1RcuT902xvfjK8Ww%2B%2BfVXB%2BZzSp0FRqt00A7srTSW9Xws3zQUzF5BUJdYXRCkTtCmWwtH1kO4ONnN92Uo6i29%2BZRxh4ESI9da08JCQmNLPsi%2Fj1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77dddf8c8934bbf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32180
expires: Fri, 23 Dec 2022 04:05:02 GMT

GET
H3 200 191647.png
md.all.biz/img/md/catalog/middle/ 73 KB
73 KB 117ms
116ms Image
image/png 2606:4700:3035::ac43:da10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://md.all.biz/img/md/catalog/middle/191647.png
Requested by: Host: batstractor.all.biz
URL: https://batstractor.all.biz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:da10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029ea95a9e504865f0e8941363f6983fb2e0d3cd6e80018491d8c9040e4999fb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
cf-cache-status: MISS
last-modified: Fri, 11 Dec 2015 15:21:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "566ae9f2-1222e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rENd9%2B8BU83RgYtFMttYFdwZDCu4k7eB2Vru0J7MBWTB9zO1t9dTooMg2h8qFnet%2FPsE0Nx2C6q9OzkHkyNpCEZZrl24iOLDKXFFSKWMCUU3xdNtg4gv3CVdxJP5HrnDdPhw96oYU6io"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77dddf8caf629061-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74286
expires: Fri, 23 Dec 2022 04:05:02 GMT

GET
H3 200 191646.png
md.all.biz/img/md/catalog/middle/ 48 KB
49 KB 149ms
148ms Image
image/png 2606:4700:3035::ac43:da10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://md.all.biz/img/md/catalog/middle/191646.png
Requested by: Host: batstractor.all.biz
URL: https://batstractor.all.biz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:da10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35fd5ad90e430375a8e537f250ed4cd745722071da87ee0d75baa72bd4db4dc2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
cf-cache-status: MISS
last-modified: Fri, 11 Dec 2015 15:19:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "566ae98e-c083"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4bpF62fFMW3d%2F7pwCV7GxlFePYR%2BYcGuu5%2BGXlO6WYJ5D%2BUDB3UykWkBGmbGkNnd7qxQWjBUWFpuhEeWTKwDsE4BK6qskkPsLe88%2FoUyMR5ZhxiN%2F5gSTZAk5GPlTbCecVsSHP890bh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77dddf8caf639061-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49283
expires: Fri, 23 Dec 2022 04:05:02 GMT

GET
H3 200 191648.png
md.all.biz/img/md/catalog/middle/ 56 KB
57 KB 250ms
249ms Image
image/png 2606:4700:3035::ac43:da10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://md.all.biz/img/md/catalog/middle/191648.png
Requested by: Host: batstractor.all.biz
URL: https://batstractor.all.biz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:da10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91f914a631c40995b20b7d02b1ec35df7a31f6ae150656366795b4b5e13a91e0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
cf-cache-status: MISS
last-modified: Fri, 11 Dec 2015 15:22:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "566aea42-e040"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9jEicXTm29wNfoHNjmgpKySF%2BtCwNatvtNmc5mMV3udY4XPjYqid4qGItjuDuBqiI5yszm4%2F6wuAB8qU9leUVQpLUbh4tFEKI91Oo2eeTHbe7JrETaM50NzHw4Jn3wBJneRmd3L9FLx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77dddf8caf649061-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57408
expires: Fri, 23 Dec 2022 04:05:02 GMT

GET
H3 200 198052.jpg
md.all.biz/img/md/catalog/ 299 KB
299 KB 86ms
85ms Image
image/jpeg 2606:4700:3035::ac43:da10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://md.all.biz/img/md/catalog/198052.jpg
Requested by: Host: batstractor.all.biz
URL: https://batstractor.all.biz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:da10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ff398ca02067fe5eb8388fa7659923cf5929901175a3240498fe6e28511b626

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
cf-cache-status: MISS
last-modified: Mon, 07 Mar 2016 11:10:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "56dd618a-4aa72"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNhJC%2BGGOhvmpuyE%2B1enJW6DDNX9JrRnrgsmkTLT%2FaE94EYUb9RupALMBsHrGZr8pTL%2F9kdjew0lGZXPRNccNsXAPLJ5PmX1VRZ1RlX9TFr4%2FXHHZePkFRbls%2BMTNlhDBmxy4axzziui"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77dddf8caf669061-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 305778
expires: Fri, 23 Dec 2022 04:05:02 GMT

GET
H3 200 197659.png
md.all.biz/img/md/catalog/ 315 KB
316 KB 150ms
148ms Image
image/png 2606:4700:3035::ac43:da10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://md.all.biz/img/md/catalog/197659.png
Requested by: Host: batstractor.all.biz
URL: https://batstractor.all.biz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:da10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f672a16c823879b9e372843962018298f49963e15f42f8459374b897c661173b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
cf-cache-status: MISS
last-modified: Mon, 22 Feb 2016 13:53:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "56cb12d9-4ec8a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZu35MlvjFpmulnxO%2BoYaHWql6r%2Fle3xV8K%2BLDvOLUIfmC9AevPICl0O8YPOW4YkLYa04b8TTeUiFl2a3EDJ%2Bz2H16SQnLyEhkX6qXXtOSkE4lvw%2F%2FRUFaY4vXTtgwwMo6FJT7PXeK8U"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77dddf8caf679061-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 322698
expires: Fri, 23 Dec 2022 04:05:02 GMT

GET
H3 200 197975.png
md.all.biz/img/md/catalog/ 395 KB
396 KB 244ms
243ms Image
image/png 2606:4700:3035::ac43:da10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://md.all.biz/img/md/catalog/197975.png
Requested by: Host: batstractor.all.biz
URL: https://batstractor.all.biz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:da10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8cd375f8b6eedbd237accb2ffdc8287c0546076af16a9a272b2f4513ca2e9a8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
cf-cache-status: MISS
last-modified: Fri, 26 Feb 2016 18:59:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "56d0a09a-62c95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTaBg0awx4fUvPUXzMf5jMw7IqVEBDTffSTbn45atGX%2BeJIdkVw45jQQu5gjM%2BpYO4G3vAgJ68k4JxZT4I%2BHw0M9e12eocPgZRLa9f2nYRzhHy0BReYLYQm3YyqjgYJ5IYGCqTFcMb%2Bx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77dddf8caf689061-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 404629
expires: Fri, 23 Dec 2022 04:05:02 GMT

GET
H2 200 info-logo-yadro.png
s.all.biz/img/ 141 B
495 B 40ms
37ms Image
image/png 2606:4700:3035::ac43:da10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.all.biz/img/info-logo-yadro.png
Requested by: Host: batstractor.all.biz
URL: https://batstractor.all.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:da10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4759123e9756fadd07fd1c8bf1c2868d4978ab08634cdb323d680fdcada5202c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 278779
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 141
last-modified: Tue, 08 Jun 2021 11:41:11 GMT
server: cloudflare
etag: "60bf5757-8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBtDnvdb4hbAP2QfVBmOZCBCFdamlWTjobDwG9kSVS7oYdWJjot7bqP15RAcQCssUj4t82Jk%2BUUZ6n2HtEL6MrUePM3mJGgqcg0JyuhRBvg12PMtFQMSKn%2BiCQe%2Fjay3NhPW0nY%2F7N8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77dddf8c089fbbf5-FRA
expires: Thu, 29 Dec 2022 20:38:46 GMT

GET
H2 200 _ms_.js Show response
s.all.biz/compiled/minisite/js/minified/ 312 KB
91 KB 51ms
49ms Script
application/javascript 2606:4700:3035::ac43:da10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.all.biz/compiled/minisite/js/minified/_ms_.js?v=46555
Requested by: Host: batstractor.all.biz
URL: https://batstractor.all.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:da10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f900789cd4783dbd1f4e04bf0766182319701b645955ceacca2bc7d6ae6f6763

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 226360
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 19:22:24 GMT
server: cloudflare
etag: W/"630d11f0-4dec8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGi%2BsTELQUdN9irLx8230XXpSP3I5z%2BRBAAuVQdRlVLYlAsu%2F6MXtazs8dUsGi0Mw1doecEhxWO7y7hfOBtWjWLweCFugn9Y9npl3GmpredQ%2BRQ57Y82sl2MwDdlmKBvOKMYu%2B7VRBw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 77dddf8c08a1bbf5-FRA
expires: Fri, 30 Dec 2022 11:12:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 189ms
59ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: batstractor.all.biz
URL: https://batstractor.all.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 23 Dec 2022 01:50:44 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4458
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 23 Dec 2022 03:50:44 GMT

GET
H/1.1

200
OK

hit;all-biz
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;all-biz?r;s1600*1200*24;uhttps%3A//batstractor.all.biz/;h;0.4729880278849281
https://counter.yadro.ru/hit;all-biz?q;r;s1600*1200*24;uhttps%3A//batstractor.all.biz/;h;0.4729880278849281

43 B
528 B

65ms
65ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;all-biz?q;r;s1600*1200*24;uhttps%3A//batstractor.all.biz/;h;0.4729880278849281

Requested by

Host: batstractor.all.biz
URL: https://batstractor.all.biz/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 03:05:02 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Wed, 22 Dec 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 03:05:02 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit;all-biz?q;r;s1600*1200*24;uhttps%3A//batstractor.all.biz/;h;0.4729880278849281
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Wed, 22 Dec 2021 21:00:00 GMT

GET
H2 200 FontAwesome.css Show response
s.all.biz/__tmp/_global/css/fonts/ 168 KB
126 KB 191ms
121ms XHR
text/css 2606:4700:3035::ac43:da10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.all.biz/__tmp/_global/css/fonts/FontAwesome.css?v=
Requested by: Host: batstractor.all.biz
URL: https://batstractor.all.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:da10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a99fef4e3831ac4b1dafb60ff7ec0f3f60823197568e036cf1af2c914d0cf82a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 08 Jun 2021 11:40:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"60bf574a-2a1a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xuvk7Jj44DqWHjfCYMYLkqtGz4VuepAYyuWRSOloL12lZU4GVGvznLccHSFC7MFeWPt2%2F3Qdcl3fCBAfIczgQZNDL0uhw68TZ5SByaO0AGvQZXl8XFGb32KW0oeyK8Vbfnc9Kbk2PYs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 77dddf8b989792a7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 02 Jan 2023 02:05:05 GMT

GET
H2 200 Ubuntu.css Show response
s.all.biz/__tmp/_global/css/fonts/ 345 KB
260 KB 259ms
189ms XHR
text/css 2606:4700:3035::ac43:da10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.all.biz/__tmp/_global/css/fonts/Ubuntu.css?v=
Requested by: Host: batstractor.all.biz
URL: https://batstractor.all.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:da10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e99fdd17c91cbfd6a8252f73543838383e3561da7d4e7d6d2c3c2f37fb9040e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 08 Jun 2021 11:40:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"60bf574b-56584"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJ%2Fuu2C6Sm2kCgybWm6htyopUsdxor5TUUFXk7dOlopnUvKGvF95WjsArOK9Ibe520eajZ2unKZr0iCMnxrJkAGx7Uhh1LWcfLFpupzIgqyvxHQwGxU0YIHv%2FZ%2FHjxlxQuHXwXjy%2B2o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 77dddf8ba89992a7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 02 Jan 2023 02:05:05 GMT

GET
H3 200 flags_15.png
s.all.biz/__tmp/_global/img/flags/ 37 KB
38 KB 37ms
37ms Image
image/png 2606:4700:3035::ac43:da10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.all.biz/__tmp/_global/img/flags/flags_15.png
Requested by: Host: s.all.biz
URL: https://s.all.biz/public/css/minisites/compiled_default.css?v=46555
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:da10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0fd2d172ea8dd4c4210dcdb8db7b0eee77e84ddfd145d361e16ceee3ba05778

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s.all.biz/public/css/minisites/compiled_default.css?v=46555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 254504
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38314
last-modified: Tue, 08 Jun 2021 11:40:59 GMT
server: cloudflare
etag: "60bf574b-95aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Npw%2F9oCgZzmoguReB4pfA8izA3MsdCflmj1eeX0uhFPdvgpSCxCmaVGOPKND0uto8kKyPQtmA6fkZ1%2Fi8ii0pam5jeLJvybnwjsrzI8SiwA6Lte37hjmbUoAmgIzAjwkQ13femux3As%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77dddf8c2f0c9061-FRA
expires: Fri, 30 Dec 2022 03:23:21 GMT

GET
H3 200 cart_white.svg
s.all.biz/__tmp/_global/img/icons/ 926 B
1 KB 99ms
98ms Image
image/svg+xml 2606:4700:3035::ac43:da10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.all.biz/__tmp/_global/img/icons/cart_white.svg
Requested by: Host: s.all.biz
URL: https://s.all.biz/public/css/minisites/compiled_default.css?v=46555
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:da10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b741b5aeede27bc5d82c8e5af5a1d0209f705fc6b3b6351b5fbafe676ccc5c51

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s.all.biz/public/css/minisites/compiled_default.css?v=46555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 154007
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 08 Jun 2021 11:41:00 GMT
server: cloudflare
etag: W/"60bf574c-39e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLpq4bRWRSlJZvJpbuZ8zXG9BsmTwCvedvnzyEoxAMlO7TS8PeJAiYOy0Ga6bzTvj6mXvOkRaL965jlcH3aLVMq6osxXVTfDE%2FFJZgw%2F46%2BhldLaLQX5wtzuhvWiZbUcvYgcv7OH7TI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 77dddf8c2f0e9061-FRA
expires: Sat, 31 Dec 2022 07:18:18 GMT

GET
H3 200 user.svg
s.all.biz/__tmp/_global/img/icons/ 464 B
805 B 99ms
99ms Image
image/svg+xml 2606:4700:3035::ac43:da10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.all.biz/__tmp/_global/img/icons/user.svg
Requested by: Host: s.all.biz
URL: https://s.all.biz/public/css/minisites/compiled_default.css?v=46555
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:da10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d74ec61d048e0489f6c6c8a232a456736453a4b72ba6f3a89756df4e07d27fb5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s.all.biz/public/css/minisites/compiled_default.css?v=46555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 243635
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 08 Jun 2021 11:41:00 GMT
server: cloudflare
etag: W/"60bf574c-1d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDNR%2Bpv%2FLJ2Fl4m4zBoIPxnfUzPEloWgKmLDu9KAUssM3xyLLuc%2Ffs%2Fblbna9Jo2DLybbABQxz70zR2TQI1%2Bf844Q7XFsLzeqPNQjuPtDIQpGYGp5b2NnRpAocly3yWCecgixDBlxq4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 77dddf8c2f0f9061-FRA
expires: Fri, 30 Dec 2022 06:24:29 GMT

GET
H3 200 dialog.svg
s.all.biz/__tmp/_global/img/icons/ 255 B
726 B 100ms
99ms Image
image/svg+xml 2606:4700:3035::ac43:da10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.all.biz/__tmp/_global/img/icons/dialog.svg
Requested by: Host: s.all.biz
URL: https://s.all.biz/public/css/minisites/compiled_default.css?v=46555
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:da10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4a396e2046c9c92df3efa35fe1574914bfcf30836d6a08131903cab6a6457a3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s.all.biz/public/css/minisites/compiled_default.css?v=46555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 295622
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 08 Jun 2021 11:41:00 GMT
server: cloudflare
etag: W/"60bf574c-ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=av865e50dKF9KDX8IttMNSs9%2BHxO4W72WM%2BYaIcEeIuskme6IKzWbqgKzMCyDFrUYmFYNjVUN00Pi70FITPGrSrHcBmxLdkq9dZfWZsKouiA3UQP3DX%2BHX%2F%2FnPsE5EQm%2F9%2FAgOP%2BDAg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 77dddf8c2f119061-FRA
expires: Thu, 29 Dec 2022 15:58:03 GMT

GET
H/1.1

200
OK

erle.cgi Show response
ad.adriver.ru/cgi-bin/ Frame 523A
Redirect Chain

https://ad.adriver.ru/cgi-bin/erle.cgi?sid=130420&target=blank&bt=43&pz=0&tail256=unknown&sz=/batstractor/lng-ru/unknown&rnd=15234858
https://ad.adriver.ru/cgi-bin/erle.cgi?sid=130420&target=blank&bt=43&pz=0&tail256=unknown&sz=/batstractor/lng-ru/unknown&rnd=15234858&tuid=-4985701910

4 KB
5 KB

57ms
56ms

Script
application/x-javascript

195.209.108.49
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/erle.cgi?sid=130420&target=blank&bt=43&pz=0&tail256=unknown&sz=/batstractor/lng-ru/unknown&rnd=15234858&tuid=-4985701910
Requested by: Host: batstractor.all.biz
URL: https://batstractor.all.biz/
Protocol: HTTP/1.1
Server: 195.209.108.49 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: ea5deeec5b60816c8d44ee1be4b65d9654ed94d50ec87a7d6dbfb4063cba1e72

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 03:05:02 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Content-Type: application/x-javascript; charset=windows-1251
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Length: 4030
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 03:05:02 GMT
Transfer-Encoding: chunked
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Content-Type: text/html
Location: /cgi-bin/erle.cgi?sid=130420&target=blank&bt=43&pz=0&tail256=unknown&sz=/batstractor/lng-ru/unknown&rnd=15234858&tuid=-4985701910
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ent_counter
count.all.biz/ 921 B
1 KB 975ms
947ms Image
image/png 2606:4700:3035::ac43:da10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://count.all.biz/ent_counter?page_id=8&tld=6751&tsid=10046&resource=md&lng=ru&lng_id=1&size=210&reff=&rand=0.18574140747522794
Requested by: Host: batstractor.all.biz
URL: https://batstractor.all.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:da10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a03884b3e2f2c9a4989876b09d7b6a866ef13ee1cef56b99ffe94f8fe24aff74

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQjfgGIMZcb%2B6zVB4JTIXMfUW7HH%2BRNYQlsZI%2FcYneGmSd%2BPIq%2BILDxwN%2F9xZwH%2FTOr2iw2bEw7erDGzon7mOoPSDI0AbmlPf%2FVDZFgb9qnUsJjcdeLs0hGXc1ShOf3L1WD%2B8TNxQZleM%2BU0"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
cf-ray: 77dddf8c791dbbf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 126 KB
126 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc6de38dfc61e37edb39272ec2a797814fa52e96e79f28ac3f49c7be72946ddb

Request headers

Referer
Origin: https://batstractor.all.biz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/ 355 KB
117 KB 129ms
65ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6030997613457848&plah=batstractor.all.biz&bust=31071277

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c90f12c6181cfae274ea80394783919b2262c21c8ddd443f48bef54d60eed7e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119726
x-xss-protection: 0
server: cafe
etag: 2120167309549307923
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 23 Dec 2022 03:05:02 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame F090 10 KB
5 KB 170ms
45ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://batstractor.all.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 5193
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 01:38:29 GMT
etag: 10353107486223812946
expires: Fri, 06 Jan 2023 01:38:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 154ms
38ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=922729907&t=pageview&_s=1&dl=https%3A%2F%2Fbatstractor.all.biz%2F&ul=en-us&de=UTF-8&dt=BATSTRACTOR%2C%20SRL%20%D0%BD%D0%B0%20Allbiz%20-%20%D0%A2%D0%BE%D0%BC%D0%B0%D0%B9%20(%D0%9C%D0%BE%D0%BB%D0%B4%D0%BE%D0%B2%D0%B0)%20-%20%D0%A2%D0%BE%D0%B2%D0%B0%D1%80%D1%8B%20%D0%B8%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D0%B8%20BATSTRACTOR%2C%20SRL&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=2123849022&gjid=1097572626&cid=839697643.1671764702&tid=UA-1079634-3&_gid=1563142266.1671764702&_r=1&_slc=1&cg1=minisite_free&cg3=minisite&cg4=MDm&z=909016350

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://batstractor.all.biz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 03:05:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://batstractor.all.biz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 152ms
39ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=922729907&t=pageview&_s=1&dl=https%3A%2F%2Fbatstractor.all.biz%2F&ul=en-us&de=UTF-8&dt=BATSTRACTOR%2C%20SRL%20%D0%BD%D0%B0%20Allbiz%20-%20%D0%A2%D0%BE%D0%BC%D0%B0%D0%B9%20(%D0%9C%D0%BE%D0%BB%D0%B4%D0%BE%D0%B2%D0%B0)%20-%20%D0%A2%D0%BE%D0%B2%D0%B0%D1%80%D1%8B%20%D0%B8%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D0%B8%20BATSTRACTOR%2C%20SRL&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=288029455&gjid=42401410&cid=839697643.1671764702&tid=UA-1079634-7&_gid=1563142266.1671764702&_r=1&_slc=1&cg1=minisite_free&cg3=minisite&cg4=MDm&z=1176260432

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://batstractor.all.biz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 03:05:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://batstractor.all.biz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 150ms
39ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=922729907&t=pageview&_s=1&dl=https%3A%2F%2Fbatstractor.all.biz%2F&ul=en-us&de=UTF-8&dt=BATSTRACTOR%2C%20SRL%20%D0%BD%D0%B0%20Allbiz%20-%20%D0%A2%D0%BE%D0%BC%D0%B0%D0%B9%20(%D0%9C%D0%BE%D0%BB%D0%B4%D0%BE%D0%B2%D0%B0)%20-%20%D0%A2%D0%BE%D0%B2%D0%B0%D1%80%D1%8B%20%D0%B8%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D0%B8%20BATSTRACTOR%2C%20SRL&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=1748860058&gjid=1954707399&cid=839697643.1671764702&tid=UA-112935065-12&_gid=1563142266.1671764702&_r=1&_slc=1&z=1926623715

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://batstractor.all.biz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 03:05:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://batstractor.all.biz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AV.js Show response
content.adriver.ru/banners/0002186/0002186173/0/ 25 KB
25 KB 209ms
64ms Script
application/x-javascript 23.111.96.36
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/banners/0002186/0002186173/0/AV.js
Requested by: Host: ad.adriver.ru
URL: https://ad.adriver.ru/cgi-bin/erle.cgi?sid=130420&target=blank&bt=43&pz=0&tail256=unknown&sz=/batstractor/lng-ru/unknown&rnd=15234858
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.96.36 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software: nginx /
Resource Hash: bc55f712c7d14651306093d28dffba0f649bd9f37ea365066249df215b5411bf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
last-modified: Wed, 19 May 2021 13:40:38 GMT
server: nginx
etag: "60a51556-6216"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 25110
expires: Fri, 23 Dec 2022 04:05:02 GMT

GET
H2 200 script.js Show response
servers2.adriver.ru/images/0000211/0000211117/0/ Frame 523A 146 B
328 B 280ms
64ms Script
application/x-javascript 188.42.149.180
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://servers2.adriver.ru/images/0000211/0000211117/0/script.js?15234858
Requested by: Host: ad.adriver.ru
URL: https://ad.adriver.ru/cgi-bin/erle.cgi?sid=130420&target=blank&bt=43&pz=0&tail256=unknown&sz=/batstractor/lng-ru/unknown&rnd=15234858
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.149.180 , Luxembourg, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software: nginx /
Resource Hash: 749867d0a776f315cef5a0a4537171755fd24e9b8c20bcd0607fe451585eeea8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
last-modified: Mon, 24 Dec 2007 01:27:55 GMT
server: nginx
etag: "476f0b1b-92"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 146
expires: Fri, 23 Dec 2022 04:05:02 GMT

GET
H2 200 ad-marking.js Show response
content.adriver.ru/ 8 KB
8 KB 273ms
129ms Script
application/x-javascript 23.111.96.36
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/ad-marking.js
Requested by: Host: ad.adriver.ru
URL: https://ad.adriver.ru/cgi-bin/erle.cgi?sid=130420&target=blank&bt=43&pz=0&tail256=unknown&sz=/batstractor/lng-ru/unknown&rnd=15234858
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.96.36 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software: nginx /
Resource Hash: 05b1a533c01a125d7757daaba56dcd009063ed83a21061f4d8ea3a81fd121e94

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
last-modified: Wed, 30 Nov 2022 11:03:08 GMT
server: nginx
etag: "6387386c-2100"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 8448
expires: Fri, 23 Dec 2022 04:05:02 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 381 B
694 B 194ms
68ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=batstractor.all.biz&callback=_gfp_s_&client=ca-pub-6030997613457848&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6030997613457848&plah=batstractor.all.biz&bust=31071277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa0970178f471e5c26b003b4a8b0dafa44a38569d27cace6c781eb4f7f286833

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
792 B 193ms
67ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=batstractor.all.biz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 182ms
69ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=batstractor.all.biz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AC1D 158 KB
45 KB 497ms
402ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6030997613457848&output=html&adk=1812271804&adf=3025194257&lmt=1671764702&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fbatstractor.all.biz%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764702246&bpp=3&bdt=362&idt=214&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4866421144642&frm=20&pv=2&ga_vid=839697643.1671764702&ga_sid=1671764702&ga_hid=922729907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531848%2C31071277%2C44779794%2C44780792&oid=2&pvsid=942591905873660&tmod=943459021&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99f3f237c0780ea51b979ef976ff8b355dd2d26f11d80c5dfde48e90cae1e48f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://batstractor.all.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46097
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 03:05:02 GMT
expires: Fri, 23 Dec 2022 03:05:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8C13 101 KB
34 KB 422ms
336ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6030997613457848&output=html&h=600&slotname=7969440011&adk=120163721&adf=11028415&pi=t.ma~as.7969440011&w=300&lmt=1671764702&format=300x600&url=https%3A%2F%2Fbatstractor.all.biz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764702249&bpp=1&bdt=365&idt=242&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4866421144642&frm=20&pv=1&ga_vid=839697643.1671764702&ga_sid=1671764702&ga_hid=922729907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531848%2C31071277%2C44779794%2C44780792&oid=2&pvsid=942591905873660&tmod=943459021&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mGpwLytxO5&p=https%3A//batstractor.all.biz&dtd=246

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c22cb7830b98a45b9c1d2b616bbd521aa1a2289e413eac9e9773f945e24a631b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://batstractor.all.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 03:05:02 GMT
expires: Fri, 23 Dec 2022 03:05:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 82ms
29ms XHR
text/plain 2a00:1450:4025:401::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-1079634-3&cid=839697643.1671764702&jid=2123849022&gjid=1097572626&_gid=1563142266.1671764702&_u=YEBAAEAAAAAAACAAI~&z=1172448244

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://batstractor.all.biz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 23 Dec 2022 03:05:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://batstractor.all.biz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 83ms
29ms XHR
text/plain 2a00:1450:4025:401::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-1079634-7&cid=839697643.1671764702&jid=288029455&gjid=42401410&_gid=1563142266.1671764702&_u=YEDAAEABAAAAACAAI~&z=1522709138

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://batstractor.all.biz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 23 Dec 2022 03:05:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://batstractor.all.biz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A83E 97 KB
34 KB 449ms
370ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6030997613457848&output=html&h=490&slotname=9779843710&adk=1327367211&adf=1789175765&pi=t.ma~as.9779843710&w=210&lmt=1671764702&rafmt=12&format=210x490&url=https%3A%2F%2Fbatstractor.all.biz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764702250&bpp=1&bdt=366&idt=249&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=4866421144642&frm=20&pv=1&ga_vid=839697643.1671764702&ga_sid=1671764702&ga_hid=922729907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=655&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531848%2C31071277%2C44779794%2C44780792&oid=2&pvsid=942591905873660&tmod=943459021&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pr3NuPXSD0&p=https%3A//batstractor.all.biz&dtd=252

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7945f8a7350107d1b336251280d0f934ff9213f2557b7af1036ad8821acf2015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://batstractor.all.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34474
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 03:05:02 GMT
expires: Fri, 23 Dec 2022 03:05:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C1A5 22 KB
10 KB 390ms
316ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6030997613457848&output=html&h=280&slotname=4679170329&adk=1351908506&adf=1274559115&pi=t.ma~as.4679170329&w=1200&fwrn=4&fwrnh=100&lmt=1671764702&rafmt=1&format=1200x280&url=https%3A%2F%2Fbatstractor.all.biz%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764702251&bpp=1&bdt=367&idt=253&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C210x490&nras=1&correlator=4866421144642&frm=20&pv=1&ga_vid=839697643.1671764702&ga_sid=1671764702&ga_hid=922729907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531848%2C31071277%2C44779794%2C44780792&oid=2&pvsid=942591905873660&tmod=943459021&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=6ajAxsbO4l&p=https%3A//batstractor.all.biz&dtd=256

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cab3655b3da6dd9deb058e29c03a5885822da03fba9b7f4901599ecb89757199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://batstractor.all.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9830
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 03:05:02 GMT
expires: Fri, 23 Dec 2022 03:05:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 195ms
71ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1079634-3&cid=839697643.1671764702&jid=2123849022&_u=YEBAAEAAAAAAACAAI~&z=1397271983

Requested by

Host: batstractor.all.biz
URL: https://batstractor.all.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 03:05:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 129ms
56ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1079634-3&cid=839697643.1671764702&jid=2123849022&_u=YEBAAEAAAAAAACAAI~&z=1397271983

Requested by

Host: batstractor.all.biz
URL: https://batstractor.all.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 03:05:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 195ms
71ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1079634-7&cid=839697643.1671764702&jid=288029455&_u=YEDAAEABAAAAACAAI~&z=2138908749

Requested by

Host: batstractor.all.biz
URL: https://batstractor.all.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 03:05:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
501 B 116ms
43ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1079634-7&cid=839697643.1671764702&jid=288029455&_u=YEDAAEABAAAAACAAI~&z=2138908749

Requested by

Host: batstractor.all.biz
URL: https://batstractor.all.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 03:05:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK event.cgi
ad.adriver.ru/cgi-bin/ 42 B
667 B 55ms
55ms Image
image/gif 195.209.108.49
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.adriver.ru/cgi-bin/event.cgi?xpid=DQTWe1wBy69l-KdB37RvZ7SFdzEEDKehJZ64MXcrzEe6Bqj8-ecdAtU1AZMxueGvPTFoobcYT&bid=211117&type=0&custom=113=0;161=0;162=0;168=1;176=0;177=1;213=0;214=2;216=1600;217=1200;218=false;163=https%3A%2F%2Fbatstractor.all.biz%2F
Requested by: Host: batstractor.all.biz
URL: https://batstractor.all.biz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.49 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Dec 2022 03:05:02 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Content-Type: image/gif
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame C1A5 3 KB
1 KB 224ms
108ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6030997613457848&output=html&h=280&slotname=4679170329&adk=1351908506&adf=1274559115&pi=t.ma~as.4679170329&w=1200&fwrn=4&fwrnh=100&lmt=1671764702&rafmt=1&format=1200x280&url=https%3A%2F%2Fbatstractor.all.biz%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764702251&bpp=1&bdt=367&idt=253&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C210x490&nras=1&correlator=4866421144642&frm=20&pv=1&ga_vid=839697643.1671764702&ga_sid=1671764702&ga_hid=922729907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531848%2C31071277%2C44779794%2C44780792&oid=2&pvsid=942591905873660&tmod=943459021&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=6ajAxsbO4l&p=https%3A//batstractor.all.biz&dtd=256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Jan 2023 01:38:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame C1A5 18 KB
8 KB 160ms
45ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Jan 2023 01:38:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C1A5 153 KB
47 KB 127ms
40ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 03:05:03 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C1A5 0
0 101ms
100ms Fetch
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CT9Df3hqlY5G-Jp2O7_UPjMmZsA3JntKxXLWY49aTAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi02MDMwOTk3NjEzNDU3ODQ4yAEJqQJGBtdv48ixPqgDAaoEygFP0EG9rsBxgY3ax2Fun_z81BeRESFBrM1BpgKtOfrTW1Epja68zvixP-36R7sf3oZtuLJNKh5_npP7SaM6OQSJLQ6OWEA1SBLImbgCGkmM040na79_u6J9xwLCF9IeAuQYosSW1r7S5gshIMZPP-HATmgzDWL5lwyFYQvH59clvbIC0F6Z-mvUA0PSXUGGh6FbCIiTHoB1iWPt1p_dvTRgQYCc4xPCNeKt37MMdC7R7ENW8gJYcDWLvgncxF5At8g83hY86rDkBzXtgAam4uH_1sCKtYgBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi02MDMwOTk3NjEzNDU3ODQ4GAA&sigh=FzjWQokKn1g&uach_m=[UACH]&cid=CAQSGwDq26N9_c4_voEkyS1wFrVfUkMOy7aPcctV_RgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6030997613457848&output=html&h=280&slotname=4679170329&adk=1351908506&adf=1274559115&pi=t.ma~as.4679170329&w=1200&fwrn=4&fwrnh=100&lmt=1671764702&rafmt=1&format=1200x280&url=https%3A%2F%2Fbatstractor.all.biz%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764702251&bpp=1&bdt=367&idt=253&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C210x490&nras=1&correlator=4866421144642&frm=20&pv=1&ga_vid=839697643.1671764702&ga_sid=1671764702&ga_hid=922729907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531848%2C31071277%2C44779794%2C44780792&oid=2&pvsid=942591905873660&tmod=943459021&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=6ajAxsbO4l&p=https%3A//batstractor.all.biz&dtd=256
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 23 Dec 2022 03:05:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 23 Dec 2022 03:05:02 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame C1A5 0
0 169ms
34ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kqy4B7z6RLAJmAKdg2ICAgAAAI2kDmFvj7qU4Z0izBDeGqVjeafAeUvw-xs9yecAEgAA&wp=Y6Ua3gAJnxEIu8cdAAZkjN2kRM8UrXHp3rvv9w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 303587
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 5245 242 KB
61 KB 202ms
151ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6Ua3gAJnxEIu8cdAAZkjN2kRM8UrXHp3rvv9w&u=%7CJ4AttFVqD9AczdOAi%2B%2BeH8RnUTzuNZZmIuSikklwPsE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wDnaYjQBoqIkt17YFGJRPtSge7eLCqhbh0idQwsFRBB2L3LLR9Ixgu62bDVW2Ic24yaau4T23Pup7rAYgoBPfbMFGPXu2Mpy9VWNC_agi0UeNNV07lfMwoev8RD_aOXYI3zZctFP3e9s4SkYBypGU6Ls0ErIBzIGH6mrPw-6SFiRrVeXdxWpKdLTgAam-qNWWmMgXJpHfnyTaMsjGk6S7I8ao6zlLYaCDgb16_yzAL6Z9CeszS0MwlR272TSG-6RODJrRXX2J3ri-EvM1wWqcTMcFrcKSCf7iPKvZroR5s7B7DqOF15M46rTFuIq8ipHYDVGIV7pnSraZbyxmBwCLYffnci_0aNAthUQjZ_YYqmL53e_ZUm4pcYHQqmvWNfneOBSaA_ezpIkJr_WQjg8OwTtwbCIZ1grHCdXdBASdNkgZ2Z1NBBfctN0c-8uv8JacTJ9WJcbHOPPlC0U6oD2WSkNtCbOaAKuzoeMMCGet22paOfrifAMFUjTDgN0BxFfV1dhHl8fDIkLtMJwgKXHeCj8WpK8834P9q0bfwkd1Poo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_3Zs3hqlY5G-Jp2O7_UPjMmZsA3JntKxXLWY49aTAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi02MDMwOTk3NjEzNDU3ODQ4yAEJqQJGBtdv48ixPqgDAaoEzQFP0EG9rsBxgY3ax2Fun_z81BeRESFBrM1BpgKtOfrTW1Epja68zvixP-36R7sf3oZtuLJNKh5_npP7SaM6OQSJLQ6OWEA1SBLImbgCGkmM040na79_u6J9xwLCF9IeAuQYosSW1r7S5gshIMZPP-HATmgzDWL5lwyFYQvH59clvbIC0F6Z-mvUA0PSXUGGh6FbCIiTHoB1iWPt1p_dvTRgQYCc41HAFHAqUC8fy7LFT5NrVPpRZD89tCfERuqIim7OYQgQ8jVOgyZS0ZL6gAam4uH_1sCKtYgBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3yAmbAvsxdj8kv4pk_Iepq2s4arA%26client%3Dca-pub-6030997613457848%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d997725a8025a24b4b9169a64be7d027090381db2c7facf3e052492d214f4fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 03:05:02 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=3Pg9RQgndKqRUxrqe-IZmBrRCSwvHg85rDHu07PAuijwvUQQwEhHYMAF7qZHDAzgSivVujuFu-eiAgI-y3VeIbNNN6rSOqdI2u-_XwQJAEg25sguntraM-zYYjrxBeg_v8PnUPIcpoatkjcr7NR-YKkcivtyT9nt1cEe48mkboWIij8S1s81Av_IDn63KWQ-U-Mn0yznU6x5PVOW5HE8uUY_R_ROYWgAWxMTRHB-0qQu8kcMBNao00Yhc7k"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 126225927
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ Frame 8C13 8 KB
1 KB 196ms
69ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6030997613457848&output=html&h=600&slotname=7969440011&adk=120163721&adf=11028415&pi=t.ma~as.7969440011&w=300&lmt=1671764702&format=300x600&url=https%3A%2F%2Fbatstractor.all.biz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764702249&bpp=1&bdt=365&idt=242&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4866421144642&frm=20&pv=1&ga_vid=839697643.1671764702&ga_sid=1671764702&ga_hid=922729907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531848%2C31071277%2C44779794%2C44780792&oid=2&pvsid=942591905873660&tmod=943459021&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mGpwLytxO5&p=https%3A//batstractor.all.biz&dtd=246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 23 Dec 2022 03:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 01:09:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Dec 2022 03:05:03 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 8C13 2 KB
818 B 199ms
121ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Jan 2023 01:38:32 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8C13 0
0 90ms
90ms Fetch
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3tOB3hqlY5S-Jp2O7_UPjMmZsA32wbyKbuK7jeaxEPK1jPG-ARABIPS36CNgkYSghYwYoAHvnf_bKMgBCakCXhbI00Muez6oAwHIA8sEqgTSAU_QNBe2nDBe3FN0LbvhLJkeMpW98tMYU6Bv_ihP9w2Dzib-QfAPJiygWPS_04vaZSDnnJ8HaoNgYhoMQ1n6nPJKVjSKwSI4SeQq4DayZTLg__PVrdOwu5oUHdFpJ4s2v2nAmI1ibuS17uEPOM1AXD3SKFQSbJ_XAkgZpnsoE8WJ8qKQhbgDFBAY2JFdOZ8yv7I2RpLSLknHbLMt8Bm2bmHa0CfM-cuD8Wvt-rGwMwePH7pvRFA3bQdLbS8BJ_qw_WFi2SoiIcMB9CUg01Y3KCYzQ8AE5-fW844EkgUECAQYAZIFBAgFGASgBi6AB62W97sDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwMQ0kzSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUBNAVAYAXAbIXHAoaCAASFHB1Yi02MDMwOTk3NjEzNDU3ODQ4GAA&sigh=rJtxpPkY_44&uach_m=[UACH]&cid=CAQSGwDq26N9_TbsoODC1VYVGASmsxGheK9KI-jA7hgBIBM&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6030997613457848&output=html&h=600&slotname=7969440011&adk=120163721&adf=11028415&pi=t.ma~as.7969440011&w=300&lmt=1671764702&format=300x600&url=https%3A%2F%2Fbatstractor.all.biz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764702249&bpp=1&bdt=365&idt=242&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4866421144642&frm=20&pv=1&ga_vid=839697643.1671764702&ga_sid=1671764702&ga_hid=922729907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1125&ady=206&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531848%2C31071277%2C44779794%2C44780792&oid=2&pvsid=942591905873660&tmod=943459021&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mGpwLytxO5&p=https%3A//batstractor.all.biz&dtd=246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 23 Dec 2022 03:05:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 23 Dec 2022 03:05:03 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/491603777162458610/ Frame 8C13 9 KB
9 KB 185ms
114ms Image
image/jpeg 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/491603777162458610/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5bfa0897c0f16a090b1bbcd3a3aeb08de07b5468d25ea036111e3d1089caba7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 14:45:48 GMT
x-content-type-options: nosniff
age: 130755
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9189
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 09:44:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Dec 2023 14:45:48 GMT

GET
DATA 200
OK truncated
/ Frame 8C13 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8C13 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 287ade58ca7648339a3c29f8350d8ea7f8962509c89b31a9acb7b29c756c95f6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1eaa1e49c6d827e7897bafa951c60a71.js Show response
www.gstatic.com/mysidia/ Frame A83E 9 KB
5 KB 170ms
48ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1eaa1e49c6d827e7897bafa951c60a71.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6030997613457848&output=html&h=490&slotname=9779843710&adk=1327367211&adf=1789175765&pi=t.ma~as.9779843710&w=210&lmt=1671764702&rafmt=12&format=210x490&url=https%3A%2F%2Fbatstractor.all.biz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764702250&bpp=1&bdt=366&idt=249&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=4866421144642&frm=20&pv=1&ga_vid=839697643.1671764702&ga_sid=1671764702&ga_hid=922729907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=655&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531848%2C31071277%2C44779794%2C44780792&oid=2&pvsid=942591905873660&tmod=943459021&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pr3NuPXSD0&p=https%3A//batstractor.all.biz&dtd=252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4197
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 Mar 2023 01:38:31 GMT

GET
H2 200 890d6e0a5dc19f9d14ccf82aa8feec6a.js Show response
www.gstatic.com/mysidia/ Frame A83E 10 KB
4 KB 170ms
49ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/890d6e0a5dc19f9d14ccf82aa8feec6a.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4446
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 Mar 2023 01:38:31 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A83E 8 KB
968 B 158ms
69ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 23 Dec 2022 03:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 02:47:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Dec 2022 03:05:03 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 8C13 23 KB
9 KB 109ms
53ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Jan 2023 01:38:32 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 8C13 3 KB
1 KB 166ms
112ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Jan 2023 01:38:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 8C13 18 KB
7 KB 156ms
102ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Jan 2023 01:38:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C13 153 KB
47 KB 112ms
85ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 03:05:03 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 8C13 34 KB
14 KB 169ms
51ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 Mar 2023 01:38:32 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A83E 2 KB
765 B 140ms
45ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Jan 2023 01:38:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame A83E 23 KB
9 KB 84ms
60ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Jan 2023 01:38:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A83E 3 KB
1 KB 141ms
47ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Jan 2023 01:38:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A83E 18 KB
7 KB 119ms
95ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Jan 2023 01:38:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A83E 153 KB
47 KB 102ms
102ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 03:05:03 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame A83E 34 KB
14 KB 139ms
46ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 Mar 2023 01:38:32 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/ 151 KB
51 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/reactive_library_fy2021.js?bust=31071277

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dbe6b3766c86afb091c6768871819b9b7a08fe0b8c993feb4900dffdf94edcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52379
x-xss-protection: 0
server: cafe
etag: 319044230391670962
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Dec 2022 03:05:03 GMT

GET
DATA 200
OK truncated
/ Frame C1A5 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ec7188772d0e9e1e1a1f439557d38462800ce4ec24d5c33a2d1e65453675ccc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5245 2 KB
1 KB 77ms
25ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6Ua3gAJnxEIu8cdAAZkjN2kRM8UrXHp3rvv9w&u=%7CJ4AttFVqD9AczdOAi%2B%2BeH8RnUTzuNZZmIuSikklwPsE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wDnaYjQBoqIkt17YFGJRPtSge7eLCqhbh0idQwsFRBB2L3LLR9Ixgu62bDVW2Ic24yaau4T23Pup7rAYgoBPfbMFGPXu2Mpy9VWNC_agi0UeNNV07lfMwoev8RD_aOXYI3zZctFP3e9s4SkYBypGU6Ls0ErIBzIGH6mrPw-6SFiRrVeXdxWpKdLTgAam-qNWWmMgXJpHfnyTaMsjGk6S7I8ao6zlLYaCDgb16_yzAL6Z9CeszS0MwlR272TSG-6RODJrRXX2J3ri-EvM1wWqcTMcFrcKSCf7iPKvZroR5s7B7DqOF15M46rTFuIq8ipHYDVGIV7pnSraZbyxmBwCLYffnci_0aNAthUQjZ_YYqmL53e_ZUm4pcYHQqmvWNfneOBSaA_ezpIkJr_WQjg8OwTtwbCIZ1grHCdXdBASdNkgZ2Z1NBBfctN0c-8uv8JacTJ9WJcbHOPPlC0U6oD2WSkNtCbOaAKuzoeMMCGet22paOfrifAMFUjTDgN0BxFfV1dhHl8fDIkLtMJwgKXHeCj8WpK8834P9q0bfwkd1Poo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_3Zs3hqlY5G-Jp2O7_UPjMmZsA3JntKxXLWY49aTAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi02MDMwOTk3NjEzNDU3ODQ4yAEJqQJGBtdv48ixPqgDAaoEzQFP0EG9rsBxgY3ax2Fun_z81BeRESFBrM1BpgKtOfrTW1Epja68zvixP-36R7sf3oZtuLJNKh5_npP7SaM6OQSJLQ6OWEA1SBLImbgCGkmM040na79_u6J9xwLCF9IeAuQYosSW1r7S5gshIMZPP-HATmgzDWL5lwyFYQvH59clvbIC0F6Z-mvUA0PSXUGGh6FbCIiTHoB1iWPt1p_dvTRgQYCc41HAFHAqUC8fy7LFT5NrVPpRZD89tCfERuqIim7OYQgQ8jVOgyZS0ZL6gAam4uH_1sCKtYgBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3yAmbAvsxdj8kv4pk_Iepq2s4arA%26client%3Dca-pub-6030997613457848%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 18 Dec 2023 03:05:03 GMT

GET
H2 200 adchoices_nl.svg
static.criteo.net/flash/icon/ Frame 5245 2 KB
1 KB 79ms
26ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_nl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-754"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 18 Dec 2023 03:05:03 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5245 308 B
636 B 75ms
28ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 18 Dec 2023 03:05:03 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 5245 293 B
621 B 73ms
26ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 18 Dec 2023 03:05:03 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 5245 43 B
348 B 111ms
28ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ag2RTwQCS6GRITvz23BL8rUG0331ZCUFWY31LYDf8bW9ImkIdeE-xRdSccfcurbL2lPGMUQmUqo_Uruv-73KcsOs6Ea6MVPfd985SjVqD-ho2jTDbexoHEB_D8EJAFa_TeDzUl-aGQ6Zi_Dm3YH_mZ0POraROUtRUhfDadiw1b1s9CC2_DdUcsNT9xde6cEFzWjjOmOJSg1g5QiW4leXjlSFLOLV7IygM68ArXxHlRYI3IojdWj7duOge2e_bEhC73GzgOeOgeIUEaBSu0S33ZCarfP-5kaFwiV98BcOSYE5IzMfTUZnzhYLr-7YpaWYdGIuSg46xaKTUg-T_MkVyKKzT0O_KP23qwUfDmhxRsep0flHSuua62RraWtQlLd-V810YRNQ7qhAtirk55Nm_WvJTq8eUx3BuwGq2VssUgxqG7tY

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 03:05:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2784964
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 163ms
69ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=batstractor.all.biz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 162ms
68ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=batstractor.all.biz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 44A6 10 KB
4 KB 46ms
45ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://batstractor.all.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 5192
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 01:38:31 GMT
etag: 10353107486223812946
expires: Fri, 06 Jan 2023 01:38:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A83E 0
0 92ms
92ms Fetch
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBeE33hqlY4PAJtqK7_UP6_usqAeMqO3rbYXUrvrqDsCNtwEQASD0t-gjYJGEoIWMGKABlLSFggPIAQGpAj4FbRLLNoM-qAMByAPDBKoExQFP0DnhuPYGOGzXJ0yafNjNlJ__gIJnA_j3vrjbA0DHTOQCG_eEL9P-qqYcUCjeHNJe8g-KELhqiRfuTOP2aBSq6esnTirmrJi7dPMg6BeBr6xFPBPH2OKx9MVCIPTu36N5gRQWWrG1zIJfnqY9v71Ox7JReTaE8KtNNcF5DlTKMji7vhsSNbuHN3a2f6SW0WyDhlYfIfpCtkV7Qg1TWdVssHF15yP1cAeXIxVXvftYRlD5ppN89B50XxkOeu5n7nd4qGfqZMAE67CUu-YDkgUECAQYAZIFBAgFGASgBlGAB9TL-n2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDhrwPSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi02MDMwOTk3NjEzNDU3ODQ4GAA&sigh=dHc031xSfMo&uach_m=[UACH]&cid=CAQSGwDq26N9e-91ID3hJRQF39-KPdE5VaFaGPcSWxgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6030997613457848&output=html&h=490&slotname=9779843710&adk=1327367211&adf=1789175765&pi=t.ma~as.9779843710&w=210&lmt=1671764702&rafmt=12&format=210x490&url=https%3A%2F%2Fbatstractor.all.biz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764702250&bpp=1&bdt=366&idt=249&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=4866421144642&frm=20&pv=1&ga_vid=839697643.1671764702&ga_sid=1671764702&ga_hid=922729907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=655&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531848%2C31071277%2C44779794%2C44780792&oid=2&pvsid=942591905873660&tmod=943459021&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pr3NuPXSD0&p=https%3A//batstractor.all.biz&dtd=252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 23 Dec 2022 03:05:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B663 143 B
166 B 46ms
45ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6030997613457848&output=html&h=490&slotname=9779843710&adk=1327367211&adf=1789175765&pi=t.ma~as.9779843710&w=210&lmt=1671764702&rafmt=12&format=210x490&url=https%3A%2F%2Fbatstractor.all.biz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764702250&bpp=1&bdt=366&idt=249&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=4866421144642&frm=20&pv=1&ga_vid=839697643.1671764702&ga_sid=1671764702&ga_hid=922729907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=655&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531848%2C31071277%2C44779794%2C44780792&oid=2&pvsid=942591905873660&tmod=943459021&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pr3NuPXSD0&p=https%3A//batstractor.all.biz&dtd=252
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 02:43:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8C13 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 873821dbd6e5e00ce86ebaeb983c50f74aace735a415a072fada48d4f8aed1f7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A83E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6179deb1ba761d4618e9ddc97cfe472565c8f9b6869005f912a773b31b47752

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 5245 12 KB
6 KB 25ms
25ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 18 Dec 2023 03:05:03 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 8C13 28 KB
28 KB 106ms
32ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 21:35:41 GMT
x-content-type-options: nosniff
age: 19762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 21:35:41 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 44A6 4 KB
636 B 107ms
41ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 23 Dec 2022 03:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 02:49:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Dec 2022 03:05:03 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 44A6 205 B
229 B 67ms
49ms Image
image/png 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 00:27:38 GMT
x-content-type-options: nosniff
age: 9445
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 23 Dec 2023 00:27:38 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 44A6 604 B
628 B 67ms
49ms Image
image/png 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:11:27 GMT
x-content-type-options: nosniff
age: 3216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 23 Dec 2023 02:11:27 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 44A6 19 KB
8 KB 45ms
45ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8084
x-xss-protection: 0
server: cafe
etag: 2222875591315018765
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Jan 2023 01:38:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5245 6 KB
6 KB 110ms
26ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=4438&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F4438%2F160713%2F01e316f7618f4a5982200e939bbe76ab_logo.png&v=3&w=196&s=kqYTJrWcqOsv7Q4L8_LTwH_1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e0b37cd5597ee9d0259529a8bece1330f1f38a3de98b6990d14f7ca1c2840dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29222286
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5960
expires: Sun, 26 Nov 2023 08:23:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5245 15 KB
15 KB 130ms
45ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=4438&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2F5d4d58fd7b7d73a7152bb4776ead3519%2Fnaturlaeufer-enkellaarsje-0001699250.jpg&v=3&w=800&s=lljanCFiIf089VJwUxKFyx2d&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f7a682c19fb0cce0b3a5eef0c27e43282554e9f0255993509d82052c73179025

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30848843
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15290
expires: Fri, 15 Dec 2023 04:12:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5245 41 KB
41 KB 141ms
57ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=4438&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2Fd954f1b6c26bd3582823b8afe75495a3%2Fnaturlaeufer-enkellaarsje-0001575922.jpg&v=3&w=800&s=aWxb4ry6rVW2sJ4sa39iTGl6&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

9186f77331fc2d72b4580dae7c4320b3439b2c13f923fc660a2cbbf92a2d05de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30514341
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 41842
expires: Mon, 11 Dec 2023 07:17:25 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5245 12 KB
13 KB 185ms
101ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=4438&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2Fdb9930df3e2baa714ac9fa73636093ca%2Fstudio-w-enkellaarsje-met-warme-voering-0001705594.jpg&v=3&w=800&s=lmNHQP5NQo1Txotp94MmOJN-&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

efcde8759400a5cbb980773a502afedf3139e759cc88ba7ae9029886125315a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28857219
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12678
expires: Wed, 22 Nov 2023 02:58:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5245 16 KB
16 KB 130ms
45ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=4438&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2F2c092ec44f0c3346ba74ed3506aa03d0%2Fanita-corselet-met-shaping-effect-0001502108.jpg&v=3&w=800&s=3np6PbtvG4v0KlFznyW0W7Rw&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d009b39f04caf0845989a68fb5ae77b26461866e6c524f0894042b62c76a814b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31463557
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16378
expires: Fri, 22 Dec 2023 06:57:41 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5245 47 KB
47 KB 171ms
87ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=4438&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2F327e76c08b733040934e06e83b1508a6%2Fdelmod-pure-vest-van-gemeleerd-materiaal-0001557847.jpg&v=3&w=800&s=yHHpeIHFn9ZuiNQ6xUj49IG0&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

520b4e2c07f40150c6ac4f77bfd5fa100d1b965b686abd9cee1d957f7a1729fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29236244
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 47616
expires: Sun, 26 Nov 2023 12:15:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5245 18 KB
18 KB 77ms
74ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=4438&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2F9efab2795f51b3090a513068adf6d677%2Fnaturlaeufer-enkellaarsje-0001808145.jpg&v=3&w=800&s=n1tXRPTTkiYtE4UxItZt5CFC&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

17409261ff1f6ebfbd5f81ec7f1543037d023d3e82850d9d0dbb54c962b1497f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29574010
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18262
expires: Thu, 30 Nov 2023 10:05:13 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5245 33 KB
34 KB 85ms
81ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=4438&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2Fde0c6435ef27c836a8cedd635fb5afe4%2Fnaturlaeufer-enkellaarsje-0001502593.jpg&v=3&w=800&s=xl7JzzgEq-VRgFIzNVFDL7jK&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

8d9ae2b7028a6a49e23e56d9140974bd53824b2adb2178e5b1b1bbf07f3e287c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30691396
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34022
expires: Wed, 13 Dec 2023 08:28:19 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5245 6 KB
7 KB 81ms
78ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=4438&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2F47831d6ba59604491e22f8031cb816e1%2Falba-moda-lange-blouse-van-een-materialenmix-0001807684.jpg&v=3&w=800&s=LxaFoJd0xJjO2fY_6aHJi_Tk&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

35992a6eeea57b22c4179fe74e5960b813c33d6cbdb31150ed2f5eeb31afb11e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29658866
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6470
expires: Fri, 01 Dec 2023 09:39:29 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5245 46 KB
46 KB 85ms
81ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=4438&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2F2650c15de0f5868c6a6934eab0c5ead6%2Fmona-plissejurk-met-print-in-harmonieuze-kleuren-0001568685.jpg&v=3&w=800&s=IDBbngG3UB7ed3FP3LZbDZPv&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

eaf6a1ef91e18ec3df8c6cdb7d68825db2c6f648b21564a6592d98cae4bb794f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31389166
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 47036
expires: Thu, 21 Dec 2023 10:17:49 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5245 27 KB
27 KB 100ms
96ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=4438&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2F21cf3821e5b6e34a3e49182b23a568c0%2Fmona-rok-met-bloemenprint-0001533531.jpg&v=3&w=800&s=as0qiw6vn3wUaiXfn2ywKOYb&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

7a0b8df1fe17b554edb1aba66b461fb42a5bcc66c4b3ab88200751d2151494d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31381883
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 27544
expires: Thu, 21 Dec 2023 08:16:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5245 59 KB
59 KB 82ms
78ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=4438&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2Ff621f0d4e4e58243252776917933132b%2Fmona-broek-met-bloemenprint-0001558682.jpg&v=3&w=800&s=TwxuWyHhEA8bSlMs_7F8nVxo&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e92fb5e72a96e02105cff63b444d96aba4cbb4f6d7356dcc6152f1fa295798e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30949819
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 60158
expires: Sat, 16 Dec 2023 08:15:23 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5245 13 KB
13 KB 110ms
106ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=4438&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2F086c00ec9beeb275720d9adf20c6c0ad%2Fkomplimente-mantel-van-zacht-materiaal-0001545201.jpg&v=3&w=800&s=6OUaeO-ZDwltNRTXGiOnpwzw&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

3312e0acc9fa0335c1b87f521f6d9fbedf32d4e8427fd9bf84a5322484ec034e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29223077
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12832
expires: Sun, 26 Nov 2023 08:36:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5245 14 KB
14 KB 106ms
102ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=4438&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2Fb74854468882fab8d10835fa8f507668%2Fmona-broek-van-stretchmateriaal-0001539775.jpg&v=3&w=800&s=UQZ_6yzWsHi9F5xR8XaiWzcJ&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

6d85e13feabd07fc9dd926cbf6f04765f9ebaa2162c42ededab92bb4a293a7dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30306989
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14520
expires: Fri, 08 Dec 2023 21:41:32 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5245 15 KB
15 KB 105ms
101ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=4438&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2F07cfe0aef7e8d3427a618281527071ac%2Ftoni-broek-van-zacht-fluweel-0001795045.jpg&v=3&w=800&s=NQdS1eTkDz1JW-HwtWtAX_5r&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

cf4645b043f2d4b54bb0b9395926dda39737f619f3cef08fa2d59cbecb976a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30557875
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15466
expires: Mon, 11 Dec 2023 19:22:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5245 20 KB
20 KB 112ms
109ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=4438&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2Fdd435d21cbfd0048c4363fe542475f04%2Fmona-vestje-met-opgestikte-zakken-0001552220.jpg&v=3&w=800&s=EeD_cnAEJZn3BML9GTSt8qW8&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

269ad9ecf76d0ededb5bba5ac333dd8d81b9869239dc764756b1f8ae510a4dbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28786798
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19978
expires: Tue, 21 Nov 2023 07:25:01 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5245 0
128 B 76ms
25ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=3Pg9RQgndKqRUxrqe-IZmBrRCSwvHg85rDHu07PAuijwvUQQwEhHYMAF7qZHDAzgSivVujuFu-eiAgI-y3VeIbNNN6rSOqdI2u-_XwQJAEg25sguntraM-zYYjrxBeg_v8PnUPIcpoatkjcr7NR-YKkcivtyT9nt1cEe48mkboWIij8S1s81Av_IDn63KWQ-U-Mn0yznU6x5PVOW5HE8uUY_R_ROYWgAWxMTRHB-0qQu8kcMBNao00Yhc7k&sds=2&rev=83933&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 23 Dec 2022 03:05:03 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5245 2 KB
1 KB 25ms
24ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 18 Dec 2023 03:05:03 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B663
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

88ms
79ms

Document
text/html

2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 03:05:03 GMT
expires: Fri, 23 Dec 2022 03:05:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 03:05:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame AB81 8 KB
895 B 42ms
42ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 23 Dec 2022 03:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 02:46:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Dec 2022 03:05:03 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame AB81 2 KB
765 B 51ms
46ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Jan 2023 01:38:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame AB81 23 KB
9 KB 52ms
48ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Jan 2023 01:38:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame AB81 3 KB
1 KB 59ms
55ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Jan 2023 01:38:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame AB81 18 KB
7 KB 54ms
50ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Jan 2023 01:38:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AB81 153 KB
47 KB 167ms
40ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 03:05:03 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame AB81 34 KB
14 KB 51ms
47ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 01:18:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Mar 2023 01:18:41 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame A83E 28 KB
28 KB 100ms
32ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 21:35:41 GMT
x-content-type-options: nosniff
age: 19762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 21:35:41 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame A83E 14 KB
14 KB 104ms
36ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e749617a3856bfaa4d2cea0c50d88366d2b579841bd5a45bd2d34062babc51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 23:16:25 GMT
x-content-type-options: nosniff
age: 13718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14432
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:04:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 23:16:25 GMT

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 39B3 36 KB
16 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 08:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 08:30:11 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7DA8 143 B
166 B 46ms
45ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 02:43:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7DA8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

110ms
109ms

Document
text/html

2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 03:05:03 GMT
expires: Fri, 23 Dec 2022 03:05:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 03:05:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 388E 36 KB
16 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 08:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 08:30:11 GMT

GET
H2 200 count_items Show response
api.all.biz/cart/ 52 B
725 B 116ms
99ms Script
application/javascript 2606:4700:3035::ac43:da10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.all.biz/cart/count_items?country=MD&lng=ru&jsoncallback=jQuery21409086094819656871_1671764702172&_=1671764702173
Requested by: Host: s.all.biz
URL: https://s.all.biz/compiled/minisite/js/minified/_ms_.js?v=46555
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:da10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32c47e7ed8df34ade4df3660eecc0ebc7ea1327c77a695d35878ba4eb1330b21

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIz855pHYSTy4YyciRLYjA7EcShMhKrp0qQ4ourYC7jwfDH4kjngx8INp8BtWkgIX451Oador4N9JYn3hmCW0n3QpcsHxJbQx2Zu2fGqKxa8MEmlLCkHjQktcRxD3mR27cyaqw0NTh0okA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cf-ray: 77dddf96fc1cbbf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 110ms
46ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

204419a653935898e33ab19b4e00c4afe33d9e8f83410e0725907f36360066de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11153
x-xss-protection: 0

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame D441 36 KB
16 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: batstractor.all.biz
URL: https://batstractor.all.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 08:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 08:30:11 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 88ms
88ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 03:05:03 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5B9A 13 KB
5 KB 46ms
46ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://batstractor.all.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 177991
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 01:38:33 GMT
expires: Thu, 21 Dec 2023 01:38:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 95B6 783 B
535 B 70ms
69ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

83c432c8975ac52c89809c67cafa4f474388da05e862862f53ab84709b7e9157

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uOoyP3ARaWmWbXEUHAGqFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://batstractor.all.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-uOoyP3ARaWmWbXEUHAGqFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 03:05:04 GMT
expires: Fri, 23 Dec 2022 03:05:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 5B9A 36 KB
16 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 08:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 08:30:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 95B6 0
0 66ms
65ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=942591905873660&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5B9A 0
10 B 46ms
45ms Image
text/plain 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?v-Jlkw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 03:05:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8C13 42 B
64 B 69ms
69ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3nV3qePBw9MfPvHppAW_Zx7OL79DMKJkamEGZ5wsV6MBWhicjBf9qc7YKVv38eNPEFwnybQJeEGc8-Og_ORak9oyvBs3sV1M5DSzVsancX1Q-jNbnkf_PqZZitV131-lRbuINDw&sai=AMfl-YRzcGeqKfcAdhp6VYcHRz7GmTfFQi9YGIb-4iq4B3sMq_nNpIfvbdNdN-wutrZzB97A7R3jqiQVMPUE0c8&sig=Cg0ArKJSzOotdEdWkfv8EAE&cid=CAQSGwDq26N9_TbsoODC1VYVGASmsxGheK9KI-jA7hgBIBM&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=120163721&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671764702496&rpt=910&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 03:05:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A83E 42 B
64 B 70ms
70ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstiP84NuAILzznuUZQjHY_iSeT0P-QRo7c3mZa99t62d58FRWz0q6hPcYhITqD77dHgegNVxl4uOZO1PVTYF3a6eosvTHBoAvNyNKin7IwDHLHTqAHt3DQsRuElOmLIzI2-Jq7tow&sai=AMfl-YRZf_02vX-5BeYI7RG-032y3OMcYcRRF9SApZinO0KZZQ8pmsX3Ed6PttKhpwGCGBrkbg3-2j0DKNrzXEY&sig=Cg0ArKJSzA8SrUaobUmaEAE&cid=CAQSGwDq26N9e-91ID3hJRQF39-KPdE5VaFaGPcSWxgBIBM&id=lidar2&mcvt=1000&p=0,0,490,210&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1327367211&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671764702503&rpt=1174&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 03:05:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 70ms
69ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=942591905873660&bg=!_P-l_7vNAAYgquz3AKo7ACkAdvg8Wr2G7UvDJZIIYMSPHD5uoWPqmcpLkxiZ8o1Wy04wlAf2UWKGiwIAAABRUgAAAAJoAQeZAvV4GcnMo7qlmVX8YPdVsQOcTwhQdVR-HFWtuijJcw1zztXkaNywTRn6FX6KLqA2eQYkL9RZM4itJMGmN00YFSBJJoox-OS7dNli2751RRQ2tehBeiYP1DLZDp5rSN8rCQ7-EZeGstC1w60jrRiGwUbd3acBah5Q0C30jRPN-fnhBtwFObClvNmJe0WNjEHQCbzx0-V1T_WlFqCA321-q1JAeqJlDoUj_2J_gbEkNwBb23dxaPe7oLeZgJPhhGQZQ9I9yjVT-Bn1uOPi4qmLVsjV0b1kBKYD9dg20lgnr7kMRnybqpE9fQ_b3OyuJ1sC_akkxiNALL7MBuWDgXCaf25dK-9oNqjLa2MyindYlYXyyb7cczECzIB1C3TPhfm1sOstvEzKFcbIrs8rln4mG0IoMp0N1b4_XEPjOGQ_D2_kD2xRaytPPEHbUEXVLnw9TWT5IBXsdIfFekrsbmGAJJ3Y5lFF8yl3o0Ml6k-FTFIZUHiflfr6-W5w1J0iAQIpeaZCb0YhfKWxu5ITLW4Xc-dfHQUYDYINLYRjqYr1G6iwEra11H3-J2wG-Ud9VcP4I5PN2Qu0h6ppFSRSOAjRjXK0x6vJ0OS0khy8ui-h-Str-_HsznpSZWgC3mbGNosdAXoRXBQ-UHia7o0EFp0h9nlz3S0UJeygUvdAvnqsK7cdC4gJiF4wmmcjcckB2ViO-wrDFTrUxcr5yslcNJbSOe6Q7KtzOY_yZgVklQbe-tTr7ERY4YWXNVeh3-CZq80ldNF-lo6zzxpYGkUsfQmm-06VQAmAGU8HFASxakp7DTcqP-NILFgoTAT9f9g3WMtHrTOM-eQYupZqGz9rtIhbEioIbkSdvl4PVZE5hWfVcHkFISHvukmOuaxrzISGB72KI7KzXcnOgQo2waX4NIbZrteaYriFukw6iCYCD4XRyDqw2p5zDrbyMMqVI34aOWU45BMqXZ_9FMdKgYxt0ozVAGeeGfWvAsUCBmB5tVh8ZY2IVdNRa9ZF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://batstractor.all.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.all.biz/	1970-01-20 17:08:20	Name: test Value: ok
.all.biz/	1970-01-20 09:05:56	Name: current_currency_id Value: 18
.all.biz/	1970-01-20 09:05:56	Name: current_currency_code Value: MDL
.all.biz/	1970-01-20 17:58:44	Name: _ga Value: GA1.2.839697643.1671764702
.all.biz/	1970-01-20 08:24:11	Name: _gid Value: GA1.2.1563142266.1671764702
.all.biz/	1970-01-20 08:22:44	Name: _gat Value: 1
.all.biz/	1970-01-20 08:22:44	Name: _gat_minisiteTracker Value: 1
.all.biz/	1970-01-20 08:22:44	Name: _gat_clientTracker Value: 1
.adriver.ru/	1970-01-20 17:58:44	Name: cid Value: A1fglHG0zzWsA6haAxZRhiA
.yadro.ru/	1970-01-20 17:07:58	Name: FTID Value: 1ZfHhU2bcLuT1ZfHhU001D6q
.yadro.ru/	1970-01-20 17:07:58	Name: VID Value: 069OKT0hgNOT1ZfHhU001D7I
.all.biz/	1970-01-20 17:44:20	Name: __gads Value: ID=563af3dd6cbfef7c-22612ce53eda00b9:T=1671764702:RT=1671764702:S=ALNI_MbfJV2dvqoFrl0TMqnsgLMHFtlxIA
.all.biz/	1970-01-20 17:44:20	Name: __gpi Value: UID=00000b971dff91c8:T=1671764702:RT=1671764702:S=ALNI_MbNXC5T_-i1kV-ZVZDRwPeH1evoWg
.doubleclick.net/	1970-01-20 17:44:20	Name: IDE Value: AHWqTUkS2RV4-oStJLXWM5f4dT0mzDuCtJ7XGTGFW_GQxK1_iLpv2mp5pqOvuVul9uQ
count.all.biz/	1970-01-20 08:23:56	Name: r_page[md][6751] Value: 1
.doubleclick.net/	1970-01-20 08:22:48	Name: DSID Value: NO_DATA
.all.biz/	1970-01-20 08:32:49	Name: ch Value: c2aceb1d83ad0498f218b3f2ac354a3a
.all.biz/	1970-01-20 17:08:20	Name: cart_cnt_items Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6030997613457848&output=html&h=280&slotname=4679170329&adk=1351908506&adf=1274559115&pi=t.ma~as.4679170329&w=1200&fwrn=4&fwrnh=100&lmt=1671764702&rafmt=1&format=1200x280&url=https%3A%2F%2Fbatstractor.all.biz%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671764702251&bpp=1&bdt=367&idt=253&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C210x490&nras=1&correlator=4866421144642&frm=20&pv=1&ga_vid=839697643.1671764702&ga_sid=1671764702&ga_hid=922729907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531848%2C31071277%2C44779794%2C44780792&oid=2&pvsid=942591905873660&tmod=943459021&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=6ajAxsbO4l&p=https%3A//batstractor.all.biz&dtd=256 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.adriver.ru
ads.eu.criteo.com
adservice.google.com
adservice.google.nl
api.all.biz
batstractor.all.biz
cat.nl.eu.criteo.com
content.adriver.ru
count.all.biz
counter.yadro.ru
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
md.all.biz
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.fr.eu.criteo.com
s.all.biz
servers2.adriver.ru
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagservices.com
www.gstatic.com
178.250.2.148
188.42.149.180
195.209.108.49
23.111.96.36
2606:4700:3035::ac43:da10
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:808::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:828::200e
2a00:1450:400d:803::2002
2a00:1450:400d:807::2003
2a00:1450:400d:80a::2001
2a00:1450:400d:80a::2002
2a00:1450:400d:80e::2002
2a00:1450:4025:401::9c
2a02:2638:1::17
2a02:2638:1::3
2a02:2638:1::4
2a02:2638:1::8
2a02:2638::2
88.212.201.198
94.75.248.129
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
029ea95a9e504865f0e8941363f6983fb2e0d3cd6e80018491d8c9040e4999fb
0314902cd0c28fa09092704d3725650c564251e148cf13dcf2cc0c6e717bd76c
05b1a533c01a125d7757daaba56dcd009063ed83a21061f4d8ea3a81fd121e94
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0dbe6b3766c86afb091c6768871819b9b7a08fe0b8c993feb4900dffdf94edcd
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
15e749617a3856bfaa4d2cea0c50d88366d2b579841bd5a45bd2d34062babc51
17409261ff1f6ebfbd5f81ec7f1543037d023d3e82850d9d0dbb54c962b1497f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1ff398ca02067fe5eb8388fa7659923cf5929901175a3240498fe6e28511b626
204419a653935898e33ab19b4e00c4afe33d9e8f83410e0725907f36360066de
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
269ad9ecf76d0ededb5bba5ac333dd8d81b9869239dc764756b1f8ae510a4dbd
26aae688f9b00e9b3545dc3e6520836989a72f4b48552720a6250dd32dc80740
276a14e327c7469f8a88475d92adca19c1480045d6eede20a412db0afc93399f
287ade58ca7648339a3c29f8350d8ea7f8962509c89b31a9acb7b29c756c95f6
2c37fc77e26776c7e95ecd42988ab8262a1739ac3c3218655a0faa3e614afe72
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e99fdd17c91cbfd6a8252f73543838383e3561da7d4e7d6d2c3c2f37fb9040e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32c47e7ed8df34ade4df3660eecc0ebc7ea1327c77a695d35878ba4eb1330b21
3312e0acc9fa0335c1b87f521f6d9fbedf32d4e8427fd9bf84a5322484ec034e
35992a6eeea57b22c4179fe74e5960b813c33d6cbdb31150ed2f5eeb31afb11e
35fd5ad90e430375a8e537f250ed4cd745722071da87ee0d75baa72bd4db4dc2
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4759123e9756fadd07fd1c8bf1c2868d4978ab08634cdb323d680fdcada5202c
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9e38030580c4b658dc25dc26230fb5e20042da06ded2cbdae886d95f3fe282
520b4e2c07f40150c6ac4f77bfd5fa100d1b965b686abd9cee1d957f7a1729fe
54a4e1b06d7d315d0b271772be66033929e3c81444b8ce8a2bd1588cd219ffbb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e679bece98d4fc1e2df889adbdf495a7463bd6dbc525c8b13faaa8f3d06d521
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6d85e13feabd07fc9dd926cbf6f04765f9ebaa2162c42ededab92bb4a293a7dc
6e6f521e620cda671d13e0681e8839adb44dc03194e7b65e17386c4356938a9f
6ec7188772d0e9e1e1a1f439557d38462800ce4ec24d5c33a2d1e65453675ccc
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
749867d0a776f315cef5a0a4537171755fd24e9b8c20bcd0607fe451585eeea8
7945f8a7350107d1b336251280d0f934ff9213f2557b7af1036ad8821acf2015
7a0b8df1fe17b554edb1aba66b461fb42a5bcc66c4b3ab88200751d2151494d1
7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d
83c432c8975ac52c89809c67cafa4f474388da05e862862f53ab84709b7e9157
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
873821dbd6e5e00ce86ebaeb983c50f74aace735a415a072fada48d4f8aed1f7
8d9ae2b7028a6a49e23e56d9140974bd53824b2adb2178e5b1b1bbf07f3e287c
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9186f77331fc2d72b4580dae7c4320b3439b2c13f923fc660a2cbbf92a2d05de
91f914a631c40995b20b7d02b1ec35df7a31f6ae150656366795b4b5e13a91e0
981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc
99f3f237c0780ea51b979ef976ff8b355dd2d26f11d80c5dfde48e90cae1e48f
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a03884b3e2f2c9a4989876b09d7b6a866ef13ee1cef56b99ffe94f8fe24aff74
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6179deb1ba761d4618e9ddc97cfe472565c8f9b6869005f912a773b31b47752
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b
a99fef4e3831ac4b1dafb60ff7ec0f3f60823197568e036cf1af2c914d0cf82a
aa0970178f471e5c26b003b4a8b0dafa44a38569d27cace6c781eb4f7f286833
ab8cec541fe623ae88436b67bf5879bfe43dc40490c5308c2bc2496cb2d08709
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b741b5aeede27bc5d82c8e5af5a1d0209f705fc6b3b6351b5fbafe676ccc5c51
b8cd375f8b6eedbd237accb2ffdc8287c0546076af16a9a272b2f4513ca2e9a8
bc55f712c7d14651306093d28dffba0f649bd9f37ea365066249df215b5411bf
bc6de38dfc61e37edb39272ec2a797814fa52e96e79f28ac3f49c7be72946ddb
c22cb7830b98a45b9c1d2b616bbd521aa1a2289e413eac9e9773f945e24a631b
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c90f12c6181cfae274ea80394783919b2262c21c8ddd443f48bef54d60eed7e4
cab3655b3da6dd9deb058e29c03a5885822da03fba9b7f4901599ecb89757199
cf4645b043f2d4b54bb0b9395926dda39737f619f3cef08fa2d59cbecb976a95
d009b39f04caf0845989a68fb5ae77b26461866e6c524f0894042b62c76a814b
d0fd2d172ea8dd4c4210dcdb8db7b0eee77e84ddfd145d361e16ceee3ba05778
d74ec61d048e0489f6c6c8a232a456736453a4b72ba6f3a89756df4e07d27fb5
d997725a8025a24b4b9169a64be7d027090381db2c7facf3e052492d214f4fab
dcbe17f0efc34cd73263a16d825f7bdb2949dc96841a53bf79f6ed8b04c9961d
e0b37cd5597ee9d0259529a8bece1330f1f38a3de98b6990d14f7ca1c2840dcb
e1b31d2c759b70feb323517763d42345c6ea668259d71eebd1383c7fcf71e162
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a396e2046c9c92df3efa35fe1574914bfcf30836d6a08131903cab6a6457a3
e92fb5e72a96e02105cff63b444d96aba4cbb4f6d7356dcc6152f1fa295798e6
ea5deeec5b60816c8d44ee1be4b65d9654ed94d50ec87a7d6dbfb4063cba1e72
eaf6a1ef91e18ec3df8c6cdb7d68825db2c6f648b21564a6592d98cae4bb794f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efcde8759400a5cbb980773a502afedf3139e759cc88ba7ae9029886125315a1
f13ada807d5ce9f911ee02becb1c05e269bbe720d4148bab9c81028d59ce8567
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5bfa0897c0f16a090b1bbcd3a3aeb08de07b5468d25ea036111e3d1089caba7
f672a16c823879b9e372843962018298f49963e15f42f8459374b897c661173b
f7a682c19fb0cce0b3a5eef0c27e43282554e9f0255993509d82052c73179025
f900789cd4783dbd1f4e04bf0766182319701b645955ceacca2bc7d6ae6f6763

batstractor.all.biz Open in urlscan Pro 94.75.248.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

137 Requests

99 %HTTPS

77 %IPv6

14 Domains

29 Subdomains

27 IPs

7 Countries

3698 kBTransfer

5892 kBSize

18 Cookies

5 Outgoing links

Page URL History

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

batstractor.all.biz Open in urlscan Pro
94.75.248.129 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

99 %
HTTPS

77 %
IPv6

14
Domains

29
Subdomains

27
IPs

7
Countries

3698 kB
Transfer

5892 kB
Size

18
Cookies

137 HTTP transactions
6 data transactions