urlscan.io logo urlscan.io
SecurityTrails logo

dirteam.com Open in urlscan Pro
2a01:111:f100:9001::1761:90a2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dirteam.com/
Effective URL: https://dirteam.com/
Submission: On November 30 via api from GB — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 7 domains to perform 35 HTTP transactions. The main IP is 2a01:111:f100:9001::1761:90a2, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is dirteam.com.
TLS certificate: Issued by GeoTrust TLS DV RSA Mixed SHA256 2020... on July 16th 2021. Valid for: 8 months.
This is the only time dirteam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

19    2a01:111:f100:9001::1761:90a2 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dirteam.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
ad.doubleclick.net
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
1    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
7    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads4.g.doubleclick.net
3    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
19 dirteam.com 1 redirects dirteam.com
7 pagead2.googlesyndication.com ad.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
3 tpc.googlesyndication.com ad.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
2 googleads4.g.doubleclick.net ad.doubleclick.net
1 www.googletagservices.com ad.doubleclick.net
1 s0.2mdn.net ad.doubleclick.net
1 secure.gravatar.com dirteam.com
1 ad.doubleclick.net dirteam.com
1 fonts.googleapis.com dirteam.com
35 9

This site contains links to these domains. Also see Links.

Domain
www.nice.de
www.hornetsecurity.com
wordpress.org
Subject Issuer Validity Valid
*.dirteam.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-07-16 -
2022-03-17		 8 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://dirteam.com/
Frame ID: AEDEF4FC8A94B262EC8623DF0ACB5F82
Requests: 21 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N410401.2579635DIRTEAM.COM/B10754701.212169725;sz=300x250;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=
Frame ID: 55729C2A1524E6730A6B74A786B58852
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6848ABAC870AD12768FF83708456ACCD
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Frame ID: A3C20FD0CDF996274A5A085217D29EC3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The DirTeam.com / ActiveDir.org Weblogs -

Page URL History Show full URLs

  1. http://dirteam.com/ HTTP 301
    https://dirteam.com/ Page URL

Page Statistics

35
Requests

100 %
HTTPS

78 %
IPv6

7
Domains

9
Subdomains

10
IPs

4
Countries

830 kB
Transfer

1047 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dirteam.com/ HTTP 301
    https://dirteam.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dirteam.com/
Redirect Chain
  • http://dirteam.com/
  • https://dirteam.com/
76 KB
77 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dirteam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
640d065445224aa0f3e9769542c6264ced5f712951de213c417d34e37ab114ab
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

content-type
text/html; charset=UTF-8
server
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=31526000
x-powered-by
date
Tue, 30 Nov 2021 06:20:38 GMT
content-length
78287

Redirect headers

Content-Type
text/html; charset=UTF-8
Location
https://dirteam.com/
Server
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-POWERED-BY
Date
Tue, 30 Nov 2021 06:20:38 GMT
Content-Length
143
style.min.css
dirteam.com/wp-includes/css/dist/block-library/ 		79 KB
79 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dirteam.com/wp-includes/css/dist/block-library/style.min.css?ver=21ec3d77fc32e7b94e084215e5fa758f
Requested by
Host: dirteam.com
URL: https://dirteam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://dirteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 15:10:22 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
date
Tue, 30 Nov 2021 06:20:38 GMT
accept-ranges
bytes
content-length
80574
etag
"c6e2fbad7988d71:0"
orgSeries.css
dirteam.com/wp-content/plugins/organize-series/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dirteam.com/wp-content/plugins/organize-series/orgSeries.css?ver=21ec3d77fc32e7b94e084215e5fa758f
Requested by
Host: dirteam.com
URL: https://dirteam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
de5309a33f256c14a0cba8ff1b90c1e53390b587b9767f93d055b7685de1ae71
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://dirteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Sat, 12 Jan 2019 07:19:46 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
date
Tue, 30 Nov 2021 06:20:38 GMT
accept-ranges
bytes
content-length
5066
etag
"095113247aad41:0"
genericons.css
dirteam.com/wp-content/themes/twentysixteen/genericons/ 		28 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dirteam.com/wp-content/themes/twentysixteen/genericons/genericons.css?ver=20201208
Requested by
Host: dirteam.com
URL: https://dirteam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c6931dd2d227ee86b15d8c8e72c86bd42f2cec35e0375169a2d5c4ca2c079370
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://dirteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Sun, 14 Mar 2021 12:11:50 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
date
Tue, 30 Nov 2021 06:20:38 GMT
accept-ranges
bytes
content-length
28530
etag
"9e218e36cb18d71:0"
style.css
dirteam.com/wp-content/themes/twentysixteen/ 		73 KB
73 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dirteam.com/wp-content/themes/twentysixteen/style.css?ver=21ec3d77fc32e7b94e084215e5fa758f
Requested by
Host: dirteam.com
URL: https://dirteam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7ec9bafab3087edfcd72807fb7697bdc55e94eb953c0b1e1db42227b175d756a
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://dirteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Sun, 14 Mar 2021 12:11:50 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
date
Tue, 30 Nov 2021 06:20:38 GMT
accept-ranges
bytes
content-length
74741
etag
"205ca836cb18d71:0"
style.css
dirteam.com/wp-content/themes/dirteam-twentysixteen/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dirteam.com/wp-content/themes/dirteam-twentysixteen/style.css?ver=20201208
Requested by
Host: dirteam.com
URL: https://dirteam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fb5067168d61ca73eb7b546b6f0a366690ef5f5fed36ddc537abd593b1721cb3
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://dirteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Fri, 01 May 2020 11:53:34 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
date
Tue, 30 Nov 2021 06:20:38 GMT
accept-ranges
bytes
content-length
4458
etag
"18a65224af1fd61:0"
ctc-style.css
dirteam.com/wp-content/themes/dirteam-twentysixteen/ 		60 B
141 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dirteam.com/wp-content/themes/dirteam-twentysixteen/ctc-style.css?ver=21ec3d77fc32e7b94e084215e5fa758f
Requested by
Host: dirteam.com
URL: https://dirteam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fe164d22cac9657fae26f9a8b0be1298e0b734ed64fc77231eb16c8db4454cab
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://dirteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Thu, 11 Jan 2018 21:16:10 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
date
Tue, 30 Nov 2021 06:20:38 GMT
accept-ranges
bytes
content-length
60
etag
"0c9df66218bd31:0"
css
fonts.googleapis.com/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback
Requested by
Host: dirteam.com
URL: https://dirteam.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
14c5ee16c0e86b086e97c10427228797a2c54179e1f5dda1a9e45fa8f691aecc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dirteam.com/
Origin
https://dirteam.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 06:10:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 30 Nov 2021 06:20:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Nov 2021 06:20:38 GMT
blocks.css
dirteam.com/wp-content/themes/twentysixteen/css/ 		9 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dirteam.com/wp-content/themes/twentysixteen/css/blocks.css?ver=20190102
Requested by
Host: dirteam.com
URL: https://dirteam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
276c21deeb8e745dca1574f179a165b6d9a6351be60859e0b0b7d26adce86190
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://dirteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Sun, 14 Mar 2021 12:11:50 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
date
Tue, 30 Nov 2021 06:20:38 GMT
accept-ranges
bytes
content-length
9028
etag
"8cfa8636cb18d71:0"
jquery.min.js
dirteam.com/wp-includes/js/jquery/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dirteam.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: dirteam.com
URL: https://dirteam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://dirteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 15:10:27 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
date
Tue, 30 Nov 2021 06:20:38 GMT
accept-ranges
bytes
content-length
89521
etag
"d51fdab07988d71:0"
jquery-migrate.min.js
dirteam.com/wp-includes/js/jquery/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dirteam.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: dirteam.com
URL: https://dirteam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://dirteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Sun, 20 Dec 2020 13:51:11 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
date
Tue, 30 Nov 2021 06:20:38 GMT
accept-ranges
bytes
content-length
11224
etag
"b08b412dd7d6d61:0"
wp-emoji-release.min.js
dirteam.com/wp-includes/js/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dirteam.com/wp-includes/js/wp-emoji-release.min.js?ver=21ec3d77fc32e7b94e084215e5fa758f
Requested by
Host: dirteam.com
URL: https://dirteam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://dirteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 15:10:27 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
date
Tue, 30 Nov 2021 06:20:38 GMT
accept-ranges
bytes
content-length
18181
etag
"91be6b07988d71:0"
NiCE-Blog-Ad.png
dirteam.com/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dirteam.com/NiCE-Blog-Ad.png
Requested by
Host: dirteam.com
URL: https://dirteam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7fa6077c1d66bfa107a9ac67eb10706ec2b237c3c365123decbd649091de34a3
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://dirteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Wed, 14 Jul 2021 13:17:27 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
date
Tue, 30 Nov 2021 06:20:38 GMT
accept-ranges
bytes
content-length
81308
etag
"80cd6197b278d71:0"
altaro.png
dirteam.com/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dirteam.com/altaro.png
Requested by
Host: dirteam.com
URL: https://dirteam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
77a78881ca598d3b671a3cf5ba012c3f26f73e974ce5cdaf51a02abac694520e
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://dirteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Wed, 24 Nov 2021 18:23:00 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
date
Tue, 30 Nov 2021 06:20:38 GMT
accept-ranges
bytes
content-length
107106
etag
"05aa44f60e1d71:0"
skip-link-focus-fix.js
dirteam.com/wp-content/themes/twentysixteen/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dirteam.com/wp-content/themes/twentysixteen/js/skip-link-focus-fix.js?ver=20170530
Requested by
Host: dirteam.com
URL: https://dirteam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6d4083520c18bfdcdffb319248525ebf8f1a547326e10c02e6a0ed0b1722ae9a
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://dirteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Sun, 14 Mar 2021 12:11:50 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
date
Tue, 30 Nov 2021 06:20:38 GMT
accept-ranges
bytes
content-length
1059
etag
"c896a336cb18d71:0"
functions.js
dirteam.com/wp-content/themes/twentysixteen/js/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dirteam.com/wp-content/themes/twentysixteen/js/functions.js?ver=20181217
Requested by
Host: dirteam.com
URL: https://dirteam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
63f3a8e5cdabac89c583c9d8dd2337f096e16a2bdb531f705df453a1c00d3b6a
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://dirteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Sun, 14 Mar 2021 12:11:50 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
date
Tue, 30 Nov 2021 06:20:38 GMT
accept-ranges
bytes
content-length
7347
etag
"4e34a136cb18d71:0"
wp-embed.min.js
dirteam.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dirteam.com/wp-includes/js/wp-embed.min.js?ver=21ec3d77fc32e7b94e084215e5fa758f
Requested by
Host: dirteam.com
URL: https://dirteam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://dirteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Wed, 03 Feb 2021 23:29:33 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
date
Tue, 30 Nov 2021 06:20:38 GMT
accept-ranges
bytes
content-length
1426
etag
"aa33936d84fad61:0"
B10754701.212169725;sz=300x250;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=
ad.doubleclick.net/ddm/adi/N410401.2579635DIRTEAM.COM/ Frame 5572 		41 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N410401.2579635DIRTEAM.COM/B10754701.212169725;sz=300x250;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?
Requested by
Host: dirteam.com
URL: https://dirteam.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
0f329dcbd8f86398bed609d11875e0a6d489e0ced4993a7fa4355780298ea392
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://dirteam.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 30 Nov 2021 06:20:38 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
server
cafe
content-length
20986
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dirteamback.jpg
dirteam.com/wp-content/themes/dirteam-twentysixteen/images/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dirteam.com/wp-content/themes/dirteam-twentysixteen/images/dirteamback.jpg
Requested by
Host: dirteam.com
URL: https://dirteam.com/wp-content/themes/dirteam-twentysixteen/style.css?ver=20201208
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5f5c6dd5069c5dc026725bfc4448cba567b5c9b437f7357efc476dd5654727d4
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://dirteam.com/wp-content/themes/dirteam-twentysixteen/style.css?ver=20201208
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Sun, 03 May 2020 11:03:57 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-xss-protection
1; mode=block
date
Tue, 30 Nov 2021 06:20:38 GMT
accept-ranges
bytes
content-length
46891
etag
"8fdafc8a3a21d61:0"
dirteamlogo.png
dirteam.com/wp-content/themes/dirteam-twentysixteen/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dirteam.com/wp-content/themes/dirteam-twentysixteen/images/dirteamlogo.png
Requested by
Host: dirteam.com
URL: https://dirteam.com/wp-content/themes/dirteam-twentysixteen/style.css?ver=20201208
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cdae8f8a80e6ecf3e41e4ef656c59f81cc4cf3891153e05fe4b655acddd50aa6
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://dirteam.com/wp-content/themes/dirteam-twentysixteen/style.css?ver=20201208
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Fri, 12 Jan 2018 20:58:10 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
date
Tue, 30 Nov 2021 06:20:38 GMT
accept-ranges
bytes
content-length
20288
etag
"09d8ede88bd31:0"
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin
https://dirteam.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
97047ca745b7d30dea8dab6578ffc6bc
secure.gravatar.com/avatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/97047ca745b7d30dea8dab6578ffc6bc?s=49&d=mm&r=r
Requested by
Host: dirteam.com
URL: https://dirteam.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
95b37b2cde6fdf90d1ff367b3185818767a6071fad85cc3d854414ce7c0c8326

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://dirteam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT mxp 3
date
Tue, 30 Nov 2021 06:20:38 GMT
last-modified
Fri, 05 Feb 2016 07:55:21 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="97047ca745b7d30dea8dab6578ffc6bc.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/97047ca745b7d30dea8dab6578ffc6bc?s=49&d=mm&r=r>; rel="canonical"
content-length
1687
expires
Tue, 30 Nov 2021 06:25:38 GMT
5513532321585080284
s0.2mdn.net/simgad/ Frame 5572 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5513532321585080284
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N410401.2579635DIRTEAM.COM/B10754701.212169725;sz=300x250;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db084bc9b98ba9eb7b7b53df0ac8d9b71f4f4a487a3918cd4520df8e0004dab5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 08:38:41 GMT
x-content-type-options
nosniff
age
510118
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33849
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 15:20:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 24 Nov 2022 08:38:41 GMT
sodar_loader.js
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/xfa/ Frame 5572 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/xfa/sodar_loader.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N410401.2579635DIRTEAM.COM/B10754701.212169725;sz=300x250;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
806b4ea1a35d9a0327df2f3423b2792713d96cf9b2cafd5b3e0bc0b624eaaffa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 20:02:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37074
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4150
x-xss-protection
0
server
cafe
etag
7197913981456707621
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Dec 2021 20:02:45 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 5572 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N410401.2579635DIRTEAM.COM/B10754701.212169725;sz=300x250;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 06:09:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
646
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 06:09:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5572 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N410401.2579635DIRTEAM.COM/B10754701.212169725;sz=300x250;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 06:20:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 30 Nov 2021 06:20:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5572 		0
524 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuJFLCYzWcBJcmeGKUrq6u2H9EYXeq8Nyj0sCBBJZhuoVXA_F_P_GJqJOAublrcE-kgjjYVpYtuvXcPqgFH5O1HWluVLPLOPQ0QsW6O1Aj8cIzIng4g_ymgCOwBDXHQ&sig=Cg0ArKJSzIztIZUYc2xyEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=1&cisv=r20211111.72955&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N410401.2579635DIRTEAM.COM/B10754701.212169725;sz=300x250;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 06:20:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5572 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N410401.2579635DIRTEAM.COM/B10754701.212169725;sz=300x250;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 12:48:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
322354
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 26 Nov 2022 12:48:05 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5572 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccb8abd7c5e27d1c3a66f0993345df9300c55a3f46459f4224acb45a714cc9e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 06:20:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5165
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6848 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://ad.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 26 Nov 2021 12:48:06 GMT
expires
Sat, 26 Nov 2022 12:48:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
322353
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 5572 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuJFLCYzWcBJcmeGKUrq6u2H9EYXeq8Nyj0sCBBJZhuoVXA_F_P_GJqJOAublrcE-kgjjYVpYtuvXcPqgFH5O1HWluVLPLOPQ0QsW6O1Aj8cIzIng4g_ymgCOwBDXHQ&sig=Cg0ArKJSzIztIZUYc2xyEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=92&vt=11&dtpt=91&dett=2&cstd=1&cisv=r20211111.72955&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N410401.2579635DIRTEAM.COM/B10754701.212169725;sz=300x250;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 06:20:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5572 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 06:20:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 30 Nov 2021 06:20:39 GMT
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame 6848 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 00:04:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
108967
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Nov 2022 00:04:32 GMT
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame A3C2 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 00:04:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
108967
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Nov 2022 00:04:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6848 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLUyBtsKlYcqUNpidgQf5sqeYAwAAAAA4AeAEAg&bg=!sLOls_fNAAZQLpa_UC47ACkAdvg8WhhciQn2Q6dNMg2TQi5RrEuAkq26vnAgTjJY6HO_Oh68wjRJIAIAAABwUgAAAAdoAQeZAp8k9HDWojb-7lkxKl1mB2HV8lOXFO3V9lNWq3ZYjSUr3SD0xy0_Y9j3yexeIdKC23A3anzujs5RQFPup8gHUhbiatY0USKH5AJbBNhwonEii4Vw4gzBjfi4JGmZLujNkXY7B1TX3uP5OyttzFOJP4v7uSzvdchktdKhEUtL-eUvFSBx5H4UayM_pV7xLFdEr7ce5WLFeteEIYgXQJLvjMLJRG_fYvFvKa9Hod7Z7rUsovi1T9C-4VziNahfn7wnBR-O1ML8j2rZgnBynhUJ-emSq7oLEyIKAxprOnPJdPW6Sh6-sYklIpbEEOwQI8fI1tQAnGOQjmD2NLy3Qo5jX79m-90QwmZGkGit6Ws20z5LRXU1BRVEceswo3akXuFtGJvDMiGtu9dt9EWjdOaavczWKYiCgysmofaUvWmHO9YdCO_KzXRUq0Y-7oA9pAy0-8g0Hx899khVw99Wg_hI7eLepKCg3oAmHK8VZxCmqE4ICKwJQnQYmyyuCy6sWRO-PydlQBw3W5lJS2lvPk5fQsvF-8mkDpZaltx_MfnTDPiXc53OSMbmvUMHIOyc73DuK4EmruRrD35ab4AkUIlHzvn2NjsR4EGm913TbvevFnd17pIaF9jKUUir_yGPSbOA1Xf5e6fUnLFi3WSUgYIXkYKhZXhWSRIbNqOf3mIw4FIFz9gTOQ50Pvu2hnhGlu1zp8WXK53jK4Mfi8AXSIr-2u-5jTdThTithil_yDdGWyJxR97pMkYp6ZJONKLg6zkD5MC52JEw-oLaO8NunQIoVm-AY2j49_if0ZfAi5VrET3ql48Zv-tL1xrJ1Xx5kmNnuqABOqg6jourIv3_UTMseoeTjcil7SMISEPDTSisrIeK3GJ7_9aA8k5COL82vA5rMQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 06:20:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5572 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuaUKy2--GuBCpWSO7DUgnQIOo_iVrC6hZ0AKsfbyIX1MUHmmIjDYFgI98Ft5t6zVrEF87F3egOK2w4sR7KOqE&sig=Cg0ArKJSzOb1cFG2HGPQEAE&id=lidar2&mcvt=1004&p=0,0,250,300&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=33&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638253238813&rpt=295&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 06:20:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| _wpemojiSettings undefined| $ function| jQuery object| seriesdropdown undefined| onSeriesChange object| screenReaderText object| twemoji object| wp

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
dirteam.com
fonts.googleapis.com
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
s0.2mdn.net
secure.gravatar.com
tpc.googlesyndication.com
www.googletagservices.com
142.250.184.230
142.250.185.194
2a00:1450:4001:809::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:829::2001
2a01:111:f100:9001::1761:90a2
2a04:fa87:fffe::c000:4902
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
0f329dcbd8f86398bed609d11875e0a6d489e0ced4993a7fa4355780298ea392
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14c5ee16c0e86b086e97c10427228797a2c54179e1f5dda1a9e45fa8f691aecc
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
276c21deeb8e745dca1574f179a165b6d9a6351be60859e0b0b7d26adce86190
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5f5c6dd5069c5dc026725bfc4448cba567b5c9b437f7357efc476dd5654727d4
63f3a8e5cdabac89c583c9d8dd2337f096e16a2bdb531f705df453a1c00d3b6a
640d065445224aa0f3e9769542c6264ced5f712951de213c417d34e37ab114ab
6d4083520c18bfdcdffb319248525ebf8f1a547326e10c02e6a0ed0b1722ae9a
77a78881ca598d3b671a3cf5ba012c3f26f73e974ce5cdaf51a02abac694520e
7ec9bafab3087edfcd72807fb7697bdc55e94eb953c0b1e1db42227b175d756a
7fa6077c1d66bfa107a9ac67eb10706ec2b237c3c365123decbd649091de34a3
806b4ea1a35d9a0327df2f3423b2792713d96cf9b2cafd5b3e0bc0b624eaaffa
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
95b37b2cde6fdf90d1ff367b3185818767a6071fad85cc3d854414ce7c0c8326
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c6931dd2d227ee86b15d8c8e72c86bd42f2cec35e0375169a2d5c4ca2c079370
ccb8abd7c5e27d1c3a66f0993345df9300c55a3f46459f4224acb45a714cc9e5
cdae8f8a80e6ecf3e41e4ef656c59f81cc4cf3891153e05fe4b655acddd50aa6
db084bc9b98ba9eb7b7b53df0ac8d9b71f4f4a487a3918cd4520df8e0004dab5
de5309a33f256c14a0cba8ff1b90c1e53390b587b9767f93d055b7685de1ae71
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb5067168d61ca73eb7b546b6f0a366690ef5f5fed36ddc537abd593b1721cb3
fe164d22cac9657fae26f9a8b0be1298e0b734ed64fc77231eb16c8db4454cab