urlscan.io logo urlscan.io
SecurityTrails logo

onwardstate.com Open in urlscan Pro
2606:4700:10::6816:27a9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://onwardstate.com/
Effective URL: https://onwardstate.com/
Submission: On October 22 via api from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 95 IPs in 10 countries across 75 domains to perform 353 HTTP transactions. The main IP is 2606:4700:10::6816:27a9, located in United States and belongs to CLOUDFLARENET, US. The main domain is onwardstate.com. The Cisco Umbrella rank of the primary domain is 691060.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 2nd 2023. Valid for: a year.
This is the only time onwardstate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
47 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 192.0.77.2 2635 (AUTOMATTIC)
1 18.66.100.58 16509 (AMAZON-02)
2 192.0.76.3 2635 (AUTOMATTIC)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 151.101.1.44 54113 (FASTLY)
10 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 18.210.109.200 14618 (AMAZON-AES)
1 54.155.18.159 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.241.157.60 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
15 2a00:1450:400... 15169 (GOOGLE)
3 108.138.37.209 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 51.140.49.131 8075 (MICROSOFT...)
2 2600:1901:0:d... 15169 (GOOGLE)
3 2a03:2880:f08... 32934 (FACEBOOK)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 9 2a02:2638:3::c 44788 (ASN-CRITE...)
6 2001:4860:480... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:237... 16509 (AMAZON-02)
2 2620:116:800d... 16509 (AMAZON-02)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
3 2a02:2638:3::3 44788 (ASN-CRITE...)
1 172.64.152.89 13335 (CLOUDFLAR...)
2 65.9.66.97 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
3 2a00:1450:400... 15169 (GOOGLE)
2 46.228.174.115 56396 (AMOBEE)
1 5 37.252.171.21 29990 (ASN-APPNEX)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 145.40.97.67 54825 (PACKET)
2 4 51.75.86.98 16276 (OVH)
1 63.32.198.140 16509 (AMAZON-02)
1 3.67.114.76 16509 (AMAZON-02)
1 216.52.2.48 30282 (AS-INAPCD...)
3 6 104.18.26.193 13335 (CLOUDFLAR...)
1 35.186.253.211 15169 (GOOGLE)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
2 23.88.17.186 24940 (HETZNER-AS)
1 2a0c:5c87:523... 55081 (24SHELLS)
1 34.160.72.119 15169 (GOOGLE)
1 63.33.109.54 16509 (AMAZON-02)
2 2602:803:c003... 26667 (RUBICONPR...)
1 108.138.36.15 16509 (AMAZON-02)
1 18.173.191.32 16509 (AMAZON-02)
28 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20c... 16509 (AMAZON-02)
4 184.30.211.26 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
2 2a03:2880:f17... 32934 (FACEBOOK)
2 54.72.74.238 16509 (AMAZON-02)
1 3.71.149.231 16509 (AMAZON-02)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:1901:0:8... 15169 (GOOGLE)
1 131.153.158.209 60558 (SECUREDSE...)
3 162.19.138.116 16276 (OVH)
1 3.213.122.71 14618 (AMAZON-AES)
1 54.75.204.82 16509 (AMAZON-02)
1 2.16.97.41 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 35.244.159.8 15169 (GOOGLE)
1 162.19.138.119 16276 (OVH)
29 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:237... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 8 52.31.202.100 16509 (AMAZON-02)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 142.250.181.226 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2001:678:cb4:... 56396 (AMOBEE)
7 18 142.250.186.130 15169 (GOOGLE)
1 1 54.164.154.71 14618 (AMAZON-AES)
1 1 124.146.153.168 2514 (INFOSPHER...)
1 1 52.45.175.185 14618 (AMAZON-AES)
1 35.156.97.229 16509 (AMAZON-02)
1 2 35.186.194.101 15169 (GOOGLE)
1 2.19.105.55 16625 (AKAMAI-AS)
1 2600:9000:20c... 16509 (AMAZON-02)
18 3.227.250.195 14618 (AMAZON-AES)
3 130.211.44.5 15169 (GOOGLE)
1 142.250.185.134 15169 (GOOGLE)
1 1 134.122.57.34 14061 (DIGITALOC...)
1 185.86.138.154 201081 (SMARTADSE...)
1 1 20.127.253.7 8075 (MICROSOFT...)
1 1 2.16.238.17 20940 (AKAMAI-ASN1)
353 95
1    2606:4700:10::ac43:e8a (United States)

ASN13335 (CLOUDFLARENET, US)
onwardstate.com
47    2606:4700:10::6816:27a9 (United States)

ASN13335 (CLOUDFLARENET, US)
onwardstate.com
images.onwardstate.com
1    2606:4700:3038::6815:eab1 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adapex.io
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com
i0.wp.com
1    18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net
cdn.parsely.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
3    2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
1    2a00:1450:4001:81c::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
survey.g.doubleclick.net
4    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
10    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.210.109.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-109-200.compute-1.amazonaws.com
api.parsely.com
1    54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
p1.parsely.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    192.241.157.60 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture.analytics.hbwrapper
cat.hbwrapper.com
1    2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cloudflare.com
15    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    108.138.37.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-37-209.muc50.r.cloudfront.net
c.amazon-adsystem.com
6    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    51.140.49.131 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
secure.leadforensics.com
2    2600:1901:0:d733::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
sixscissors.com
3    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
9    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
6    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
8    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
7    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
1    2600:9000:237d:5a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
6    2606:4700:10::6816:15d (United States)

ASN13335 (CLOUDFLARENET, US)
boot.pbstck.com
cdn.pbstck.com
intake.pbstck.com
2    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2600:9000:225b:1400:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    2600:9000:223c:b800:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
connectid.analytics.yahoo.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
3    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
2    65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
3    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
2    46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)
targeting.unrulymedia.com
5    37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
1    63.32.198.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-198-140.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    3.67.114.76 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-114-76.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    216.52.2.48 (New York, United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
6    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    23.88.17.186 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.186.17.88.23.clients.your-server.de
shb.richaudience.com
1    2a0c:5c87:5239::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
1    34.160.72.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.72.160.34.bc.googleusercontent.com
pbs.optidigital.com
1    63.33.109.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-109-54.eu-west-1.compute.amazonaws.com
hb.minutemedia-prebid.com
2    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    108.138.36.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-15.muc50.r.cloudfront.net
config.aps.amazon-adsystem.com
1    18.173.191.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-191-32.muc50.r.cloudfront.net
aax.amazon-adsystem.com
28    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2600:9000:20c3:9000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
4    184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
7    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    54.72.74.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-74-238.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
1    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
1    131.153.158.209 (United States)

ASN60558 (SECUREDSERVERS-EU, US)
id.a-mx.com
3    162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
1    3.213.122.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-122-71.compute-1.amazonaws.com
idx.liadm.com
1    54.75.204.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-204-82.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com
at.teads.tv
1    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
1    2a02:fa8:8806:12::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
proc.ad.cpe.dotomi.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
1    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
lb.eu-1-id5-sync.com
29    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2600:9000:237d:4600:1b:83f3:bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.yieldmo.com
3    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
8    52.31.202.100 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-202-100.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
4    2a02:26f0:3500:d::1732:83d6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
4    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
18    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
1    54.164.154.71 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-154-71.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    124.146.153.168 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com
im.bluevoox.com
1    35.156.97.229 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-97-229.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.186.194.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com
ad.sxp.smartclip.net
1    2.19.105.55 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-105-55.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    2600:9000:20c3:3e00:1e:fdf8:aac0:93a1 (United States)

ASN16509 (AMAZON-02, US)
matchadsrvr.yieldmo.com
18    3.227.250.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-250-195.compute-1.amazonaws.com
kinesis.us-east-1.amazonaws.com
3    130.211.44.5 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 5.44.211.130.bc.googleusercontent.com
rtb0.doubleverify.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
1    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
ad.doubleclick.net
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    185.86.138.154 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
1    2.16.238.17 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-17.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
Apex Domain
Subdomains		 Transfer
60 googlesyndication.com
3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
953 KB
50 doubleclick.net
survey.g.doubleclick.net — Cisco Umbrella Rank: 28721
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
ad.doubleclick.net — Cisco Umbrella Rank: 173
314 KB
48 onwardstate.com
onwardstate.com — Cisco Umbrella Rank: 691060
images.onwardstate.com — Cisco Umbrella Rank: 946622
248 KB
18 amazonaws.com
kinesis.us-east-1.amazonaws.com — Cisco Umbrella Rank: 1281
5 KB
12 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2714
www.google.com — Cisco Umbrella Rank: 2
2 KB
11 yieldmo.com
static.yieldmo.com — Cisco Umbrella Rank: 2885
ads.yieldmo.com — Cisco Umbrella Rank: 752
matchadsrvr.yieldmo.com — Cisco Umbrella Rank: 3270
127 KB
10 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 478
bidder.criteo.com — Cisco Umbrella Rank: 895
mug.criteo.com — Cisco Umbrella Rank: 2541
15 KB
10 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
479 KB
8 wp.com
i0.wp.com — Cisco Umbrella Rank: 4163
stats.wp.com — Cisco Umbrella Rank: 3047
pixel.wp.com — Cisco Umbrella Rank: 2968
208 KB
7 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 541
rtb0.doubleverify.com — Cisco Umbrella Rank: 941
tps.doubleverify.com — Cisco Umbrella Rank: 562
tpsc-ew1.doubleverify.com
126 KB
7 google.nl
www.google.nl — Cisco Umbrella Rank: 8860
830 B
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
region1.google-analytics.com — Cisco Umbrella Rank: 2250
21 KB
6 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 570
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
4 KB
6 pbstck.com
boot.pbstck.com — Cisco Umbrella Rank: 8069
cdn.pbstck.com — Cisco Umbrella Rank: 8976
intake.pbstck.com — Cisco Umbrella Rank: 8654
24 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
492 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
18 KB
5 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1164
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1073
id.crwdcntrl.net — Cisco Umbrella Rank: 2704
25 KB
5 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1156
id5-sync.com — Cisco Umbrella Rank: 470
62 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 334
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 657
aax.amazon-adsystem.com — Cisco Umbrella Rank: 426
72 KB
4 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2033
a.ad.gt — Cisco Umbrella Rank: 2191
5 KB
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1235
106 KB
4 openx.net
rtb.openx.net — Cisco Umbrella Rank: 912
oajs.openx.net — Cisco Umbrella Rank: 1906
google-bidout-d.openx.net — Cisco Umbrella Rank: 1919
920 B
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 913
1 KB
4 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1126
pm-widget.taboola.com — Cisco Umbrella Rank: 3680
252 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
74 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
206 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3981
onesignal.com — Cisco Umbrella Rank: 1303
73 KB
3 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3328
api.parsely.com — Cisco Umbrella Rank: 10404
p1.parsely.com — Cisco Umbrella Rank: 2550
19 KB
2 smartclip.net
ad.sxp.smartclip.net — Cisco Umbrella Rank: 4437
871 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1024
r.turn.com — Cisco Umbrella Rank: 4738
869 B
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
207 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
216 B
2 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 563
7 KB
2 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 4325
469 B
2 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1206
x.bidswitch.net — Cisco Umbrella Rank: 387
512 B
2 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 966
163 B
2 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1319
lexicon.33across.com — Cisco Umbrella Rank: 1726
5 KB
2 yahoo.com
connectid.analytics.yahoo.com — Cisco Umbrella Rank: 5736
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
9 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1348
pixel.quantserve.com — Cisco Umbrella Rank: 1147
10 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
3 KB
2 sixscissors.com
sixscissors.com
24 KB
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2907
1013 B
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1484
710 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 951
75 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2536
550 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4701
400 B
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 14303
519 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1247
1017 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 915
1 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1145
275 B
1 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3029
462 B
1 teads.tv
at.teads.tv — Cisco Umbrella Rank: 5088
338 B
1 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 2639
312 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 2241
268 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2088
10 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1263
642 B
1 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 4304
429 B
1 optidigital.com
pbs.optidigital.com — Cisco Umbrella Rank: 53388
1 KB
1 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 5991
1 KB
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 754
401 B
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 761
168 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1090
276 B
1 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 581
112 B
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2587
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2118
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2931
3 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 720
482 B
1 leadforensics.com
secure.leadforensics.com — Cisco Umbrella Rank: 36833
336 B
1 cloudflare.com
cloudflare.com — Cisco Umbrella Rank: 126
457 B
1 hbwrapper.com
cat.hbwrapper.com — Cisco Umbrella Rank: 17630
260 B
1 gstatic.com
fonts.gstatic.com
24 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
991 B
1 adapex.io
cdn.adapex.io — Cisco Umbrella Rank: 26465
189 KB
0 aura-dsp.com Failed
sync-dmp.aura-dsp.com Failed
0 rlcdn.com Failed
api.rlcdn.com Failed
353 75
Domain Requested by
44 onwardstate.com 1 redirects onwardstate.com
29 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.googletagservices.com
3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
onwardstate.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
ad.doubleclick.net
28 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
onwardstate.com
googleads.g.doubleclick.net
18 kinesis.us-east-1.amazonaws.com static.yieldmo.com
18 cm.g.doubleclick.net 7 redirects 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
googleads.g.doubleclick.net
15 securepubads.g.doubleclick.net cdn.adapex.io
www.googletagservices.com
securepubads.g.doubleclick.net
onwardstate.com
10 www.googletagservices.com onwardstate.com
securepubads.g.doubleclick.net
3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
cdn.doubleverify.com
www.googletagservices.com
8 ads.yieldmo.com 1 redirects 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
static.yieldmo.com
8 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
7 www.google.com onwardstate.com
tpc.googlesyndication.com
3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
7 www.google.nl onwardstate.com
7 gum.criteo.com 2 redirects cdn.taboola.com
static.criteo.net
cdn.adapex.io
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
6 www.googletagmanager.com onwardstate.com
www.googletagmanager.com
cdn.adapex.io
www.google-analytics.com
6 i0.wp.com onwardstate.com
5 ib.adnxs.com 1 redirects cdn.adapex.io
googleads.g.doubleclick.net
5 region1.analytics.google.com www.googletagmanager.com
4 googleads4.g.doubleclick.net onwardstate.com
ad.doubleclick.net
4 cdn.doubleverify.com 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
cdn.doubleverify.com
onwardstate.com
4 secure.cdn.fastclick.net onwardstate.com
secure.cdn.fastclick.net
4 onetag-sys.com 2 redirects cdn.adapex.io
3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
4 images.onwardstate.com onwardstate.com
3 dsum-sec.casalemedia.com 1 redirects googleads.g.doubleclick.net
3 googleads.g.doubleclick.net 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
pagead2.googlesyndication.com
3 id5-sync.com cdn.adapex.io
3 id.hadron.ad.gt cdn.hadronid.net
cdn.adapex.io
3 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 static.criteo.net securepubads.g.doubleclick.net
cdn.adapex.io
static.criteo.net
3 connect.facebook.net onwardstate.com
connect.facebook.net
3 c.amazon-adsystem.com cdn.adapex.io
c.amazon-adsystem.com
2 ad.sxp.smartclip.net 1 redirects googleads.g.doubleclick.net
2 ssum-sec.casalemedia.com 2 redirects
2 s0.2mdn.net 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
2 static.yieldmo.com onwardstate.com
srcdoc
2 intake.pbstck.com onwardstate.com
2 mug.criteo.com onwardstate.com
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 www.facebook.com onwardstate.com
2 oajs.openx.net 1 redirects onwardstate.com
2 cdn.pbstck.com boot.pbstck.com
2 fastlane.rubiconproject.com cdn.adapex.io
2 shb.richaudience.com cdn.adapex.io
2 targeting.unrulymedia.com cdn.adapex.io
2 tags.crwdcntrl.net securepubads.g.doubleclick.net
onwardstate.com
2 cdn.id5-sync.com securepubads.g.doubleclick.net
onwardstate.com
2 boot.pbstck.com www.googletagmanager.com
2 cdn.jsdelivr.net cdn.adapex.io
securepubads.g.doubleclick.net
2 sixscissors.com onwardstate.com
sixscissors.com
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 cdn.taboola.com onwardstate.com
cdn.taboola.com
2 cdn.onesignal.com onwardstate.com
cdn.onesignal.com
1 tpsc-ew1.doubleverify.com cdn.doubleverify.com
1 analytics.pangle-ads.com 1 redirects
1 sync.inmobi.com 1 redirects
1 ssbsync.smartadserver.com 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
1 match.adsby.bidtheatre.com 1 redirects
1 tps.doubleverify.com cdn.doubleverify.com
1 ad.doubleclick.net www.googletagservices.com
1 rtb0.doubleverify.com cdn.doubleverify.com
1 matchadsrvr.yieldmo.com static.yieldmo.com
1 ad.yieldlab.net googleads.g.doubleclick.net
1 x.bidswitch.net 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
1 im.bluevoox.com 1 redirects
1 tg.socdm.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 r.turn.com 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 lb.eu-1-id5-sync.com cdn.adapex.io
1 google-bidout-d.openx.net oa.openxcdn.net
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 a.ad.gt cdn.hadronid.net
1 at.teads.tv cdn.adapex.io
1 id.crwdcntrl.net cdn.adapex.io
1 idx.liadm.com cdn.adapex.io
1 id.a-mx.com cdn.adapex.io
1 lexicon.33across.com cdn.adapex.io
1 region1.google-analytics.com www.googletagmanager.com
1 pixel.quantserve.com onwardstate.com
1 ups.analytics.yahoo.com connectid.analytics.yahoo.com
1 cdn.hadronid.net onwardstate.com
1 rules.quantcount.com secure.quantserve.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 hb.minutemedia-prebid.com cdn.adapex.io
1 pbs.optidigital.com cdn.adapex.io
1 ghb.adtelligent.com cdn.adapex.io
1 bidder.criteo.com cdn.adapex.io
1 rtb.openx.net cdn.adapex.io
1 htlb.casalemedia.com cdn.adapex.io
1 ap.lijit.com cdn.adapex.io
1 grid.bidswitch.net cdn.adapex.io
1 ad.360yield.com cdn.adapex.io
1 prebid.a-mo.net cdn.adapex.io
1 hbopenbid.pubmatic.com cdn.adapex.io
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 connectid.analytics.yahoo.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 pixel.wp.com onwardstate.com
1 secure.quantserve.com www.googletagmanager.com
1 static.adsafeprotected.com onwardstate.com
1 onesignal.com cdn.onesignal.com
1 secure.leadforensics.com www.googletagmanager.com
1 cloudflare.com cdn.adapex.io
1 cat.hbwrapper.com cdn.adapex.io
1 fonts.gstatic.com fonts.googleapis.com
1 p1.parsely.com onwardstate.com
1 api.parsely.com onwardstate.com
1 survey.g.doubleclick.net onwardstate.com
1 stats.wp.com onwardstate.com
1 cdn.parsely.com onwardstate.com
1 fonts.googleapis.com onwardstate.com
1 cdn.adapex.io onwardstate.com
0 sync-dmp.aura-dsp.com Failed 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
0 api.rlcdn.com Failed cdn.adapex.io
353 116

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.twitter.com
instagram.com
www.youtube.com
www.statecollege.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
adapex.io
E1		 2023-08-29 -
2023-11-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
cat.hbwrapper.com
R3		 2023-09-30 -
2023-12-29		 3 months crt.sh
cloudflare.com
Cloudflare Inc ECC CA-3		 2023-10-02 -
2023-12-31		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.leadforensics.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-17 -
2023-12-16		 a year crt.sh
sixscissors.com
R3		 2023-09-05 -
2023-12-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-31 -
2023-10-29		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
pbstck.com
Cloudflare Inc ECC CA-3		 2023-06-04 -
2024-06-03		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
connectid.analytics.yahoo.com
GlobalSign ECC OV SSL CA 2018		 2023-08-15 -
2024-02-08		 6 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-08-26 -
2023-11-24		 3 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.a-mo.net
R3		 2023-10-06 -
2024-01-04		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-09-29 -
2023-12-28		 3 months crt.sh
pbs.optidigital.com
GTS CA 1D4		 2023-08-27 -
2023-11-25		 3 months crt.sh
*.minutemedia-prebid.com
Amazon ECDSA 256 M01		 2023-04-18 -
2024-05-16		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-10-05 -
2024-01-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-10-01 -
2023-12-30		 3 months crt.sh
id.a-mx.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-12 -
2024-11-10		 a year crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-08-31 -
2024-09-28		 a year crt.sh
teads.tv
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
static.yieldmo.com
Amazon RSA 2048 M02		 2023-05-21 -
2024-06-18		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-07 -
2024-05-07		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
kinesis.us-east-1.amazonaws.com
Amazon RSA 2048 M01		 2023-03-08 -
2024-03-07		 a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2023-09-29 -
2024-09-28		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh

This page contains 24 frames:

Primary Page: https://onwardstate.com/
Frame ID: F0DEB76F520C00F2565C6B5CF68806B2
Requests: 198 HTTP requests in this frame

Frame: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DF9579B78CDBFEB338657DF6240871C9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkQtSCnJscIzD3Ny1-MT6pza2tcLzgIFMcctKHRjRJBPRF0Tv74xj65mwHspO81V2fSgJ9RP38KkFnZfQ82aSkaTpGAia8ShihEX_xdcCyEqVnA2ZGyO3xqZp1QOfT718Ge6HMdgJZnddAzoLdbnE7dC1A4zSOEFhe-3bcsvtzQtZS8ypodKU7EXwIk_-upDr9z9Sbdh0Rxc1ShmT7Ms-AN78QnUfY4zNLGobZ_8O5utRODuQyjpJVCsLrebFVdwg-X0iKoPlTBeITeLqA-WADH36zSSmqflm5f1B9S91z_9XbRz0LwTJmr-0hbz1tRMUPyRX-Cojy6odN&sai=AMfl-YTobb6883nZSX0sWWoaTeRtE1b3Ja7b0iRz7jQosdukgQK-lbmT7CU8o5wjZ8LIrI0-aghYG6whnU037nesdLSYDYsjh9KRslb7miU_HRJl5rG95Pq9qlasEuvS-NWiA97tRE00IZ6rLkFUgp8&sig=Cg0ArKJSzLqFMJEddX6gEAE&uach_m=[UACH]&adurl=
Frame ID: 35C22A396035C94A5A8B0169B2AA8C50
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQaE2DNoCKL1y6O-ZmDQb5f66jwTbuh6r033AM0Qv8S7FDTHHrhziH3cbV35QcepH_E3kJxSvUvEgWLI2OYuMLoQ1VxaiidZ7L_clQEyp3DFBrb9ZhdhqQtCid1SR-jxu0YMJAtv7ImPA9j3U3TqlS4JHJX6see5fmEVYRvecWqpd12C9LKm_oo9I8jjY9JyYTR489MtD4yYOaMCoG5EmlfP1KdeInoAIm24JdnzJCutc7yTwhrSamhp-PcBZEZdJN12tvrmwGOynnqqnR-vTWTIYUUE-umWJL5u0UQNxvTLr30zQJoPhWsp94fy-h4EiJUXAx824AO2I69mvb&sai=AMfl-YTQ_SO5n7-VD0HO3waCJcVJJ_Fl46SQictvuhYzufsjLo4-nNJb7qfG91-StWmIfIzlCfKltUkgzLxRjgxDESsiGuFjqRAfBCvmnFubodpPmjgag7TNTsC9thW_Cd4hkCxMaf35gNlE5HeMQwY&sig=Cg0ArKJSzHVdDSr6dFwpEAE&uach_m=[UACH]&adurl=
Frame ID: D474CDB6E54C8EACE7628E03B1CD6E73
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwZ_vp5Zh30-TJhYR45Z0jw7RwLP8WTMJ6pc1K39KUFPsefRiaaW_du0X3M_s6Qzv3GVLu1tGAhwdpQmaBnUU0USrko3Escau0ZMj6NaIN7PUOaYgRhRihAbYhjSiBYmNFyHy_nPiN4nG-0ig_cd3U5T4PRqQHH7inCPixhU5721U7WF2clJaK9pJdC2hz3W3M1XN-LCIoNqLFAaBjERJ9wwA-4t2__syxXBOIE7zBNmAm3wksQux2wtAoqWue5jX9P5MqZ-1motTX-Wfn5WsVBGIKET_DR5Sc23x09KsPs3JZes72fYXtc2w3VWep1bcauhIetNkj3P5c&sai=AMfl-YRssxypnpV3Tahb_XrSAiziQetiTdBjZsX9Olk9sEw2MkHGySqUueFSzj0XlWk8I0YE_R8bgMlZWsNWS1fiVwKiQvdVEInqb83megUyyXSbb6xpe3t2yzJuPSvCkNHL7PTdo6jjlU753-1QXDk&sig=Cg0ArKJSzK2EaaxxOIJIEAE&uach_m=[UACH]&adurl=
Frame ID: A08A16FF521E355A1F0A5278BFE31E96
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsueQIMgYx8ORUL-Fn1cP5Iq9kE7LBNDVcU104aGFBYUmuTKP9_mizsxdJsmEK83M9j7EiaNLG9ABYC_gBsp33Z3A4Oru36pxYiMyFZZICMuX9pI_QQlC0tc_pulpynPk3ZDd6uKNHWfRI42YKZ4cX6Cepjfokozu-sb0Bdviegi0W4zuEGoA9Ivdh7n9CAtCOC9uv7K8lxHY-TihK4bN--NlMKKsWOdMcRActVxzXn2dBOm7IENnh6IoRYrxND95SmEBZ4J2hNmwddoG0lKb6tp6mITfI_jrRuUfGmtVCGzeQGgBZUVIRYgAH5-ZXSBLDMUFnFM2Q4&sai=AMfl-YQP9FOT9YH62I4Sm3opNQjkJFW4xhkXE05UIhEZNzBRY9ODy0K7AuX0T12p-NMIF29rlnP8Ue0dIbVQKw89IRIFHqUy16UR5FjTkDSBXnaZJbsg9HE9i36Gkpc97ImFt01d9CKUVNF-Y8Dj7EI&sig=Cg0ArKJSzMJhVbYxnUljEAE&uach_m=[UACH]&adurl=
Frame ID: 04EEFEE5751128210E49BD398B74F363
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUAA5-3Ym1Eo-bsYmsxiCziufsrJ2ieSb4r44t3U2orqg_kZbqwQHUSTCDhgwjTM2UElnpyQIy6yQeHvAf-999zORC8arF7cpTY4A-u9QsaNrXqw1BELEWkE0gKyiSVrDmERukU16p-gGsMhOqQxGiQLeRMipy149WgIJVBUM5AKZeR98-YpvRruaZ06nc2Lx-AAFAW_Wx0NZVQXSkVARUR1gTV3t543wIbwvp_wXPULkqMzLH-v1-p1n9LwsBR9a4XQgYU9kQgq6aRgNjBdXd9XOL4yhp6hovlmR8N049uJYn7TAHRoYgCrN_JG9208wU-1sETktR1VnaxA&sai=AMfl-YSFGndzkGsR4piQpc2_nNXiXFj4wZN3dtpfvxG0G1Q-lFsK66yEcj25LBKsUXXqBwi3SgxfmjEyJEWE25mNNbtD0MnkhnXcOz-FE4UW90EwGisD7k7OQKBCEbCBXN3cWlCkWyVVm42FJPrRhMI&sig=Cg0ArKJSzOXlIhfFi--DEAE&uach_m=[UACH]&adurl=
Frame ID: 536C19FD22F4D84AA9581FA7D3CAB684
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=onwardstate.com
Frame ID: 520AD3E386E45AE485E70F6D2B0A1068
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 90DA3E3DC0874929C0D1A0ED112C6A2E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 790C5044F5AD27481839AFE69C09EE73
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C998CE868F6FBA7D6603E840FF9B6511
Requests: 2 HTTP requests in this frame

Frame: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 02415F03CD03E760588A8084CA1BFDF5
Requests: 48 HTTP requests in this frame

Frame: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8B59AC0F4CD7A1E06B873E025AA4ACDF
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYvf-BvQEwAQ&v=APEucNUpq6a-zBE0zdekKMvYKte7TLhXYqmpwTvxzby-fqmfrYsrHdEIf9IwPk7vdiReDJtJmXlwH2BRj1fbEO5m1SXmDq9MnUexEzcxA3VyAreEvc4NbH8
Frame ID: A6557175B8F746650CC053B5D9B47709
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYnLX88wEwAQ&v=APEucNWdJILPG_036g5JeggPuuLEwBuB79sNMVNwgzRK0Uja7xLysgYdukJ2SkZrlDDi_2_bsZ_f0iUwVRZDKywo9G9NN9lQkbCFc4L5yrOrnGiQ0QkuPaMjDTx4ccRp1tpfiNpDm7kAt-ve9QKow8RndPjlunNNLd1RPJYysj6Ak5bcHOQPUUza9iIVZjLm7utVGlmFtrADU4MXyAmwMoN22b5wjUMXZQ
Frame ID: FBFCC09D9560CCEAA7335A6AD4279168
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 296B9A0E4BEA15DD0A86C18924E34C05
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AD1AA2914833250948A66294B5339CF9
Requests: 3 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: BFCB76192EB47EDADF232A216B146581
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=onwardstate.com
Frame ID: 1BA340F7F4CD1791816C71955248166F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4FDE1333E8594E3E54713B5D388A85CB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F72A451A0C2150C4452BA9FF9EB99FDF
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4826.js
Frame ID: A71BF1045F8711205726952247C482DB
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E37C30040EA84AE60B12C0FE00299F23
Requests: 9 HTTP requests in this frame

Frame: https://static.yieldmo.com/images/ad-choices.svg
Frame ID: DBE53AC17804385384011F8096A3606C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Onward State | Penn State Blog by PSU Students | News, Features, and Opinion

Page URL History Show full URLs

  1. http://onwardstate.com/ HTTP 301
    https://onwardstate.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

353
Requests

93 %
HTTPS

46 %
IPv6

75
Domains

116
Subdomains

95
IPs

10
Countries

4435 kB
Transfer

12590 kB
Size

55
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://onwardstate.com/ HTTP 301
    https://onwardstate.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 176
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fonwardstate.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fonwardstate.com%2F&rid=esp&cc=1
Request Chain 189
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=onwardstate.com&sn=ChromeSyncframe&so=0&topUrl=onwardstate.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=9_z_GnxaUXkvMzE5OE1nTGFIUklGL2h1eHJRNCtMRXhHRlZOOXFaQ0xoRXdLcXlaQldmenZoMjBDLytIQko5bHVYQm1uSjdJUXVYVjkwdUt6dkg3V1dKRjlxU0NnMndJazlRSUJqSG5RSWlYQm1UUk96VXdvRCthdm9YVGx6Wmd3UmhFbzhHenFucmRETkVITHJiZ3o3V3RYS1ZTUUlXNm45R0h6em5tV29xZlA5dFBmQmQ2NTRycW4rbllwbkh4R3UrTElHMitSeUNJMXRLdlBhbkVRYjFqVEl5YTNkb0Vsc1E2aUhIL0FtaEh2bmNadDdjMDNnZ3JRcklWbjRzazA5RVFHLyt3WVNxV29FcmRzS2VPVUE4V2YzbUM5b1lqOW1tR1MxRUMwVjdkSUtCZz18&cppv=2
Request Chain 270
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAMxp2tzwSHe26adLyKINOY&google_cver=1&google_push=AXcoOmS1mESiGPo6XaEngHZ0YBExmsj2MHtiS4CvM6MmuYfmCUcleUZqiqpzlte3uW9yrUItZVi9AJJGDq3mA2hn6YQUYN0KGLrK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODQwODU1MzY5NTA1OTQ3NTIzMg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAMxp2tzwSHe26adLyKINOY&google_cver=1
Request Chain 271
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESECvCq-kiLSVub_ZahxQk88g&google_cver=1&google_push=AXcoOmRX7mSJs1tpbs5YJYJ1fy68nLgkSssSxwJ40l3hV6F_d4P4csc4I8v0Mi2I8Rl-gZDGFpKs9kd0Si9sh0PgDyGReOiGhxk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=-9gN4wn2VzN9WIsEzmkrx1_TX_g&google_push=AXcoOmRX7mSJs1tpbs5YJYJ1fy68nLgkSssSxwJ40l3hV6F_d4P4csc4I8v0Mi2I8Rl-gZDGFpKs9kd0Si9sh0PgDyGReOiGhxk
Request Chain 272
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEC4R9g_i_eGzva1owYQzt3g&google_cver=1&google_push=AXcoOmR60VoTkE_OcnHFfeDM69JFpwqBVutLixArN06VFhWC2N6F57X8ZAkVwA_pH5fVBwwzr4qI5tXaVVhyX3I5KVvtesGR01E HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEC4R9g_i_eGzva1owYQzt3g&google_push=AXcoOmR60VoTkE_OcnHFfeDM69JFpwqBVutLixArN06VFhWC2N6F57X8ZAkVwA_pH5fVBwwzr4qI5tXaVVhyX3I5KVvtesGR01E&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC4R9g_i_eGzva1owYQzt3g&google_hm=ZTSHqz6Ar_q996Y3Z6ogYgAADGUAAAAB&google_nid=index&google_push=AXcoOmR60VoTkE_OcnHFfeDM69JFpwqBVutLixArN06VFhWC2N6F57X8ZAkVwA_pH5fVBwwzr4qI5tXaVVhyX3I5KVvtesGR01E
Request Chain 273
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMudAFxzmMEYDKnmpPYQd2A&google_cver=1&google_push=AXcoOmT-DOK3ENKThWflIKUI_UKlbLAq816Q8vpuS9fwZ6kL05qi-KpI_ImOOvkwdAgub8T-L0yMbfAeoLK5TW-2fh8IhsfLF7u9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT-DOK3ENKThWflIKUI_UKlbLAq816Q8vpuS9fwZ6kL05qi-KpI_ImOOvkwdAgub8T-L0yMbfAeoLK5TW-2fh8IhsfLF7u9
Request Chain 274
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEOZLmTImXZjq45MKIRN0rpE&google_cver=1&google_push=AXcoOmSqE1vgpa3yacEW8p2uDptbAhN_-6xkNB_XqYErgnzkvb0tP7K2TKlr2pLWY7JlEucUvYVv5e8PRSmLVupi_xFAqm9Ix7qn HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmSqE1vgpa3yacEW8p2uDptbAhN_-6xkNB_XqYErgnzkvb0tP7K2TKlr2pLWY7JlEucUvYVv5e8PRSmLVupi_xFAqm9Ix7qn&google_hm=WlRTSHJNQ284WDhBQUU2RXBrUUFBQUFB
Request Chain 275
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEIUAeKhTLGAMV5m9vyK06Jg&google_cver=1&google_push=AXcoOmSMEH1zaO8JK2TV65KMrLzwdjeODobHAfsI3ho2ovD2O2RU7EA99YF01F4sbgG6CRLIo4Q969e104OgYfwiioBSeYP3EEYA6g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSMEH1zaO8JK2TV65KMrLzwdjeODobHAfsI3ho2ovD2O2RU7EA99YF01F4sbgG6CRLIo4Q969e104OgYfwiioBSeYP3EEYA6g&google_hm=QlMuMWJmNi1hZjk5LTQ1YzQtYmNkNw==
Request Chain 278
  • https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEFZvEk0psYPOBcdpQhhVPuw&gdpr=0&google_cver=1 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEFZvEk0psYPOBcdpQhhVPuw&gdpr=0&google_cver=1&ang_testid=1
Request Chain 279
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEPwg8syrEWCISmV4Rj_aH6U&google_cver=1&gdpr=0
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjmkdrsN7WF2z10KmmMJxs&google_cver=1
Request Chain 281
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTSHqz6Ar-q996Y3Z6ogYgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjmkdrsN7WF2z10KmmMJxs&google_cver=1
Request Chain 282
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJJpO_V_BL8wNkPZTM6X1Kw&google_cver=1
Request Chain 283
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY5MzgzMjkyNDM2NTcwMjgxNQ%3D%3D
Request Chain 308
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=onwardstate.com&sn=ChromeSyncframe&so=3&topUrl=onwardstate.com&bundle=VSWMXl82TlQ4blhiVW56cjRpWFpwOGNYVElOV3oyM1JZb2xlJTJCVnAlMkIxeTBiOUFUWjVUVEs3TmNGZnNHMzF6OUZlM1BMeFNPZUJ1V3g2S082d29Hb2RhaTM1ekJGMUNnelVMY3FUUXJjblNnaXE5JTJCdHBYYWlKQkdDa1UwUWhPbXI2T1hJQUZmMjYlMkZhb3dEdDdmOTNZdTdmeFNMQSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=-bdqfHxLcmdNeHJMWkVxVFdEZU1SaC9nRStZNEtFNExWODQwQ0hrNTV5ZXJqTE02OXFMK0E2ZVVyaVByUUNkNCtheGxyMzRZTTR6Z0wweDRuWHJSMXZwVUs0ajFlMUhWS09SSmJESW5aVWVsM2t2bUM1dlFZRFRqNUFjekt6MDJHTnhvSzFsU1BtUG85dkR2Uk5UVkVtT0s1SWlrVTQzZ0doRDlDckJjTFpHcWVOOXJrT0JWTmIxNkw2dHNDSlhpVmlBK1Ryd1dZSGlhM2RqTHJ1ek1oWHJGS01kU0oxZkhvaTBZcGtxUm1KM200dWJXeHFGUVRXMDN0MC9FM3ZuRDVMTzJsemVndGN3d1hGeHdqSkZFSzZCZHZWRXUxdGh6MzhjWlYrTGhLRHFyN2NvZz18&cppv=2
Request Chain 330
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEDblpJ9AFLaLkYCWEZKB1Cg&google_cver=1&google_push=AXcoOmTlvoEeFeoM2-2w-WlsYY6O1gHYkvPrr_6Khzsn2WW6h8tyT0Zs6Cjdc-WO11YFGAf-9XepgPL5dwBQvwrius2Gwjwdam-i HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTlvoEeFeoM2-2w-WlsYY6O1gHYkvPrr_6Khzsn2WW6h8tyT0Zs6Cjdc-WO11YFGAf-9XepgPL5dwBQvwrius2Gwjwdam-i
Request Chain 331
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEJ-GSpxbdxK9QBtY-3FKu9s&google_cver=1&google_push=AXcoOmTfzxh4TI0t9I2Hv6hlZEs3xfOIH2Hg7nZourTpiz73qoVklFcWObhrinZmzyMgdZAvxHM2VZY3wFTHkx1cS-gjxczA1EwU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTfzxh4TI0t9I2Hv6hlZEs3xfOIH2Hg7nZourTpiz73qoVklFcWObhrinZmzyMgdZAvxHM2VZY3wFTHkx1cS-gjxczA1EwU&google_hm=M2VTSE5TU1hYblNYS1d5QmJCN1k=
Request Chain 333
  • https://sync.inmobi.com/gob?google_gid=CAESECWvdVCtCavv2Iwlm2iVj0Y&google_cver=1&google_push=AXcoOmSWueu2sXCglzIx_GWW07WVFHooPiBO9fUL1EsBMGZqbPvsrl__BE0IxyqwZI0PGiDABPWUevLM8sdvoVVwU4ZiCUD_zuLZ HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSWueu2sXCglzIx_GWW07WVFHooPiBO9fUL1EsBMGZqbPvsrl__BE0IxyqwZI0PGiDABPWUevLM8sdvoVVwU4ZiCUD_zuLZ
Request Chain 334
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMudAFxzmMEYDKnmpPYQd2A&google_cver=1&google_push=AXcoOmRmHsZRtepJ4MDN_Ytq3HxQiFd09KBSVVQPNeWLy53OlM2-SoNWd77RferQB1zf4EB6Pw0fs5TNyg2E9_LDgWzsLcKPFKZf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRmHsZRtepJ4MDN_Ytq3HxQiFd09KBSVVQPNeWLy53OlM2-SoNWd77RferQB1zf4EB6Pw0fs5TNyg2E9_LDgWzsLcKPFKZf HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 336
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEPOQoPYAxgkmeqGtuXSP4kI&google_cver=1&google_push=AXcoOmTOBdKNI0Gbbh0NLbYh2kR40qDnOEC_pNypwqXqIsgcaIxFgMMzab8zZxaGn9bKVIameV_t2-YEvfPAzETWW2DoE8SrrZ_nuw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTOBdKNI0Gbbh0NLbYh2kR40qDnOEC_pNypwqXqIsgcaIxFgMMzab8zZxaGn9bKVIameV_t2-YEvfPAzETWW2DoE8SrrZ_nuw

353 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
onwardstate.com/
Redirect Chain
  • http://onwardstate.com/
  • https://onwardstate.com/
121 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
952b7b103a122be63832c1f377beda19e71871e4395aa94b670d35eb775c3c7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=60
cf-apo-via
origin,miss
cf-cache-status
EXPIRED
cf-edge-cache
cache,platform=wordpress
cf-ray
819e477aeee29945-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 22 Oct 2023 02:23:36 GMT
last-modified
Sun, 22 Oct 2023 02:05:53 GMT
link
<https://onwardstate.com/wp-json/>; rel="https://api.w.org/"
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

CF-RAY
819e477a6dc2363f-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sun, 22 Oct 2023 02:23:36 GMT
Expires
Sun, 22 Oct 2023 03:23:36 GMT
Location
https://onwardstate.com/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
style.min.css
onwardstate.com/wp/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com/wp/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 12 Oct 2023 19:02:24 GMT
server
cloudflare
age
5354
etag
W/"652842c0-19824"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=14400
cf-ray
819e477ee8569945-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
slick.css
onwardstate.com//wp-content/plugins/logo-carousel-pro/assets/css/ 		1 KB
553 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/logo-carousel-pro/assets/css/slick.css?ver=20170328
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00a269606af95f52ce213e5096cc3a079d73522bc4e3c398789038666bb1454a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5354
cf-polished
origSize=1729
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 15:46:08 GMT
server
cloudflare
etag
W/"65296640-6c1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
cf-ray
819e477ee8579945-FRA
font-awesome.min.css
onwardstate.com//wp-content/plugins/logo-carousel-pro/assets/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/logo-carousel-pro/assets/css/font-awesome.min.css?ver=20170328
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bc15c522a05ce0e56b8cb3fff83bc6e770130afdd840d469869db69663d78fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 15:46:08 GMT
server
cloudflare
age
5354
etag
W/"65296640-7186"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
cf-ray
819e477ee8589945-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
tooltipster.min.css
onwardstate.com//wp-content/plugins/logo-carousel-pro/assets/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/logo-carousel-pro/assets/css/tooltipster.min.css?ver=20170328
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41ce2509fa9959868717986010e16b6334885fd46bc64d0d3c745a73ed3c41e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 15:46:08 GMT
server
cloudflare
age
5354
etag
W/"65296640-195f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
cf-ray
819e477ee8599945-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
style.css
onwardstate.com//wp-content/plugins/logo-carousel-pro/assets/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/logo-carousel-pro/assets/css/style.css?ver=20170328
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d4c1bda097ac27b6c81583e5b5be8dbe034d82fc5b8acc09b9f987497dd7414
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5354
cf-polished
origSize=8821
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 15:46:08 GMT
server
cloudflare
etag
W/"65296640-2275"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
cf-ray
819e477ee85a9945-FRA
responsive.css
onwardstate.com//wp-content/plugins/logo-carousel-pro/assets/css/ 		643 B
245 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/logo-carousel-pro/assets/css/responsive.css?ver=20170328
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
003738bbb3afa825fc7f3419e73189cfabeac93009352cb2f35e813043c0323f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5354
cf-polished
origSize=1072
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 15:46:08 GMT
server
cloudflare
etag
W/"65296640-430"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
cf-ray
819e477ee85b9945-FRA
wp-parsely.css
onwardstate.com//wp-content/plugins/wp-parsely/ 		2 KB
531 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/wp-parsely/wp-parsely.css?ver=1696102685
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a1428bbb677de44a9388e052db312f78bd13d1853424faa43c25d8c47bda82b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5354
cf-polished
origSize=1798
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Sat, 13 Mar 2021 15:50:56 GMT
server
cloudflare
etag
W/"604cdf60-706"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
cf-ray
819e477ee85d9945-FRA
social-profiles.min.css
onwardstate.com//wp-content/plugins/easy-social-share-buttons3/lib/modules/social-followers-counter/assets/ 		32 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/easy-social-share-buttons3/lib/modules/social-followers-counter/assets/social-profiles.min.css?ver=9.2
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cece893b67125d4185e5d6cd59060be41db5271d0f4d629c8b34e8f787a9d89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 15:46:08 GMT
server
cloudflare
age
5354
etag
W/"65296640-8018"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
cf-ray
819e477ee85e9945-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
after-share-actions.css
onwardstate.com//wp-content/plugins/easy-social-share-buttons3/assets/modules/ 		3 KB
872 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/easy-social-share-buttons3/assets/modules/after-share-actions.css?ver=9.2
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da7ae21fe3609fc4a4e6c83040bcf025e8bc53e60d406bc316cf2b8b8a3eff9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5354
cf-polished
origSize=4572
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 15:46:07 GMT
server
cloudflare
etag
W/"6529663f-11dc"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
cf-ray
819e477ee85f9945-FRA
subscribe-forms.min.css
onwardstate.com//wp-content/plugins/easy-social-share-buttons3/assets/modules/ 		23 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/easy-social-share-buttons3/assets/modules/subscribe-forms.min.css?ver=9.2
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdbf202cd096103d51142548fbc224c54daec112d86dc4fd4a1bd123dddc9927
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 15:46:07 GMT
server
cloudflare
age
5354
etag
W/"6529663f-5bb8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
cf-ray
819e477ee8609945-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
click-to-tweet.min.css
onwardstate.com//wp-content/plugins/easy-social-share-buttons3/assets/modules/ 		3 KB
740 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/easy-social-share-buttons3/assets/modules/click-to-tweet.min.css?ver=9.2
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc15061d8c788e977befdf83b405f229f96556c3fb1c31e18958a66f20754f0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 15:46:07 GMT
server
cloudflare
age
5354
etag
W/"6529663f-b92"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
cf-ray
819e477f08689945-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
essb-display-methods.min.css
onwardstate.com//wp-content/plugins/easy-social-share-buttons3/assets/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/easy-social-share-buttons3/assets/css/essb-display-methods.min.css?ver=9.2
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc39b26a60ca5c40eb1b737bc7811ff55431197a284ffbe690aff85c641ed600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 15:46:07 GMT
server
cloudflare
age
1306
etag
W/"6529663f-2888"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
cf-ray
819e477f08699945-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
easy-social-share-buttons.min.css
onwardstate.com//wp-content/plugins/easy-social-share-buttons3/assets/css/ 		71 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/easy-social-share-buttons3/assets/css/easy-social-share-buttons.min.css?ver=9.2
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3d4d0d92564201ceb0ec3465188a37497bd7b635be731b78700c3b04461f1f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 15:46:07 GMT
server
cloudflare
age
5354
etag
W/"6529663f-11b47"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
cf-ray
819e477f086a9945-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
tiled-gallery.css
onwardstate.com//wp-content/plugins/jetpack/modules/tiled-gallery/tiled-gallery/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/jetpack/modules/tiled-gallery/tiled-gallery/tiled-gallery.css?ver=2023-08-21
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be28a5025e6b646c0861204c02683202205f2d24355d8e28a37fffd8729f59a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Fri, 13 Oct 2023 15:46:08 GMT
server
cloudflare
etag
W/"65296640-a79"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
cf-ray
819e477f086b9945-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
unipress.css
onwardstate.com//wp-content/plugins/unipress-api//css/ 		304 B
247 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/unipress-api//css/unipress.css?ver=1.18.4
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f925cc9fcd9f7329b8e1d991b0fe981b5d8b979d271af789f0811fb62d4003e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5354
cf-polished
origSize=367
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 15:46:08 GMT
server
cloudflare
etag
W/"65296640-16f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
cf-ray
819e477f086c9945-FRA
index.css
onwardstate.com//wp-content/themes/terminal/client/build/ 		54 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/themes/terminal/client/build/index.css?ver=3.96
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df6a58ec2c693c9f915eb0acbf586f222959e56aca017b31e87b855a6e358f11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5354
cf-polished
origSize=67509
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 15:46:41 GMT
server
cloudflare
etag
W/"65296661-107b5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
cf-ray
819e477f086d9945-FRA
instagram.css
onwardstate.com//wp-content/plugins/jetpack/modules/widgets/instagram/ 		836 B
363 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/jetpack/modules/widgets/instagram/instagram.css?ver=12.7
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
133aefcaac000c03f8719b1a1118926e90a33ea76d30e973b6b654f36159d6d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5354
cf-polished
origSize=968
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 15:46:08 GMT
server
cloudflare
etag
W/"65296640-3c8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
cf-ray
819e477f086e9945-FRA
jquery.min.js
onwardstate.com/wp/wp-includes/js/jquery/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com/wp/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 12 Oct 2023 19:02:24 GMT
server
cloudflare
age
5354
etag
W/"652842c0-155ba"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
819e477f086f9945-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
jquery-migrate.min.js
onwardstate.com/wp/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com/wp/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 12 Oct 2023 19:02:24 GMT
server
cloudflare
age
5354
etag
W/"652842c0-3509"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
819e477f08709945-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
ad-layers-dfp.js
onwardstate.com//wp-content/plugins/ad-layers/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/ad-layers/js/ad-layers-dfp.js?ver=0.0.3
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a78b5472a78af93e2227c3a6b97fcbecd289cb119a99e4ec07bcd7f93fbca6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5389
cf-polished
origSize=6220
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Wed, 05 Jul 2023 13:36:48 GMT
server
cloudflare
etag
W/"64a571f0-184c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=2678400
cf-ray
819e47804f419076-FRA
ad-layers.js
onwardstate.com//wp-content/plugins/ad-layers/js/ 		989 B
581 B 		Script
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/ad-layers/js/ad-layers.js?ver=0.0.3
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1ee90039a6a42a98a591e5f89d69d7a8e88ebfa365e79c08a861d21ad19b4ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5389
cf-polished
origSize=1917
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Wed, 05 Jul 2023 13:36:48 GMT
server
cloudflare
etag
W/"64a571f0-77d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=2678400
cf-ray
819e47808f519076-FRA
tiled-gallery.min.js
onwardstate.com//wp-content/plugins/jetpack/_inc/build/tiled-gallery/tiled-gallery/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/jetpack/_inc/build/tiled-gallery/tiled-gallery/tiled-gallery.min.js?ver=12.7
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
009f9eb6646c4e5c39151932b76e84c7b1fc11d987113a99e7c12fc764202f31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Fri, 13 Oct 2023 15:46:08 GMT
server
cloudflare
etag
W/"65296640-bdb"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=2678400
cf-ray
819e4780af5f9076-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
unipress.js
onwardstate.com//wp-content/plugins/unipress-api//js/ 		738 B
564 B 		Script
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/unipress-api//js/unipress.js?ver=1.18.4
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5638f2f00af768ed8a50df1cbe95e241e94ecab5d8134a939afee76d41b9694d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5389
cf-polished
origSize=987
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 15:46:08 GMT
server
cloudflare
etag
W/"65296640-3db"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=2678400
cf-ray
819e4780ef6f9076-FRA
index.bundle.js
onwardstate.com//wp-content/themes/terminal/client/build/ 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/themes/terminal/client/build/index.bundle.js?ver=3.96
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e380de6a1212a80adf525ea6e39f7619add526ca34483584c98765231a84825
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5389
cf-polished
origSize=79661
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 15:46:41 GMT
server
cloudflare
etag
W/"65296661-1372d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=2678400
cf-ray
819e478288269076-FRA
aaw.onwardstate.js
cdn.adapex.io/hb/ 		608 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adapex.io/hb/aaw.onwardstate.js
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ef5a77e3dc75ed76c47ad18642511eb273df5cd7d181b12e00836771d88bc9f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81203
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 17 Oct 2023 06:35:49 GMT
server
cloudflare
etag
W/"652e2b45-98064"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D3m0Kxovk0cgaUfCMa9%2BHDMakD3XjJ4VZ62NjCO23ESLJ43nq5kk1Uogg5opehiT0Mx%2BxFIgdhvnKzB9OycMMTdlRoSJsq3x91n3NaV2tU3rt8%2FYBFU4RF8L3PvXdS3ETfAdc7OERLVuxxLy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
819e4782eed91c93-AMS
expires
Sat, 21 Oct 2023 06:47:04 GMT
css
fonts.googleapis.com/ 		2 KB
991 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fira+Sans:400
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
299f06c5c29cfaca012cd89ed9572c703b0193758f0c96d8a7fa1c407b383465
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 22 Oct 2023 02:23:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 22 Oct 2023 02:12:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 22 Oct 2023 02:23:36 GMT
cropped-Onward-State-Site-Logo_r.png
images.onwardstate.com/uploads/2021/02/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.onwardstate.com/uploads/2021/02/cropped-Onward-State-Site-Logo_r.png
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bfa33f600ceb496ca3363a9b2c2a4d08f1585c14d07f085d25fe270fc539768

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:36 GMT
x-amz-version-id
gPa75Lax_ipPQ4U2uvey1HWUD9qDryI0
cf-cache-status
HIT
x-amz-request-id
8J6G77G7ZSA4WBVY
age
71747
cf-polished
origFmt=png, origSize=54703
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="cropped-Onward-State-Site-Logo_r.webp"
alt-svc
h3=":443"; ma=86400
content-length
26158
x-amz-id-2
cBinyTQWg+dVe0s9W6ez/yLwbuzBd+K4PAVIH8+FFEfO5Di0l47XdB6UKrhkdAV+zr2pf9uhlLeAKywtB1Fg5fOBrZ1OKngZ
cf-bgj
imgq:100,h2pri
last-modified
Thu, 25 Feb 2021 19:11:52 GMT
server
cloudflare
etag
"72f23468ed4bd593cb4475a7eede30e1"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
819e477f18729945-FRA
expires
Sun, 23 Feb 2031 19:11:49 GMT
twitter-logo-final-1.png
i0.wp.com/images.onwardstate.com/uploads/2018/02/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/images.onwardstate.com/uploads/2018/02/twitter-logo-final-1.png?fit=500%2C500&ssl=1
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
f91bfaa4442402a803ec2ca37a87d997a0f9fed245536e035a9ecebe6f682fc9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nc
HIT ams 3
date
Sun, 22 Oct 2023 02:23:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 28 Dec 2021 04:06:30 GMT
server
nginx
etag
"d0ba2a3de6de726b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://images.onwardstate.com/uploads/2018/02/twitter-logo-final-1.png>; rel="canonical"
content-length
12382
expires
Thu, 28 Dec 2023 16:06:30 GMT
p.js
cdn.parsely.com/keys/onwardstate.com/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/onwardstate.com/p.js
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-100-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
9f376a44d5fbd76ebe422736579dc6211dc1167944939e162f61bd3a9cdabb0a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
public
date
Sat, 21 Oct 2023 04:41:27 GMT
content-encoding
gzip
via
1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
last-modified
Mon, 22 Feb 2021 19:24:30 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
78129
etag
W/"603404ee-bd30"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
Ukl_skKWdD6Rmcu5b6x1qdtRT_LeoOgxXC07j9TgRt81QQo378qxgg==
expires
Sun, 22 Oct 2023 04:41:27 GMT
infinity.min.js
onwardstate.com//wp-content/plugins/jetpack/_inc/build/infinite-scroll/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/jetpack/_inc/build/infinite-scroll/infinity.min.js?ver=12.7-is5.0.1
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9519d5678c76628afd1fd7bb2abfa1caaeb3338b05a1e708919764ea2e565a9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Fri, 13 Oct 2023 15:46:08 GMT
server
cloudflare
etag
W/"65296640-3096"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=2678400
cf-ray
819e478298309076-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
image-cdn.js
onwardstate.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/ 		701 B
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5389
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 15:46:08 GMT
server
cloudflare
etag
W/"65296640-2bd"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=2678400
cf-ray
819e478298329076-FRA
slick.min.js
onwardstate.com//wp-content/plugins/logo-carousel-pro/assets/js/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/logo-carousel-pro/assets/js/slick.min.js?ver=20170328
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 15:46:08 GMT
server
cloudflare
age
1045
etag
W/"65296640-a3e1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=2678400
cf-ray
819e478298339076-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
tooltipster.min.js
onwardstate.com//wp-content/plugins/logo-carousel-pro/assets/js/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/logo-carousel-pro/assets/js/tooltipster.min.js?ver=20170328
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4ee5266e2b64928a91fd5ea4ec662cf4834f873d3b70e1b9ea745dae2a8754
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 15:46:08 GMT
server
cloudflare
age
5389
etag
W/"65296640-9aa4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=2678400
cf-ray
819e478298349076-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
jquery.isotope.min.js
onwardstate.com//wp-content/plugins/logo-carousel-pro/assets/js/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/logo-carousel-pro/assets/js/jquery.isotope.min.js?ver=20170328
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98d6427651f10db6f71e5f7ee348dbf2718fc7079e9db54bc40846e41643dc6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 15:46:08 GMT
server
cloudflare
age
5389
etag
W/"65296640-3ea1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=2678400
cf-ray
819e478298359076-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
imagesloaded.min.js
onwardstate.com/wp/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com/wp/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 12 Oct 2023 19:02:24 GMT
server
cloudflare
age
5388
etag
W/"652842c0-15fd"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
819e477f5ef49076-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
masonry.min.js
onwardstate.com/wp/wp-includes/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com/wp/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 12 Oct 2023 19:02:24 GMT
server
cloudflare
age
736
etag
W/"652842c0-5e4a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
819e477f9eff9076-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
jquery.masonry.min.js
onwardstate.com/wp/wp-includes/js/jquery/ 		2 KB
894 B 		Script
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com/wp/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 12 Oct 2023 19:02:24 GMT
server
cloudflare
age
5388
etag
W/"652842c0-71b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
819e477fcf109076-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
scripts.js
onwardstate.com//wp-content/plugins/logo-carousel-pro/assets/js/ 		1 KB
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/logo-carousel-pro/assets/js/scripts.js?ver=20170328
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
489a633793be52f623467831b8122a46dcae3e62cc24a25f6f955b867f8a8580
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
737
cf-polished
origSize=2204
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 15:46:08 GMT
server
cloudflare
etag
W/"65296640-89c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=2678400
cf-ray
819e478298369076-FRA
sharing-bar.min.js
onwardstate.com//wp-content/plugins/easy-social-share-buttons3/assets/modules/ 		2 KB
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/easy-social-share-buttons3/assets/modules/sharing-bar.min.js?ver=9.2
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30ec71893c027ac54602cb5eb38d30a97c39540f4a5384f6a175a4d49935118e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 15:46:07 GMT
server
cloudflare
age
5388
etag
W/"6529663f-951"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=2678400
cf-ray
819e477fff1e9076-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
lazysizes.min.js
onwardstate.com//wp-content/plugins/lazy-loading-responsive-images/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/lazy-loading-responsive-images/js/lazysizes.min.js?ver=6.3.2
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95cee211bc7523d15a50edbf2644cefbf6fee561e868667b421a1d26c98f81b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 28 Jan 2019 19:36:09 GMT
server
cloudflare
age
5389
etag
W/"5c4f59a9-1a5e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=2678400
cf-ray
819e478298379076-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
ls.unveilhooks.min.js
onwardstate.com//wp-content/plugins/lazy-loading-responsive-images/js/ 		1 KB
852 B 		Script
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/lazy-loading-responsive-images/js/ls.unveilhooks.min.js?ver=6.3.2
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84f6659267ce9cd884f8a7f46708f04434e993d552174faf6eb95614977aa8e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 28 Jan 2019 19:36:09 GMT
server
cloudflare
age
3635
etag
W/"5c4f59a9-5bb"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=2678400
cf-ray
819e478298389076-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
e-202342.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202342.js
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT ams
date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/13576-1684460848292.3706
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 13 Oct 2024 23:24:22 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.3.2
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1876
etag
W/"2a3bbde818bef34d53a0df862ead5d5f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
819e4782e8165c4a-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Wed, 25 Oct 2023 02:23:37 GMT
social-profiles.min.css
onwardstate.com//wp-content/plugins/easy-social-share-buttons3/lib/modules/social-followers-counter/assets/ 		32 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/easy-social-share-buttons3/lib/modules/social-followers-counter/assets/social-profiles.min.css
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cece893b67125d4185e5d6cd59060be41db5271d0f4d629c8b34e8f787a9d89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 15:46:08 GMT
server
cloudflare
age
5388
etag
W/"65296640-8018"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
cf-ray
819e47800f229076-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
easy-social-image-share.min.css
onwardstate.com//wp-content/plugins/easy-social-share-buttons3/lib/modules/social-image-share/assets/css/ 		26 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/easy-social-share-buttons3/lib/modules/social-image-share/assets/css/easy-social-image-share.min.css
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c4f4fe0fca418095787860851cbf34595be5083ab80bd37d58cd60e3024179e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 15:46:08 GMT
server
cloudflare
age
736
etag
W/"65296640-66dd"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2678400
cf-ray
819e47801f2d9076-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
survey
survey.g.doubleclick.net/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.g.doubleclick.net/survey?site=_ag56apdy7ei5ppgm5bh53ydarm&url=https%3A%2F%2Fonwardstate.com%2F&cid=everything&random=1697941417104
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers
loader.js
cdn.taboola.com/libtrc/onwardstate-network/ 		430 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/onwardstate-network/loader.js
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6d36fbf1f63f2f6664bf91895d6ca1c41759373adbb6e3c869051d002ece30fa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
jJAYQkiLjNXvWmAiDttmGeioCHFx9Phc
content-encoding
gzip
via
1.1 varnish
date
Sun, 22 Oct 2023 02:23:37 GMT
x-amz-request-id
F4NQ3DHY7TQ5WV1H
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS
x-from-cache
1
x-envoy-upstream-service-time
11
x-amz-replication-status
FAILED
content-length
53731
x-amz-id-2
5Sf6ZAIuVuSkUg4G/5lIkJLEsBuYPUBHpn/Ckvqv90R/N06CrWxPu5eAXEx3iszCfALfZHABxj0=
x-served-by
cache-ams21076-AMS
last-modified
Sat, 21 Oct 2023 02:09:42 UTC
server
nginx
x-timer
S1697941417.420458,VS0,VE21
etag
"83674f2c1255e915cfce26e449b93f697d741f94"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
23
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
0
gpt.js
www.googletagservices.com/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b423332d395d6e19d2f255b200cbadf9e95cebab417de0d93e3b2c820645e6dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29560
x-xss-protection
0
server
cafe
etag
83 / 19652 / m202310170101 / config-hash: 4808689989001815818
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 22 Oct 2023 02:23:37 GMT
gtm.js
www.googletagmanager.com/ 		224 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PPN9ZXB
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
644bafc276b3d0188fad83a68db7581b2ac72f593b4b9cea4ecf4e579e66c1d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78889
x-xss-protection
0
last-modified
Sun, 22 Oct 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 22 Oct 2023 02:23:37 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
profile
api.parsely.com/v2/ 		279 B
708 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.parsely.com/v2/profile?apikey=onwardstate.com&uuid=pid=5101378b7006e4889fb095c21152e88f&url=https://onwardstate.com/&callback=jQuery37005695125987810077_1697941417099&_=1697941417100
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/wp/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.109.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-109-200.compute-1.amazonaws.com
Software
nginx /
Resource Hash
39ac92857d13c97561e6a22e9f4f0de9ca21ae22315a32ff0e0d647320780936

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 22 Oct 2023 02:23:37 GMT
server
nginx
content-length
279
content-type
application/json
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1697941417378&plid=89897707&idsite=onwardstate.com&url=https%3A%2F%2Fonwardstate.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fonwardstate.com%2F&sref=&sts=1697941417375&slts=0&title=Onward+State+%7C+Penn+State+Blog+by+PSU+Students+%7C+News%2C+Features%2C+and+Opinion&date=Sun+Oct+22+2023+04%3A23%3A37+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=12463173&u=pid%3D5101378b7006e4889fb095c21152e88f
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sun, 22 Oct 2023 02:23:37 GMT
Cache-Control
no-cache
Last-Modified
Sunday, 22-Oct-2023 02:23:37 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://onwardstate.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 03:43:57 GMT
x-content-type-options
nosniff
age
167980
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23880
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:50:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Oct 2024 03:43:57 GMT
pinterest-pro.min.js
onwardstate.com//wp-content/plugins/easy-social-share-buttons3/assets/modules/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/easy-social-share-buttons3/assets/modules/pinterest-pro.min.js
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
599fc36cdbfa2e704431b32f80c0da4d9f1207860923856f9aaf94ec34485b1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 15:46:07 GMT
server
cloudflare
age
737
etag
W/"6529663f-223f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=2678400
cf-ray
819e4782e8559076-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
subscribe-forms.min.js
onwardstate.com//wp-content/plugins/easy-social-share-buttons3/assets/modules/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/easy-social-share-buttons3/assets/modules/subscribe-forms.min.js
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dacabc4dabd01ad27708f6444f4e6353ad90a4c9426483bd4806f94a640db2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 15:46:07 GMT
server
cloudflare
age
3635
etag
W/"6529663f-275f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=2678400
cf-ray
819e4782e8579076-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
essb-core.min.js
onwardstate.com//wp-content/plugins/easy-social-share-buttons3/assets/js/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/easy-social-share-buttons3/assets/js/essb-core.min.js
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c6be7331c3d44a11a2eeabf7bfa52816d79b6ddd7a4cbac40edd973d2e93c10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 15:46:07 GMT
server
cloudflare
age
737
etag
W/"6529663f-8ef0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=2678400
cf-ray
819e4782e8589076-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
easy-social-image-share.min.js
onwardstate.com//wp-content/plugins/easy-social-share-buttons3/lib/modules/social-image-share/assets/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onwardstate.com//wp-content/plugins/easy-social-share-buttons3/lib/modules/social-image-share/assets/js/easy-social-image-share.min.js
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d621596d99182b3a71ddd49d416c030afd3f6d3ee4f2e148eb8ff623479b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 15:46:08 GMT
server
cloudflare
age
3635
etag
W/"65296640-3d37"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=2678400
cf-ray
819e4782e8599076-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.3.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1888
etag
W/"7f9669464fe15e6a516c0eb693b26dbb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
819e4783686a5c4a-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Wed, 25 Oct 2023 02:23:37 GMT
load.js
pm-widget.taboola.com/onwardstate-network/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/onwardstate-network/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/onwardstate-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21861cd35cab8c49786fc31dff17a938df7162eef99676b964bf510c5ffaf8ec

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
0FOEwebKFzYUbtSAsiPqwINnSjDSDZRo
content-encoding
gzip
via
1.1 varnish
date
Sun, 22 Oct 2023 02:23:37 GMT
x-amz-request-id
9PS7PMA8RTNH6A1D
age
2005
x-cache
HIT
content-length
1225
x-amz-id-2
ERQPfq+fPlRB2Hth3DCqeQtqrenW+Jt7utTdnLuXPaP9zQPhtU4joz9iJPu+vYZrGFmDxgdg15k=
x-served-by
cache-ams21076-AMS
last-modified
Wed, 27 Sep 2023 07:20:52 GMT
server
AmazonS3
x-timer
S1697941418.550437,VS0,VE1
etag
"5e3d330f87846a9c675a95f20ac3fe52"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
1
impl.20231019-28-RELEASE.js
cdn.taboola.com/libtrc/ 		813 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231019-28-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/onwardstate-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
a860bdf022e6566e17468ffee3f6cf18c031abf428dad428cab151729e6f22b9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
p0c82GCSQ9E9aznsoRRIK4HCz.fucaXz
content-encoding
br
via
1.1 varnish
date
Sun, 22 Oct 2023 02:23:37 GMT
x-amz-request-id
2K2154Z8Y8T1DWX5
age
8581
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
172247
x-amz-id-2
MKAs9VXxGXS3tkqqaY/Xhd/xhPKep0Y9OWxjwWh50eEJyNNe4VwhdbFEpNX92eXNH9r/H/uTaeM=
x-served-by
cache-ams21076-AMS
last-modified
Thu, 19 Oct 2023 16:00:35 GMT
server
AmazonS3-br
x-timer
S1697941418.540122,VS0,VE0
etag
"840d09a8ef0a69a804ea7ec3abff7596"
vary
Accept-Encoding
content-type
application/javascript
abp
81
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1070
/
cat.hbwrapper.com/ 		15 B
260 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cat.hbwrapper.com/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.241.157.60 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
capture.analytics.hbwrapper
Software
Apache /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://onwardstate.com
Date
Sun, 22 Oct 2023 02:23:37 GMT
Access-Control-Allow-Credentials
true
Server
Apache
Connection
close
Content-Length
15
Content-Type
text/html; charset=UTF-8
trace
cloudflare.com/cdn-cgi/ 		323 B
457 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cloudflare.com/cdn-cgi/trace
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c71a7e8763cbaa25fa700f06bac81ee63aac19b5e5e91e4993aaed72e30fe68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
819e47842d591ca9-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
427b58cde7dba602df411b514ebd73da91e98e5c57a774f485172958d3eecad3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29596
x-xss-protection
0
server
cafe
etag
352 / 19652 / 31079033 / config-hash: 4808689989001815818
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 22 Oct 2023 02:23:37 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		263 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c5f80cce6889f5bd1236ae540178efed729c20bf20c5afaeed6e2fa02d50323

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 01:54:08 GMT
content-encoding
gzip
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront), 1.1 e33c4b19512a86c5972c18d1c60d21f8.cloudfront.net (CloudFront)
last-modified
Tue, 17 Oct 2023 19:57:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, MUC50-P2
age
1770
x-amz-server-side-encryption
AES256
etag
W/"b9a7eb01b5274e82795d834c0b8154f1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
CPVGftb6-wFr8ktpNf4dI8uOuegylERdn23K9JE34-VOmTh37XmMvg==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPN9ZXB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 22 Oct 2023 01:51:33 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1924
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 22 Oct 2023 03:51:33 GMT
139984.js
secure.leadforensics.com/js/ 		16 B
336 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.leadforensics.com/js/139984.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPN9ZXB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.140.49.131 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
602eafd89ac56fbbc2f0dd058e5bdb3df75b49bd23b9fb36718975b39563dad5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Date
Sun, 22 Oct 2023 02:23:37 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
no-store, must-revalidate
Request-Context
appId=cid-v1:abe8a76f-f1a2-4b2e-9017-0ea36ffb5c20
mjtscO1d90DtrRU4UNR5dLZu2ZSJqIZ3BMwO-8QD19FK0MiNHuU1U_vy2w6Bwmm5ZaR
sixscissors.com/v2/0/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sixscissors.com/v2/0/mjtscO1d90DtrRU4UNR5dLZu2ZSJqIZ3BMwO-8QD19FK0MiNHuU1U_vy2w6Bwmm5ZaR
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
f7aa959fbfe432fa761a266f47bb619dcac0bd30419aaae832086b6848bf13fc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Sun, 22 Oct 2023 02:23:37 GMT
x-datacenter
gce-europe-west1
etag
"013c196d76b9d00b5e766c32158bb4c6ac4812ba142dc26093f3a4dfa074d300"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-hbfj
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1033761249
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fbevents.js
connect.facebook.net/en_US/ 		199 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 22 Oct 2023 02:23:37 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53588
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
m3BsSdBhCxIIXnekzdspGGKM4+igkYbKgScSL3JkABsXngyMZ7K5MAmhz/4GsGB6FTVLTviUTcvYjU2mFAnf7Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		276 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H62DJPTT4W&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPN9ZXB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5dc7d839d989eb8c904b8dca884fd57d799ad82842177b10ad99e289e0599882
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93602
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 22 Oct 2023 02:23:37 GMT
gtm.js
www.googletagmanager.com/ 		265 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1ce8ec3977b1ff967077b9387b7f74463eef5b776fbcc5ae4593d7d1a1ffbf4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75372
x-xss-protection
0
last-modified
Sun, 22 Oct 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 22 Oct 2023 02:23:37 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
307905bbaded0cbb4a5115c32d0b3275d93439ab195952c0e6daec63235f9766
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
37364
x-jsd-version
1.0.1850
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230020-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"635-UGhu22pSSgZ2GTMvg0f1eGfocWQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHu%2BZ%2FGseqoT8%2BOci3mIbY2LhUa4x8vZkM8A4V8Y5J4I6SrQ73%2BDmcxnSjfr2E9POyBjuwlqZEYweE18V8iZ6S4HqH7IImk4MP98T4k6dMAFi7XnxpoGrZfj6koWApyj%2BeDbVS%2BGQX%2FqVdTsZr8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
819e47845f869b74-FRA
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/ 		421 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f1999dd213ea15813d6e27249169c4d54cfec7150e81ed1e1aad85d7b20202f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 15:43:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
38391
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135205
x-xss-protection
0
server
cafe
etag
9147680799068891735
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 20 Oct 2024 15:43:46 GMT
pmk-20220605.3.js
pm-widget.taboola.com/onwardstate-network/ 		102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/onwardstate-network/pmk-20220605.3.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/onwardstate-network/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
739aadac09dab2432c5a12911d5cf9b1c0ba27c05034b190beaee93b70b0942a

Request headers

Referer
https://onwardstate.com/
Origin
https://onwardstate.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
EFsJk5PuDk9wlNrODNu5IVHndrqpgF6g
content-encoding
gzip
via
1.1 varnish
date
Sun, 22 Oct 2023 02:23:37 GMT
x-amz-request-id
TZ2GR3P9FRW12GP6
age
10294
x-cache
HIT
content-length
28798
x-amz-id-2
bwZwL/w79vzB31KEEoPW2FsPFawHlyeOADVIJ+4VljmNJPz1PsIVY6x/nJ6AbzECDmfvoIYlhbo=
x-served-by
cache-ams21081-AMS
last-modified
Wed, 27 Sep 2023 07:20:51 GMT
server
AmazonS3
x-timer
S1697941418.680510,VS0,VE1
etag
"cd7b5be0dbd4d8931999d2d426a4b1ea"
vary
Accept-Encoding, ,Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1
web
onesignal.com/api/v1/sync/dcb1b176-676a-456b-b6f7-40131321480b/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/dcb1b176-676a-456b-b6f7-40131321480b/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9df9d7f606498bfcc0e69596fe6990b41e6a657cfc6d28c0992581b2c914b022
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
97ceedd5-875e-4f99-acad-de250a589942
x-runtime
0.035715
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"9df9d7f606498bfcc0e69596fe6990b4"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
819e478448e35c4a-FRA
access-control-allow-headers
SDK-Version
expires
Sun, 22 Oct 2023 03:23:37 GMT
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231019-28-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
233208
expires
60
collect
region1.analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-H62DJPTT4W&gtm=45je3ai0&_p=494594469&_gaz=1&cid=838596988.1697941418&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697941417&sct=1&seg=0&dl=https%3A%2F%2Fonwardstate.com%2F&dt=Onward%20State%20%7C%20Penn%20State%20Blog%20by%20PSU%20Students%20%7C%20News%2C%20Features%2C%20and%20Opinion&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H62DJPTT4W&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H62DJPTT4W&cid=838596988.1697941418&gtm=45je3ai0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H62DJPTT4W&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H62DJPTT4W&cid=838596988.1697941418&gtm=45je3ai0&aip=1&z=183062348
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adslot=uizqxn_728x90_
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:5a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 17:45:23 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 09b934fc5a2991212bdc3b299a0a1cb4.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
3227896
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
g9OvRI9V8KCAbkeBkkd7h5npX7BYRPxLMyT7YMYTm2MXmK_H4ZpKcA==
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
gzip
etag
"0nVqEbFaTM2zzuiWgn9NwQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 29 Oct 2023 02:23:37 GMT
d2f49a3d-a3ce-4a40-8dae-ed1da63402f3
boot.pbstck.com/v1/user-sessions/ 		1 KB
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://boot.pbstck.com/v1/user-sessions/d2f49a3d-a3ce-4a40-8dae-ed1da63402f3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33ec5309125945ddf9d2ee179c80a5f28b7c6d9ad5ab3d97e7ba07d4f00bc222

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=120
timing-allow-origin
*
cf-ray
819e4785bb7365d9-FRA
alt-svc
h3=":443"; ma=86400
d2f49a3d-a3ce-4a40-8dae-ed1da63402f3
boot.pbstck.com/v1/tag/ 		1 KB
851 B 		Script
General
Check archive.org
Download Go to
Full URL
https://boot.pbstck.com/v1/tag/d2f49a3d-a3ce-4a40-8dae-ed1da63402f3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42576bf0f7a53994785021e7cd098a5e020f24cd4b9d6d1918265f465816ab5e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=120
timing-allow-origin
*
cf-ray
819e4785bb7465d9-FRA
alt-svc
h3=":443"; ma=86400
collect
www.google-analytics.com/j/ 		16 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=494594469&t=pageview&_s=1&dl=https%3A%2F%2Fonwardstate.com%2F&ul=en-us&de=UTF-8&dt=Onward%20State%20%7C%20Penn%20State%20Blog%20by%20PSU%20Students%20%7C%20News%2C%20Features%2C%20and%20Opinion&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1851929181&gjid=1514011837&cid=838596988.1697941418&tid=UA-111000628-2&_gid=1759917279.1697941418&_r=1&_slc=1&gtm=45He3ai0n81PPN9ZXB&cd1=&cd2=2023-10-22T04%3A23%3A37.559%2B02%3A00&z=1176633225
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
ca2ce92593d3e377f98d9e8fb629b0c552db22cf5de1ed562c429e7d29939b3c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=494594469&t=pageview&_s=1&dl=https%3A%2F%2Fonwardstate.com%2F&ul=en-us&de=UTF-8&dt=Onward%20State%20%7C%20Penn%20State%20Blog%20by%20PSU%20Students%20%7C%20News%2C%20Features%2C%20and%20Opinion&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1403283248&gjid=1348780371&cid=838596988.1697941418&tid=UA-10930536-1&_gid=1759917279.1697941418&_r=1&_slc=1&gtm=45He3ai0n81PPN9ZXB&z=329437674
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		16 B
81 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=494594469&t=pageview&_s=1&dl=https%3A%2F%2Fonwardstate.com%2F&ul=en-us&de=UTF-8&dt=Onward%20State%20%7C%20Penn%20State%20Blog%20by%20PSU%20Students%20%7C%20News%2C%20Features%2C%20and%20Opinion&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=244183786&gjid=56631110&cid=838596988.1697941418&tid=UA-10930536-4&_gid=1759917279.1697941418&_r=1&_slc=1&gtm=45He3ai0n81PPN9ZXB&z=1759608403
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
389a4748728c681be0073306fc1146cff0eddc128c53fa1fe24d724f2ba47811
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=494594469&t=pageview&_s=1&dl=https%3A%2F%2Fonwardstate.com%2F&ul=en-us&de=UTF-8&dt=Onward%20State%20%7C%20Penn%20State%20Blog%20by%20PSU%20Students%20%7C%20News%2C%20Features%2C%20and%20Opinion&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=670758976&gjid=1849996711&cid=838596988.1697941418&tid=UA-1249139-15&_gid=1759917279.1697941418&_r=1&_slc=1&gtm=45He3ai0n81PPN9ZXB&z=702174340
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.gif
pixel.wp.com/ 		50 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=31617667&post=0&tz=-4&srv=onwardstate.com&j=1%3A12.7&host=onwardstate.com&ref=&fcp=1409&rand=0.8032162392460604
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 22 Oct 2023 02:23:37 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
179461866061178
connect.facebook.net/signals/config/ 		428 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/179461866061178?v=2.9.135&r=stable&domain=onwardstate.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
42f1391849d787e9fab99969b628ad6de658c79872272d4989b2db542c720fb0
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 22 Oct 2023 02:23:37 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
v6GBPujmf9fZNIThKvjy7EGubcQlJJ2oRiw8yOe354kt9Td3iuxc6ITzXzz4AzWj80apiBlwwdJdk47eJ3sYZQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		139 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfea5e5db4c526a9c86debd0154807b4eaddf36281a55cb3f622e441e5054dc1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Oct 2023 11:34:12 GMT
server
cloudflare
x-amz-request-id
HK7DPPCWF1J3N8Z2
age
3342
etag
W/"e5bbc80dac7ff8597f5b639831f48d87"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
819e47865a34366c-FRA
x-amz-id-2
yrrTkxQMXzsEFzMckzyLSk33EYw8WIuCHuRSW+fEtI0r8GWPCDLOS+HWkfgg61BAniNdruL5L3Q=
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:1400:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Sat, 21 Oct 2023 06:40:14 GMT
Via
1.1 355f72364b4c8f8829ae95f886a03f56.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MUC50-P1
Age
71005
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
PENDING
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
QtxYgcJZyiPktKxxHo2GITsDL_xlTrYIYSzyxu2CgWoqzxeeEPUzEw==
connectId-gpt.js
connectid.analytics.yahoo.com/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connectid.analytics.yahoo.com/connectId-gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b800:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:17:48 GMT
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'
x-amz-cf-pop
FRA56-P2
age
351
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8730
x-amz-expiration
expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified
Tue, 17 Oct 2023 13:17:45 GMT
server
AmazonS3
etag
"c46e30de24d0f12167e302e9e32ff4a5"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
sRTBesbe-91pDjPi7yzatAN19HMYqLK0ZBPZ_JwDOqP2ZsZtOC73Hw==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 04:08:06 GMT
content-encoding
gzip
age
2153731
x-guploader-uploadid
ADPycdvbRy62debeuap5d2X_nL0IA_diTxUlLVjzCe57950pX-t7YrXJ8wYXRaQQII6P20H4VGYSQ4HjVG7QKouB4behPw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 26 Sep 2024 04:08:06 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-a892"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Oct 2023 02:23:37 GMT
ob.js
cdn-ima.33across.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 18 Sep 2023 17:20:48 GMT
server
cloudflare
age
462538
etag
W/"650886f0-39ac"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
819e47864cd2286b-AMS
expires
Wed, 25 Oct 2023 02:23:37 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
38117
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fv6nTiVk2UQjyHG8EjVgw7kqt84%2FTdRkbZ3zEQHxDT%2BVw0ectVVB0PIVu%2F74l%2Fy0yuNiU7qfunNu6s2UOm0kq2cofMFMN2T4rvL%2FK2u6gLDZeLfOtqUZAQgZoETfHIm%2FghwohbaVCViYh%2B37QrQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
819e47861f761979-FRA
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:45:52 GMT
content-encoding
gzip
via
1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
85066
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
HgwgWpMHkILDMz6PYmMYX5UiHXrnH9D0STACeohF5UoBfU0wtHn3DQ==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
492d503f19613565b463367376eeef05
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
ads
securepubads.g.doubleclick.net/gampad/ 		409 KB
44 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=833601715597371&correlator=892252240617126&eid=31078703%2C31078820&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fifs&iu_parts=4144372%2COS_Leaderboard_top%2COS_ROS_Sidebar_Bottom%2COS_ROS_Sidebar_Middle%2COS_ROS_Sidebar_Top%2COS_ROS_instory%2COS_homepage_sponsor%2COS_leaderboard_Bottom&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=728x90%2C300x250%7C300x600%7C336x280%2C300x250%7C300x600%7C336x280%2C300x250%7C300x600%7C336x280%2C300x250%7C336x280%2C300x250%7C300x600%7C336x280%2C728x90&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1697941417887&lmt=1697933153&adxs=436%2C1033%2C-9%2C1033%2C267%2C458%2C-9&adys=8%2C690%2C-9%2C132%2C2240%2C1835%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C-1%7C0%7C1%7C2%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fonwardstate.com%2F&vis=1&psz=1600x10%7C355x30%7C0x-1%7C355x30%7C353x644%7C735x30%7C0x-1&msz=1600x10%7C355x30%7C0x-1%7C355x30%7C353x644%7C735x30%7C0x-1&fws=4%2C4%2C2%2C4%2C4%2C4%2C2&ohw=1600%2C355%2C0%2C355%2C353%2C735%2C0&ga_vid=838596988.1697941418&ga_sid=1697941418&ga_hid=494594469&ga_fc=true&dlt=1697941416768&idt=1087&adks=1952187423%2C1144610092%2C2402470135%2C481774910%2C2220356453%2C3360362382%2C202980152&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
52cb003ced324d231b2cdc44f1db6f3ca5bdcbb8e0465415d9e4b065bc3104a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44430
x-xss-protection
0
google-lineitem-id
6398741403,304623252,298810932,303725172,6398741403,5142570932,4703115825
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138450799371,138276367278,138449624114,138303276448,138451442833,138425269556,138446214065
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DF95 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onwardstate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 22 Oct 2023 02:23:38 GMT
expires
Mon, 21 Oct 2024 02:23:38 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://onwardstate.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://onwardstate.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Sun, 22 Oct 2023 02:23:38 GMT
prebid
ib.adnxs.com/openrtb2/ 		27 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/openrtb2/prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
90c9a5871a6bd6e817fcc52df4213d4715d83f017a1265503801283c6ac2d1ee
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
content-encoding
gzip
x-openrtb-version
2.4
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-proxy-origin
95.211.95.248; 95.211.95.248; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
pragma
no-cache
an-x-request-uuid
6540745d-a3a3-4af1-a8fc-4f595894a151
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://onwardstate.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
112 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://onwardstate.com
date
Sun, 22 Oct 2023 02:23:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
276 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://onwardstate.com
date
Sun, 22 Oct 2023 02:23:37 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
15
server
envoy
vary
origin, Accept-Encoding
prebid-request
onetag-sys.com/ 		15 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://onwardstate.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
pb
ad.360yield.com/1914/ 		0
168 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/1914/pb
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.32.198.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-198-140.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://onwardstate.com
date
Sun, 22 Oct 2023 02:23:38 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
prebid
ib.adnxs.com/ut/v3/ 		13 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
5b530a90f43595cddcaa8406387e6511d3080174f411e9a9e80e203f421621b9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:38 GMT
content-encoding
gzip
an-x-request-uuid
8d333b53-445b-4a79-ad61-aa1c5b93ac83
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://onwardstate.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
95.211.95.248; 95.211.95.248; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
366 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.114.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-114-76.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
570b7ca0b5b58c0cedc9170b029f3f478eaebe89c196242622cb8467973d2fdc

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

Date
Sun, 22 Oct 2023 02:23:38 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
bid
ap.lijit.com/rtb/ 		23 B
401 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.15.0
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
ec6727755426cbd7fe5b15bf73d22dbd644a3c244e474f56d17c501f01fe9905

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

Date
Sun, 22 Oct 2023 02:23:38 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://onwardstate.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
23
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
551 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1024621
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaa6184943c31f3600b54c58498eb8608a1c3f21f5fc09c060021d431220cf83

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08%2BeCiC3rNm%2FoSoib%2Bh%2F36WHqmKzzpmMey%2BcCreA2uci7hn1C%2BKnxralgweAwZ%2BOUTYMAQ7rPDjLhKX7gWI6WQ%2BP40j92R%2Blvt60MFjBNfOmOFfjrKbYUaBtieh2TNsKilcBavIs"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
819e4786ac2b9c0c-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
248 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
18f209b8c7180bc5e6247cfd7181ff514d379b329870a3371ce437849159d061

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://onwardstate.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
cdb
bidder.criteo.com/ 		0
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.15.0&cb=46958080412&lsavail=1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://onwardstate.com
date
Sun, 22 Oct 2023 02:23:37 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
/
shb.richaudience.com/hb/ 		4 B
235 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.88.17.186 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.186.17.88.23.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://onwardstate.com
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ 		4 B
234 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.88.17.186 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.186.17.88.23.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://onwardstate.com
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ 		0
163 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://onwardstate.com
pragma
no-cache
date
Sun, 22 Oct 2023 02:23:38 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
/
ghb.adtelligent.com/v2/auction/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
cc931b3cb28e101f36149bc8df89a8bc61082fe7ae091dcb6402e9bd5f44f855

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

Date
Sun, 22 Oct 2023 02:23:37 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://onwardstate.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
852
bidder
pbs.optidigital.com/ 		889 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.optidigital.com/bidder
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.72.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.72.160.34.bc.googleusercontent.com
Software
/
Resource Hash
f168a7cf72083fc11d187db818f6870ace04f5552f1dc61756f3f79c44ab23c3

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:38 GMT
via
1.1 google
x-prebid
pbs-go/18.6
vary
Accept-Encoding,Origin
content-type
application/json
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
889
expires
0
hb-mm-multi
hb.minutemedia-prebid.com/ 		84 B
429 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
63.33.109.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-109-54.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
1f4ec70b48565fa8f17c7ebc707712bd3253582d1dac29b907b0a193a4713720

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://onwardstate.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
fastlane.json
fastlane.rubiconproject.com/a/api/ 		13 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=476028&zone_id=2825944&size_id=2&p_pos=atf&rp_schain=1.0,1!adapex.io,s2201,1,,,&eid_pubcid.org=eb626fcb-5182-42e2-a00b-1f074af1306e%5E1&rf=https%3A%2F%2Fonwardstate.com%2F&tg_i.domain=onwardstate.com&tg_i.page=https%3A%2F%2Fonwardstate.com%2F&tg_i.pbadslot=%2F22181265%2Fonwardstate_sticky_footer&tg_i.gpid=%2F22181265%2Fonwardstate_sticky_footer&tk_flint=pbjs_lite_v8.15.0&l_pb_bid_id=743419ef3b08bdc&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fonwardstate_sticky_footer&slots=1&rand=0.1259654823227001
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
32bb433c1edf85ada85e031497bc3c99959f2fcb05aa0046c6a2830db853a61c

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:38 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		412 B
924 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=476028&zone_id=2825944&size_id=15&alt_size_ids=16&p_pos=atf&rp_schain=1.0,1!adapex.io,s2201,1,,,&eid_pubcid.org=eb626fcb-5182-42e2-a00b-1f074af1306e%5E1&rf=https%3A%2F%2Fonwardstate.com%2F&tg_i.domain=onwardstate.com&tg_i.page=https%3A%2F%2Fonwardstate.com%2F&tg_i.pbadslot=%2F22181265%2Fonwardstate_sidebar&tg_i.gpid=%2F22181265%2Fonwardstate_sidebar&tk_flint=pbjs_lite_v8.15.0&l_pb_bid_id=75996d86cf0ae76&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fonwardstate_sidebar&slots=1&rand=0.281602151746573
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
350043cc613227bffc27b92378a4cb552089fa057e1b5e3a174f1909fedaa66e

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:38 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
412
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		262 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
008608c53386eb82d3b889687e23456e36bdc720e5b5d42c2bea5e08d13228d9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:38 GMT
an-x-request-uuid
6118e02b-c371-4581-9b60-6401a8feeac0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://onwardstate.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
95.211.95.248; 95.211.95.248; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
262
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
KTY_4908.jpg
i0.wp.com/images.onwardstate.com/uploads/2023/10/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/images.onwardstate.com/uploads/2023/10/KTY_4908.jpg?resize=1000%2C500&ssl=1
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
4099bdfa2c67068906b7f88a9fb0e463c29b4a6e9f92ae3216521b7f8e441c74
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nc
HIT ams 4
date
Sun, 22 Oct 2023 02:23:38 GMT
x-content-type-options
nosniff
last-modified
Sat, 21 Oct 2023 22:55:19 GMT
server
nginx
etag
"07aee452189c6117"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://images.onwardstate.com/uploads/2023/10/KTY_4908.jpg>; rel="canonical"
content-length
74146
expires
Tue, 21 Oct 2025 10:55:19 GMT
Football-vs.-Ohio-State-Stutzman-04827-scaled.jpg
i0.wp.com/images.onwardstate.com/uploads/2023/10/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/images.onwardstate.com/uploads/2023/10/Football-vs.-Ohio-State-Stutzman-04827-scaled.jpg?resize=1000%2C500&ssl=1
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
6d5bd7364abd6ad113f2353167e499bcdf035f1e6b9a9291fa6954c4420b3ebd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nc
MISS ams 3
date
Sun, 22 Oct 2023 02:23:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 22 Oct 2023 02:23:38 GMT
server
nginx
etag
"e1d66dc6679182fa"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://images.onwardstate.com/uploads/2023/10/Football-vs.-Ohio-State-Stutzman-04827-scaled.jpg>; rel="canonical"
content-length
31030
expires
Tue, 21 Oct 2025 14:23:38 GMT
Football-vs.-Ohio-State-Stutzman-04803-scaled.jpg
i0.wp.com/images.onwardstate.com/uploads/2023/10/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/images.onwardstate.com/uploads/2023/10/Football-vs.-Ohio-State-Stutzman-04803-scaled.jpg?resize=1000%2C500&ssl=1
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
cf0bb43d0ebe5f31ffb011e2d436b4cd5ae869ee96c673bd44514704ddae05df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nc
MISS ams 4
date
Sun, 22 Oct 2023 02:23:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 22 Oct 2023 02:23:38 GMT
server
nginx
etag
"c78a0e5cc2e17158"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://images.onwardstate.com/uploads/2023/10/Football-vs.-Ohio-State-Stutzman-04803-scaled.jpg>; rel="canonical"
content-length
41998
expires
Tue, 21 Oct 2025 14:23:38 GMT
movie.png
images.onwardstate.com/uploads/2021/09/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.onwardstate.com/uploads/2021/09/movie.png
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08160df59e8b55d85970e7f63232f9fa4e5d0747b4c9f3c8837885ebb5838307

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
x-amz-version-id
qDR04ih4UcX7ntbAmxphhQ3EpQkO_zKL
cf-cache-status
MISS
x-amz-request-id
BCZNW2HZWXBC42GW
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
1448
x-amz-id-2
cFBVrQJ3W/cVwWB/ebTTMLzo4JuSxZ3f3K6FdWZu57fOHv8FxG468xKvk6ueO3G5r0eJbNpsRxMOWbvp6EcKlQ==
last-modified
Tue, 28 Sep 2021 12:32:48 GMT
server
cloudflare
etag
"e02a1c495b0efef45d047348c88dfb69"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
819e4786a9e39076-FRA
expires
Fri, 26 Sep 2031 12:32:46 GMT
apartments.png
images.onwardstate.com/uploads/2021/09/ 		1008 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.onwardstate.com/uploads/2021/09/apartments.png
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
005b7b9371feddf1d90a6479833fd83181115ce39506e5b83091e34d4a7d67cc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
x-amz-version-id
cuEzjlAFy42Lg9e8gKWjFgGRBBz05QL8
cf-cache-status
MISS
x-amz-request-id
BCZZ3QJB6JN6N39S
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
1008
x-amz-id-2
dslnHly1fWITfHSHa1wbLgNu9LGYMKik68JDPZtwvdBm4RbxiJGAqj75+ON+h4L9IN5kxVBdq98=
last-modified
Tue, 28 Sep 2021 12:32:46 GMT
server
cloudflare
etag
"972c47818f4453a4b087aa783101bbba"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
819e4786a9e49076-FRA
expires
Fri, 26 Sep 2031 12:32:43 GMT
auto.png
images.onwardstate.com/uploads/2021/09/ 		946 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.onwardstate.com/uploads/2021/09/auto.png
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:27a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7e77a1aff7dbaf50f5f2ae21691a722faf66b8ea46da185d97d2c7777e3b983

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
x-amz-version-id
7QtQGdOqtJeqt8K75QcgaPhNNxCO1dcx
cf-cache-status
MISS
x-amz-request-id
BCZQ366SN59CTEA6
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
946
x-amz-id-2
JPk2/FnyZqYAZPp1c4H2m0YJdnMWGv1GR27s7Z2ARB6fnYtNMJvfzXkspc9QQU572dX4Lqjl99s=
last-modified
Tue, 28 Sep 2021 12:32:42 GMT
server
cloudflare
etag
"5d9b228db258a59caec2ffcb4fa9aa2b"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
819e4786a9e59076-FRA
expires
Fri, 26 Sep 2031 12:32:39 GMT
1ad7261b-91ea-4b6f-b9e9-b83522205b75
config.aps.amazon-adsystem.com/configs/ 		537 B
814 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/1ad7261b-91ea-4b6f-b9e9-b83522205b75
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-15.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
ae65fc4349f56b5dcd8fa4cac9f4bfe6b952040917c61411142e4a8cb9157dd3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 01:26:50 GMT
via
1.1 da7d0e99d4b5322bc1c874b2af707374.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC50-P2
age
3408
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
uR8IsX72A8aM7nVxEx5ucYbJk6f6OEgTFhNXSPdQvjGFfRWcZI0tFw==
config
c.amazon-adsystem.com/cdn/prod/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fonwardstate.com&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
Server /
Resource Hash
685b4e34c73d5fdd68b48efebeac401849e8b5cbff73e072c838d7d71d245bb3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 20:28:20 GMT
via
1.1 e33c4b19512a86c5972c18d1c60d21f8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P2
age
21317
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://onwardstate.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
3103
x-amz-cf-id
3NafE6f6f0wl1rPgKjqb5lkooxon8qoF8VdIrBOiZYDuDOBM2WIg3Q==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fonwardstate.com%2F&pid=0oaWpUcz2UF4l&cb=0&ws=1600x1200&v=23.1010.1530&t=2000&slots=%5B%7B%22sd%22%3A%223a65dbd7-26ff-4b3e-85b1-123adb4918d7%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22181265%2Fonwardstate_sticky_footer%22%7D%2C%7B%22sd%22%3A%229d358588-4936-4e28-b28a-e9bec73103bc%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F22181265%2Fonwardstate_sidebar%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs2201%2C1%2C%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.191.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-191-32.muc50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 e46f362ef9260e60e122406168399f5c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P4
x-amz-rid
J5G5SKCNN25HDAMRD40M
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://onwardstate.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
LIwEu8lCkO7huMjmIrZg2nKRpqTSfcFsAaqZxrF-pY77YGBviB1dJA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 46e871af86c897cd369d8d20c90166ec.cloudfront.net (CloudFront)
date
Sun, 22 Oct 2023 02:23:38 GMT
x-amz-cf-pop
MUC50-P2
age
63692
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
iCvxJE4CVfWIyN70S4l3adOWSrKN8vS85Z6LnGEIwZgCX8thGm6t_A==
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-111000628-2&cid=838596988.1697941418&jid=1851929181&gjid=1514011837&_gid=1759917279.1697941418&_u=YADAAEAAAAAAACAAI~&z=1644631468
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 22 Oct 2023 02:23:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		247 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5SJPSTLWSY&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0c6d7368b9ead4359af2ce026698bbb797950ce3c5c4a7b4c270f0caa7cebe93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86014
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 22 Oct 2023 02:23:38 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-10930536-1&cid=838596988.1697941418&jid=1403283248&gjid=1348780371&_gid=1759917279.1697941418&_u=YADAAEABAAAAACAAI~&z=1420335022
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 22 Oct 2023 02:23:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-10930536-4&cid=838596988.1697941418&jid=244183786&gjid=56631110&_gid=1759917279.1697941418&_u=YADAAEABAAAAACAAI~&z=439278383
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 22 Oct 2023 02:23:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		228 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5B02HBVGV2&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a74b7ad3265c86957c3e367e89eaf64d66fbb558f4c54d94620b59e0859a135f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82972
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 22 Oct 2023 02:23:38 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1249139-15&cid=838596988.1697941418&jid=670758976&gjid=1849996711&_gid=1759917279.1697941418&_u=YADAAEABAAAAACAAI~&z=981533926
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 22 Oct 2023 02:23:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 35C2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkQtSCnJscIzD3Ny1-MT6pza2tcLzgIFMcctKHRjRJBPRF0Tv74xj65mwHspO81V2fSgJ9RP38KkFnZfQ82aSkaTpGAia8ShihEX_xdcCyEqVnA2ZGyO3xqZp1QOfT718Ge6HMdgJZnddAzoLdbnE7dC1A4zSOEFhe-3bcsvtzQtZS8ypodKU7EXwIk_-upDr9z9Sbdh0Rxc1ShmT7Ms-AN78QnUfY4zNLGobZ_8O5utRODuQyjpJVCsLrebFVdwg-X0iKoPlTBeITeLqA-WADH36zSSmqflm5f1B9S91z_9XbRz0LwTJmr-0hbz1tRMUPyRX-Cojy6odN&sai=AMfl-YTobb6883nZSX0sWWoaTeRtE1b3Ja7b0iRz7jQosdukgQK-lbmT7CU8o5wjZ8LIrI0-aghYG6whnU037nesdLSYDYsjh9KRslb7miU_HRJl5rG95Pq9qlasEuvS-NWiA97tRE00IZ6rLkFUgp8&sig=Cg0ArKJSzLqFMJEddX6gEAE&uach_m=[UACH]&adurl=
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 22 Oct 2023 02:23:38 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 35C2 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 00:02:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
8464
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 00:02:34 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 35C2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 18:11:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
29504
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Nov 2023 18:11:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 35C2 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Oct 2023 02:23:38 GMT
4100681801411699684
tpc.googlesyndication.com/simgad/ Frame 35C2 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4100681801411699684
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ec87e3e0d1e1d1bb8e96c429351de695e4ea1fb78e1d077d5ab5ad1770d5245
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 04:26:39 GMT
x-content-type-options
nosniff
age
165419
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107072
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 17:38:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 19 Oct 2024 04:26:39 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D474 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQaE2DNoCKL1y6O-ZmDQb5f66jwTbuh6r033AM0Qv8S7FDTHHrhziH3cbV35QcepH_E3kJxSvUvEgWLI2OYuMLoQ1VxaiidZ7L_clQEyp3DFBrb9ZhdhqQtCid1SR-jxu0YMJAtv7ImPA9j3U3TqlS4JHJX6see5fmEVYRvecWqpd12C9LKm_oo9I8jjY9JyYTR489MtD4yYOaMCoG5EmlfP1KdeInoAIm24JdnzJCutc7yTwhrSamhp-PcBZEZdJN12tvrmwGOynnqqnR-vTWTIYUUE-umWJL5u0UQNxvTLr30zQJoPhWsp94fy-h4EiJUXAx824AO2I69mvb&sai=AMfl-YTQ_SO5n7-VD0HO3waCJcVJJ_Fl46SQictvuhYzufsjLo4-nNJb7qfG91-StWmIfIzlCfKltUkgzLxRjgxDESsiGuFjqRAfBCvmnFubodpPmjgag7TNTsC9thW_Cd4hkCxMaf35gNlE5HeMQwY&sig=Cg0ArKJSzHVdDSr6dFwpEAE&uach_m=[UACH]&adurl=
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 22 Oct 2023 02:23:38 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame D474 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 00:02:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
8464
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 00:02:34 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame D474 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 18:11:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
29504
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Nov 2023 18:11:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D474 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Oct 2023 02:23:38 GMT
8619692691160182946
tpc.googlesyndication.com/simgad/ Frame D474 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8619692691160182946
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e8b12a451084a81dd2b10b67512a5f3214644fa929fd880315f384e5a3c6e1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 02:07:26 GMT
x-content-type-options
nosniff
age
173772
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87235
x-xss-protection
0
last-modified
Tue, 06 Aug 2019 17:12:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 19 Oct 2024 02:07:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A08A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwZ_vp5Zh30-TJhYR45Z0jw7RwLP8WTMJ6pc1K39KUFPsefRiaaW_du0X3M_s6Qzv3GVLu1tGAhwdpQmaBnUU0USrko3Escau0ZMj6NaIN7PUOaYgRhRihAbYhjSiBYmNFyHy_nPiN4nG-0ig_cd3U5T4PRqQHH7inCPixhU5721U7WF2clJaK9pJdC2hz3W3M1XN-LCIoNqLFAaBjERJ9wwA-4t2__syxXBOIE7zBNmAm3wksQux2wtAoqWue5jX9P5MqZ-1motTX-Wfn5WsVBGIKET_DR5Sc23x09KsPs3JZes72fYXtc2w3VWep1bcauhIetNkj3P5c&sai=AMfl-YRssxypnpV3Tahb_XrSAiziQetiTdBjZsX9Olk9sEw2MkHGySqUueFSzj0XlWk8I0YE_R8bgMlZWsNWS1fiVwKiQvdVEInqb83megUyyXSbb6xpe3t2yzJuPSvCkNHL7PTdo6jjlU753-1QXDk&sig=Cg0ArKJSzK2EaaxxOIJIEAE&uach_m=[UACH]&adurl=
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 22 Oct 2023 02:23:38 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame A08A 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 00:02:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
8464
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 00:02:34 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame A08A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 18:11:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
29504
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Nov 2023 18:11:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A08A 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Oct 2023 02:23:38 GMT
7008832957612386266
tpc.googlesyndication.com/simgad/ Frame A08A 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7008832957612386266
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
695774ab4dc5ec85e0991515c531f434f71e9e581d54665de2a8e596a0ff85fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 03:02:32 GMT
x-content-type-options
nosniff
age
170466
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41747
x-xss-protection
0
last-modified
Tue, 11 Feb 2020 16:11:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 19 Oct 2024 03:02:32 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 04EE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsueQIMgYx8ORUL-Fn1cP5Iq9kE7LBNDVcU104aGFBYUmuTKP9_mizsxdJsmEK83M9j7EiaNLG9ABYC_gBsp33Z3A4Oru36pxYiMyFZZICMuX9pI_QQlC0tc_pulpynPk3ZDd6uKNHWfRI42YKZ4cX6Cepjfokozu-sb0Bdviegi0W4zuEGoA9Ivdh7n9CAtCOC9uv7K8lxHY-TihK4bN--NlMKKsWOdMcRActVxzXn2dBOm7IENnh6IoRYrxND95SmEBZ4J2hNmwddoG0lKb6tp6mITfI_jrRuUfGmtVCGzeQGgBZUVIRYgAH5-ZXSBLDMUFnFM2Q4&sai=AMfl-YQP9FOT9YH62I4Sm3opNQjkJFW4xhkXE05UIhEZNzBRY9ODy0K7AuX0T12p-NMIF29rlnP8Ue0dIbVQKw89IRIFHqUy16UR5FjTkDSBXnaZJbsg9HE9i36Gkpc97ImFt01d9CKUVNF-Y8Dj7EI&sig=Cg0ArKJSzMJhVbYxnUljEAE&uach_m=[UACH]&adurl=
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 04EE 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 00:02:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
8464
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 00:02:34 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 04EE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 18:11:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
29504
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Nov 2023 18:11:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 04EE 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Oct 2023 02:23:38 GMT
7357420951579027155
tpc.googlesyndication.com/simgad/ Frame 04EE 		394 KB
394 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7357420951579027155
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea71f7d44b0697a590b5abaa2d4cedef47fb3146c53f29f9ece746096243eda2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 02:07:33 GMT
x-content-type-options
nosniff
age
173765
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
403347
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 17:38:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 19 Oct 2024 02:07:33 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 536C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUAA5-3Ym1Eo-bsYmsxiCziufsrJ2ieSb4r44t3U2orqg_kZbqwQHUSTCDhgwjTM2UElnpyQIy6yQeHvAf-999zORC8arF7cpTY4A-u9QsaNrXqw1BELEWkE0gKyiSVrDmERukU16p-gGsMhOqQxGiQLeRMipy149WgIJVBUM5AKZeR98-YpvRruaZ06nc2Lx-AAFAW_Wx0NZVQXSkVARUR1gTV3t543wIbwvp_wXPULkqMzLH-v1-p1n9LwsBR9a4XQgYU9kQgq6aRgNjBdXd9XOL4yhp6hovlmR8N049uJYn7TAHRoYgCrN_JG9208wU-1sETktR1VnaxA&sai=AMfl-YSFGndzkGsR4piQpc2_nNXiXFj4wZN3dtpfvxG0G1Q-lFsK66yEcj25LBKsUXXqBwi3SgxfmjEyJEWE25mNNbtD0MnkhnXcOz-FE4UW90EwGisD7k7OQKBCEbCBXN3cWlCkWyVVm42FJPrRhMI&sig=Cg0ArKJSzOXlIhfFi--DEAE&uach_m=[UACH]&adurl=
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 536C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 00:02:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
8464
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 00:02:34 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 536C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 18:11:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
29504
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Nov 2023 18:11:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 536C 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Oct 2023 02:23:38 GMT
5408275790016727088
tpc.googlesyndication.com/simgad/ Frame 536C 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5408275790016727088
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3832d94ac3464d8131a75afaa9ce790a33d08b2993dbc8062bb47da12ff09e83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:47:41 GMT
x-content-type-options
nosniff
age
196557
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53325
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 15:31:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 18 Oct 2024 19:47:41 GMT
truncated
/ Frame 35C2 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
779cd4c2412a0ed019a20d8182812d5a2ac7b0227851b1d732731a5d54e77d49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D474 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6639eec3741faf6905f7ab7b807b1702a93aa9b02e81c77a98d9b993849db1e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A08A 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c355fbd554b438e9ec019896c5eaa70eab883e9751438fc3fef6715bb1cf052

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 04EE 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb100d76031bbffcaef5d837850d2eecfb7ad9d6cf1252c2eecaa8cb0c502936

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 536C 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e158338e80ca4f06c258c38657d65ce66c0a969d442575865d3bb63b14e11c8f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
rules-p-WFJsXCa9VD158.js
rules.quantcount.com/ 		160 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:9000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c505f7e821ae7a1c88e6ce02d8e38b57233d9997445ce06b9ce50be989df5d7c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 01:24:21 GMT
via
1.1 167c735142bc0b0bedf2cca27d970088.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-C1
age
3575
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Tue, 11 Apr 2023 19:39:28 GMT
server
AmazonS3
etag
"8451e96214684fb5c6ec4f91dde0548e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
CwqfD7dHEEYoc7JiIZoCbbotB6CTV3JRIFm2trIOka3ktkqq8qTedQ==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Sun, 22 Oct 2023 02:38:38 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:03:18 GMT
content-encoding
gzip
via
1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
1221
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
reDn17d6_PNcdWTJ2b7JAINz2eEmQS0ylHhYCNNwcQmSiX4LTRUA2Q==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fonwardstate.com%2F&ref=&_it=amazon&partner_id=405
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907Z07N0H4YQRTZE
age
2572
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
819e4788db4335ff-FRA
x-amz-id-2
FTX4uTVOoCJnlfZvtg3cS2GHfBFAI/wkwGXMvvfwDzP+hX8bS7Tqr3U+IhvV3h140Zc4iKtAHTg=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		138 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89a9b728cbc4ea20ef9c0934035ba3300049c50682dcc0e58452c40749b6d853
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Oct 2023 11:34:12 GMT
server
cloudflare
x-amz-request-id
F18HG2S8JBQP5ZB9
age
2422
etag
W/"cc062d3a08ec5f94b7d1ab377b1e95bd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
819e47889c37366c-FRA
x-amz-id-2
d73VdFop/dtcaRK+0Ius7q1ULAwO2vRihUm/HOhhqKa7aZzd1Zp2JoIqKdvqn7fNqU4PQNRdXDvLhV7TdorQ4Q==
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Sun, 22 Oct 2023 02:38:38 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111000628-2&cid=838596988.1697941418&jid=1851929181&_u=YADAAEAAAAAAACAAI~&z=701290788
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111000628-2&cid=838596988.1697941418&jid=1851929181&_u=YADAAEAAAAAAACAAI~&z=701290788
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user-sessions-893dc9c.js
cdn.pbstck.com/ 		14 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.pbstck.com/user-sessions-893dc9c.js
Requested by
Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/user-sessions/d2f49a3d-a3ce-4a40-8dae-ed1da63402f3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3dfe4015335ea068794d956c64b48cbabf4cc8e504e2ddc9cfa5c6b669317de

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
4256KGSPKC881NMM
age
1965601
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ELStrW4a24jDwUuFixgxXysVuXfnHfU65OkwFpIUuu3kT/JhNatMs12dPaZrpXFF8UITeHTrPaw=
last-modified
Fri, 15 Sep 2023 15:11:50 GMT
server
cloudflare
etag
W/"90e20dc121a60c29702e7750bff295e3"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=604800, immutable
cf-ray
819e47899f0f9be8-FRA
collector-d8cb7f0.js
cdn.pbstck.com/ 		61 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.pbstck.com/collector-d8cb7f0.js
Requested by
Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/d2f49a3d-a3ce-4a40-8dae-ed1da63402f3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6eef34a0c9e985e995c924486d23ac237ae9e428763dd934b07ad65626526c3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
2GCMRAS1PC1YSGHY
age
1089760
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/OW/n0sCtpBhPjeJAq4RJhPMM9IktL8437SvDrXOGxY/tuwVgbfosv+tv0COkzlc/qp7FMUWDzI=
last-modified
Mon, 09 Oct 2023 08:15:49 GMT
server
cloudflare
etag
W/"73f689884b644651fd0ea2ef750b8713"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=604800, immutable
cf-ray
819e47899f0e9be8-FRA
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fonwardstate.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fonwardstate.com%2F&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fonwardstate.com%2F&rid=esp&cc=1
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
95a6950622e27068d04f5f57192ac60f0159053d800af0a4c72b9d48875cc69c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-zkZ1jT1Sznf5NnkWQBZTphaFtWw"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://onwardstate.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Sun, 22 Oct 2023 02:23:38 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://onwardstate.com
location
/esp?url=https%3A%2F%2Fonwardstate.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
syncframe
gum.criteo.com/ Frame 520A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=onwardstate.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://onwardstate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 22 Oct 2023 02:23:38 GMT
server
Kestrel
server-processing-duration-in-ticks
280816
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
1800821913487573
connect.facebook.net/signals/config/ 		139 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1800821913487573?v=2.9.135&r=stable&domain=onwardstate.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
04c5de8a9ac86f79ca17ca61b952995bd3d29397ab05b2c60fa8c96dcf51ecc9
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 22 Oct 2023 02:23:38 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
420Cyxht/fXerP59NQ1Y9PFgZgzgzMukHN87OUVpE4btxqdarYCFkqT1MzkFBOuxQD/kGqsmpNZD4gnIZJuU2w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=179461866061178&ev=PageView&dl=https%3A%2F%2Fonwardstate.com%2F&rl=&if=false&ts=1697941418443&sw=1600&sh=1200&v=2.9.135&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1697941418439.268262587&cs_est=true&ler=empty&it=1697941417850&coo=false&rqm=GET
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 22 Oct 2023 02:23:38 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
map
bcp.crwdcntrl.net/6/ 		60 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.74.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-74-238.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
7a5a024f757879633d0e3636a4c9970e2c5b5bef2a9a15a72c4bba8ed3963220

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:38 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache
x-server
10.45.16.180
access-control-allow-credentials
true
content-length
60
expires
0
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-10930536-1&cid=838596988.1697941418&jid=1403283248&_u=YADAAEABAAAAACAAI~&z=792368728
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-10930536-1&cid=838596988.1697941418&jid=1403283248&_u=YADAAEABAAAAACAAI~&z=792368728
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1249139-15&cid=838596988.1697941418&jid=670758976&_u=YADAAEABAAAAACAAI~&z=1233491002
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1249139-15&cid=838596988.1697941418&jid=670758976&_u=YADAAEABAAAAACAAI~&z=1233491002
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		16 B
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=494594469&t=event&ni=0&_s=1&dl=https%3A%2F%2Fonwardstate.com%2F&ul=en-us&de=UTF-8&dt=Onward%20State%20%7C%20Penn%20State%20Blog%20by%20PSU%20Students%20%7C%20News%2C%20Features%2C%20and%20Opinion&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=onwardstate.com-585856&ea=View&el=hero%7CNo.%207%20Penn%20State%20Football%20Falls%2020-12%20Against%20No.%203%20Ohio%20State&ev=1&_u=aADAAEABAAAAACAAI~&jid=1963960336&gjid=1409061497&cid=838596988.1697941418&tid=UA-111000628-5&_gid=1759917279.1697941418&_r=1&_slc=1&gtm=45He3ai0n81PPN9ZXB&z=1837896239
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8f68c6999550f4e8e07d1ad32c0ed501fc44e6c25021956eeebe2c678c6f7b8d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
fed
ups.analytics.yahoo.com/ups/58813/ 		2 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fonwardstate.com%2F
Requested by
Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://onwardstate.com
content-type
application/json
access-control-allow-credentials
true
view
securepubads.g.doubleclick.net/pcs/ Frame 35C2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLglCg_sPReDe5b6ZMPvxK3thssrPTgya6TQ82Eu0S0E3hjUKTaQKuHN-WqH2hX9u5JWp6Cp0cIsJ6br_5tdhXXCi52ez0i2jNWjHjEOE-BnN9CUu8C01vRkZO21hL1rg_seyvxfbAPhYxvJiNo1M8fwO6TpnWdndZiWCDUQuxK5mj8HqQ6zxMCjVNpbQdsMEXBIfPT35_vtULthYXcTf1G1DBXekAczDpB8YX_tEmu_yVizy30iA5C1uXIlpipA8Q2UtZymKDLvCFGmne6-G90vBJGsxcuXJqVl48Ol6KsZNDVeJVzi6sf71CRXMaPYevf6idC7DR-ltxJWQ&sai=AMfl-YTBNJr9T-q3IUuuE_GyQ6IMwvxwDg2b06b9gX4bJMaG8seUveinLm28TmHIfgnxkuaxZQsLU1bNkcK_l56IuMQku3NzA6jL6ePsCWp6EBKTUqGWPpmx84Ln3xpotG7Ctlf0Dmo2_6B-XhmAYFs&sig=Cg0ArKJSzGx-iVT_AHFmEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 22 Oct 2023 02:23:38 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D474 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuoTmfVosSkiBrWA6eZh43bJtNDDUrc1plvvLjBvn0g5oqHZlnk-GOBF04V6NC68K_5Y42eAKhRF4SO-gv4uKgDGALKT1QNG0QH5tS6ZmBxnBv0zxXH6-IlfI8EvszigX56x2e7RoqkFnCNdLn2G0Ixz36rXhGVyyhtA12Iya7wv02Zn7J7jR9eEISgkm0mj-etit9dVBldcqMyk6EnAyhe0bb3G-LCFqBMSzjUIUE_nLMfGRmUVn8aZfaKfJCd_5KOwagJYbSJuO7P_92ljj-RorE4Rg3JrSmzIhyq2Ge_Oby6kxKandNditPUM8PQSUSj6_Kp-eXVUdV4aOlKMmc&sai=AMfl-YTqCBClIoGW7VAQt3QUVWpiRLSV_nTJ4k8ARJB0s7ji3xxu-ZGpPUmRI_UrymShdtiQvHTALb8js5mG2iMjHU-82rQ2DI-aJBfzSnLG5A6d52crrsPiHdB0WkgD0mxn7Md06U_Ry11JsksYvdA&sig=Cg0ArKJSzE74qwGPDjgfEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 22 Oct 2023 02:23:38 GMT
sid
mug.criteo.com/ Frame 520A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=onwardstate.com&sn=ChromeSyncframe&so=0&topUrl=onwardstate.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=9_z_GnxaUXkvMzE5OE1nTGFIUklGL2h1eHJRNCtMRXhHRlZOOXFaQ0xoRXdLcXlaQldmenZoMjBDLytIQko5bHVYQm1uSjdJUXVYVjkwdUt6dkg3V1dKRjlxU0NnMndJazlRSUJqSG5RSWlYQm1UUk96VXdvRCthdm9YVG...
428 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=9_z_GnxaUXkvMzE5OE1nTGFIUklGL2h1eHJRNCtMRXhHRlZOOXFaQ0xoRXdLcXlaQldmenZoMjBDLytIQko5bHVYQm1uSjdJUXVYVjkwdUt6dkg3V1dKRjlxU0NnMndJazlRSUJqSG5RSWlYQm1UUk96VXdvRCthdm9YVGx6Wmd3UmhFbzhHenFucmRETkVITHJiZ3o3V3RYS1ZTUUlXNm45R0h6em5tV29xZlA5dFBmQmQ2NTRycW4rbllwbkh4R3UrTElHMitSeUNJMXRLdlBhbkVRYjFqVEl5YTNkb0Vsc1E2aUhIL0FtaEh2bmNadDdjMDNnZ3JRcklWbjRzazA5RVFHLyt3WVNxV29FcmRzS2VPVUE4V2YzbUM5b1lqOW1tR1MxRUMwVjdkSUtCZz18&cppv=2
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
de48f260f5b75bb146439444466db9a13808dddd0a6fa04c350e60ec311b5f66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:38 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1715344
expires
0

Redirect headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:38 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=9_z_GnxaUXkvMzE5OE1nTGFIUklGL2h1eHJRNCtMRXhHRlZOOXFaQ0xoRXdLcXlaQldmenZoMjBDLytIQko5bHVYQm1uSjdJUXVYVjkwdUt6dkg3V1dKRjlxU0NnMndJazlRSUJqSG5RSWlYQm1UUk96VXdvRCthdm9YVGx6Wmd3UmhFbzhHenFucmRETkVITHJiZ3o3V3RYS1ZTUUlXNm45R0h6em5tV29xZlA5dFBmQmQ2NTRycW4rbllwbkh4R3UrTElHMitSeUNJMXRLdlBhbkVRYjFqVEl5YTNkb0Vsc1E2aUhIL0FtaEh2bmNadDdjMDNnZ3JRcklWbjRzazA5RVFHLyt3WVNxV29FcmRzS2VPVUE4V2YzbUM5b1lqOW1tR1MxRUMwVjdkSUtCZz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
266441
content-length
0
expires
0
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=onwardstate.com&url=https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://onwardstate.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
819e478b3a7239c1-FRA
content-length
0
content-type
application/json
date
Sun, 22 Oct 2023 02:23:38 GMT
debug
OPTIONS block
expires
Mon, 21 Oct 2024 02:23:38 GMT
server
cloudflare
hadron.json
id.hadron.ad.gt/v1/ 		100 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=onwardstate.com&url=https://onwardstate.com/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fonwardstate.com%2F&ref=&_it=amazon&partner_id=405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
660814121a525474a66802eba7154d16deb59b793a1d9d99222b05f6b04c5eb6

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
819e478c0adb39c1-FRA
view
securepubads.g.doubleclick.net/pcs/ Frame 536C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjHNnIq9eYeXkFhtf36UyV2Xk0oQJqUdKDjbpsllzTkrc5oZRV_bxMmn3fp56hHhiDG6jI1SWPA1-a4uMzBmFads0Cbkc5J7CPKx878jMgCShtmECxY5N4Q71SotwWaOz1s04x2wV6NzS7bl9yk1MqEmRKl74oyWfZfTKwfB7gBuYLrwIj-yWTfWskD_tg3MBDtpJYA8Us75pyuMtv2BPylXKDVuvKemCO_vLKiNYxjrS_b7ryVypf7Oz3PxPteaTABYLAhCk-vh7Upqs4ViS9rjA9eifvjnPuCHB-pB1VECK94KxMLVDZDXasbkUxl_7tJAkErmPYBB24IOTg&sai=AMfl-YQIhspHi_W_6e_xs9TVZTFzo0HKEyOjGnvTgRJ9PzG_uTymiDQu05BUaUxgQ2OufGTbKETSc75ngPtIkcjo65INtfWRl5vLjJVp_vhbS6va6aZ_G05o9T-J_OQ1LkynVAEbjSsX71A07MN3Lxs&sig=Cg0ArKJSzDHImVUDLE2UEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 22 Oct 2023 02:23:38 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 04EE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYrORuIiltmceFjFAQ7wlU2qJOTgzVeqqLdDP6isoOds5HFrAW0bvRNCxk3143f_bWmh1KENaN4lzKY1nGbi4GIb1Pbg67792YvxDFk_d4QwYCDwuI5rFCkNZX0eBapN23nCw8V2T653d5xiAteQIRupKkurouJhJqtfnGU7vevJTrDREr35a_XgLzavbRRtDpU2i5l53drSvVx2R4-wd8X18qdBnITfKDSuehBVh-iQtHTU5RA-4FWJVT5_ZCJ1V3fXqQx995NMIfsLDhHA4uekQAaaZo39yPuh6viM3lfiVgWxhxIHv3oM6WCCE8NK16fHmQk_wbpw&sai=AMfl-YTHVZsqtzCfme4ryYeNvsd4XaeOogHcA7vtxfNzdWkJ-sAwAqSrRzywZIIMAoN3UsrwpSj2jrkBevpDxgI1BBZJZUCoScEEbIbVWP291icm2BJRlIQ6dBW8Een5rxyRzaJNWhGZXCqi9YN5-ts&sig=Cg0ArKJSzFYi30wguagwEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 22 Oct 2023 02:23:38 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A08A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKk75WY_VFXvuhdkHN8R-VKt_zxacvCWVAWrQfMr1N0qsMxhKdYYSx5ISRRrMkeXN0SGAUiZ89Fw67FXGp3sNifAb0224w84U0cJ-I8IQtbeIGcBLwIxULRQ4wck5uYjS4BtZrPM-brHUhQrmfwLNHY0VNmlFTt_ZahXu9HvFBlhbFAnb9r-KJD7vgcodC1Baw6De5kFZxLje5bm5CC_cwaXXWSc4f7lneMNxhK-qLS_JoA2WhCtgT4vCIlLkQxffcVabvwOO8zLiYYJ1vBOwlj92JZocBPLQfmk1ztxCr6i6I2IkC16ejDOSfaEqxdqV9WzMXoZX9spjWjqI&sai=AMfl-YSs8yIhIOgCCcf1AolDnvEq9UI2lrm3k9WTG6GoP1moIdlEL9ITy0J8j42IV7VK0rLzcS7AwyCT_OP6IwZ663blWDldMcfB-9Craippp4gifCinlfDO1XvFk_-BC5r00OIi1OjU2Mp7y7zWuuI&sig=Cg0ArKJSzFSXtgiIovtzEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 22 Oct 2023 02:23:38 GMT
pixel;r=1495571418;source=gtm;rf=0;a=p-WFJsXCa9VD158;url=https%3A%2F%2Fonwardstate.com%2F;uht=2;fpan=1;fpa=P0-1245798588-1697941418316;pbc=;ns=0;ce=1;qjs=1;qv=d48babbb-20231018122215;cm=;gdpr=0;ref...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1495571418;source=gtm;rf=0;a=p-WFJsXCa9VD158;url=https%3A%2F%2Fonwardstate.com%2F;uht=2;fpan=1;fpa=P0-1245798588-1697941418316;pbc=;ns=0;ce=1;qjs=1;qv=d48babbb-20231018122215;cm=;gdpr=0;ref=;d=onwardstate.com;dst=1;et=1697941418759;tzo=-120;ogl=locale.en_US%2Ctype.website%2Ctitle.Onward%20State%2Cdescription.Onward%20State%252C%20an%20online%20news%20organization%20serving%20Penn%20State%20students%252C%20faculty%252C%20%2Curl.https%3A%2F%2Fonwardstate%252Ecom%2F%2Csite_name.Onward%20State%2Cimage.https%3A%2F%2Fimages%252Ephillypublishing%252Ecom%2Fonwardstate%2Fuploads%2F2018%2F02%2FOnward-State-Lio;ses=9c05c2de-79b1-47dd-8353-a155b51b959b;mdl=
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-5SJPSTLWSY&gtm=45je3ai0&_p=494594469&_gaz=1&ul=en-us&sr=1600x1200&cid=838596988.1697941418&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fonwardstate.com%2F&dt=Onward%20State%20%7C%20Penn%20State%20Blog%20by%20PSU%20Students%20%7C%20News%2C%20Features%2C%20and%20Opinion&sid=1697941418&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_2=2023-10-22T04%3A23%3A37.559%2B02%3A00
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5SJPSTLWSY&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5SJPSTLWSY&cid=838596988.1697941418&gtm=45je3ai0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5SJPSTLWSY&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5SJPSTLWSY&cid=838596988.1697941418&gtm=45je3ai0&aip=1&z=1337595805
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-5B02HBVGV2&gtm=45je3ai0&_p=494594469&ul=en-us&sr=1600x1200&cid=838596988.1697941418&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fonwardstate.com%2F&dt=Onward%20State%20%7C%20Penn%20State%20Blog%20by%20PSU%20Students%20%7C%20News%2C%20Features%2C%20and%20Opinion&sid=1697941418&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5B02HBVGV2&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Sun, 22 Oct 2023 02:38:38 GMT
web-vitals
intake.pbstck.com/v1/intake/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://intake.pbstck.com/v1/intake/web-vitals
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 22 Oct 2023 02:23:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
819e478c289b65d9-FRA
alt-svc
h3=":443"; ma=86400
map
bcp.crwdcntrl.net/6/ 		60 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.74.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-74-238.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
d1ec906c5fffa0865e493015da0a82a959a6267d25cdf54b672be6406877017a

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:38 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache
x-server
10.45.16.180
access-control-allow-credentials
true
content-length
60
expires
0
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-111000628-5&cid=838596988.1697941418&jid=1963960336&gjid=1409061497&_gid=1759917279.1697941418&_u=aADAAEABAAAAACAAI~&z=1506279934
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 22 Oct 2023 02:23:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		249 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MSKEKZ2D0X&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7964f41b541e450eba442be951ed2350cf625a3ea1017e9c76db87672ae1fcc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86071
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 22 Oct 2023 02:23:38 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1800821913487573&ev=PageView&dl=https%3A%2F%2Fonwardstate.com%2F&rl=&if=false&ts=1697941418947&sw=1600&sh=1200&v=2.9.135&r=stable&ec=0&o=30&fbp=fb.1.1697941418439.268262587&cs_est=true&ler=empty&it=1697941417850&coo=false&rqm=GET
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 22 Oct 2023 02:23:38 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fonwardstate.com%2F&domain=onwardstate.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://onwardstate.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 22 Oct 2023 02:23:38 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
190487
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ 		49 B
249 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0&src=pbjs&ver=8.15.0&coppa=0
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://onwardstate.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
/
id.a-mx.com/sync/ 		66 B
268 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync/?tagId=&ref=null&u=https://onwardstate.com/&tl=https://onwardstate.com/&nf=0&rt=true&v=8.15.0&av=2.0&vg=aaw&us_privacy=null&am=null&gdpr=0&gdpr_consent=
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
131.153.158.209 , United States, ASN60558 (SECUREDSERVERS-EU, US),
Reverse DNS
Software
/
Resource Hash
80c76e0adf9fa82ccd48bef004b4a144da4a4c7fc0fb87e0449a4aa98efe8d8b

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://onwardstate.com
date
Sun, 22 Oct 2023 02:23:38 GMT
access-control-allow-credentials
true
content-length
66
content-type
application/json
json
gum.criteo.com/sid/ 		2 B
373 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fonwardstate.com%2F&domain=onwardstate.com&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:38 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
195546
expires
0
pbhid
id.hadron.ad.gt/api/v1/ 		227 B
224 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=405&_it=prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50ff4d75c74de9cd21d1afaee79cb2c8fdc5fb6a3bf00f831389fa906be815ef

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 22 Oct 2023 02:23:38 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
819e478c9b2e39c1-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
prebid
id5-sync.com/api/config/ 		135 B
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://onwardstate.com
date
Sun, 22 Oct 2023 02:23:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
any
idx.liadm.com/idex/prebid/ 		0
312 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/any?resolve=nonId
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.122.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-122-71.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://onwardstate.com
date
Sun, 22 Oct 2023 02:23:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-credentials
true
trace-id
7f5d90fe644abb92
vary
Origin
request-time
1
id
id.crwdcntrl.net/ 		43 B
317 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?c=17228
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.204.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-204-82.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache
x-server
10.45.24.105
access-control-allow-credentials
true
content-length
43
expires
0
fpc
at.teads.tv/ 		0
338 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_consent=&gdpr_status=22&gdpr_reason=220&ccpa_consent=&sv=prebid-v1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 22 Oct 2023 02:23:39 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://onwardstate.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Sun, 22 Oct 2023 02:23:39 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		153 KB
60 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=833601715597371&correlator=892252240617126&eid=31078703%2C31078820&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fifs&iu_parts=22181265%3A4144372%2Conwardstate_sticky_footer%2Conwardstate_sidebar&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%2C336x280%7C300x250&ifi=8&sfv=1-0-40&sc=1&cookie=ID%3D1af7ab674e68025a%3AT%3D1697941417%3ART%3D1697941417%3AS%3DALNI_MaBNyhdnnP5Eg941D9Cm7XDJFSXEQ&gpic=UID%3D00000c9edd15cf5a%3AT%3D1697941417%3ART%3D1697941417%3AS%3DALNI_MaIlUd3rzfPLsHc7f7g2jLk6ZCZkg&abxe=1&dt=1697941419006&lmt=1697933153&adxs=0%2C1020&adys=4396%2C1014&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3%7C0&ucis=8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fonwardstate.com%2F&vis=1&psz=1600x4385%7C355x30&msz=728x0%7C325x0&fws=128%2C4&ohw=0%2C355&ga_vid=838596988.1697941418&ga_sid=1697941418&ga_hid=494594469&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY2-DHqbUxSABSAghvEhsKDDMzYWNyb3NzLmNvbRjb4MeptTFIAFICCG8SOwoKcHViY2lkLm9yZxIkZWI2MjZmY2ItNTE4Mi00MmUyLWEwMGItMWYwNzRhZjEzMDZlGNrgx6m1MUgAEhgKCXlhaG9vLmNvbRiM5MeptTFIAFICCG8SHQoOZXNwLmNyaXRlby5jb20YnN_HqbUxSABSAghkEhcKCHJ0YmhvdXNlGJ7jx6m1MUgAUgIIahIZCgp1aWRhcGkuY29tGNvgx6m1MUgAUgIIbxIUCgVvcGVueBic38eptTFIAFICCGQSGwoMbGl2ZXJhbXAuY29tGNvgx6m1MUgAUgIIbxIbCgxpZDUtc3luYy5jb20Y2-DHqbUxSABSAghvEh0KDmxpdmVpbnRlbnQuY29tGNvgx6m1MUgAUgIIbw..&dlt=1697941416768&idt=1087&ppid=eb626fcb518242e2a00b1f074af1306e&prev_scp=refresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D3%26hb_adomain%3Delectroworld.nl%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.17%26hb_adid%3D834c65e63224a98%26hb_bidder%3Drubicon%26anh%3Dadhesion%7Crefresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D336x280%26hb_pb%3D0.08%26hb_adid%3D841a6623611236d%26hb_bidder%3Dappnexus%26anh%3Dtrue&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D300%26wrap_l%3D1500%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D100%26padpr%3D2%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26id5idtest%3Dna%2633acrossIdtest%3Dna%26teadsIdtest%3Dna%26fabrickIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D400%26waae%3D1000%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D1s%26wabtr%3Drichaudience&adks=2227921122%2C1465236861&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11e836e22b258eb00b1bc3ea700a4a3605f2339c6c60ccb470c6c8922aa25d89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:39 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
303412
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61755
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
463899
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111000628-5&cid=838596988.1697941418&jid=1963960336&_u=aADAAEABAAAAACAAI~&z=1323202441
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111000628-5&cid=838596988.1697941418&jid=1963960336&_u=aADAAEABAAAAACAAI~&z=1323202441
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
405
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/405?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fonwardstate.com%2F&ref=&_it=amazon&partner_id=405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3d7327bad8629eb0f8a752e0905a07d830aed213d9ebf9454fefde09141b04e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 22 Oct 2023 02:20:31 GMT
server
cloudflare
age
188
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
819e478d9d519211-FRA
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 		190 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:39 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary
Origin
content-type
application/json
access-control-allow-origin
https://onwardstate.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Sun, 22 Oct 2023 02:53:39 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-MSKEKZ2D0X&gtm=45je3ai0&_p=494594469&_gaz=1&ul=en-us&sr=1600x1200&cid=838596988.1697941418&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AhAI&_s=1&dl=https%3A%2F%2Fonwardstate.com%2F&dt=Onward%20State%20%7C%20Penn%20State%20Blog%20by%20PSU%20Students%20%7C%20News%2C%20Features%2C%20and%20Opinion&sid=1697941419&sct=1&seg=0&en=View&_fv=1&_ss=1&_ee=1&ep.event_category=onwardstate.com-585856&ep.event_label=hero%7CNo.%207%20Penn%20State%20Football%20Falls%2020-12%20Against%20No.%203%20Ohio%20State&ep.value=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MSKEKZ2D0X&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MSKEKZ2D0X&cid=838596988.1697941418&gtm=45je3ai0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MSKEKZ2D0X&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-MSKEKZ2D0X&gtm=45je3ai0&_p=494594469&ul=en-us&sr=1600x1200&cid=838596988.1697941418&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABgI&_s=2&dl=https%3A%2F%2Fonwardstate.com%2F&dt=Onward%20State%20%7C%20Penn%20State%20Blog%20by%20PSU%20Students%20%7C%20News%2C%20Features%2C%20and%20Opinion&sid=1697941419&sct=1&seg=0&en=view___hero&_c=1&ep.event_category=onwardstate.com-585856&ep.event_label=hero%7CNo.%207%20Penn%20State%20Football%20Falls%2020-12%20Against%20No.%203%20Ohio%20State&ep.value=1&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MSKEKZ2D0X&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MSKEKZ2D0X&cid=838596988.1697941418&gtm=45je3ai0&aip=1&z=26477071
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 90DA 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://onwardstate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 22 Oct 2023 02:23:39 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
46695d7484b0e9edb5125e128a88b7943b763856d7a3f905ad450955b6ebc4ba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://onwardstate.com
date
Sun, 22 Oct 2023 02:23:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
b73197f49ed9c94346e3f28e1dd7e10530f14ad04ac87afc97c4
sixscissors.com/post/ 		288 B
315 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sixscissors.com/post/b73197f49ed9c94346e3f28e1dd7e10530f14ad04ac87afc97c4
Requested by
Host: sixscissors.com
URL: https://sixscissors.com/v2/0/mjtscO1d90DtrRU4UNR5dLZu2ZSJqIZ3BMwO-8QD19FK0MiNHuU1U_vy2w6Bwmm5ZaR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
99e4ca501c721cc37c3e9b4fde630efa65e5ff4fb42bec1269f5ee9f51e66b29
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sun, 22 Oct 2023 02:23:39 GMT
via
1.1 google
x-buildnumber
1033761249
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://onwardstate.com
x-hostname
fen-hoothoot-europe-west1-hbfj
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sun, 22 Oct 2023 02:23:38 GMT
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 		230 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f981cd12a95a3d5cd29fed7b0e95e8b292061ca5d5237ff572d0b88e6894aaef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:39 GMT
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 16:10:16 GMT
server
Apache
etag
"3965e-607ffe0078239-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
67642
expires
Sun, 22 Oct 2023 02:38:39 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310170101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d950c3d0f8af2ff611af5342ac669290b0619830f59ba1498e2dbe12dd0e226f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12087
x-xss-protection
0
579.json
id5-sync.com/g/v2/ 		276 B
557 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/579.json
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
59af8812df779787c5379ed02f88f0305ff7ec95aae73b85703dfc7f17b41737
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://onwardstate.com
date
Sun, 22 Oct 2023 02:23:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
slaughter-menshockey-vsica-24-3_720.jpg
i0.wp.com/images.onwardstate.com/uploads/2023/10/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/images.onwardstate.com/uploads/2023/10/slaughter-menshockey-vsica-24-3_720.jpg?resize=500%2C333&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
54bd133d6db92082fd9a39cd1218578b4251e0066dc5822e817637af07f1d852
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nc
MISS ams 1
date
Sun, 22 Oct 2023 02:23:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 22 Oct 2023 02:23:39 GMT
server
nginx
etag
"c8be90aec9fbde62"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://images.onwardstate.com/uploads/2023/10/slaughter-menshockey-vsica-24-3_720.jpg>; rel="canonical"
content-length
30388
expires
Tue, 21 Oct 2025 14:23:39 GMT
Football-vs.-Ohio-State-Stutzman-04827-scaled.jpg
i0.wp.com/images.onwardstate.com/uploads/2023/10/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/images.onwardstate.com/uploads/2023/10/Football-vs.-Ohio-State-Stutzman-04827-scaled.jpg?resize=500%2C333&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
d39d9a559502386f5dfde497e54aca3395e817951c57c932082c0d6eeb49eebf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nc
MISS ams 3
date
Sun, 22 Oct 2023 02:23:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 22 Oct 2023 02:23:39 GMT
server
nginx
etag
"d58e1a77b1066cf1"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://images.onwardstate.com/uploads/2023/10/Football-vs.-Ohio-State-Stutzman-04827-scaled.jpg>; rel="canonical"
content-length
17074
expires
Tue, 21 Oct 2025 14:23:39 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 22 Oct 2023 02:23:39 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 790C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onwardstate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
28583
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 18:27:16 GMT
expires
Sun, 20 Oct 2024 18:27:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C998 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
95e14f29b6f2a5c6b6a42f8cffa13b084f54c119307fe76dae8667c2e6158eee
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TJvT7xVXd6c2MaK3hYklog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onwardstate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-TJvT7xVXd6c2MaK3hYklog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 22 Oct 2023 02:23:39 GMT
expires
Sun, 22 Oct 2023 02:23:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
container.html
3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0241 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onwardstate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 22 Oct 2023 02:23:38 GMT
expires
Mon, 21 Oct 2024 02:23:38 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8B59 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onwardstate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 22 Oct 2023 02:23:38 GMT
expires
Mon, 21 Oct 2024 02:23:38 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 35C2 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvCKAkvYe3igOEEOf4D4ANJu54FRvow6qcJ-QjJcHJAukt0sVM0Z7G3BdpB82XcUXYuhk478ujmL4b3jwh3vzyQsR9-yLTU6-fyM3U8Wb8kRhOIPgVoad5a31u2hPhS&sig=Cg0ArKJSzKP8xYR2ZeTqEAE&id=lidar2&mcvt=1025&p=8,436,98,1164&mtos=1025,1025,1025,1025,1025&tos=1025,0,0,0,0&v=20231018&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1952187423&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697941418173&rpt=461&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ym.0.js
static.yieldmo.com/ Frame 0241 		469 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/ym.0.js
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:4600:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ff77c383aae101d2445f3e8098d86f9b495f0483c41c29a02279afb092f5b74

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
9xkbs4kRdqrAOxgSC7brR1XneW_ux7FJ
content-encoding
br
via
1.1 d2e8c709d1f79bde6ed8f833f02bdd34.cloudfront.net (CloudFront)
date
Sat, 21 Oct 2023 21:51:35 GMT
x-amz-cf-pop
MUC50-P2
age
16325
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 19 Oct 2023 21:04:02 GMT
server
AmazonS3
etag
W/"43f5d34351c02087dfe277c23fdc7dda"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
BbXIWNapwZIgIh04WpHCVu-30ENyOkAIYIpwvvNyaMzOqICZ-sFKeg==
pixel
googleads.g.doubleclick.net/xbbe/ Frame A655 		278 B
459 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYvf-BvQEwAQ&v=APEucNUpq6a-zBE0zdekKMvYKte7TLhXYqmpwTvxzby-fqmfrYsrHdEIf9IwPk7vdiReDJtJmXlwH2BRj1fbEO5m1SXmDq9MnUexEzcxA3VyAreEvc4NbH8
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a87985707fa8a2cd12b5d3879626eccd92c19372ed032b91a7c6f9ea00b6ea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
104
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 Oct 2023 02:23:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 0241 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 22 Oct 2023 02:23:39 GMT
ev
ads.yieldmo.com/v000/t_tkr/ Frame 0241 		43 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3389697402702350077&pvt=1697941419168&plid=2337072099794821211&imp=5786827464863289581&rep_meta=STyM3Xvv-uJEOMk9-Fax9M4TzJfkuuyHkjPJYufMNgqh7Nncp86sgJ-akBvJBU8_Gp8qw-FrmAovGn1xGCdMFKryMsSDZukyaOYTrC1w9IGyB5OGKDwPs-eIYyUUo7q8mulhdHqmEfeMR34shHgElwmMARHjcaoEXA-DHOec59CdqwyRupMCqsU51hpledDszDSf94blahxhkKa8dYodiHss12dXkQY6Yhr2Veciyn6igVb6f7qq-nTia4f3wUoeCtFcqG_T6JE-IQ3kbpWwSVHvBlSGTv2ZVA8yNrtkcQ0YM6x4jm9uPZldSLOZgNhGbDnB3AT4VmriejpmKrAFr9AOu0C3qGTMyS__47jsLSSR2MKRqt9KtQJkj4XkrdTv_-wuvdri7qpWNenqkLlvjg
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.202.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-202-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
ev
ads.yieldmo.com/v000/t_tkr/ Frame 0241 		0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=r&pvid=3389697402702350077&pvt=1697941419168&plid=2337072099794821211&imp=5786827464863289581&rep_meta=STyM3Xvv-uJEOMk9-Fax9M4TzJfkuuyHkjPJYufMNgqh7Nncp86sgJ-akBvJBU8_Gp8qw-FrmAovGn1xGCdMFKryMsSDZukyaOYTrC1w9IGyB5OGKDwPs-eIYyUUo7q8mulhdHqmEfeMR34shHgElwmMARHjcaoEXA-DHOec59CdqwyRupMCqsU51hpledDszDSf94blahxhkKa8dYodiHss12dXkQY6Yhr2Veciyn6igVb6f7qq-nTia4f3wUoeCtFcqG_T6JE-IQ3kbpWwSVHvBlSGTv2ZVA8yNrtkcQ0YM6x4jm9uPZldSLOZgNhGbDnB3AT4VmriejpmKrAFr9AOu0C3qGTMyS__47jsLSSR2MKRqt9KtQJkj4XkrdTv_-wuvdri7qpWNenqkLlvjg
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.202.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-202-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0241 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BKdu33E2Y83ncNvrX4jEV3qyRZfE5_4z1Cm_8Nf1tN0SE6gEsToR6oY0Hi4-iB-UCfY9mZo0eSqcbwIN1HA-YS6uQ4tCPhrFS2KrMe16TAf-f3a4I
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0241 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=18153466666848316689&x=67&ct=77
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 0241 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4230470&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hJAlJjdeoTJNa4xLhSVSrb&DVP_DBM_1=3060631&DVP_DBM_2=22886455&DVP_DBM_3=18510215038&DVP_DBM_4=396394429&DVP_DBM_5=67&DVP_DBM_6=67&DVP_DBM_7=30466565558&turl=https://onwardstate.com&DVP_PP_BUNDLE_ID=
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
5aceb9edcea34bb69cbce4ff713f96f5d62f70bbd4bf5ef766bf058bed0fa21c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sun, 22 Oct 2023 02:23:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2023 09:51:44 GMT
Server
UploadServer
ETag
"56f95dec40f6402642b5537aa29ad91c"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
932
Expires
Mon, 23 Oct 2023 02:23:39 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 0241 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hJAlJjdeoTJNa4xLhSVSrb&DVP_DBM_1=3060631&DVP_DBM_2=22886455&DVP_DBM_3=18510215038&DVP_DBM_4=396394429&DVP_DBM_5=67&DVP_DBM_6=67&DVP_DBM_7=30466565558&turl=https://onwardstate.com&DVP_PP_BUNDLE_ID=
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b1a22bca2e94ac819868674685b19dacadb2888e6099876d6e101ccaf2b17993

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sun, 22 Oct 2023 02:23:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Oct 2023 12:35:35 GMT
Server
UploadServer
ETag
"feed0819b127152e53765dac6c4fa8da"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3638
Expires
Sun, 22 Oct 2023 02:38:39 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 0241 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 18:11:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
29505
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Nov 2023 18:11:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 0241 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 00:02:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
8465
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8427
x-xss-protection
0
server
cafe
etag
8504628880869859743
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 00:02:34 GMT
l
www.google.com/ads/measurement/ Frame 0241 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSpxzKog9pwptN8Z2VowmCSFd0l8xp4UbgjITo6hkH-4T1OJydq4q0vF8z-5E8C56wJGWxqXmPA2dDSd8H_DpzfAQE2WA
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0241 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
157770
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Oct 2024 06:34:09 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0241 		195 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84e6bd8c14717d5a1461b156f532045f1131ae5c98849ade2e45d6193c6dbb69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62757
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Oct 2023 02:23:39 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C998 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310170101&jk=833601715597371&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame FBFC 		624 B
288 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYnLX88wEwAQ&v=APEucNWdJILPG_036g5JeggPuuLEwBuB79sNMVNwgzRK0Uja7xLysgYdukJ2SkZrlDDi_2_bsZ_f0iUwVRZDKywo9G9NN9lQkbCFc4L5yrOrnGiQ0QkuPaMjDTx4ccRp1tpfiNpDm7kAt-ve9QKow8RndPjlunNNLd1RPJYysj6Ak5bcHOQPUUza9iIVZjLm7utVGlmFtrADU4MXyAmwMoN22b5wjUMXZQ
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 Oct 2023 02:23:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 8B59 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 18:04:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
29938
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Nov 2023 18:04:41 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame 8B59 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 18:04:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
29938
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Nov 2023 18:04:41 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8B59 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssTdyx08TrJLz97oi3uJzO7uTiMfKCPSqQOBXQabu7Rk3sBIiakcsoy7nNqNeIe0oZy3s3hV0DG6U7jQUGjfBqX8FNmKcQ_KuMTHYNGjhlnuN_hYgnmJCeUZegq5kRMzvu9V_rJzr8hBobH4ZurWjjpjHDXv4iUcmfnObSKRSVA_aRu2zgKjoV6F4ZnC3QmYGIyysiW8jTZR9w7GhfTq7bltfL41wdUj2mj2i0hjlwPj8LqlAD7R9dfmSEaj7-vIwtLQN7NQSQvHkQ2QMnUf1Zyf_WywDVqeaLjp4QG_wgZ0N-_fxOV0Nj9zWiElp4amncgAXrXO9wO0KQeQ5WV4j9sswewBPmynVd5Wh4PgUEamKXihnZCAqU7G1K8cSz33wb64gKiDrudprOod1Rr2RG9wqgPotzM_Bm1bfygnjD71Ocu7sl05CXlwiayUxD2jMjHy3oMxS4nBcoItp8b4vfhQe-7aWjosxfNJcr7y442RRi2JocH1vFyUgSqkLU7NhL1bxzoE2ppiCSNcBu0o6XI_mIy_BUMrkOdjWNn1ehatvkqBwLEOWLcm5WDY5J6hpxkfow9p88ClgUNfaCvHzKvf1VP8HwVaywd0iWP3KR-0Ym7hahsKcHHqUM0gEX10NlwsMKwa5ZM_1kn_ivBIdNVaB3H-2MWTEYUbu14XSW3T6jIjuP5xCso0ndQhSk15i7iIzfNM7RxcPnC6m4QXLbdNH9NWyJDRMmf_w32wh5hS_3nuBvdcKY2Jxs_X7UbYmYfoGcFSYTnrNMFZyF0D8ywIY8Cnj38bRebAYyOeo-eHAzL6oRfgOLeArKwNjakaZDOXW1tyn4B1Sn8x_9jorqAZUpXUWeg5uhjnZtvjAPPpYLk4_AT-a2TWCSLOLTZXiOXnblXBZF0W0pd9yNvW2MMVR3txT3neS0OCokjfFK7UzbwdA01GXWWY53FJ3FsXM_nth3dHoIFl42gwZZjky1XecP0lTo5rY6NKrc2c4TD5XbQIygls-2ZW7nuEvxDcq5fH__XXc95W5UUYjrkLqelqFo3TLhgzcFRl-eBXwVoNABXPMyHB-4o9R4KqdesAU2FJnv0WJ3awak7oWwZl73YKnewD85cFBfk7aGzdlDUMEk2zgvkkCOiha7vWSBYoyQDInG5xsPe_i4csea7XcEkc2NouwT_XppF6gjZ-kG7wvq8Njsbus61ccpJoVhJTZp676oj7ub-AtPTxNU7BQyNmZa0YASugSr2DTh0R-8WNwX5P1Q-Rkhz3EvnHkEPrebV9A_RvIWuB3U7IJf7YV2heWeGzib1Q6n7ls0deUpAnMcqATwk-pVrijQoV_OeXVR1_6o0waNpw9DQCyRlojap34JWxLRWwzreT7Lmv2Mqh9kfPefjVtLDqgMhqM5_3F5dI0oNEJPNqd6LWw&sai=AMfl-YTzKEq5xfbd5YB4XLrQXb2bdSXAZoid2YfQC_NtyiAYd-McyB85gCNlmxDv2EPHF4XzVQEqasDurgK29YNktUJbQHlOvkk3PyviAFLPOcj1YRxTIDwyPW5l8ox4CCREYY3oejL1G9nGOBXl9UmuYfRcdwwOeJJ4IKhAGP1RJpUok35Jrfv8LjvogJxEF1zj_ljq3xQ9VQvmrYMEmTUONRNMolv1BZgBKvLQTgo1zQzaCPLZ3Lkzt_mrwcR9PgjB7BKnAtNU48s6e7HOTgHC5V0KhEOTBSgcQxtH30M7slVTPlDHtRz9tsmRWQ9MUg3FA_ZvYKFcr2MUls--kJcaOZ4MJlzXsGTRm8GW65tv018NsiN3Gl2rFTd6pTTuQb6QZ5QFAMo_owcanuJtgsuKOlwhJ93DA5V-Nlgv68daaVR_NCn_NIG3nyOK3zyq2THYsS0NvrTagdHTglIGR6mtxuWAdaViby6tYKmhdX13A87mUE0t4vqIkR0dk2t21tWsdcWqqlWhEGLOHw&sig=Cg0ArKJSzL1xccNE3k8IEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231017.19303&arae=0&ftch=1&adurl=
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 22 Oct 2023 02:23:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8B59 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
289256
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 8B59 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 18:11:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
29505
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Nov 2023 18:11:54 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 296B 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
36102
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 16:21:57 GMT
etag
48472445140208031
expires
Sun, 22 Oct 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 8B59 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 00:02:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
8465
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8427
x-xss-protection
0
server
cafe
etag
8504628880869859743
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 00:02:34 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B59 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CszyT4W_uvqWacMIWVglJKbhE3H4SHMbm-BW_fxK8F7yehoVXKWwbD2PjEuZmuapz0U3TRsVcptv5BhUXTN-xlR4cfSCyaLo9hBXYD73f_Dm4m-9o
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 8B59 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR-eRY1WlPuf5pcfOzcQe1s_LArK5EG36AtCnUgEmSkkxguoCLe4rQRHe8KZuMI1QYB4CJv2OiZ8WYLPOcpmUjrG5TOXQ
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8B59 		195 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84e6bd8c14717d5a1461b156f532045f1131ae5c98849ade2e45d6193c6dbb69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62757
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Oct 2023 02:23:39 GMT
11609983706850825962
s0.2mdn.net/simgad/ Frame 8B59 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11609983706850825962
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
441ec7fc6a88957295f4cd11dd5aeb6d7940661048b44ba5409909e74d6b2c3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 07:04:13 GMT
x-content-type-options
nosniff
age
501566
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84956
x-xss-protection
0
last-modified
Fri, 18 Aug 2023 11:48:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 07:04:13 GMT
kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js
pagead2.googlesyndication.com/bg/ Frame 790C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 20:05:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
22682
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14703
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 20 Oct 2024 20:05:37 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A08A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvn2bD-FbiIbg7QuolSBR4epdL_AJiA0oqViaRALDCqfmij44rVHtBI-HFEonzYHLzu3IcQ48VRYCupPV-T-QuhK8joj69fPgB_h3a8Ld2RRJrlr37HMp8q1Zn4nWBD&sig=Cg0ArKJSzAiukhogVwEJEAE&id=lidar2&mcvt=1000&p=222,1014,502,1350&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231018&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=481774910&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697941418234&rpt=520&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AD1A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
181264
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 00:02:35 GMT
expires
Sat, 19 Oct 2024 00:02:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8B59 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95a3426b2136b9949b4926019cbc8875aa0df21752fc220cb3b531c6afd14faf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 296B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAMxp2tzwSHe26adLyKINOY&google_cver=1&google_push=AXcoOmS1mESiGPo6XaEngHZ0YBExmsj2MHtiS4CvM6MmuYfmCUcleUZqiqpzlte3uW9yrUItZVi9AJJGDq3mA2hn6YQUYN0KGLrK
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODQwODU1MzY5NTA1OTQ3NTIzMg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAMxp2tzwSHe26adLyKINOY&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAMxp2tzwSHe26adLyKINOY&google_cver=1
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAMxp2tzwSHe26adLyKINOY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 296B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESECvCq-kiLSVub_ZahxQk88g&google_cver=1&google_push=AXcoOmRX7mSJs1tpbs5YJYJ1fy68nLgkSssSxwJ40l3hV6F_d4P4csc4I8v0Mi2I8Rl-gZDGFpKs9kd0Si9sh0P...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=-9gN4wn2VzN9WIsEzmkrx1_TX_g&google_push=AXcoOmRX7mSJs1tpbs5YJYJ1fy68nLgkSssSxwJ40l3hV6F_d4P4csc4I8v0Mi2I8Rl-gZDGFpKs9kd0Si9sh0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=-9gN4wn2VzN9WIsEzmkrx1_TX_g&google_push=AXcoOmRX7mSJs1tpbs5YJYJ1fy68nLgkSssSxwJ40l3hV6F_d4P4csc4I8v0Mi2I8Rl-gZDGFpKs9kd0Si9sh0PgDyGReOiGhxk
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=-9gN4wn2VzN9WIsEzmkrx1_TX_g&google_push=AXcoOmRX7mSJs1tpbs5YJYJ1fy68nLgkSssSxwJ40l3hV6F_d4P4csc4I8v0Mi2I8Rl-gZDGFpKs9kd0Si9sh0PgDyGReOiGhxk
Date
Sun, 22 Oct 2023 02:23:40 GMT
Connection
keep-alive
Content-Length
241
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 296B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEC4R9g_i_eGzva1owYQzt3g&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEC4R9g_i_eGzva1owYQzt3g&google_push=AX...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC4R9g_i_eGzva1owYQzt3g&google_hm=ZTSHqz6Ar_q996Y3Z6ogYgAADGUAAAAB&google_nid=index&google_push=AXcoOmR60VoTkE_OcnHFfeDM69JFpwqBVutLi...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC4R9g_i_eGzva1owYQzt3g&google_hm=ZTSHqz6Ar_q996Y3Z6ogYgAADGUAAAAB&google_nid=index&google_push=AXcoOmR60VoTkE_OcnHFfeDM69JFpwqBVutLixArN06VFhWC2N6F57X8ZAkVwA_pH5fVBwwzr4qI5tXaVVhyX3I5KVvtesGR01E
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wWQHt6JMLJBllQTbH91d1jgmYvA1CJ7s%2BSdABGoyok%2Fq4xvwF7Ss7V3Omjh22zo7Fojx1bRa2beoAmZotJmxDfImxfb6FwUpzvzTlBP6mrPT3f42j2os72crk0TeCW8zb5ys5xleLx46g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC4R9g_i_eGzva1owYQzt3g&google_hm=ZTSHqz6Ar_q996Y3Z6ogYgAADGUAAAAB&google_nid=index&google_push=AXcoOmR60VoTkE_OcnHFfeDM69JFpwqBVutLixArN06VFhWC2N6F57X8ZAkVwA_pH5fVBwwzr4qI5tXaVVhyX3I5KVvtesGR01E
cache-control
no-cache
cf-ray
819e47926abe9c0c-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 296B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMudAFxzmMEYDKnmpPYQd2A&google_cver=1&google_push=AXcoOmT-DOK3ENKThWflIKUI_UKlbLAq816Q8vpuS9fwZ6kL05qi-KpI_ImOOvkwdAgub8T-L0yMbfAeoLK5...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT-DOK3ENKThWflIKUI_UKlbLAq816Q8vpuS9fwZ6kL05qi-KpI_ImOOvkwdAgub8T-L0yMbfAeoLK5TW-2fh8IhsfLF7u9
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT-DOK3ENKThWflIKUI_UKlbLAq816Q8vpuS9fwZ6kL05qi-KpI_ImOOvkwdAgub8T-L0yMbfAeoLK5TW-2fh8IhsfLF7u9
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT-DOK3ENKThWflIKUI_UKlbLAq816Q8vpuS9fwZ6kL05qi-KpI_ImOOvkwdAgub8T-L0yMbfAeoLK5TW-2fh8IhsfLF7u9
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 296B
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEOZLmTImXZjq45MKIRN0rpE&google_cver=1&google_push=AXcoOmSqE1vgpa3yacEW8p2uDptbAhN_-6xkNB_XqYErgnzkvb0tP7K2TKlr2pLWY7JlEucUvYVv5...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmSqE1vgpa3yacEW8p2uDptbAhN_-6xkNB_XqYErgnzkvb0tP7K2TKlr2pLWY7JlEucUvYVv5e8PRSmLVupi_xFAqm9Ix7qn&google_hm=WlRTSHJNQ28...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmSqE1vgpa3yacEW8p2uDptbAhN_-6xkNB_XqYErgnzkvb0tP7K2TKlr2pLWY7JlEucUvYVv5e8PRSmLVupi_xFAqm9Ix7qn&google_hm=WlRTSHJNQ284WDhBQUU2RXBrUUFBQUFB
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Sun, 22 Oct 2023 02:23:40 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEOZLmTImXZjq45MKIRN0rpE&google_push=AXcoOmSqE1vgpa3yacEW8p2uDptbAhN_-6xkNB_XqYErgnzkvb0tP7K2TKlr2pLWY7JlEucUvYVv5e8PRSmLVupi_xFAqm9Ix7qn&proto=google_ebda","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZTSHrMCo8X8AAE6EpkQAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad211"}
X-SO-Key
ZTSHrMCo8X8AAE6EpkQAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad211
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmSqE1vgpa3yacEW8p2uDptbAhN_-6xkNB_XqYErgnzkvb0tP7K2TKlr2pLWY7JlEucUvYVv5e8PRSmLVupi_xFAqm9Ix7qn&google_hm=WlRTSHJNQ284WDhBQUU2RXBrUUFBQUFB
Cache-Control
private
X-SO-HostName
m-ad211.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng27.dc4p.scaleout.jp
X-SO-IP
95.211.95.248
pixel
cm.g.doubleclick.net/ Frame 296B
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEIUAeKhTLGAMV5m9vyK06Jg&google_cver=1&google_push=AXcoOmSMEH1zaO8JK2TV65KMrLzwdjeODobHAfsI3ho2ovD2O2RU7EA99...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSMEH1zaO8JK2TV65KMrLzwdjeODobHAfsI3ho2ovD2O2RU7EA99YF01F4sbgG6CRLIo4Q969e104OgYfwiioBSeYP3EEYA6g&google_hm=QlMuMWJmNi1hZjk5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSMEH1zaO8JK2TV65KMrLzwdjeODobHAfsI3ho2ovD2O2RU7EA99YF01F4sbgG6CRLIo4Q969e104OgYfwiioBSeYP3EEYA6g&google_hm=QlMuMWJmNi1hZjk5LTQ1YzQtYmNkNw==
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSMEH1zaO8JK2TV65KMrLzwdjeODobHAfsI3ho2ovD2O2RU7EA99YF01F4sbgG6CRLIo4Q969e104OgYfwiioBSeYP3EEYA6g&google_hm=QlMuMWJmNi1hZjk5LTQ1YzQtYmNkNw==
Date
Sun, 22 Oct 2023 02:23:40 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 296B 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEHFb6KOJjEId9rmvjHA42CY&google_cver=1&google_push=AXcoOmQQr4efl4VgYI5kWLj6M0XXbHjSM_0nbmN0XL1DBebTa9amBr8DH9bo36Re4z0UTqFWMLexmaw5vktHJBX87Lo9V2Ka2Sla7A
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.97.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-97-229.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 296B 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KEVvn5jGWfRhZWkic_l2OxcXZ4ZHIwk6clUsiwUWGeOYgtFsduVte6yP9fSDa24vFtup3Cl2s
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sync
ad.sxp.smartclip.net/ Frame A655
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm&gdpr=0
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEFZvEk0psYPOBcdpQhhVPuw&gdpr=0&google_cver=1
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEFZvEk0psYPOBcdpQhhVPuw&gdpr=0&google_cver=1&ang_testid=1
42 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEFZvEk0psYPOBcdpQhhVPuw&gdpr=0&google_cver=1&ang_testid=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYvf-BvQEwAQ&v=APEucNUpq6a-zBE0zdekKMvYKte7TLhXYqmpwTvxzby-fqmfrYsrHdEIf9IwPk7vdiReDJtJmXlwH2BRj1fbEO5m1SXmDq9MnUexEzcxA3VyAreEvc4NbH8
Protocol
H2
Server
35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.194.186.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:40 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sun, 22 Oct 2023 02:23:39 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEFZvEk0psYPOBcdpQhhVPuw&gdpr=0&google_cver=1&ang_testid=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
m
ad.yieldlab.net/ Frame A655
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm&gdpr=0
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEPwg8syrEWCISmV4Rj_aH6U&google_cver=1&gdpr=0
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEPwg8syrEWCISmV4Rj_aH6U&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYvf-BvQEwAQ&v=APEucNUpq6a-zBE0zdekKMvYKte7TLhXYqmpwTvxzby-fqmfrYsrHdEIf9IwPk7vdiReDJtJmXlwH2BRj1fbEO5m1SXmDq9MnUexEzcxA3VyAreEvc4NbH8
Protocol
HTTP/1.1
Server
2.19.105.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-105-55.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 Oct 2023 02:23:40 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Sat, 21 Oct 2023 02:23:40 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEPwg8syrEWCISmV4Rj_aH6U&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FBFC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjmkdrsN7WF2z10KmmMJxs&google_cver=1
43 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjmkdrsN7WF2z10KmmMJxs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYnLX88wEwAQ&v=APEucNWdJILPG_036g5JeggPuuLEwBuB79sNMVNwgzRK0Uja7xLysgYdukJ2SkZrlDDi_2_bsZ_f0iUwVRZDKywo9G9NN9lQkbCFc4L5yrOrnGiQ0QkuPaMjDTx4ccRp1tpfiNpDm7kAt-ve9QKow8RndPjlunNNLd1RPJYysj6Ak5bcHOQPUUza9iIVZjLm7utVGlmFtrADU4MXyAmwMoN22b5wjUMXZQ
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a0uyN9SJi8TUKaZjYiMOE521ll1qjRr58BI8w3iPUZ%2FqC22xNMmTNa1wkzdrtxHob2zNVaqXZF4Xv4AQv%2BHbVWPu6CW47jwPosruQg1wNALl4gDBIKsJz8xNEwjt1q7lSKCDyBlV8aGrjA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
819e4792dc863610-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjmkdrsN7WF2z10KmmMJxs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FBFC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTSHqz6Ar-q996Y3Z6ogYgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjmkdrsN7WF2z10KmmMJxs&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjmkdrsN7WF2z10KmmMJxs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYnLX88wEwAQ&v=APEucNWdJILPG_036g5JeggPuuLEwBuB79sNMVNwgzRK0Uja7xLysgYdukJ2SkZrlDDi_2_bsZ_f0iUwVRZDKywo9G9NN9lQkbCFc4L5yrOrnGiQ0QkuPaMjDTx4ccRp1tpfiNpDm7kAt-ve9QKow8RndPjlunNNLd1RPJYysj6Ak5bcHOQPUUza9iIVZjLm7utVGlmFtrADU4MXyAmwMoN22b5wjUMXZQ
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8ZrERNkBRn%2BcZnaBty5wPZALW7uJJnWSJlnjC99d5uMOF2206GhaTr2ZEgYwznj5Aayet4iLhkxOW%2FbVxEKWVjDpif3RGCgupROG%2FIGc0PNaDYN8nkOxeeF%2BV9rkqMBqvQ84nrj0tiJ1w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
819e47938cd73610-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjmkdrsN7WF2z10KmmMJxs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame FBFC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJJpO_V_BL8wNkPZTM6X1Kw&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJJpO_V_BL8wNkPZTM6X1Kw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYnLX88wEwAQ&v=APEucNWdJILPG_036g5JeggPuuLEwBuB79sNMVNwgzRK0Uja7xLysgYdukJ2SkZrlDDi_2_bsZ_f0iUwVRZDKywo9G9NN9lQkbCFc4L5yrOrnGiQ0QkuPaMjDTx4ccRp1tpfiNpDm7kAt-ve9QKow8RndPjlunNNLd1RPJYysj6Ak5bcHOQPUUza9iIVZjLm7utVGlmFtrADU4MXyAmwMoN22b5wjUMXZQ
Protocol
H2
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:40 GMT
an-x-request-uuid
fd555e10-242d-4e6e-9715-4e47451c551e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
95.211.95.248; 95.211.95.248; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJJpO_V_BL8wNkPZTM6X1Kw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FBFC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY5MzgzMjkyNDM2NTcwMjgxNQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY5MzgzMjkyNDM2NTcwMjgxNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYnLX88wEwAQ&v=APEucNWdJILPG_036g5JeggPuuLEwBuB79sNMVNwgzRK0Uja7xLysgYdukJ2SkZrlDDi_2_bsZ_f0iUwVRZDKywo9G9NN9lQkbCFc4L5yrOrnGiQ0QkuPaMjDTx4ccRp1tpfiNpDm7kAt-ve9QKow8RndPjlunNNLd1RPJYysj6Ak5bcHOQPUUza9iIVZjLm7utVGlmFtrADU4MXyAmwMoN22b5wjUMXZQ
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
an-x-request-uuid
36202a2f-8901-419f-adf6-d062a3121982
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY5MzgzMjkyNDM2NTcwMjgxNQ%3D%3D
x-proxy-origin
95.211.95.248; 95.211.95.248; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0241 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7419593081994&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0241 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7419593081994&version=m202309260101&ct=77&x=67&cor=18153466666848317000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0241 		19 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C53hyivc-84Thug_lnQ04vaNop1CTeb8JQeXkPWiEETp_OSMW6J-CF_IxrCgTGItEF3tSmrXc-ncP8gjwALBRLUlvCP7-Wnh9futpoN-2GJZckDk82G9sbo2_PxQ5EgD4i4qi45KCMwZkEr7VfjlmgCX86EF9VQROu_9YtyElJimhQiMc&cry=1&dbm_d=AKAmf-B0uaAqLH39nE6ImDrE6Vv2g0GvAul7IPaXKtg0BjQp8sxkI3zBdDRmPmNouOs0M5Cps9wsgEM8VB8Hwdvh5Zc3lbwY_SV4X6VeAlikh4x0D9F3Gkibu67vusI8xqeKHfH-QreTaxe-SIqLEtP5O17HAMruUSyXuQYgto_y5oBSipmF-NBPl9gfckjHjbYSf1LkNSY7eY7HojoXsLBdHkL9rTDQcEOSftcgjlCxqwHWjDCHmtAioDMp3fjLELFQZvFCPcHZF-_56RZ96kTnP0uBgk7zFnZwxoEbCv5m-BG-DbmhCLULEzbaH29pOG7cLT7iWRMPwZZuD9mic1PN697I3Vu6qzkTf-iWqNSgJ1edAG2gF-UisfS_OmffKQUhO84_-6Yjj8DIrH6cqdMkRWqBtMIjpGinWEcvlAFuUKxHL216_KLNDkJN_87Yh3KHt4txRP6Yc4Il77k7LwduASZsImmgsm0bGA0eBAtKsxyfXL0g-j-kZ--YvwNaGHjXzsAe8zUnXW01VXkkz1MHJPLWMjSxcvBo3Nxzj-poy_rlVmSJNOz5b9BU3WTUaItetMu3euNDK2z8OBSwVdoGXUadfF3D0zR85SZ0Do7pyHOaPgJJFdRzrYFuAC1eM_J5KJ3kgyU4q4YegpB02I-jPqSmcROPYvVjBzF9IlBxJxVyTwE1dWtdGpLotHyBD_SV082Cri7-KnZTSfVdoGTgD39wA0hS5jr_DYt3y-xvz4MGrQEorMVsZG_eBpGCtGohLC_RGZ8e8lk-SiOlG3nwBFK5RQHp0x7f2NKFM7sAVNb0gKsjqzHY3HlLa-QjAQ3YEw7xYlH0FB2kl2DEai9WV-UjgLJn-Za8QTjdZa09VbutBtcKSeVn5gledg8ljZ8DcpOmY24-xIiEfHNRs0V1qhWkr7ik8qcgUIEet4-aWr2nFw3_RnCC_O-N3Hd_auUJlKQolJnYE7EQ6RRNPMMSZszbbAytVOjRgH4-HwY2NyxlkohGNXEhMr6yONxtaJdlfd71enTbsU9B9d42Br1wMnd3rMdbxNSeVHy8PIJ1Bhfj7CW-17jGFcKbM0MLNZo2MLJH5ih2R3qU7BGqkg4a-bH5BIuwy8SdTDoZN6t_NlzCsF7KVia5b1Axjr-RlWMGIvOvBoPNw8B2ClHheNPOqn89FQazqHKXXNCgO9rNIPHPXrWxNO2yy_Vua2XU__zfHE30ZFsV9HKmgxFAvtSL0TImkMfoA1vgBU_Vq2hSzFrauykj796Ra_OuhRDuoYV_nERnZJ3Deip6oaF6GIDm88VC3QV0poI0nuVfOwusBerfAbyT_CZEi63rVcA5otWGuDrk3FrWnfG3rQ6WdaO0aQET8eeckhi67aJxItKtveP2xpg_MGFYOL6VqRwmunAMdl_BjYtj-wxotqyrNgb6ypq2xYnrzvX25yX5Bh6SXjic8rfBuV5H2HTf-Mj4loIl7WJ4FK0gMaeXbt4OBYszd7AsrA-C7qh1hBAJG-1rj4_FdUFO4DPhEH6uQ9qRBxo-isa9UsF5OG3fPkaihFMnrEloTGzXxxL21qXy7f_gi3SWENceRoB_quiI7QYxL2aOSPlxHYeMvHTKugTFSKhkcTFCs9sBd3GOWhqgRXuyuY6EDAFqtYXYjEL4n_NRs-LIm0tNixPYjdtm7Q9ZwkVT8mI4zJoUV89dKtmf-RGJXs9OKwkTSvXkfAMbTuFtW9uTPCxjzFIGPMKfTuptmYykfDPRPDTX47hqQrhQ60UsgI-LxNEpGotMpe8QYyze3yAl-zATLxjWQ7wDEQ5Co48Yf9t_6b8gkYHIWpTQl-CkGRSrVlGgFP_WZzBLzVQSGycJ_Dbtcko0LA5IwYbirzwWewtndttxFoK0DGsi3-8EatQ6QXhUoLZR5mpo7Xz4e4eHOL49T5gYd23UZLaxTH7PBBeZH7BNapArw5ZUGd9s-Ok_KYLTNf5GiVapBWo4E0hPqThDpxwLiU7xj9aD7xud0tK9wuqHND9E4HSU0bK1eFLUo22OitBAz6TkgtOiGBcK4_CEf0jGi6v_4ytpgvkBLIQl3KT6117AyyTRDolbQvBW5xgK8hxuJFaaOhyqEYJjQ7A0RVc6BaKWUbz0U-feRjqjrhrOFdyJHzRhl9sc8cgenrQjgKOx8NbxmF2XDmUV3fUtdZcoG4Kt0cf3x-SjrbOtaGEaQpbz_lXDXb3FD0VYjFZqNXQXNapawYjvud62S6A8OtfoO75hQFFVfVORPQbjwWeNNaUJsdFfIjrEGEpw2a_Dm26DgLWP6DNg_p0emHmlpFesuMJ3B_uWFOH3nv8yW7LEPXrzS9ZBGfDDwfOx2DDubK29kNZTt__rcu7UEIhka4tqPNh4ZqnuERmEbbAEhEKI4TkW7YcguS2v0ALU0UB8RCmBBs2Y_On8PvOPj9v3ip5X6mTbk5SG7XvutqUnL71MA9HObvYXdrxMrJSg1DGt0BnVIc9eqrvxMbBU4a05t19P1zDZgn0FL9SjqI8LByyM7xQ3rN67sYuo2dREDWc6K_ciA90OvjNswTXhGZQgMaOCO129OLq4XraE517D0CGFmJkYG1upP0J_RVBON_TBATAniSUM7W5Wfm8l9-_QkbrHHLvAHzIaHR_1uQaFiPlFHeMPWIDJ-Q4Dv6GARsTAAiSm8Q117W2IFVAQJZvFaUDUIgV9havzMFLmhgBi-cpj70_wA43ex468rVrcDV7TKOONJ7wUkyn0F8opIWag5eCfqXPYIaMQWPUfesnBWz20nTG77kLgCUtNQJoukzD4tfRWIHNQoTsfFy2c_yy5_sA71mMuB16yk7aq9aC8g22fw0adJgDKzIAM4WEoaVS2Xr9-T23_uyxQgZ2kGAuTOtLY8JIsBSmuOMeQeOp8OMxC67kRCS6JcnUSXh0UmPxm6lSAdYSLQlmtoot22e3970YRC106JsuchMVuwORJS9mvH85V8vQuERK5sKuP4wN_pb4IRZaH8jrPdcC2Xbf5nSBNG9nJerIMRTGXZtOwHK7ZcPIXXziI7cRyo_eqY4RaybOvHYoBWyRDrPMul0F-ZhjLp-CtsI9mDHkApzWjbZxuRUx1DXwBAvXKsSfqWxxp1zzcoPPoWz9vWu7FCJjgD8aUa2P6ERvnFywUQVrRCtKQfOnsxr_SDvfBt2dnuEpobAUm7yL-JtPFKcPpyJ5YGkjfEg-Dj_rY7pSdWdj0xmtqGmIOKvwUayo1Bd_terxXDncsFU3V5nkkoGzG3vClQ6SrvrB0pqheYw3AA6QY8o6HQ_QoWP1DHFh1hJphjmqblQeQ-HrxTyeFaIbdihlqsvdA6dxWGrgK4G3jdkJspnRwdCxH25CTXxggnAr20NHyUXD1B4zRCRpjjQ75R4sc5dMn2kdAf6olacL3YoEP-681ziWGtN4jij3lyd8FQmIoBV9AkBeEExFcyS0D0OQYlkw0Pd4mmeTvZSIPxkJMiBZ_QSOsQKxPpMtWXCsH4lPaE2DpTeFYPXnVljbbBGig_nar2zVytdSWgQSar2khulFKaEEoBYd_GhLHg4-h_n0QkV-D9_pYrXY0QUeLkmt0vzYVzyTjBVOb-W2kV0LohuItAwruccHsAzVPHSRLAdU9sIGYj0sUPUV3pk0S2egeEagDi4i7SJ4SFzVuyojqGuwzr1Zw66YCLqYY7rjivfWCkeAIwa-FVGSsJ8K8g5J95FvDbbplmKlQiVgIf7rFJP7Yh6medFkk_wIrFm_CtXIjmJrKd6-0myDBZ7TEpHO-mlRjIL6FvUZlR0f84m2rklB1zqpSFoROqV8xHk6v0VVRjQP0pR9_yv9D-NZY00sPxcF7ndwMdEHYl1RuHdnTZPfIW0eUayOADfNwPBjDL5fn80NVkuCBDEhXQdEEl-RCH9lsaejztoQgFL4AkqYM5fdmrdJp_8EQAdTSeBMr_nG0QjJlz8-wmaNS4JsDS2tq7W_SVXeIJK6CMnw3GN0i1qbfgNmtwz5ScZgc5XM40D25gaFe2-0Tiz_cYeZ3doWPrY_5_FrDBQowW1g5I7K1qBWiRHYdgKoDjc0DZOqlRleT5noQKr02qmySBL0aheAng-PrVjPjF5ARioxlzZxCVFcKGgtucp1zpmXU64R2Pn_RxIY9FDCqillK8cLMwVTKIDug8k70YCRg5JRApWwI-5Yyp7_OXet35Kr37SmR6U7x4WU&pr=67%3A0.299404&cid=CAQSMgDICaaNEzbFeBuPS3DPHquQlUzp1v6KJWaELNFoIYKiBbPcNO1bWyieGetUbwIbZofsGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fonwardstate.com%2F&ds=l&xdt=1&iif=1&cor=18153466666848317000&adk=3267286763&idt=141&cac=0&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
143f0be0011611d670173261086c0aceae3b01af039b02e9b3e129db0b9c590c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13676
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8B59 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssTdyx08TrJLz97oi3uJzO7uTiMfKCPSqQOBXQabu7Rk3sBIiakcsoy7nNqNeIe0oZy3s3hV0DG6U7jQUGjfBqX8FNmKcQ_KuMTHYNGjhlnuN_hYgnmJCeUZegq5kRMzvu9V_rJzr8hBobH4ZurWjjpjHDXv4iUcmfnObSKRSVA_aRu2zgKjoV6F4ZnC3QmYGIyysiW8jTZR9w7GhfTq7bltfL41wdUj2mj2i0hjlwPj8LqlAD7R9dfmSEaj7-vIwtLQN7NQSQvHkQ2QMnUf1Zyf_WywDVqeaLjp4QG_wgZ0N-_fxOV0Nj9zWiElp4amncgAXrXO9wO0KQeQ5WV4j9sswewBPmynVd5Wh4PgUEamKXihnZCAqU7G1K8cSz33wb64gKiDrudprOod1Rr2RG9wqgPotzM_Bm1bfygnjD71Ocu7sl05CXlwiayUxD2jMjHy3oMxS4nBcoItp8b4vfhQe-7aWjosxfNJcr7y442RRi2JocH1vFyUgSqkLU7NhL1bxzoE2ppiCSNcBu0o6XI_mIy_BUMrkOdjWNn1ehatvkqBwLEOWLcm5WDY5J6hpxkfow9p88ClgUNfaCvHzKvf1VP8HwVaywd0iWP3KR-0Ym7hahsKcHHqUM0gEX10NlwsMKwa5ZM_1kn_ivBIdNVaB3H-2MWTEYUbu14XSW3T6jIjuP5xCso0ndQhSk15i7iIzfNM7RxcPnC6m4QXLbdNH9NWyJDRMmf_w32wh5hS_3nuBvdcKY2Jxs_X7UbYmYfoGcFSYTnrNMFZyF0D8ywIY8Cnj38bRebAYyOeo-eHAzL6oRfgOLeArKwNjakaZDOXW1tyn4B1Sn8x_9jorqAZUpXUWeg5uhjnZtvjAPPpYLk4_AT-a2TWCSLOLTZXiOXnblXBZF0W0pd9yNvW2MMVR3txT3neS0OCokjfFK7UzbwdA01GXWWY53FJ3FsXM_nth3dHoIFl42gwZZjky1XecP0lTo5rY6NKrc2c4TD5XbQIygls-2ZW7nuEvxDcq5fH__XXc95W5UUYjrkLqelqFo3TLhgzcFRl-eBXwVoNABXPMyHB-4o9R4KqdesAU2FJnv0WJ3awak7oWwZl73YKnewD85cFBfk7aGzdlDUMEk2zgvkkCOiha7vWSBYoyQDInG5xsPe_i4csea7XcEkc2NouwT_XppF6gjZ-kG7wvq8Njsbus61ccpJoVhJTZp676oj7ub-AtPTxNU7BQyNmZa0YASugSr2DTh0R-8WNwX5P1Q-Rkhz3EvnHkEPrebV9A_RvIWuB3U7IJf7YV2heWeGzib1Q6n7ls0deUpAnMcqATwk-pVrijQoV_OeXVR1_6o0waNpw9DQCyRlojap34JWxLRWwzreT7Lmv2Mqh9kfPefjVtLDqgMhqM5_3F5dI0oNEJPNqd6LWw&sai=AMfl-YTzKEq5xfbd5YB4XLrQXb2bdSXAZoid2YfQC_NtyiAYd-McyB85gCNlmxDv2EPHF4XzVQEqasDurgK29YNktUJbQHlOvkk3PyviAFLPOcj1YRxTIDwyPW5l8ox4CCREYY3oejL1G9nGOBXl9UmuYfRcdwwOeJJ4IKhAGP1RJpUok35Jrfv8LjvogJxEF1zj_ljq3xQ9VQvmrYMEmTUONRNMolv1BZgBKvLQTgo1zQzaCPLZ3Lkzt_mrwcR9PgjB7BKnAtNU48s6e7HOTgHC5V0KhEOTBSgcQxtH30M7slVTPlDHtRz9tsmRWQ9MUg3FA_ZvYKFcr2MUls--kJcaOZ4MJlzXsGTRm8GW65tv018NsiN3Gl2rFTd6pTTuQb6QZ5QFAMo_owcanuJtgsuKOlwhJ93DA5V-Nlgv68daaVR_NCn_NIG3nyOK3zyq2THYsS0NvrTagdHTglIGR6mtxuWAdaViby6tYKmhdX13A87mUE0t4vqIkR0dk2t21tWsdcWqqlWhEGLOHw&sig=Cg0ArKJSzL1xccNE3k8IEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=236&vt=11&dtpt=235&dett=2&cstd=0&cisv=r20231017.19303&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
pagead2.googlesyndication.com/bg/ Frame AD1A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 18:04:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
375525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14604
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 18:04:54 GMT
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.onwardstate.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Jul 2023 13:25:47 GMT
server
nginx
etag
W/"64ad585b-17893"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Oct 2023 02:23:39 GMT
rid
matchadsrvr.yieldmo.com/track/ Frame 0241 		49 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:3e00:1e:fdf8:aac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:41 GMT
via
1.1 5d6d1ee413c782ab05cc32e601576462.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 12:52:20 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
etag
"674119d7f4205900ae84d7ee55ced021"
vary
Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
x-cache
Error from cloudfront
access-control-allow-credentials
true
content-length
49
x-amz-cf-id
KjyT6I4kO2ben1GyuJWozVH0HFCrgDgzEL0SXMWVMizcTxHKdZtu3w==
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.250.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-250-195.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sun, 22 Oct 2023 02:23:40 GMT
x-amzn-RequestId
c9458287-07cf-45e2-94eb-0b6b7cf0fb97
/
kinesis.us-east-1.amazonaws.com/ Frame 0241 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.250.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-250-195.compute-1.amazonaws.com
Software
/
Resource Hash
d8e4f0164686e9b4ee5eada4234c1312c97607246068f8c160d9e4cb15e93eb6

Request headers

Pragma
no-cache
accept-language
nl-NL,nl;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231022/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=cf82fead78b71f20ac2c6bb1c19f80aff0201ee78e14cd08d65ae9809ab4af04
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
48d50b52336d492c617065c1b1d460ce9cee0b3043919f066df67f0cf29c0f30
Cache-Control
no-cache
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231022T022340Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sun, 22 Oct 2023 02:23:40 GMT
x-amzn-RequestId
cbd3d2bb-f5b9-9fec-967d-5b578e862199
Content-Length
133
x-amz-id-2
akZILNmNLw/xHtxsF6qXcqm/j5zTXx2fvAC+k1QwN1LUipJz9xMrP0jEgR6Le9GG+4c3zQNM/s4hs939SUJNIRfWNv5PLjBR
Content-Type
application/x-amz-json-1.1
ymcas
ads.yieldmo.com/ Frame BFCB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.202.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-202-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

date
Sun, 22 Oct 2023 02:23:40 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.250.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-250-195.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sun, 22 Oct 2023 02:23:40 GMT
x-amzn-RequestId
e0ebf8d1-5edf-115c-bd45-713de1194aa4
/
kinesis.us-east-1.amazonaws.com/ Frame 0241 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.250.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-250-195.compute-1.amazonaws.com
Software
/
Resource Hash
179e049baf6d35ae67606f8dcda9d6c9257add515a28beb66ad160dce9998e55

Request headers

Pragma
no-cache
accept-language
nl-NL,nl;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231022/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=86daad5766119843f4f6fc14d9ccfd10e542f567e08cd693cb3c6884b74cf6c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
82a9824635d982db5c7896a9594e1dc6837d781807c4d661659d11252559d19f
Cache-Control
no-cache
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231022T022340Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sun, 22 Oct 2023 02:23:40 GMT
x-amzn-RequestId
df3af6c3-bbd0-a741-8294-7f2f0416fcb9
Content-Length
133
x-amz-id-2
wf3vobUhyt+9xXPeYJUyNUbCbP0GfFy0E/3NhAtMlZNkOA74m8l7H6/Oh55SbRfy7SQhy4hBzqZO67/3UuZkD6dVID4aGhVM
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame 0241 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=0&fver=90&imp=5786827464863289581&plid=2337072099794821211&pvid=3389697402702350077&fmtid=90&e=16&offsetX=0&offsetY=0&pvt=1697941419168&stime=1697941420065&etime=1697941420066&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=90%2C728
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.202.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-202-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
pragma
no-cache
date
Sun, 22 Oct 2023 02:23:40 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.250.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-250-195.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sun, 22 Oct 2023 02:23:40 GMT
x-amzn-RequestId
ce7dc7b1-2272-6475-93d3-4e5db4eda2e6
/
kinesis.us-east-1.amazonaws.com/ Frame 0241 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.250.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-250-195.compute-1.amazonaws.com
Software
/
Resource Hash
6e04a4e86893255a71de7d93241c8564dacd4b2a0b55bca5101ecd675443a25d

Request headers

Pragma
no-cache
accept-language
nl-NL,nl;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231022/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=437f768a42535f6ba66518c57b3c982fc35a69ab3830eec999056f99a2722ba6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
531b0b9f8e733ecbe29e15bc990ceb55e673a5d6e1e40746099f537ab9240e51
Cache-Control
no-cache
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231022T022340Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sun, 22 Oct 2023 02:23:40 GMT
x-amzn-RequestId
ee1fb649-9153-4db8-b3b1-3fa507cc8b2b
Content-Length
133
x-amz-id-2
JUO2qH1S42GIdWNm7+/i0deCA9E2BetBDMteipH6R8nAijo2xVyDbHDufsWWveFwTH0UkBmOsQGODoeQZNYL5f3vrD+W+hJL
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame 0241 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=v&imp=5786827464863289581&plid=2337072099794821211&pvid=3389697402702350077&fmtid=90&offsetX=0&offsetY=0&pvt=1697941419168&stime=1697941420097&etime=1697941420097&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=90%2C728
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.202.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-202-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
pragma
no-cache
date
Sun, 22 Oct 2023 02:23:40 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
ev
ads.yieldmo.com/v000/t_tkr/ Frame 0241 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=fv&imp=5786827464863289581&plid=2337072099794821211&pvid=3389697402702350077&fmtid=90&offsetX=0&offsetY=0&pvt=1697941419168&stime=1697941420097&etime=1697941420097&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=90%2C728
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.202.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-202-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
pragma
no-cache
date
Sun, 22 Oct 2023 02:23:40 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 0241 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C53hyivc-84Thug_lnQ04vaNop1CTeb8JQeXkPWiEETp_OSMW6J-CF_IxrCgTGItEF3tSmrXc-ncP8gjwALBRLUlvCP7-Wnh9futpoN-2GJZckDk82G9sbo2_PxQ5EgD4i4qi45KCMwZkEr7VfjlmgCX86EF9VQROu_9YtyElJimhQiMc&cry=1&dbm_d=AKAmf-B0uaAqLH39nE6ImDrE6Vv2g0GvAul7IPaXKtg0BjQp8sxkI3zBdDRmPmNouOs0M5Cps9wsgEM8VB8Hwdvh5Zc3lbwY_SV4X6VeAlikh4x0D9F3Gkibu67vusI8xqeKHfH-QreTaxe-SIqLEtP5O17HAMruUSyXuQYgto_y5oBSipmF-NBPl9gfckjHjbYSf1LkNSY7eY7HojoXsLBdHkL9rTDQcEOSftcgjlCxqwHWjDCHmtAioDMp3fjLELFQZvFCPcHZF-_56RZ96kTnP0uBgk7zFnZwxoEbCv5m-BG-DbmhCLULEzbaH29pOG7cLT7iWRMPwZZuD9mic1PN697I3Vu6qzkTf-iWqNSgJ1edAG2gF-UisfS_OmffKQUhO84_-6Yjj8DIrH6cqdMkRWqBtMIjpGinWEcvlAFuUKxHL216_KLNDkJN_87Yh3KHt4txRP6Yc4Il77k7LwduASZsImmgsm0bGA0eBAtKsxyfXL0g-j-kZ--YvwNaGHjXzsAe8zUnXW01VXkkz1MHJPLWMjSxcvBo3Nxzj-poy_rlVmSJNOz5b9BU3WTUaItetMu3euNDK2z8OBSwVdoGXUadfF3D0zR85SZ0Do7pyHOaPgJJFdRzrYFuAC1eM_J5KJ3kgyU4q4YegpB02I-jPqSmcROPYvVjBzF9IlBxJxVyTwE1dWtdGpLotHyBD_SV082Cri7-KnZTSfVdoGTgD39wA0hS5jr_DYt3y-xvz4MGrQEorMVsZG_eBpGCtGohLC_RGZ8e8lk-SiOlG3nwBFK5RQHp0x7f2NKFM7sAVNb0gKsjqzHY3HlLa-QjAQ3YEw7xYlH0FB2kl2DEai9WV-UjgLJn-Za8QTjdZa09VbutBtcKSeVn5gledg8ljZ8DcpOmY24-xIiEfHNRs0V1qhWkr7ik8qcgUIEet4-aWr2nFw3_RnCC_O-N3Hd_auUJlKQolJnYE7EQ6RRNPMMSZszbbAytVOjRgH4-HwY2NyxlkohGNXEhMr6yONxtaJdlfd71enTbsU9B9d42Br1wMnd3rMdbxNSeVHy8PIJ1Bhfj7CW-17jGFcKbM0MLNZo2MLJH5ih2R3qU7BGqkg4a-bH5BIuwy8SdTDoZN6t_NlzCsF7KVia5b1Axjr-RlWMGIvOvBoPNw8B2ClHheNPOqn89FQazqHKXXNCgO9rNIPHPXrWxNO2yy_Vua2XU__zfHE30ZFsV9HKmgxFAvtSL0TImkMfoA1vgBU_Vq2hSzFrauykj796Ra_OuhRDuoYV_nERnZJ3Deip6oaF6GIDm88VC3QV0poI0nuVfOwusBerfAbyT_CZEi63rVcA5otWGuDrk3FrWnfG3rQ6WdaO0aQET8eeckhi67aJxItKtveP2xpg_MGFYOL6VqRwmunAMdl_BjYtj-wxotqyrNgb6ypq2xYnrzvX25yX5Bh6SXjic8rfBuV5H2HTf-Mj4loIl7WJ4FK0gMaeXbt4OBYszd7AsrA-C7qh1hBAJG-1rj4_FdUFO4DPhEH6uQ9qRBxo-isa9UsF5OG3fPkaihFMnrEloTGzXxxL21qXy7f_gi3SWENceRoB_quiI7QYxL2aOSPlxHYeMvHTKugTFSKhkcTFCs9sBd3GOWhqgRXuyuY6EDAFqtYXYjEL4n_NRs-LIm0tNixPYjdtm7Q9ZwkVT8mI4zJoUV89dKtmf-RGJXs9OKwkTSvXkfAMbTuFtW9uTPCxjzFIGPMKfTuptmYykfDPRPDTX47hqQrhQ60UsgI-LxNEpGotMpe8QYyze3yAl-zATLxjWQ7wDEQ5Co48Yf9t_6b8gkYHIWpTQl-CkGRSrVlGgFP_WZzBLzVQSGycJ_Dbtcko0LA5IwYbirzwWewtndttxFoK0DGsi3-8EatQ6QXhUoLZR5mpo7Xz4e4eHOL49T5gYd23UZLaxTH7PBBeZH7BNapArw5ZUGd9s-Ok_KYLTNf5GiVapBWo4E0hPqThDpxwLiU7xj9aD7xud0tK9wuqHND9E4HSU0bK1eFLUo22OitBAz6TkgtOiGBcK4_CEf0jGi6v_4ytpgvkBLIQl3KT6117AyyTRDolbQvBW5xgK8hxuJFaaOhyqEYJjQ7A0RVc6BaKWUbz0U-feRjqjrhrOFdyJHzRhl9sc8cgenrQjgKOx8NbxmF2XDmUV3fUtdZcoG4Kt0cf3x-SjrbOtaGEaQpbz_lXDXb3FD0VYjFZqNXQXNapawYjvud62S6A8OtfoO75hQFFVfVORPQbjwWeNNaUJsdFfIjrEGEpw2a_Dm26DgLWP6DNg_p0emHmlpFesuMJ3B_uWFOH3nv8yW7LEPXrzS9ZBGfDDwfOx2DDubK29kNZTt__rcu7UEIhka4tqPNh4ZqnuERmEbbAEhEKI4TkW7YcguS2v0ALU0UB8RCmBBs2Y_On8PvOPj9v3ip5X6mTbk5SG7XvutqUnL71MA9HObvYXdrxMrJSg1DGt0BnVIc9eqrvxMbBU4a05t19P1zDZgn0FL9SjqI8LByyM7xQ3rN67sYuo2dREDWc6K_ciA90OvjNswTXhGZQgMaOCO129OLq4XraE517D0CGFmJkYG1upP0J_RVBON_TBATAniSUM7W5Wfm8l9-_QkbrHHLvAHzIaHR_1uQaFiPlFHeMPWIDJ-Q4Dv6GARsTAAiSm8Q117W2IFVAQJZvFaUDUIgV9havzMFLmhgBi-cpj70_wA43ex468rVrcDV7TKOONJ7wUkyn0F8opIWag5eCfqXPYIaMQWPUfesnBWz20nTG77kLgCUtNQJoukzD4tfRWIHNQoTsfFy2c_yy5_sA71mMuB16yk7aq9aC8g22fw0adJgDKzIAM4WEoaVS2Xr9-T23_uyxQgZ2kGAuTOtLY8JIsBSmuOMeQeOp8OMxC67kRCS6JcnUSXh0UmPxm6lSAdYSLQlmtoot22e3970YRC106JsuchMVuwORJS9mvH85V8vQuERK5sKuP4wN_pb4IRZaH8jrPdcC2Xbf5nSBNG9nJerIMRTGXZtOwHK7ZcPIXXziI7cRyo_eqY4RaybOvHYoBWyRDrPMul0F-ZhjLp-CtsI9mDHkApzWjbZxuRUx1DXwBAvXKsSfqWxxp1zzcoPPoWz9vWu7FCJjgD8aUa2P6ERvnFywUQVrRCtKQfOnsxr_SDvfBt2dnuEpobAUm7yL-JtPFKcPpyJ5YGkjfEg-Dj_rY7pSdWdj0xmtqGmIOKvwUayo1Bd_terxXDncsFU3V5nkkoGzG3vClQ6SrvrB0pqheYw3AA6QY8o6HQ_QoWP1DHFh1hJphjmqblQeQ-HrxTyeFaIbdihlqsvdA6dxWGrgK4G3jdkJspnRwdCxH25CTXxggnAr20NHyUXD1B4zRCRpjjQ75R4sc5dMn2kdAf6olacL3YoEP-681ziWGtN4jij3lyd8FQmIoBV9AkBeEExFcyS0D0OQYlkw0Pd4mmeTvZSIPxkJMiBZ_QSOsQKxPpMtWXCsH4lPaE2DpTeFYPXnVljbbBGig_nar2zVytdSWgQSar2khulFKaEEoBYd_GhLHg4-h_n0QkV-D9_pYrXY0QUeLkmt0vzYVzyTjBVOb-W2kV0LohuItAwruccHsAzVPHSRLAdU9sIGYj0sUPUV3pk0S2egeEagDi4i7SJ4SFzVuyojqGuwzr1Zw66YCLqYY7rjivfWCkeAIwa-FVGSsJ8K8g5J95FvDbbplmKlQiVgIf7rFJP7Yh6medFkk_wIrFm_CtXIjmJrKd6-0myDBZ7TEpHO-mlRjIL6FvUZlR0f84m2rklB1zqpSFoROqV8xHk6v0VVRjQP0pR9_yv9D-NZY00sPxcF7ndwMdEHYl1RuHdnTZPfIW0eUayOADfNwPBjDL5fn80NVkuCBDEhXQdEEl-RCH9lsaejztoQgFL4AkqYM5fdmrdJp_8EQAdTSeBMr_nG0QjJlz8-wmaNS4JsDS2tq7W_SVXeIJK6CMnw3GN0i1qbfgNmtwz5ScZgc5XM40D25gaFe2-0Tiz_cYeZ3doWPrY_5_FrDBQowW1g5I7K1qBWiRHYdgKoDjc0DZOqlRleT5noQKr02qmySBL0aheAng-PrVjPjF5ARioxlzZxCVFcKGgtucp1zpmXU64R2Pn_RxIY9FDCqillK8cLMwVTKIDug8k70YCRg5JRApWwI-5Yyp7_OXet35Kr37SmR6U7x4WU&pr=67%3A0.299404&cid=CAQSMgDICaaNEzbFeBuPS3DPHquQlUzp1v6KJWaELNFoIYKiBbPcNO1bWyieGetUbwIbZofsGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fonwardstate.com%2F&ds=l&xdt=1&iif=1&cor=18153466666848317000&adk=3267286763&idt=141&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
269523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 23:31:37 GMT
dvbs_src_internal122.js
cdn.doubleverify.com/ Frame 0241 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal122.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4230470&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hJAlJjdeoTJNa4xLhSVSrb&DVP_DBM_1=3060631&DVP_DBM_2=22886455&DVP_DBM_3=18510215038&DVP_DBM_4=396394429&DVP_DBM_5=67&DVP_DBM_6=67&DVP_DBM_7=30466565558&turl=https://onwardstate.com&DVP_PP_BUNDLE_ID=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b59e0c0d1cf93db01c65f1357aedb1b27cf41998f06af03d1039bb18e83b5f86

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sun, 22 Oct 2023 02:23:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2023 09:51:46 GMT
Server
UploadServer
ETag
"676309fe6e3823d28d9b38e6462bb025"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19669
Expires
Mon, 21 Oct 2024 02:23:40 GMT
syncframe
gum.criteo.com/ Frame 1BA3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=onwardstate.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://onwardstate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 22 Oct 2023 02:23:40 GMT
server
Kestrel
server-processing-duration-in-ticks
971558
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Jul 2023 13:25:47 GMT
server
nginx
etag
W/"64ad585b-17893"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 Oct 2023 02:23:40 GMT
generate_204
tpc.googlesyndication.com/ Frame 790C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?63NojQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:40 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 4FDE 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
249531
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:04:49 GMT
expires
Fri, 18 Oct 2024 05:04:49 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0241 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=44&d=1&s=1&f=0.01&bgai=Bzawjq4c0ZcyYPN2c9u8P956QgAMAAAAAOAHgBAI
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 1BA3
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=onwardstate.com&sn=ChromeSyncframe&so=3&topUrl=onwardstate.com&bundle=VSWMXl82TlQ4blhiVW56cjRpWFpwOGNYVElOV3oyM1JZb2xlJTJCVnAlMkIxeTBiOUFU...
  • https://mug.criteo.com/sid?cpp=-bdqfHxLcmdNeHJMWkVxVFdEZU1SaC9nRStZNEtFNExWODQwQ0hrNTV5ZXJqTE02OXFMK0E2ZVVyaVByUUNkNCtheGxyMzRZTTR6Z0wweDRuWHJSMXZwVUs0ajFlMUhWS09SSmJESW5aVWVsM2t2bUM1dlFZRFRqNUFjek...
428 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=-bdqfHxLcmdNeHJMWkVxVFdEZU1SaC9nRStZNEtFNExWODQwQ0hrNTV5ZXJqTE02OXFMK0E2ZVVyaVByUUNkNCtheGxyMzRZTTR6Z0wweDRuWHJSMXZwVUs0ajFlMUhWS09SSmJESW5aVWVsM2t2bUM1dlFZRFRqNUFjekt6MDJHTnhvSzFsU1BtUG85dkR2Uk5UVkVtT0s1SWlrVTQzZ0doRDlDckJjTFpHcWVOOXJrT0JWTmIxNkw2dHNDSlhpVmlBK1Ryd1dZSGlhM2RqTHJ1ek1oWHJGS01kU0oxZkhvaTBZcGtxUm1KM200dWJXeHFGUVRXMDN0MC9FM3ZuRDVMTzJsemVndGN3d1hGeHdqSkZFSzZCZHZWRXUxdGh6MzhjWlYrTGhLRHFyN2NvZz18&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1ab7df691cb7c86f027e69e52de209bcb70669837ee72de3c32363298aefbaaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
853702
expires
0

Redirect headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:39 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=-bdqfHxLcmdNeHJMWkVxVFdEZU1SaC9nRStZNEtFNExWODQwQ0hrNTV5ZXJqTE02OXFMK0E2ZVVyaVByUUNkNCtheGxyMzRZTTR6Z0wweDRuWHJSMXZwVUs0ajFlMUhWS09SSmJESW5aVWVsM2t2bUM1dlFZRFRqNUFjekt6MDJHTnhvSzFsU1BtUG85dkR2Uk5UVkVtT0s1SWlrVTQzZ0doRDlDckJjTFpHcWVOOXJrT0JWTmIxNkw2dHNDSlhpVmlBK1Ryd1dZSGlhM2RqTHJ1ek1oWHJGS01kU0oxZkhvaTBZcGtxUm1KM200dWJXeHFGUVRXMDN0MC9FM3ZuRDVMTzJsemVndGN3d1hGeHdqSkZFSzZCZHZWRXUxdGh6MzhjWlYrTGhLRHFyN2NvZz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
242402
content-length
0
expires
0
verify.js
rtb0.doubleverify.com/ Frame 0241 		1 KB
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_677476628706&jsTagObjCallback=__tagObject_callback_677476628706&num=6&ctx=1828362&cmp=115845&plc=4230470&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=677476628706&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=118&bridua=3&dup=null&turl=https://onwardstate.com&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hJAlJjdeoTJNa4xLhSVSrb&DVP_DBM_1=3060631&DVP_DBM_2=22886455&DVP_DBM_3=18510215038&DVP_DBM_4=396394429&DVP_DBM_5=67&DVP_DBM_6=67&DVP_DBM_7=30466565558&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=4&fcifrms=14&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=169&eparams=DC4FC%3Dl9EEADTbpTauTau%40%3FH2C5DE2E6%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%40%3FH2C5DE2E6%5D4%40%3ETar9EEADTbpTauTaubf%60%604cf3_4fff36cg7_25ec_cheahfh7%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=15.80&callbackName=__verify_callback_677476628706
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
fea4b24e53a2df3962eed42ed9be2315e685ff334f44d6297c30d8cb86e7004d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 Oct 2023 02:23:40 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
10/21/2023 02:23:40
auction
intake.pbstck.com/v1/intake/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://intake.pbstck.com/v1/intake/auction?tId=d2f49a3d-a3ce-4a40-8dae-ed1da63402f3&c=2
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 22 Oct 2023 02:23:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
819e4794f8a9365f-FRA
alt-svc
h3=":443"; ma=86400
gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
pagead2.googlesyndication.com/bg/ Frame 4FDE 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 18:04:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
375526
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14604
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 18:04:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AD1A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdsA6q4c0ZfbrA9O69u8PsZeZsAEAAAAAOAHgBAI&bg=!srGlsf7NAAY5nEQaGZw7ADQBe5WfOJR6rzR7bStdmXCZZ3r5iJduv82_IoMh8L_VTwoYjALByz8T2d0Z_s7TjXRJvyF0AgAAAKxSAAAAAmgBBwoAKapvroKAMFKhYx83FKEG9bjEY2ytx0Ekcfnb84HZN0GYwrBeK5vpwilhmQMRDGnikIBdztK4vS1Z8xTdZOOd4sCTbsLJlP70zQVze3XFGZiKrK-IVI6wz7utMSy_Oh_9uSyk8iFhn6fwSLnQDAJ1XrwfObPUW6pUpufaGkcut1J7nU_FjX9tQpklUZH_BT3PRAfrxyJt7kqsR9tOcy34JxTGCSWRQgCJyhBy4pCkK2dPd0ud6-8h4YKhOTbiItmD6KFkdgEnIaL1lP4oeyFYjp-Jlxj_u-e5JMqpn6uEW1-8IDl2nbZpNz96tDsd9tKAkm0OqQ4ZsYiDojaRIkosEer7Wpk86vWx3kCiGLWH28_K9dwtXOV7-9P29oQLs2tGRurQ-RA42ZiIL6Yf7fZJgL83-yoO8Vip7kowRv2_uHzleC_QNIy35wQCq3Zk9uy2D0MtZZ4CEoOs7cLqRj8pEWac-ajEffTq8q-SQq-og8geHOk08jSWo4d0JYkXL1nBG0DF3IcwkUo6WUcKa2zIt1_uQ60guX4cTJLv4gDjmvq_GfHKANFodgbH39SDE73NAhl3b9VTCGlRX--3ggd4DYnvhx-p053Niqf93YIWsifi5twAZ1PaL_2ikpdbeRC6nxfVcF-isw1B-8J5qkt7jGDw1Zq-PcutoALfJQ5mMh-B-K9TOxn2KF45HRjoXqiG1h5c4MglK5cM3PS0orH6eoCe0pYwI4gvzI9Rbd8q5sTTuPo0QeFFEghI5rODMm0fth8b_lUmW-M7TfiNgDy3wkDknUQpPqq0KzHtlOP22a_JOr_Fgyswj_MC9wwJWnK_QjTu1uicDQxioff2P_yp9I4VeLu-aGnc3Yej0U68GfPQrqFRwgENG-734j3rZOsuVB-CO1jx_VvB7Hn6-VkT9WA0383fXpjBv46TKK3nuIvesjF6JZksjjRxMCESBT3kDRTQEAEKqymN57UBGWsRuRycf1OUv79ONFaebnVcQNgWZLRwz5e21C9VRpVpvcfY4sLMczCXCFV_FM-IXSQthgZ3FQom5IFy_FoXLVheWr9AH1qwaY13wjNO1dkuVdBFlcil7lkQZkBX76iZkOg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 0241 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c548a30c41171b00c7d332fc539aa7fa0dceb71fc7d91d4bc7b65ed3bfed8382
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:05:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1094
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9959
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 13:24:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 22 Oct 2023 03:05:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4FDE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bzawjq4c0ZcyYPN2c9u8P956QgAMAAAAAOAHgBAI&bg=!HB-lH1DNAAY5nEQaGZw7ADQBe5WfODTgKFdaIw7yL2zPsF1JQtPM8BwdMzbSyk9FcAWZ8-vjy7vuPu7XLQwwCAPhtovVAgAAAENSAAAAAmgBB5kC-JS9LJZsVVcWj0SHETAkkT_2mdOWSPmkS8-HBXR0IGw5xMT_8-4opLTt-El1cVPfGh5dh9mvIysC4aLYPp46zM8DGXX7fKPHT8qzG53Uxv5jWc4kEEBy1vCEgavY3aJMtBJ25qn6cJ5VfVTGn6OdemhbtRfnCrNNFDjYbh8ekGXI4wgmhRMeILwXkwHC2McL3V2x4301Cn01ZpXU--uiwCbLcQtFy7oF33ByC6y2CUp5C8Qg7FBPyg24DQEBL24kOi2FiNrVkASNJUbyrr6edFqN73qR_D1wJr217klVMX-LAcMmPE9jXRCJB9cVRPwqfd1MxotYwoYEg6ZNyV0Fk8johqVdQyGxNimF3iXI3izZoI0RRTwto3-FM-uANtpjw9dWY6sUj4yfC38jxNbyPPSuQ0VkP2ax5FXbt0HbijgDJxff7aXAuFJpP-6QrdvJAiXBHMM4urnubQWhFRw2LGib5cn4EELwvLaMPuakkVWvylMG4ybnFoo63IAzbLH3vvoNjE8tU6LdRgteAmE8lXTtK7XcXUoTTDnzGgbhZzFBrcWWtYcO11FahHzEAnXnz2Aw6h7vP5Y1LplK5-ZkzI0nMo454KVCYU5m0MQV8PN1JpczvgNd4YzKzxyK1aA5hSSGdaIxKeTjIAfLETOeHXLZAa5BP0dIK4ICynClnULUtYzobY6ezHIhbennnFRnQKAW5MBc2y69f2DvvvaBt9ZAR5hWDg97NwPKPsElQfEJgiSvjY02Uldph9f8h4DxU5ud_v7ieqGbfpkLM-6Ix9zD8r9FpRmO9lXHSXacF0UWeVlFMZ_rsJxuMTyN5EwWQ-rfxN-aZiwnrDpyqecZacy91ejnIYgv7fAj9ApqTBGra848qAiz_vScI4TEFHMshUkxqxJeCh-pOT4oLVbTHsi6Yao4gMwsvlQa7FtVFiJaK0xGD18fXvUqCMRqTTPVQm2ogFYcj3_8V0pLjKPJekRnLiF-vIgubZ4ryPGGZo6wO6YoGzqVs4o
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impl_v97.js
www.googletagservices.com/dcm/ Frame 0241 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v97.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b23a2a55e15ddffdc187b1107030f6ed53d4abe5d4c0900022451d20c3dfb54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:19:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23166
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 13:28:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Oct 2024 18:19:14 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 0241 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.250.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-250-195.compute-1.amazonaws.com
Software
/
Resource Hash
a16d2100eb7dd6a7f149f3479f02c73af8b519da53c11f060edbb5966aeb9ed1

Request headers

Pragma
no-cache
accept-language
nl-NL,nl;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231022/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=5ce27f6c2ec7026092a38b455b5abbab400160f93ec0a874b51c1a5bfeb07aea
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
139d94429f7c4459d911c970a85b10888a99043b429123f4aeb908c9c3e74ffe
Cache-Control
no-cache
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231022T022340Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sun, 22 Oct 2023 02:23:40 GMT
x-amzn-RequestId
ca76ebff-e8af-8c80-97d8-6213939032f5
Content-Length
133
x-amz-id-2
zPphgZnl45gEYJMyuwvjxP0yoBs2+0nYNQARqQ9rYQAUtjaEwYRovsn8MHUVRJ2N07WbkHbz1f0EejTOJnLPcu9s86VNyc7Y
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.250.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-250-195.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sun, 22 Oct 2023 02:23:40 GMT
x-amzn-RequestId
dab024c4-5741-c50d-871e-ad282c7e7b78
B9689862.280630144;dc_ver=97.287;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1420894397;ord=987wsm;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fonwardstate.com%2F$0;xdt=...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 0241 		66 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=97.287;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1420894397;ord=987wsm;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fonwardstate.com%2F$0;xdt=1;crlt=D-0xF-Gdsz;stc=1;chaa=1;sttr=43;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v97.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
df68b31209825ad2bf48a70b7e98ec1fc1276fe81c1c62a9e8a991e5a9083811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30498
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame 0241 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=97.287;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1420894397;ord=987wsm;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fonwardstate.com%2F$0;xdt=1;crlt=D-0xF-Gdsz;stc=1;chaa=1;sttr=43;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 18:00:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
30195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Nov 2023 18:00:25 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0241 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuqSC5G-jZtagz4yz90MjuFJ-Qlq0RZYzl8TQbTFxPwxQwnpRPxOt9AOEcQanFJ8gabrUzxePZDuVYK7EADzd7XM4Khw4gXrDVcYwPUM8lalLkzqByreGJ_4tgZMrWdJ-ie8_aqqPzy6gPMdSK3c-HjlgSZ2ehqFBOHkUdvSA&sai=AMfl-YSFI_838HM6auAPhvOkRnGcQHimARdg6B_aMDErgXZXLdT7jXYc1UWT9vzycVC4K-rkLkTHYgP2ZOv2uozoPxZnufp999uc7kB5iQ&sig=Cg0ArKJSzFNR6juomFlJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231017.93265&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=97.287;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1420894397;ord=987wsm;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fonwardstate.com%2F$0;xdt=1;crlt=D-0xF-Gdsz;stc=1;chaa=1;sttr=43;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
7410484386335067809
s0.2mdn.net/simgad/ Frame 0241 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7410484386335067809
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcbd4882f0c4557f44d9d7340ab5a08c7b8cdf3dc5cba9996a18c95160acbd5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 08:57:30 GMT
x-content-type-options
nosniff
age
62770
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126353
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 16:06:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 20 Oct 2024 08:57:30 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame F72A 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
249531
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:04:49 GMT
expires
Fri, 18 Oct 2024 05:04:49 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dv-measurements4826.js
cdn.doubleverify.com/ Frame A71B 		420 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements4826.js
Requested by
Host: onwardstate.com
URL: https://onwardstate.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
a5e299a85a9b163a13f8922e875d903e3886d98af3007f64e3b106b0fd4486c6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sun, 22 Oct 2023 02:23:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Oct 2023 07:56:38 GMT
Server
UploadServer
ETag
"a1cf6f2436096e7eb8c6981432e7fc1c"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
101065
Expires
Mon, 21 Oct 2024 02:23:40 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0241 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuqSC5G-jZtagz4yz90MjuFJ-Qlq0RZYzl8TQbTFxPwxQwnpRPxOt9AOEcQanFJ8gabrUzxePZDuVYK7EADzd7XM4Khw4gXrDVcYwPUM8lalLkzqByreGJ_4tgZMrWdJ-ie8_aqqPzy6gPMdSK3c-HjlgSZ2ehqFBOHkUdvSA&sai=AMfl-YSFI_838HM6auAPhvOkRnGcQHimARdg6B_aMDErgXZXLdT7jXYc1UWT9vzycVC4K-rkLkTHYgP2ZOv2uozoPxZnufp999uc7kB5iQ&sig=Cg0ArKJSzFNR6juomFlJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=102&vt=11&dtpt=101&dett=2&cstd=0&cisv=r20231017.93265&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=97.287;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1420894397;ord=987wsm;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fonwardstate.com%2F$0;xdt=1;crlt=D-0xF-Gdsz;stc=1;chaa=1;sttr=43;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E37C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
36103
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 16:21:57 GMT
etag
48472445140208031
expires
Sun, 22 Oct 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ad-choices.svg
static.yieldmo.com/images/ Frame DBE5 		699 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.yieldmo.com/images/ad-choices.svg
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:4600:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date
Sat, 21 Oct 2023 08:24:10 GMT
via
1.1 d2e8c709d1f79bde6ed8f833f02bdd34.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
64771
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
699
x-amz-meta-replication-status
COMPLETED
last-modified
Tue, 27 Oct 2015 18:00:31 GMT
server
AmazonS3
etag
"f5483cecc2fab32a508cf2b5e5b94abf"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
private, max-age=86400
x-response-headers-policy
static-yieldmo-com_svg
x-amz-meta-version-id
smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges
bytes
x-amz-cf-id
EHJhBOCyZib8FewxRhZEw0t-neXCU61rrdeNABHy7iQEvh8hJfnZIA==
truncated
/ Frame 0241 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30e8813ab9664c8656eeab96626836ee14d140027f98a85db73b315f1d3cce43

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
Go2L2UXASa3zgLYMtWkhikvoKs581XwKUqsvcPiRwIk.js
pagead2.googlesyndication.com/bg/ Frame F72A 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Go2L2UXASa3zgLYMtWkhikvoKs581XwKUqsvcPiRwIk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a8d8bd945c049adf380b60cb569218a4be82ace7cd57c0a52ab2f70f891c089
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 18:07:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
375347
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14651
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 18:07:53 GMT
visit.js
tps.doubleverify.com/ Frame A71B 		694 B
730 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=134&ttfrms=30&brid=3&brver=118.0.5993.88&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%40%3FH2C5DE2E6%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%40%3FH2C5DE2E6%5D4%40%3ETar9EEADTbpTauTaubf%60%604cf3_4fff36cg7_25ec_cheahfh7%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1697941420865163&jsCallback=dvCallback_1697941420865808&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4826&tgjsver=4826&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&sfe=1&fcifrms=14&brh=2&dvp_epl=219&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://onwardstate.com&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hJAlJjdeoTJNa4xLhSVSrb&DVP_DBM_1=3060631&DVP_DBM_2=22886455&DVP_DBM_3=18510215038&DVP_DBM_4=396394429&DVP_DBM_5=67&DVP_DBM_6=67&DVP_DBM_7=30466565558&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=1148508328.5188684&ee_dp_sukv=1148508328.5188684&dvp_tukv=59346633766.7557&ee_dp_tukv=59346633766.7557&dvp_strhd=0.39999961853027344&dvpx_strhd=0.39999961853027344&dvp_tuid=718299889058&jurtd=2012594245
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4826.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5a900b85965bb68722fd93e82a508c11ad93e5c4bac3d43e1600d806d4d92eef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 Oct 2023 02:23:41 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
10/21/2023 02:23:41
pixel
cm.g.doubleclick.net/ Frame E37C
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEDblpJ9AFLaLkYCWEZKB1Cg&google_cver=1&google_push=AXcoOmTlvoEeFeoM2-2w-WlsYY6O1gHYkvPrr_6Khzsn2WW6h8tyT0Zs6Cjdc-WO11YFGAf-9XepgPL5dwB...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTlvoEeFeoM2-2w-WlsYY6O1gHYkvPrr_6Khzsn2WW6h8tyT0Zs6Cjdc-WO11YFGAf-9XepgPL5dwBQvwrius2Gwjwdam-i
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTlvoEeFeoM2-2w-WlsYY6O1gHYkvPrr_6Khzsn2WW6h8tyT0Zs6Cjdc-WO11YFGAf-9XepgPL5dwBQvwrius2Gwjwdam-i
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTlvoEeFeoM2-2w-WlsYY6O1gHYkvPrr_6Khzsn2WW6h8tyT0Zs6Cjdc-WO11YFGAf-9XepgPL5dwBQvwrius2Gwjwdam-i
Date
Sun, 22 Oct 2023 02:23:40 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixel
cm.g.doubleclick.net/ Frame E37C
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEJ-GSpxbdxK9QBtY-3FKu9s&google_cver=1&google_push=AXcoOmTfzxh4TI0t9I2Hv6hlZEs3xfOIH2Hg7nZourTpiz73qoVklFcWObhrinZmzyMgdZAvxHM2VZY3wFTHkx1cS-gjxczA1EwU
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTfzxh4TI0t9I2Hv6hlZEs3xfOIH2Hg7nZourTpiz73qoVklFcWObhrinZmzyMgdZAvxHM2VZY3wFTHkx1cS-gjxczA1EwU&google_hm=M2VTSE5TU1hYblNYS1d5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTfzxh4TI0t9I2Hv6hlZEs3xfOIH2Hg7nZourTpiz73qoVklFcWObhrinZmzyMgdZAvxHM2VZY3wFTHkx1cS-gjxczA1EwU&google_hm=M2VTSE5TU1hYblNYS1d5QmJCN1k=
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:40 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTfzxh4TI0t9I2Hv6hlZEs3xfOIH2Hg7nZourTpiz73qoVklFcWObhrinZmzyMgdZAvxHM2VZY3wFTHkx1cS-gjxczA1EwU&google_hm=M2VTSE5TU1hYblNYS1d5QmJCN1k=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
sync
ssbsync.smartadserver.com/api/ Frame E37C 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEP7RIk2c5H1mICpmaJqecw&google_cver=1&google_push=AXcoOmQx-y17db90-WvZ__hrYlqHZPKJZznhWZ8ixEggLTFYCCOMs5AhdjdkqkQSUEDhtTvwGdhC76vuwQR63bO7QhMpqAdKp3Ot
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:40 GMT
content-length
0
0.gif
id5-sync.com/i/495/ Frame E37C
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESECWvdVCtCavv2Iwlm2iVj0Y&google_cver=1&google_push=AXcoOmSWueu2sXCglzIx_GWW07WVFHooPiBO9fUL1EsBMGZqbPvsrl__BE0IxyqwZI0PGiDABPWUevLM8sdvoVVwU4ZiCUD_zuLZ
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSWueu2sXCglzIx_GWW07WVFHooPiBO9fUL1EsBMGZq...
43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSWueu2sXCglzIx_GWW07WVFHooPiBO9fUL1EsBMGZqbPvsrl__BE0IxyqwZI0PGiDABPWUevLM8sdvoVVwU4ZiCUD_zuLZ
Protocol
H2
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sun, 22 Oct 2023 02:23:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

date
Sun, 22 Oct 2023 02:23:41 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSWueu2sXCglzIx_GWW07WVFHooPiBO9fUL1EsBMGZqbPvsrl__BE0IxyqwZI0PGiDABPWUevLM8sdvoVVwU4ZiCUD_zuLZ
x-download-options
noopen
vary
Accept
content-length
271
x-xss-protection
0
/
onetag-sys.com/match/ Frame E37C
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMudAFxzmMEYDKnmpPYQd2A&google_cver=1&google_push=AXcoOmRmHsZRtepJ4MDN_Ytq3HxQiFd09KBSVVQPNeWLy53OlM2-SoNWd77RferQB1zf4EB6Pw0fs5TNyg2...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRmHsZRtepJ4MDN_Ytq3HxQiFd09KBSVVQPNeWLy53OlM2-SoNWd77RferQB1zf4EB6Pw0fs5TNyg2E9_LDgWzsLcKPFKZf
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
google
sync-dmp.aura-dsp.com/match/ Frame E37C 		0
0
pixel
cm.g.doubleclick.net/ Frame E37C
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEPOQoPYAxgkmeqGtuXSP4kI&google_cver=1&google_push=AXcoOmTOBdKNI0Gbbh0NLbYh2kR40qDnOEC_pNypwqXqIsgcaIxFgMMzab8zZxaGn9b...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTOBdKNI0Gbbh0NLbYh2kR40qDnOEC_pNypwqXqIsgcaIxFgMMzab8zZxaGn9bKVIameV_t2-YEvfPAzETWW2DoE8SrrZ_nuw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTOBdKNI0Gbbh0NLbYh2kR40qDnOEC_pNypwqXqIsgcaIxFgMMzab8zZxaGn9bKVIameV_t2-YEvfPAzETWW2DoE8SrrZ_nuw
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
2ae1620c.a76c62c
date
Sun, 22 Oct 2023 02:23:41 GMT
x-bytefaas-request-id
20231022022341A4E001AF6DD214680353
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-239-17.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
x-parent-response-time
95,2.16.239.17
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=8, inner; dur=5
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231022022341A4E001AF6DD214680353
x-cache-remote
TCP_MISS from a23-218-219-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTOBdKNI0Gbbh0NLbYh2kR40qDnOEC_pNypwqXqIsgcaIxFgMMzab8zZxaGn9bKVIameV_t2-YEvfPAzETWW2DoE8SrrZ_nuw
x-bytefaas-execution-duration
3.48
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
01c8dc43a95bd8695202606397deadbbfd1b818cea9c6407cb4dfb8fd1ca6d315969e45e11004e805783c5e4734ae078db08b0cdbf3e8c88e5c3738043d8cacfeeb87053bf79eebdb47c72a6dca23c9cb9d78cf8875dc378222be0750d5d62c9b910e3f9326fee903f12bb386d0c128f38
x-origin-response-time
8,23.218.219.38
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Sun, 22 Oct 2023 02:23:41 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E37C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L0Rt8fLQrnDG9PO1-NllXZxBPTkAVIMtDwQR4qaMKaZO8JvxSSgpJxTe7llUE7ryEmLrN7gbgQkw
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:23:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
kinesis.us-east-1.amazonaws.com/ Frame 0241 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.250.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-250-195.compute-1.amazonaws.com
Software
/
Resource Hash
933dcac817764d8f195d44398bc9f5b04729d8dddce598607cab931c863658c8

Request headers

Pragma
no-cache
accept-language
nl-NL,nl;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231022/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=1ae7ec27971355a50a069362ce2d0f5fd9b40055922f9ed48c386d884d788601
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
f4883eaef753d0371e438e9f4c8b3ec90093047dab4378226ec7f87d7339d979
Cache-Control
no-cache
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231022T022340Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sun, 22 Oct 2023 02:23:41 GMT
x-amzn-RequestId
daacf242-47dd-087f-8702-7baf3ce2b60a
Content-Length
133
x-amz-id-2
wVRuLVv1FubE2XAvsV83ccqwVD1FxEPqa1NBM2/c01nx4kKKGVX9wp1vPY2sTsUVyiEY/VZmpDtYIOOss1oQcZTZilTvU2TZ
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.250.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-250-195.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sun, 22 Oct 2023 02:23:40 GMT
x-amzn-RequestId
e962aa4e-6b99-8828-b4cc-23a210a6365d
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310170101&jk=833601715597371&bg=!q6ilqOfNAAbDUgby41I7ADQBe5WfOEKpQFDhah30jBGBk42u4Dt72EccRU9G8SaGXkLy-rROhSk8ZCdamWimSVMRKISnAgAAAcZSAAAABGgBB5kCtt0gNJtyurshZUeCrd18aLhMzXW_SC9p4W0LwxL9ZmJVvyj91zOnrqT0PpaRklp2jNRIyyslDIKp_UorJDHA4BNlne7j46NhUaeR5nSil2c-F6R_qVnszJrGKnd7Cai-Rg_WoqrmF45lhwdzoo8kXUfP_gjf4mdX9vNkOQFVOC8szqigpy9Z4OCtYd1pqbOYS3LrBedSjR4GZs0pxvJrlAM99lAiBi9qaPJDlqAyXdqjfgh9Q0lK1ITUQJy7DoWrRuzon-LAC5-6ajwWvUi2-vGUK39wrOZLaC4_93fCV1BSlNcNoNdC3NQA1NCfKCiWMa-JFrP9DPV4EAGs2lHfksoBnLbrfCNycQu4Qjobfhj0uUAdNeh-O12Lb8BFPj7pwG51d7e5wWhpydDjnFZvx304DbYnFscpnBTu8lXO1fIJvqf4GulaoODBGUb3sXMxHmmqqLh0A1WvUPzycTOopxw24bxUG_DEcVrgqxGRNgGNjWwkySzxXaGi0hwFqt94yOnI8vYTzEE9uiKmJ33eG_VdT09DyTod8JNoGQdq78dn2VZpmmfXHQEfJIdOSLZkTpse9gfZjblXj7iTPXOyKAzhJIJ8iPNfJ97hLP4ksC6ltK91JvS1ffdOnj-C31g7mpMtQujXeXKIqPZTeDMOIWeel1C3ZH_HbF5J5VOw4wdJP-VBKgiQuGDXpjN7D5Vk0dZlLBtgky3c3m7MUZLYWvmbBmRLvgsRLqbgzL7QSnj2loyAsEOyFhRGzm5dAnu1DCXrWFXDjgLZATKdYjlwOer6aQtBhNn6GRiQ2dZfFkVIH3j1SUrj1kV887RLuf0b0wJSNflfv86vVSLBuzAP6suoFXpnuBfy4cX_x6vl-v8S7HukduJMVW-VHvAMn-z-A3nDApkzPxo9SXdDMoqVGlsAoubP1LA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://onwardstate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 8B59 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssEbxLHrmOdgFCR9ZxlcGlU0070o-eZm_TlIWHvA61cHBHY5-tGzz2TwZ8sOkhll8-5uD3XgD3STDY_wNMnCGaItLA8qBSLHPjL4xlrJIAWlCTDfk1nA2MLnFmI6oRsPgpTho0W-KR3OCA2&sai=AMfl-YQY3hEggjEbXYcLtVFiTffbEH2Jc6dLaDwdpuwlrifqurm_2Dqm2DtvgGnfbTRHTWKpvbOf2NGLx6jY_IFIKBPlzZjRL6VnOVBL0SVvglkjvjLTjtbf9X4CGc1oSOVR_n2VhMKvx1owqqwpL3I&sig=Cg0ArKJSzKqH5urGopP4EAE&cid=CAQSTQDICaaNIqY9bOp6Z5GeIF-tbe2sruheanvVZdrVl4OYaw6f2EewfLCbWr-l5RGKS15yHHTYBFM6CJI0TJAXOjKhRjE5OSQmBSubXJ_lGAE&id=lidar2&mcvt=1000&p=1013,1020,1263,1320&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=0.74&if=1&vu=1&app=0&itpl=20&adk=1465236861&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697941419621&rpt=343&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F72A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BJXO_rIc0ZZjjI6Wl9u8PmNGN2AwAAAAAOAHgBAI&bg=!ysmlyYbNAAY5nEQaGZw7ADQBe5WfOI0oTaj_T1T6AJ1h5DqBR-JibSjJOmcNkiBGOVKdfLkBD2KTck4a5_UlmzRj9LcvAgAAAEFSAAAAAmgBB5kDCqp3igJ8jhBP7ghNnvsfUiYk3zhPAzyjPmsh5reUovCEz444NdF-fl3B3Qaqg5bZNs1q9h0YdlAo94sqgWDKis8XnxNu2UVWxSx7E-_rYfOJRvdEYhLQGRrSzL7wTMamc5XXqmys8rUJzB5kfo4lBDBzwsANggJhItTR4MYACs42jfss0BepLktdqvSJz6ozqAKWrUwmugHOa9EipZgXOd8u1Wfs-F_Izm1ulbWptiH_6g9Vfs94iPwf5KLVca1F75WBJASTM8cxgK5FSRUX66vbYEe1NtRwyGzP6UQaHPSSBKuswQfERcIFPft6D_L6K0ghcL-SKGLUilYclsHIMYilnVY0ht1ieOGx74-ErFe6JkR8p_YiZ08RqHqB77OOnnDu3FRWtv3KfMOQz3PzwpT5dpiKnjc4bGpgvsOKmEZ1RdhdOfKU5FAYZRTcUnzYDlhVmxHYBr9ErLwK15EbM_4SVreTC_vmw_j_M00UsXtOdrizLGbzcgWqlJCeoEEEkU7shZv8XEvJH0hPGOb682XZeIT5LD3airOvZ5q4EF5NBnCtGqVPAY_Zoclyit3SJ61RN6ByxXJZYJVfC3ABiBkI-IfRLY0YqGfq6xcS-ql9fXWfxUJLcXsoZrbWQNhbk3e-sKPILRb6f4LqJbEVhqbqEJ9WraAgTvaMS3enxkUXLBJmHIf_Oygz8PpP-v4bb6SB9ev1ZD-r5-fLQ4_xuZKw2p7I9HCWTstwAPQiho7A2vOAqL3fjWRf3IIT82ObxVl48EVOdKd7beD5WAmMOpig-x0Q-P54Ji4VKBSEW_cregLjBrOyrCAG0wC7LjKNejLdijS3joNXEiN2lnjx8U5wDRKFhmTGl8vu-zsB0qBDAdg5KxwZy4W5GSC8JIWdhw1QhFhpftmyxb00s2XQfdaSbXbSr_kdy5tmOkBUjHjebYmyHuCKgBP0s4fFEVaiRq2dZPZib51-Ste--q_xuo3xoTu757luXY6Lle-5D2gRz56yxVyfIl4u017EnayWoEbslU-KvKq1RcY
Requested by
Host: 3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
URL: https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.250.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-250-195.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sun, 22 Oct 2023 02:23:41 GMT
x-amzn-RequestId
ff372b26-f05d-af97-a299-a2cb66c26904
/
kinesis.us-east-1.amazonaws.com/ Frame 0241 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.250.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-250-195.compute-1.amazonaws.com
Software
/
Resource Hash
ad9912dbac65c15422cb17feb0b1cbcdc7d2221afd48d0621072776b4a3279f4

Request headers

Pragma
no-cache
accept-language
nl-NL,nl;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231022/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=eb9871d5fb16cb48cc25e0ca6748f6efa272f11ca198c58aaf46afa719ff2052
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
f3506ebd10c8394c2b7d0db5810e40cb0e97eba8bfaab172b42ad419ad3a3559
Cache-Control
no-cache
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231022T022341Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sun, 22 Oct 2023 02:23:41 GMT
x-amzn-RequestId
e63471c0-fbdc-e98c-bb9a-f82d6d432f1f
Content-Length
133
x-amz-id-2
c9vOf+N8dxbcJI/a75VQoWWmOWYt2mEyZJrh83Wo0lPFp3JBIEkpnUg9zEzpdVhMg+B40xeveZdGMd3rT54NXZe9nkZ/2v9W
Content-Type
application/x-amz-json-1.1
adview
securepubads.g.doubleclick.net/pagead/ Frame 0241 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CCOQQq4c0ZfXrA9O69u8PsZeZsAGH9JKQXOjrpun1BMCNtwEQASAAYJEEggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQngAgCoAwHIAwKqBKwCT9CI1mhak1zYq0v8xbhHj8gHqKY9mNG4EspD1ETlAyNwqn-3GoYPbE2vj9jO31psybeTRS9l0tK2KBQR4-Ks4ObaCTolfNo93Q9y6yLPaCUvtcoY3mFYBJHkzXubL0mrhG7Z7QJFeox-2gYmaK-yoagBwISY6J_b8McY42BaAgjwoSixVwOQLRNIQQlXMmldO1-iIB3kRIxBsuHzFD3kWQPJ6J4LkwWMzurniBnq0CfP-ye6vanBcqvKB_2myklXDKw5eKa3KIjR7jz3T3bVmRgcbftAfXwBXMLvHQ5jVTsya2c7AuoFc8-wPLV0voeAGADdpiMCRrvPftv_s8w9BgCUy3uCJDamPO2970pWn1IyMlH5qnaCOHDRMg5lj4yDrgd-jjD40MySecAe4AQBgAaznq3WnLDxkYgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTEwNjI5NzI4NjE1NTMzMDMYgdQc&sigh=R1qPbKb-rHY&uach_m=[UACH]&cid=CAQSTQDICaaNIqY9bOp6Z5GeIF-tbe2sruheanvVZdrVl4OYaw6f2EewfLCbWr-l5RGKS15yHHTYBFM6CJI0TJAXOjKhRjE5OSQmBSubXJ_lGAE&tpd=AGWhJmtHSv8iml-omGaFnYHueuDEnJHjoQtGhMt7JqaxNwC7r04DjvXAMAorZMH7mf4sgu3p_DjW5VOcGRWdFG2dRULUZqzTRQSmigYsinZdPYuaEeQf5xoEweqNJPSBSLf1kWpCfwDG3wc5a85k8iQujRyCwoHl525pQy_LLNo5P-46Qe8g6r3DzeIrj0WudTnXtPOHIw9lrFYca0D8210iVDM5XpmXq9a_z-PgglrFiKjPcQUdFtGtZHThqcCI3rPhOpgpDXsPbrT67DGOJd1URaJl7K-9AOpgVU3gz-seh30Sn1VvV6ii7ZTtolaRjntZDUKKpxmIBlxhmJxGk7wLXnTtRBfhvYKEReIUnR7GRsjp459noa8b3Y_85RlxiWEly0kJYQmzGsOivpnGPVhfrM17bn1a37-FQ7sTnyNyZUMwHBfdk1IA4PxTb2A7IgVmiSMGvjPsp2eRqII_EFyUtIv3RhXabbS5oIDWdJKsRGNKsUEQZxz36-x-iKZRh31W2S0CJ7aEukE2Sab4ScfToxizHhyB-XrhB-aINXxFRcZkcj1wlx8s6TtyEZjzD5J1kU4p0WRsangE1l2WHQaorRkEGIJnu7lpiXN6cmTStLuzeWTis0gVNDR62Zt6N9CBwR06VAIWONP89w6gVURSnQw6EEY4OsjlEmgppaD-_N9r1EzKcJLNSJ7KiDWU_qCqL5mxqm0X4zSenVD16PwcW9pBsspLc1hpLpILe2mUl9kHQWCLVOp64i18B6PFkPF9UgRTdhND0no2iYtFr0WeN22Njgf1&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
ev
ads.yieldmo.com/v000/t_tkr/ Frame 0241 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=mrcv&imp=5786827464863289581&plid=2337072099794821211&pvid=3389697402702350077&fmtid=90&offsetX=999999&offsetY=999999&pvt=1697941419168&stime=1697941421113&etime=1697941421113&viewportHeight=1200&viewportWidth=1600&adSlotLeft=-995717%2C-999999&adSlotRight=-995627%2C-999271
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.202.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-202-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
pragma
no-cache
date
Sun, 22 Oct 2023 02:23:41 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.250.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-250-195.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sun, 22 Oct 2023 02:23:41 GMT
x-amzn-RequestId
f98dd876-9683-1f66-a423-519b2945449e
/
kinesis.us-east-1.amazonaws.com/ Frame 0241 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.250.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-250-195.compute-1.amazonaws.com
Software
/
Resource Hash
3d42acef7fa619145f8e762ae0f84dc223a50b6b37619ed8455368ad48822d67

Request headers

Pragma
no-cache
accept-language
nl-NL,nl;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231022/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=a07bda0e7133864a9fd782122a3f93d594785d2fc9c93c10d3db80dffc651351
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
f54c0787fa08d567271936b6f63c81cfcc25d68ad52829410912f438669da767
Cache-Control
no-cache
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231022T022341Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sun, 22 Oct 2023 02:23:41 GMT
x-amzn-RequestId
e49e4eb8-dbea-2283-b930-c755642c797b
Content-Length
133
x-amz-id-2
L1iRiW59iumKa88fXSRg9B9TWPQEnfKnZjttaLbz2tjLMV9i/GBOL57gtKBjTdkiEAZKJ7mRdiiltwI11K8fg3h3PUo7/nP2
Content-Type
application/x-amz-json-1.1
activeview
pagead2.googlesyndication.com/pcs/ Frame 0241 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEVN7x86Y_X0aF_aE8aC-nn79wv5aSdTtSzYxvKi0uxRSLTtYilik-P25swYGVnlLLDSbf-mb-1MJCftfR74abUij7zOQskz_JL4s1&sig=Cg0ArKJSzJhPqT0wL0vZEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2227921122&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697941419608&rpt=536&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 0241 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.250.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-250-195.compute-1.amazonaws.com
Software
/
Resource Hash
833e6c4f41bfc1b67c8c410d5116a5bd6217f8c57b61d0a76552ef1257ee734b

Request headers

Pragma
no-cache
accept-language
nl-NL,nl;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231022/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=0be9f98c2600d95064bfaafc03894f9c36248a06c2c10bd29415725735b8eb41
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
b11836c84bd604bc2ec5daac1f5e890564474425d32bee1d905aaa09c2594223
Cache-Control
no-cache
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231022T022341Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sun, 22 Oct 2023 02:23:41 GMT
x-amzn-RequestId
eda1b060-efee-94da-b00f-398d5028cf22
Content-Length
133
x-amz-id-2
K91NVjrMWKty5tIbGS4XvSO5pE2ga/ceIqh4ia/MELks2puICUHNJuwds64UvDDtGG+Y8rUvVynyt/yz1OpNGf8YeAbDIZCO
Content-Type
application/x-amz-json-1.1
activeview
pagead2.googlesyndication.com/pcs/ Frame 0241 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHThI7727FWIZPTu_v5nYsW-HoQPpKpmhHCtMBZRq5o1JlzNXS6JsiwiH9DKHYk9F0VnfWxhNgWWZGzkG9SY1sEgEN10WaNKbCEfJ63WMx&sig=Cg0ArKJSzKLtPS70iKDGEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=1420894397&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697941419608&rpt=1144&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.250.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-250-195.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sun, 22 Oct 2023 02:23:41 GMT
x-amzn-RequestId
fa9ecdf5-2981-5f78-a730-441896470480
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0241 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7419593081994&version=m202309260101&ct=77&x=67&cor=18153466666848317000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0241 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYpr_ZiMOBpDja429YlkW9mjhmSHWZPHRx1uRNvOJr01eCOOukTExpeH8q8N1Wy_eaHsVrlcpyuDEf2VTVEOoaWMxv6LP8bqoMzTTy91ZSm_I&sig=Cg0ArKJSzJmgUCZ8QNz6EAE&id=lidar2&mcvt=1000&p=0,0,94,728&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=32&adk=3267286763&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697941419608&rpt=1498&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-H62DJPTT4W&gtm=45je3ai0&_p=494594469&cid=838596988.1697941418&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1697941417&sct=1&seg=0&dl=https%3A%2F%2Fonwardstate.com%2F&dt=Onward%20State%20%7C%20Penn%20State%20Blog%20by%20PSU%20Students%20%7C%20News%2C%20Features%2C%20and%20Opinion&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H62DJPTT4W&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://onwardstate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 Oct 2023 02:23:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onwardstate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 0241 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.250.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-250-195.compute-1.amazonaws.com
Software
/
Resource Hash
1a39abe6893ef2603fbab8db7afa630f424fbc2bc7d786d4b1559da8f3b6ae05

Request headers

Pragma
no-cache
accept-language
nl-NL,nl;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231022/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=23a5394c845b0966a9c1a159df1ab46c52aee0133ba1f867198931465f9ac328
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
6d2fd9d01ac50e2dcc2ff3d0582d2a7b359a7a17c5373e7aa2501bb0adc80238
Cache-Control
no-cache
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231022T022343Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sun, 22 Oct 2023 02:23:43 GMT
x-amzn-RequestId
f2a635cb-b7af-f27a-af08-bc240869a982
Content-Length
133
x-amz-id-2
L9HwEeTTzvANGWgpEJNRME377CR18WPB+H1ln4SkmoqMIDBPIJ4GpgReq1oVexWk2CT900Ty6zvmpi4H3R55c62lCYBm1o4t
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.250.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-250-195.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sun, 22 Oct 2023 02:23:43 GMT
x-amzn-RequestId
fe5e69a9-032a-ecf9-a3f0-e046bcecb701
event.png
tpsc-ew1.doubleverify.com/ Frame A71B 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ew1.doubleverify.com/event.png?impid=1036e9ea056c44e0a7c86d867a159ba3&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&ee_dp_asmm=1&vdur=216&eoid=16&te_exec=0&msrjs=4826&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=0&tetms=32&msltms=45&vltms=216&sei=289&vetms=4&tuviims=164&tuviems=384&engms=1&engisel=1&dvp_dtcov=4&sim=3&msrcanlm=392&msrcannum=3&ee_dp_tmads=2351&ismms=55&isumms=54&nvr=6&isgmmims=55&isgmv4mims=55&elmtp=6&isbxdms=2255&b0=100&b11=2238&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=3&dvp_vsosnmr=16&lftb=2338&sftb=2338&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1054&isuiabvms=1054&isgmpims=155&isgmv4dpims=1054&ispmxpms=1054&engalms=53&dvp_dpr=1&vstsz=736&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3249&cbust=1697941424088629
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4826.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
Pragma
no-cache
Date
Sun, 22 Oct 2023 02:23:44 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2023-10-21T02:23:44

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1323
Domain
sync-dmp.aura-dsp.com
URL
https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESECGqlBvO1o_40cWINJodeCI&google_cver=1&google_push=AXcoOmQWYBhBvyCPO3oBbHi2xTzAVhSl3ARh1ZX-o7VfEHJwpIZmfKzoN65VJGk4-pcqdAavDdNv_BzRzP5LYQMaej4z2chdhCc3KQ

Verdicts & Comments Add Verdict or Comment

438 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 undefined| $ function| jQuery object| adLayersDFP object| adLayersAdServer object| ajax_object object| essb_settings object| essbis_settings object| _taboola object| dfpAdUnits object| googletag object| dfpBuiltMappings object| dfpSizeMapping object| dfpAdLayer object| dfpAdDetails function| documentInitOneSignal function| OneSignal object| terminal object| dataLayer object| infiniteScroll function| uuidProfileCall undefined| oldonload object| PARSELY function| _typeof function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| _stq function| AdLayersDFPAPI function| AdLayersAPI function| $unipress function| CheckPubInterference object| checkPubInterference function| essb_ajax_subscribe object| essb function| essb_open_mailform function| essb_close_mailform function| essb_mailform_send function| essbasc_popup_show function| essbasc_popup_close object| essbis object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| google_tag_manager object| google_tag_data object| aawChunk object| aaw object| _pbjsGlobals string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| apstag function| docReady object| ID5EspConfig object| liQ_instances object| ggeac object| google_js_reporting_queue boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx boolean| _tb_vautop function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl function| onYouTubeIframeAPIReady object| gaGlobal function| admiral function| 4dm1r11545242527 object| _qevents object| gaplugins object| gaData object| Modernizr object| lazySizesConfig object| lazySizes function| st_go function| linktracker_init object| wpcom undefined| google_measure_js_timing number| google_unique_id object| Criteo function| essb_manualform_show boolean| pendingUnlockOnSubscribe function| essb_optin_locker_unlock number| essbCurrentPinImageCount object| _aps boolean| apstagLOADED object| apscustom function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| Ah object| _pm_mcg object| image function| quantserve function| __qc object| ezt object| _qoptions object| lotame_sync_16576 function| ha object| cnvr_launcher_options object| __uid2SecureSignalProvider object| __uid2 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| regeneratorRuntime object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_143 object| Criteo_identitytag_143 object| pbjs object| __id5_instances object| _33across object| pbstck object| pbstckQ object| Pubstack number| __pbstck_consent boolean| __pbstck_session_tracking function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| ID5 object| hadron boolean| __halo_loaded__ object| PublisherCommonId object| conversant object| thisSlotDefined object| au object| publink_options object| coreid object| GoogleGcLKhOms object| tbopt object| criteo_pubtag_prebid_139 object| Criteo_prebid_139 object| google_image_requests

55 Cookies

Domain/Path Name / Value
onwardstate.com/ Name:
Value: test
.onwardstate.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://onwardstate.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1697941417375%2C%22slts%22:0}
.onwardstate.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=5101378b7006e4889fb095c21152e88f%22%2C%22session_count%22:1%2C%22last_session_ts%22:1697941417375}
.onesignal.com/ Name: __cf_bm
Value: M539YgjoxapwLJk1EEvOZ4MyXTGHT_8tiOgZkXl5SSQ-1697941417-0-AcjxpjuB3G7Z5YKM79KSDbikSg+Bmzf64mmfx52ifs6FywfEgE3pJ6zObCiqhjrinqyo4FHCp2zqVTQaAySYnQg=
onwardstate.com/ Name: _uc_referrer
Value: direct
api.parsely.com/ Name: AWSALBCORS
Value: l6JmECVDvqDAbjrnmh1dfT8L8a9vxl/3A1iqdy96sdUioXtFNSppteKeCZ/cwZIchC9JyzW2Ixa/ebv7OB2EnnpOqhP7eptC+inaJnR6A9OAFc+17+A7F6wSeEeI
.onwardstate.com/ Name: _ga
Value: GA1.2.838596988.1697941418
.onwardstate.com/ Name: _gid
Value: GA1.2.1759917279.1697941418
.onwardstate.com/ Name: _gat_UA-111000628-2
Value: 1
.onwardstate.com/ Name: _gat_UA-10930536-1
Value: 1
.onwardstate.com/ Name: _gat_UA-10930536-4
Value: 1
.onwardstate.com/ Name: _gat_UA-1249139-15
Value: 1
.prebid.a-mo.net/ Name: __amc
Value: 1_1697941418_1697941418
.onwardstate.com/ Name: __gads
Value: ID=1af7ab674e68025a:T=1697941417:RT=1697941417:S=ALNI_MaBNyhdnnP5Eg941D9Cm7XDJFSXEQ
.onwardstate.com/ Name: __gpi
Value: UID=00000c9edd15cf5a:T=1697941417:RT=1697941417:S=ALNI_MaIlUd3rzfPLsHc7f7g2jLk6ZCZkg
.rubiconproject.com/ Name: khaos
Value: LO0UHB32-Y-CR85
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qo/ED7MLuviJ3MylPn9loes1z8yuimHAOK2YmW0E8ZTKnZwTwUOr2CqKHoq5E03pJBuk9OKCLP1WyYbB5SW5XQ3sw5aPQjZqScijy0RC4Zd8Ri5j99IjSR+
.adnxs.com/ Name: icu
Value: ChgI3uM8EAoYASABKAEwqo_SqQY4AUABSAEQqo_SqQYYAA..
.adnxs.com/ Name: uuid2
Value: 6693832924365702815
.doubleclick.net/ Name: IDE
Value: AHWqTUm3Fwc_QGqq88oYQkvtU7NM50tzOBRjdA5Gjewr0_opQr_htV_FJ4fjeDDMlyk
.onwardstate.com/ Name: _fbp
Value: fb.1.1697941418439.268262587
.criteo.com/ Name: uid
Value: f2c4f790-2ae2-47c9-b6bf-46017f03e583
.onwardstate.com/ Name: _gat_UA-111000628-5
Value: 1
.openx.net/ Name: i
Value: c1b1f445-d5e6-420d-ad44-9e88e2d70533|1697941418
.quantserve.com/ Name: mc
Value: 653487aa-be83b-39029-97d50
.onwardstate.com/ Name: _ga_5SJPSTLWSY
Value: GS1.2.1697941418.1.0.1697941418.60.0.0
.onwardstate.com/ Name: _ga_5B02HBVGV2
Value: GS1.2.1697941418.1.0.1697941418.0.0.0
.onwardstate.com/ Name: connectId
Value: {"ttl":86400000,"lastUsed":1697941418888,"lastSynced":1697941418888}
.onwardstate.com/ Name: __qca
Value: P0-1245798588-1697941418316
onwardstate.com/ Name: _lr_retry_request
Value: true
onwardstate.com/ Name: _lr_env_src_ats
Value: false
.onwardstate.com/ Name: _ga_MSKEKZ2D0X
Value: GS1.2.1697941419.1.0.1697941419.60.0.0
.onwardstate.com/ Name: _awl
Value: 2.1697941419.5-70c2974bd8a85745d98b994f45fe43b1-6763652d6575726f70652d7765737431-0
.onwardstate.com/ Name: _ga_H62DJPTT4W
Value: GS1.1.1697941417.1.0.1697941419.58.0.0
.turn.com/ Name: uid
Value: 8408553695059475232
.casalemedia.com/ Name: CMID
Value: ZTSHqz6Ar-q996Y3Z6ogYgAA
.casalemedia.com/ Name: CMPS
Value: 3173
.casalemedia.com/ Name: CMPRO
Value: 3173
.yieldmo.com/ Name: yieldmo_id
Value: 3eSHNSSXXnSXKWyBbB7Y%7C1697932800000%7C0
.sxp.smartclip.net/ Name: uuid
Value: c65974e2-ab87-3465-189f-04baa2b6f5ed
.doubleclick.net/ Name: APC
Value: AfxxVi71U7PU4iXF8K7WPCF8H0hDhP65J0JbYhe9PSluddSyU-VSiA
.liadm.com/ Name: lidid
Value: 5a3afbeb-f7b5-4671-b4dc-2766570bd6b6
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>3mRL(I!]tbPl1M>e)ZlrFUfJ+tGXxp.A.ToOAQ3n^:GhhO8_IUGAgRNraaS`8=1W`D*bpRz*qF1`*b_Li*#[Ih
.sxp.smartclip.net/ Name: dspuuid
Value: 10.CAESEFZvEk0psYPOBcdpQhhVPuw
.sxp.smartclip.net/ Name: psyn
Value: 19652.10
onwardstate.com/ Name: pbjs_li_nonid
Value: %7B%7D
onwardstate.com/ Name: pbjs_li_nonid_cst
Value: zix7LPQsHA%3D%3D
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-fbd80de3-09f6-5733-7d58-8b04ce692bc7.8L3X1HLMgKzQ25idBNFZ%2F6MBO%2F245Q%2FVT35SUlGJR%2B0
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-fbd80de3-09f6-5733-7d58-8b04ce692bc7.8L3X1HLMgKzQ25idBNFZ%2F6MBO%2F245Q%2FVT35SUlGJR%2B0
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A-9gN4wn2VzN9WIsEzmkrx1_TX_g.oxk1FFCDt0i4JT5ACQxF0bCjlwh0TgcG4%2B02%2FGEissU
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A-9gN4wn2VzN9WIsEzmkrx1_TX_g.oxk1FFCDt0i4JT5ACQxF0bCjlwh0TgcG4%2B02%2FGEissU
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGNgcebGzi1SPc8BeNpYdXNSiU5HQO4cOdcaMQMu1-VWEHwYBCCsj9KpBjABOgTLdGrUQgSDmfl5.%2ByjeEJNUfwiygP5ffZwbTj%2FQd4RYmYBFtR9Nqs60jMg
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGNgcebGzi1SPc8BeNpYdXNSiU5HQO4cOdcaMQMu1-VWEHwYBCCsj9KpBjABOgTLdGrUQgSDmfl5.%2ByjeEJNUfwiygP5ffZwbTj%2FQd4RYmYBFtR9Nqs60jMg
.onwardstate.com/ Name: cto_bundle
Value: BIkIrF82TlQ4blhiVW56cjRpWFpwOGNYVElNdGg4SmVEMjgzV0ZWRVhDcVhFNm0xQVI5UmFpY0czSmVQaTlpeDFXMkclMkJMTUYwSFlkTTJNNXQ2S0E3eUszS0g1eHhQRlVkT0QweTclMkJsRzFrNXNuY25xck43M2hVVnJtbExZeWp6Q1lxcWtmUiUyQmE3dHlFdCUyRnJubXhxd3oyZjBrdyUzRCUzRA
.adsby.bidtheatre.com/ Name: __kuid
Value: 62a409dd-5aa9-4447-a2cf-7b6b96f4c4d3.467155420

6 Console Messages

Source Level URL
Text
javascript warning URL: https://onwardstate.com/(Line 108)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://survey.g.doubleclick.net/survey?site=_ag56apdy7ei5ppgm5bh53ydarm&url=https%3A%2F%2Fonwardstate.com%2F&cid=everything&random=1697941417104, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://onwardstate.com/(Line 108)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://survey.g.doubleclick.net/survey?site=_ag56apdy7ei5ppgm5bh53ydarm&url=https%3A%2F%2Fonwardstate.com%2F&cid=everything&random=1697941417104, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://survey.g.doubleclick.net/survey?site=_ag56apdy7ei5ppgm5bh53ydarm&url=https%3A%2F%2Fonwardstate.com%2F&cid=everything&random=1697941417104
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://onwardstate.com/
Message:
Access to fetch at 'https://api.rlcdn.com/api/identity/envelope?pid=1323' from origin 'https://onwardstate.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1323
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://www.googletagservices.com/dcm/impl_v97.js(Line 91)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3711c47b0c777be48f0ad6404962979f.safeframe.googlesyndication.com
a.ad.gt
aax.amazon-adsystem.com
ad.360yield.com
ad.doubleclick.net
ad.sxp.smartclip.net
ad.turn.com
ad.yieldlab.net
ads.yieldmo.com
analytics.pangle-ads.com
ap.lijit.com
api.parsely.com
api.rlcdn.com
at.teads.tv
bcp.crwdcntrl.net
bidder.criteo.com
boot.pbstck.com
c.amazon-adsystem.com
cat.hbwrapper.com
cdn-ima.33across.com
cdn.adapex.io
cdn.doubleverify.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.onesignal.com
cdn.parsely.com
cdn.pbstck.com
cdn.prod.uidapi.com
cdn.taboola.com
cloudflare.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connect.facebook.net
connectid.analytics.yahoo.com
dsum-sec.casalemedia.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb.minutemedia-prebid.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i0.wp.com
ib.adnxs.com
id.a-mx.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
idx.liadm.com
im.bluevoox.com
images.onwardstate.com
intake.pbstck.com
invstatic101.creativecdn.com
kinesis.us-east-1.amazonaws.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsby.bidtheatre.com
matchadsrvr.yieldmo.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onesignal.com
onetag-sys.com
onwardstate.com
p1.parsely.com
pagead2.googlesyndication.com
pbs.optidigital.com
pixel.quantserve.com
pixel.wp.com
pm-widget.taboola.com
prebid.a-mo.net
proc.ad.cpe.dotomi.com
r.turn.com
region1.analytics.google.com
region1.google-analytics.com
rtb.openx.net
rtb0.doubleverify.com
rules.quantcount.com
s0.2mdn.net
secure.cdn.fastclick.net
secure.leadforensics.com
secure.quantserve.com
securepubads.g.doubleclick.net
shb.richaudience.com
sixscissors.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
static.yieldmo.com
stats.g.doubleclick.net
stats.wp.com
survey.g.doubleclick.net
sync-dmp.aura-dsp.com
sync.inmobi.com
sync.srv.stackadapt.com
tags.crwdcntrl.net
targeting.unrulymedia.com
tg.socdm.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
api.rlcdn.com
sync-dmp.aura-dsp.com
104.18.26.193
108.138.36.15
108.138.37.209
124.146.153.168
130.211.44.5
131.153.158.209
134.122.57.34
142.250.181.226
142.250.185.134
142.250.186.130
145.40.97.67
151.101.1.44
162.19.138.116
162.19.138.119
172.64.152.89
18.173.191.32
18.210.109.200
18.66.100.58
184.30.211.26
185.64.189.112
185.86.138.154
192.0.76.3
192.0.77.2
192.241.157.60
2.16.238.17
2.16.97.41
2.19.105.55
20.127.253.7
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
216.52.2.48
23.88.17.186
2600:1901:0:8344::
2600:1901:0:d733::1
2600:9000:20c3:3e00:1e:fdf8:aac0:93a1
2600:9000:20c3:9000:6:44e3:f8c0:93a1
2600:9000:223c:b800:10:dd8:5e40:93a1
2600:9000:225b:1400:a:e047:753:6381
2600:9000:237d:4600:1b:83f3:bc0:93a1
2600:9000:237d:5a00:8:48e:53c0:93a1
2602:803:c003:200::21
2606:4700:10::6816:15d
2606:4700:10::6816:27a9
2606:4700:10::6816:34ad
2606:4700:10::6816:445
2606:4700:10::ac43:17ea
2606:4700:10::ac43:266a
2606:4700:10::ac43:e8a
2606:4700:3038::6815:eab1
2606:4700::6810:5514
2606:4700::6810:84e5
2606:4700::6812:d73b
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:806::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:81c::2011
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2001
2a00:1450:4001:831::2003
2a00:1450:4001:831::2006
2a00:1450:400c:c0c::9d
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:3500:d::1732:83d6
2a02:fa8:8806:12::1460
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a0c:5c87:5239::2
3.213.122.71
3.227.250.195
3.67.114.76
3.71.149.231
34.102.146.192
34.120.107.143
34.160.72.119
34.96.70.87
35.156.97.229
35.186.194.101
35.186.253.211
35.244.159.8
37.252.171.21
46.228.174.115
51.140.49.131
51.75.86.98
52.31.202.100
52.45.175.185
54.155.18.159
54.164.154.71
54.72.74.238
54.75.204.82
63.32.198.140
63.33.109.54
65.9.66.97
003738bbb3afa825fc7f3419e73189cfabeac93009352cb2f35e813043c0323f
005b7b9371feddf1d90a6479833fd83181115ce39506e5b83091e34d4a7d67cc
008608c53386eb82d3b889687e23456e36bdc720e5b5d42c2bea5e08d13228d9
009f9eb6646c4e5c39151932b76e84c7b1fc11d987113a99e7c12fc764202f31
00a269606af95f52ce213e5096cc3a079d73522bc4e3c398789038666bb1454a
04c5de8a9ac86f79ca17ca61b952995bd3d29397ab05b2c60fa8c96dcf51ecc9
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08160df59e8b55d85970e7f63232f9fa4e5d0747b4c9f3c8837885ebb5838307
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c6d7368b9ead4359af2ce026698bbb797950ce3c5c4a7b4c270f0caa7cebe93
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
11e836e22b258eb00b1bc3ea700a4a3605f2339c6c60ccb470c6c8922aa25d89
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
133aefcaac000c03f8719b1a1118926e90a33ea76d30e973b6b654f36159d6d2
143f0be0011611d670173261086c0aceae3b01af039b02e9b3e129db0b9c590c
17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762
179e049baf6d35ae67606f8dcda9d6c9257add515a28beb66ad160dce9998e55
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18f209b8c7180bc5e6247cfd7181ff514d379b329870a3371ce437849159d061
1a39abe6893ef2603fbab8db7afa630f424fbc2bc7d786d4b1559da8f3b6ae05
1a87985707fa8a2cd12b5d3879626eccd92c19372ed032b91a7c6f9ea00b6ea8
1a8d8bd945c049adf380b60cb569218a4be82ace7cd57c0a52ab2f70f891c089
1ab7df691cb7c86f027e69e52de209bcb70669837ee72de3c32363298aefbaaa
1ce8ec3977b1ff967077b9387b7f74463eef5b776fbcc5ae4593d7d1a1ffbf4f
1cece893b67125d4185e5d6cd59060be41db5271d0f4d629c8b34e8f787a9d89
1f4ec70b48565fa8f17c7ebc707712bd3253582d1dac29b907b0a193a4713720
21861cd35cab8c49786fc31dff17a938df7162eef99676b964bf510c5ffaf8ec
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2
299f06c5c29cfaca012cd89ed9572c703b0193758f0c96d8a7fa1c407b383465
2c355fbd554b438e9ec019896c5eaa70eab883e9751438fc3fef6715bb1cf052
2ec87e3e0d1e1d1bb8e96c429351de695e4ea1fb78e1d077d5ab5ad1770d5245
2f925cc9fcd9f7329b8e1d991b0fe981b5d8b979d271af789f0811fb62d4003e
307905bbaded0cbb4a5115c32d0b3275d93439ab195952c0e6daec63235f9766
30e8813ab9664c8656eeab96626836ee14d140027f98a85db73b315f1d3cce43
30ec71893c027ac54602cb5eb38d30a97c39540f4a5384f6a175a4d49935118e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32bb433c1edf85ada85e031497bc3c99959f2fcb05aa0046c6a2830db853a61c
33ec5309125945ddf9d2ee179c80a5f28b7c6d9ad5ab3d97e7ba07d4f00bc222
350043cc613227bffc27b92378a4cb552089fa057e1b5e3a174f1909fedaa66e
3832d94ac3464d8131a75afaa9ce790a33d08b2993dbc8062bb47da12ff09e83
389a4748728c681be0073306fc1146cff0eddc128c53fa1fe24d724f2ba47811
39ac92857d13c97561e6a22e9f4f0de9ca21ae22315a32ff0e0d647320780936
3a78b5472a78af93e2227c3a6b97fcbecd289cb119a99e4ec07bcd7f93fbca6f
3c71a7e8763cbaa25fa700f06bac81ee63aac19b5e5e91e4993aaed72e30fe68
3cc712896915aff4638c28d63d6c88ae7e41408dc129dcdde84b16dfcce1e946
3d42acef7fa619145f8e762ae0f84dc223a50b6b37619ed8455368ad48822d67
4099bdfa2c67068906b7f88a9fb0e463c29b4a6e9f92ae3216521b7f8e441c74
41ce2509fa9959868717986010e16b6334885fd46bc64d0d3c745a73ed3c41e4
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
42576bf0f7a53994785021e7cd098a5e020f24cd4b9d6d1918265f465816ab5e
427b58cde7dba602df411b514ebd73da91e98e5c57a774f485172958d3eecad3
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42f1391849d787e9fab99969b628ad6de658c79872272d4989b2db542c720fb0
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
441ec7fc6a88957295f4cd11dd5aeb6d7940661048b44ba5409909e74d6b2c3d
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
46695d7484b0e9edb5125e128a88b7943b763856d7a3f905ad450955b6ebc4ba
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
489a633793be52f623467831b8122a46dcae3e62cc24a25f6f955b867f8a8580
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c4f4fe0fca418095787860851cbf34595be5083ab80bd37d58cd60e3024179e
4c5f80cce6889f5bd1236ae540178efed729c20bf20c5afaeed6e2fa02d50323
4dacabc4dabd01ad27708f6444f4e6353ad90a4c9426483bd4806f94a640db2c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50ff4d75c74de9cd21d1afaee79cb2c8fdc5fb6a3bf00f831389fa906be815ef
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52cb003ced324d231b2cdc44f1db6f3ca5bdcbb8e0465415d9e4b065bc3104a4
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54bd133d6db92082fd9a39cd1218578b4251e0066dc5822e817637af07f1d852
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5638f2f00af768ed8a50df1cbe95e241e94ecab5d8134a939afee76d41b9694d
570b7ca0b5b58c0cedc9170b029f3f478eaebe89c196242622cb8467973d2fdc
599fc36cdbfa2e704431b32f80c0da4d9f1207860923856f9aaf94ec34485b1e
59af8812df779787c5379ed02f88f0305ff7ec95aae73b85703dfc7f17b41737
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
5a900b85965bb68722fd93e82a508c11ad93e5c4bac3d43e1600d806d4d92eef
5aceb9edcea34bb69cbce4ff713f96f5d62f70bbd4bf5ef766bf058bed0fa21c
5b530a90f43595cddcaa8406387e6511d3080174f411e9a9e80e203f421621b9
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5dc7d839d989eb8c904b8dca884fd57d799ad82842177b10ad99e289e0599882
602eafd89ac56fbbc2f0dd058e5bdb3df75b49bd23b9fb36718975b39563dad5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
644bafc276b3d0188fad83a68db7581b2ac72f593b4b9cea4ecf4e579e66c1d6
660814121a525474a66802eba7154d16deb59b793a1d9d99222b05f6b04c5eb6
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
685b4e34c73d5fdd68b48efebeac401849e8b5cbff73e072c838d7d71d245bb3
695774ab4dc5ec85e0991515c531f434f71e9e581d54665de2a8e596a0ff85fb
6b23a2a55e15ddffdc187b1107030f6ed53d4abe5d4c0900022451d20c3dfb54
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6c6be7331c3d44a11a2eeabf7bfa52816d79b6ddd7a4cbac40edd973d2e93c10
6d36fbf1f63f2f6664bf91895d6ca1c41759373adbb6e3c869051d002ece30fa
6d4c1bda097ac27b6c81583e5b5be8dbe034d82fc5b8acc09b9f987497dd7414
6d5bd7364abd6ad113f2353167e499bcdf035f1e6b9a9291fa6954c4420b3ebd
6e04a4e86893255a71de7d93241c8564dacd4b2a0b55bca5101ecd675443a25d
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
6ef5a77e3dc75ed76c47ad18642511eb273df5cd7d181b12e00836771d88bc9f
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
739aadac09dab2432c5a12911d5cf9b1c0ba27c05034b190beaee93b70b0942a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
779cd4c2412a0ed019a20d8182812d5a2ac7b0227851b1d732731a5d54e77d49
7964f41b541e450eba442be951ed2350cf625a3ea1017e9c76db87672ae1fcc1
7a5a024f757879633d0e3636a4c9970e2c5b5bef2a9a15a72c4bba8ed3963220
7bc15c522a05ce0e56b8cb3fff83bc6e770130afdd840d469869db69663d78fe
7bfa33f600ceb496ca3363a9b2c2a4d08f1585c14d07f085d25fe270fc539768
7e8b12a451084a81dd2b10b67512a5f3214644fa929fd880315f384e5a3c6e1f
7f1999dd213ea15813d6e27249169c4d54cfec7150e81ed1e1aad85d7b20202f
80c76e0adf9fa82ccd48bef004b4a144da4a4c7fc0fb87e0449a4aa98efe8d8b
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
833e6c4f41bfc1b67c8c410d5116a5bd6217f8c57b61d0a76552ef1257ee734b
84e6bd8c14717d5a1461b156f532045f1131ae5c98849ade2e45d6193c6dbb69
84f6659267ce9cd884f8a7f46708f04434e993d552174faf6eb95614977aa8e0
89a9b728cbc4ea20ef9c0934035ba3300049c50682dcc0e58452c40749b6d853
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
8e380de6a1212a80adf525ea6e39f7619add526ca34483584c98765231a84825
8f68c6999550f4e8e07d1ad32c0ed501fc44e6c25021956eeebe2c678c6f7b8d
8ff77c383aae101d2445f3e8098d86f9b495f0483c41c29a02279afb092f5b74
90c9a5871a6bd6e817fcc52df4213d4715d83f017a1265503801283c6ac2d1ee
91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773
933dcac817764d8f195d44398bc9f5b04729d8dddce598607cab931c863658c8
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
9519d5678c76628afd1fd7bb2abfa1caaeb3338b05a1e708919764ea2e565a9b
952b7b103a122be63832c1f377beda19e71871e4395aa94b670d35eb775c3c7d
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905
95a3426b2136b9949b4926019cbc8875aa0df21752fc220cb3b531c6afd14faf
95a6950622e27068d04f5f57192ac60f0159053d800af0a4c72b9d48875cc69c
95cee211bc7523d15a50edbf2644cefbf6fee561e868667b421a1d26c98f81b6
95e14f29b6f2a5c6b6a42f8cffa13b084f54c119307fe76dae8667c2e6158eee
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813
98d6427651f10db6f71e5f7ee348dbf2718fc7079e9db54bc40846e41643dc6c
99e4ca501c721cc37c3e9b4fde630efa65e5ff4fb42bec1269f5ee9f51e66b29
9a1428bbb677de44a9388e052db312f78bd13d1853424faa43c25d8c47bda82b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9df9d7f606498bfcc0e69596fe6990b41e6a657cfc6d28c0992581b2c914b022
9f376a44d5fbd76ebe422736579dc6211dc1167944939e162f61bd3a9cdabb0a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a16d2100eb7dd6a7f149f3479f02c73af8b519da53c11f060edbb5966aeb9ed1
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2d621596d99182b3a71ddd49d416c030afd3f6d3ee4f2e148eb8ff623479b49
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5e299a85a9b163a13f8922e875d903e3886d98af3007f64e3b106b0fd4486c6
a74b7ad3265c86957c3e367e89eaf64d66fbb558f4c54d94620b59e0859a135f
a860bdf022e6566e17468ffee3f6cf18c031abf428dad428cab151729e6f22b9
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aaa6184943c31f3600b54c58498eb8608a1c3f21f5fc09c060021d431220cf83
ad9912dbac65c15422cb17feb0b1cbcdc7d2221afd48d0621072776b4a3279f4
ae65fc4349f56b5dcd8fa4cac9f4bfe6b952040917c61411142e4a8cb9157dd3
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a22bca2e94ac819868674685b19dacadb2888e6099876d6e101ccaf2b17993
b423332d395d6e19d2f255b200cbadf9e95cebab417de0d93e3b2c820645e6dd
b59e0c0d1cf93db01c65f1357aedb1b27cf41998f06af03d1039bb18e83b5f86
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a
bc4ee5266e2b64928a91fd5ea4ec662cf4834f873d3b70e1b9ea745dae2a8754
bdbf202cd096103d51142548fbc224c54daec112d86dc4fd4a1bd123dddc9927
be28a5025e6b646c0861204c02683202205f2d24355d8e28a37fffd8729f59a8
bfea5e5db4c526a9c86debd0154807b4eaddf36281a55cb3f622e441e5054dc1
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
c1ee90039a6a42a98a591e5f89d69d7a8e88ebfa365e79c08a861d21ad19b4ac
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c505f7e821ae7a1c88e6ce02d8e38b57233d9997445ce06b9ce50be989df5d7c
c548a30c41171b00c7d332fc539aa7fa0dceb71fc7d91d4bc7b65ed3bfed8382
c7e77a1aff7dbaf50f5f2ae21691a722faf66b8ea46da185d97d2c7777e3b983
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
ca2ce92593d3e377f98d9e8fb629b0c552db22cf5de1ed562c429e7d29939b3c
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
cc931b3cb28e101f36149bc8df89a8bc61082fe7ae091dcb6402e9bd5f44f855
cf0bb43d0ebe5f31ffb011e2d436b4cd5ae869ee96c673bd44514704ddae05df
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d1ec906c5fffa0865e493015da0a82a959a6267d25cdf54b672be6406877017a
d39d9a559502386f5dfde497e54aca3395e817951c57c932082c0d6eeb49eebf
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d3d7327bad8629eb0f8a752e0905a07d830aed213d9ebf9454fefde09141b04e
d3dfe4015335ea068794d956c64b48cbabf4cc8e504e2ddc9cfa5c6b669317de
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808
d8e4f0164686e9b4ee5eada4234c1312c97607246068f8c160d9e4cb15e93eb6
d950c3d0f8af2ff611af5342ac669290b0619830f59ba1498e2dbe12dd0e226f
da7ae21fe3609fc4a4e6c83040bcf025e8bc53e60d406bc316cf2b8b8a3eff9a
dc15061d8c788e977befdf83b405f229f96556c3fb1c31e18958a66f20754f0d
dc39b26a60ca5c40eb1b737bc7811ff55431197a284ffbe690aff85c641ed600
dcbd4882f0c4557f44d9d7340ab5a08c7b8cdf3dc5cba9996a18c95160acbd5d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de48f260f5b75bb146439444466db9a13808dddd0a6fa04c350e60ec311b5f66
df68b31209825ad2bf48a70b7e98ec1fc1276fe81c1c62a9e8a991e5a9083811
df6a58ec2c693c9f915eb0acbf586f222959e56aca017b31e87b855a6e358f11
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e158338e80ca4f06c258c38657d65ce66c0a969d442575865d3bb63b14e11c8f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6639eec3741faf6905f7ab7b807b1702a93aa9b02e81c77a98d9b993849db1e
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ea71f7d44b0697a590b5abaa2d4cedef47fb3146c53f29f9ece746096243eda2
eb100d76031bbffcaef5d837850d2eecfb7ad9d6cf1252c2eecaa8cb0c502936
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec6727755426cbd7fe5b15bf73d22dbd644a3c244e474f56d17c501f01fe9905
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f168a7cf72083fc11d187db818f6870ace04f5552f1dc61756f3f79c44ab23c3
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3d4d0d92564201ceb0ec3465188a37497bd7b635be731b78700c3b04461f1f1
f6eef34a0c9e985e995c924486d23ac237ae9e428763dd934b07ad65626526c3
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
f7aa959fbfe432fa761a266f47bb619dcac0bd30419aaae832086b6848bf13fc
f91bfaa4442402a803ec2ca37a87d997a0f9fed245536e035a9ecebe6f682fc9
f981cd12a95a3d5cd29fed7b0e95e8b292061ca5d5237ff572d0b88e6894aaef
fea4b24e53a2df3962eed42ed9be2315e685ff334f44d6297c30d8cb86e7004d
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869