urlscan.io logo urlscan.io
SecurityTrails logo

www1.ihdstreams.xyz Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www1.ihdstreams.xyz/
Effective URL: https://www1.ihdstreams.xyz/
Submission: On April 23 via manual from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 73 IPs in 8 countries across 56 domains to perform 339 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www1.ihdstreams.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 10th 2023. Valid for: a year.
This is the only time www1.ihdstreams.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
13 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 205.185.216.42 20446 (STACKPATH...)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 13.32.99.34 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 173.233.137.44 7979 (SERVERS-COM)
1 2600:9000:206... 16509 (AMAZON-02)
1 18.197.251.255 16509 (AMAZON-02)
2 69.16.175.42 20446 (STACKPATH...)
2 69.16.175.10 20446 (STACKPATH...)
2 3.224.224.100 14618 (AMAZON-AES)
1 192.243.61.227 39572 (ADVANCEDH...)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 145.239.139.16 16276 (OVH)
1 54.221.136.210 14618 (AMAZON-AES)
2 46.105.201.240 16276 (OVH)
1 18.65.39.103 16509 (AMAZON-02)
10 2600:9000:239... 16509 (AMAZON-02)
5 45.133.44.4 39572 (ADVANCEDH...)
10 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 149.56.240.31 16276 (OVH)
2 23.35.236.201 16625 (AKAMAI-AS)
1 3.75.62.37 16509 (AMAZON-02)
2 2 34.240.98.76 16509 (AMAZON-02)
5 44.212.211.193 14618 (AMAZON-AES)
1 1 213.19.147.45 26120 (RHYTHMONE)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 2 2.16.238.158 20940 (AKAMAI-ASN1)
1 3.224.47.164 14618 (AMAZON-AES)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 1 23.201.255.110 16625 (AKAMAI-AS)
2 23.212.211.47 16625 (AKAMAI-AS)
1 1 35.214.153.92 15169 (GOOGLE)
1 10 51.89.9.254 16276 (OVH)
3 3.77.118.156 16509 (AMAZON-02)
1 213.19.147.42 3356 (LEVEL3)
1 185.64.189.115 62713 (AS-PUBMATIC)
1 7 69.173.144.139 26667 (RUBICONPR...)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 8.43.72.97 26667 (RUBICONPR...)
1 35.227.252.103 15169 (GOOGLE)
1 98.98.134.241 21859 (ZEN-ECN)
2 3 209.54.182.161 16509 (AMAZON-02)
6 10 185.89.211.12 29990 (ASN-APPNEX)
1 2 185.86.139.101 201081 (SMARTADSE...)
2 2 34.200.84.78 14618 (AMAZON-AES)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a06:8640:764::2 55081 (24SHELLS)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
52 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 162.19.138.117 16276 (OVH)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.120.133.55 396982 (GOOGLE-CL...)
29 2a00:1450:400... 15169 (GOOGLE)
8 2a02:2638:d::a 44788 (ASN-CRITE...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
4 147.75.84.158 54825 (PACKET)
4 216.52.2.16 30282 (AS-INAPCD...)
2 162.19.138.82 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
12 30 142.250.186.66 15169 (GOOGLE)
10 18 185.80.39.216 27381 (CASALE-MEDIA)
37 2a00:1450:400... 15169 (GOOGLE)
3 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2620:116:800d... 16509 (AMAZON-02)
2 2 18.198.72.223 16509 (AMAZON-02)
1 1 151.101.194.49 54113 (FASTLY)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 213.155.156.168 1299 (TWELVE99 ...)
2 4 2620:100:a001::c 19750 (AS-CRITEO)
3 178.250.7.13 44788 (ASN-CRITE...)
4 34.98.64.218 396982 (GOOGLE-CL...)
1 3.224.209.45 14618 (AMAZON-AES)
339 73
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www1.ihdstreams.xyz
adipolo.com
13    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www1.ihdstreams.xyz
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
jscdn.greeter.me
1    2a02:26f0:480:25::1726:6216 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
tg1.modoro360.com
1    13.32.99.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-34.fra60.r.cloudfront.net
platform-api.sharethis.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    173.233.137.44 (United States)

ASN7979 (SERVERS-COM, US)
www.profitabledisplaynetwork.com
1    2600:9000:206f:5e00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
1    18.197.251.255 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-251-255.eu-central-1.compute.amazonaws.com
l.sharethis.com
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
feed.avplayer.com
player.avplayer.com
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
player.avplayer.com
content1.avplayer.com
2    3.224.224.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-224-100.compute-1.amazonaws.com
servt.modoro360.com
1    192.243.61.227 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
www.effectivecreativeformat.com
3    2a02:26f0:3500:595::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
1    145.239.139.16 (France)

ASN16276 (OVH, FR)
PTR: ip16.ip-145-239-139.eu
storage.de.cloud.ovh.net
1    54.221.136.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-136-210.compute-1.amazonaws.com
serv.modoro360.com
2    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    18.65.39.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-103.ams1.r.cloudfront.net
count-server.sharethis.com
10    2600:9000:2394:800:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)
platform-cdn.sharethis.com
5    45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.aplhb.adipolo.com
player.adtelligent.com
10    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
5    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    149.56.240.31 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534110.ip-149-56-240.net
s4.histats.com
2    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    34.240.98.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-98-76.eu-west-1.compute.amazonaws.com
ad.360yield.com
5    44.212.211.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-212-211-193.compute-1.amazonaws.com
servs.modoro360.com
1    213.19.147.45 (Castricum, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    2.16.238.158 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-158.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    3.224.47.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-47-164.compute-1.amazonaws.com
sync.aniview.com
1    2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
1    23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    23.212.211.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-47.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    35.214.153.92 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 92.153.214.35.bc.googleusercontent.com
csync.loopme.me
10    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
3    3.77.118.156 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-118-156.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    213.19.147.42 (Castricum, Netherlands)

ASN3356 (LEVEL3, US)
tag.1rx.io
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
7    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
vpaid.vidoomy.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
3    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
10    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    185.86.139.101 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
2    34.200.84.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-84-78.compute-1.amazonaws.com
um2.eqads.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
3    2a06:8640:764::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb.aplhb.adipolo.com
2    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
3    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
52    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
4    162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
id5-sync.com
1    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
29    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
4    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
4    147.75.84.158 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    216.52.2.16 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
9    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.nl
6    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
30    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
18    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
37    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    2a02:26f0:480:e::210:f105 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    18.198.72.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-72-223.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    2a05:d018:d29:3601:81ad:26ba:9b4f:af59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    213.155.156.168 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
4    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
3    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
1    3.224.209.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-209-45.compute-1.amazonaws.com
track1.aniview.com
Apex Domain
Subdomains		 Transfer
86 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
489 KB
48 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394
342 KB
37 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 373
2 MB
18 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876
13 KB
15 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 803
gum.criteo.com — Cisco Umbrella Rank: 442
mug.criteo.com — Cisco Umbrella Rank: 1686
11 KB
14 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 5368
buttons-config.sharethis.com — Cisco Umbrella Rank: 6788
l.sharethis.com — Cisco Umbrella Rank: 5697
count-server.sharethis.com — Cisco Umbrella Rank: 12507
platform-cdn.sharethis.com — Cisco Umbrella Rank: 11028
57 KB
14 ihdstreams.xyz
www1.ihdstreams.xyz
187 KB
11 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1452
eus.rubiconproject.com — Cisco Umbrella Rank: 798
token.rubiconproject.com — Cisco Umbrella Rank: 795
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1475
pixel.rubiconproject.com — Cisco Umbrella Rank: 447
13 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 319
11 KB
10 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1124
2 KB
9 modoro360.com
tg1.modoro360.com — Cisco Umbrella Rank: 66220
servt.modoro360.com — Cisco Umbrella Rank: 63931
serv.modoro360.com — Cisco Umbrella Rank: 66193
servs.modoro360.com — Cisco Umbrella Rank: 109237
13 KB
8 adipolo.com
player.aplhb.adipolo.com — Cisco Umbrella Rank: 59541
adipolo.com — Cisco Umbrella Rank: 54300
ghb.aplhb.adipolo.com — Cisco Umbrella Rank: 67078
146 KB
6 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 322
126 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 130
www.google.com — Cisco Umbrella Rank: 16
2 KB
5 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1886
adipololtd-d.openx.net Failed
u.openx.net — Cisco Umbrella Rank: 974
766 B
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 238
220 KB
5 aniview.com
player.aniview.com — Cisco Umbrella Rank: 2816
sync.aniview.com — Cisco Umbrella Rank: 3010
track1.aniview.com — Cisco Umbrella Rank: 2704
210 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 883
2 KB
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1379
250 B
4 4dex.io
mp.4dex.io — Cisco Umbrella Rank: 2960
1 KB
4 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 612
2 KB
4 avplayer.com
feed.avplayer.com — Cisco Umbrella Rank: 24675
player.avplayer.com — Cisco Umbrella Rank: 14855
content1.avplayer.com — Cisco Umbrella Rank: 24241
251 KB
3 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1957
188 KB
3 google.nl
adservice.google.nl — Cisco Umbrella Rank: 11490
818 B
3 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 376
2 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 427
436 B
3 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 725
image6.pubmatic.com — Cisco Umbrella Rank: 1037
12 KB
3 histats.com
s10.histats.com — Cisco Umbrella Rank: 12435
s4.histats.com — Cisco Umbrella Rank: 9637
11 KB
3 greeter.me
jscdn.greeter.me — Cisco Umbrella Rank: 71370
18 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6958
645 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1332
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 763
58 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1293
812 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1248
s.tribalfusion.com — Cisco Umbrella Rank: 2774
1000 B
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 4708
444 B
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 2242
889 B
2 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 3108
vpaid.vidoomy.com — Cisco Umbrella Rank: 4059
19 KB
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 829
1 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 875
tag.1rx.io — Cisco Umbrella Rank: 4020
443 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 812
793 B
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 402
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689
712 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
1 KB
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2823
172 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1020
536 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1063
464 B
1 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 8265
5 KB
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1060
363 B
1 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 4186
306 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 985
187 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1427
314 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 866
657 B
1 ovh.net
storage.de.cloud.ovh.net — Cisco Umbrella Rank: 101748
15 KB
1 effectivecreativeformat.com
www.effectivecreativeformat.com — Cisco Umbrella Rank: 114894
1 profitabledisplaynetwork.com
www.profitabledisplaynetwork.com — Cisco Umbrella Rank: 70062
1 gstatic.com
fonts.gstatic.com
31 KB
0 Failed
function sub() { [native code] }. Failed
339 56
Domain Requested by
52 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
www.googletagservices.com
37 s0.2mdn.net www1.ihdstreams.xyz
s0.2mdn.net
a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
code.createjs.com
29 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
www1.ihdstreams.xyz
s0.2mdn.net
22 cm.g.doubleclick.net 12 redirects googleads.g.doubleclick.net
a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
18 dsum-sec.casalemedia.com 10 redirects googleads.g.doubleclick.net
14 www1.ihdstreams.xyz 1 redirects www1.ihdstreams.xyz
10 ib.adnxs.com 6 redirects googleads.g.doubleclick.net
10 onetag-sys.com 1 redirects player.aniview.com
player.aplhb.adipolo.com
10 securepubads.g.doubleclick.net jscdn.greeter.me
securepubads.g.doubleclick.net
www1.ihdstreams.xyz
10 platform-cdn.sharethis.com
8 googleads4.g.doubleclick.net www1.ihdstreams.xyz
8 googleads.g.doubleclick.net a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
pagead2.googlesyndication.com
8 bidder.criteo.com player.aplhb.adipolo.com
6 cdn.ampproject.org securepubads.g.doubleclick.net
5 a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 servs.modoro360.com player.aniview.com
vid.vidoomy.com
5 www.googletagservices.com jscdn.greeter.me
a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
4 u.openx.net player.aplhb.adipolo.com
4 gum.criteo.com 2 redirects static.criteo.net
4 ap.lijit.com player.aplhb.adipolo.com
4 prebid.a-mo.net player.aplhb.adipolo.com
4 mp.4dex.io player.aplhb.adipolo.com
4 id5-sync.com player.aniview.com
player.aplhb.adipolo.com
4 token.rubiconproject.com eus.rubiconproject.com
4 player.aplhb.adipolo.com jscdn.greeter.me
player.aplhb.adipolo.com
3 mug.criteo.com
3 code.createjs.com s0.2mdn.net
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.nl securepubads.g.doubleclick.net
3 ghb.aplhb.adipolo.com player.aplhb.adipolo.com
3 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
3 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 x.bidswitch.net
3 player.aniview.com player.avplayer.com
player.aniview.com
3 jscdn.greeter.me www1.ihdstreams.xyz
2 d5p.de17a.com 2 redirects
2 pm.w55c.net 2 redirects
2 static.criteo.net player.aplhb.adipolo.com
static.criteo.net
2 www.google.com tpc.googlesyndication.com
a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
2 lb.eu-1-id5-sync.com player.aniview.com
player.aplhb.adipolo.com
2 um2.eqads.com 2 redirects
2 sync.smartadserver.com 1 redirects eus.rubiconproject.com
2 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
2 ads.stickyadstv.com 1 redirects player.aniview.com
2 ad.360yield.com 2 redirects
2 ads.pubmatic.com player.aniview.com
2 s10.histats.com www1.ihdstreams.xyz
s10.histats.com
2 servt.modoro360.com
2 player.avplayer.com tg1.modoro360.com
2 fonts.googleapis.com www1.ihdstreams.xyz
1 track1.aniview.com player.aniview.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 tr.blismedia.com a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
1 sync-tm.everesttech.net 1 redirects
1 cms.quantserve.com a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
1 player.adtelligent.com player.aplhb.adipolo.com
1 api.rlcdn.com player.aniview.com
1 id.hadron.ad.gt player.aniview.com
1 s.tribalfusion.com eus.rubiconproject.com
1 a.tribalfusion.com 1 redirects
1 pixel-sync.sitescout.com
1 rtb.openx.net
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 vpaid.vidoomy.com vid.vidoomy.com
1 image6.pubmatic.com ads.pubmatic.com
1 tag.1rx.io player.aniview.com
1 csync.loopme.me 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 vid.vidoomy.com player.aniview.com
1 sync.aniview.com player.aniview.com
1 bh.contextweb.com 1 redirects
1 sync.1rx.io 1 redirects
1 ups.analytics.yahoo.com player.aniview.com
1 s4.histats.com s10.histats.com
1 adipolo.com
1 count-server.sharethis.com platform-api.sharethis.com
1 serv.modoro360.com player.aniview.com
1 storage.de.cloud.ovh.net
1 content1.avplayer.com
1 www.effectivecreativeformat.com www1.ihdstreams.xyz
1 feed.avplayer.com tg1.modoro360.com
1 l.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 www.profitabledisplaynetwork.com www1.ihdstreams.xyz
1 fonts.gstatic.com fonts.googleapis.com
1 platform-api.sharethis.com www1.ihdstreams.xyz
1 tg1.modoro360.com www1.ihdstreams.xyz
0 adipololtd-d.openx.net Failed player.aplhb.adipolo.com
0 us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif Failed player.aniview.com
339 89

This site contains links to these domains. Also see Links.

Domain
signup.adipolo.com
www1.hdstreams.xyz
www.histats.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-10 -
2024-03-08		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
greeter.me
E1		 2023-04-15 -
2023-07-14		 3 months crt.sh
wl1.aniview.com
R3		 2023-02-23 -
2023-05-24		 3 months crt.sh
sharethis.com
Amazon RSA 2048 M01		 2023-02-28 -
2023-07-18		 5 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
profitabledisplaynetwork.com
R3		 2023-03-02 -
2023-05-31		 3 months crt.sh
*.avplayer.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-08-08 -
2023-09-08		 a year crt.sh
*.adservrs.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-05-25		 3 months crt.sh
effectivecreativeformat.com
R3		 2023-04-22 -
2023-07-21		 3 months crt.sh
*.aniview.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-11-09		 a year crt.sh
storage.de.cloud.ovh.net
Sectigo RSA Domain Validation Secure Server CA		 2023-01-25 -
2024-01-25		 a year crt.sh
histats.com
R3		 2023-03-15 -
2023-06-13		 3 months crt.sh
player.aplhb.adipolo.com
R3		 2023-03-21 -
2023-06-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
ghb.aplhb.adipolo.com
ZeroSSL ECC Domain Secure Site CA		 2023-04-06 -
2023-07-05		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
player.adtelligent.com
R3		 2023-03-22 -
2023-06-20		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.a-mo.net
R3		 2023-04-13 -
2023-07-12		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
tls.adobe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-08 -
2024-03-10		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-04-12 -
2023-07-11		 3 months crt.sh

This page contains 46 frames:

Primary Page: https://www1.ihdstreams.xyz/
Frame ID: BFD2E6AD6F17D19B67BD6344C0C8EA7C
Requests: 118 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Frame ID: 2E7C6F5B8ACFC95964FCA80CE0602CD9
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1682248743295-963002330228-001183-003-001401%26key%3D
Frame ID: F44C3929FFA165FDDC3658508AB982D9
Requests: 2 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: 2F36CF3D4F0974FF34E7A6DBD21C4C4B
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1682248743295-963002330228-001183-003-001401&key=cf206123-2ffa-4f3b-afe0-824c20f93945
Frame ID: 72B84AD1C923A4DD4120B44D1804CBB6
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1682248743295-963002330228-001183-003-001401&key=OPTOUT
Frame ID: 12F97FB2775E7731B07276B7E2AC7CE8
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1682248743295-963002330228-001183-003-001401&key=NMjYR4QJlX9b&ev=1&us_privacy=1---&pid=562704
Frame ID: 0C002A9A4A06B2C24DC16D36C0DA65AF
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=852a61ab40caa432e3e9162a8a235ef2&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: 9382A1AE74276ECE3C3A2307969B9DC4
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: A17EDAC52500AAC531153B63F536A339
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=133&auid=1682248743295-963002330228-001183-003-001401&key=a6f37f0123013099a595be2217fc435a
Frame ID: 82F1E85D6767AD8C43F3AA329235D07E
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: 4AFD8336DFB3E51A788C5AD667593E75
Requests: 12 HTTP requests in this frame

Frame: https://us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif/?gdpr=1&gdpr_consent=&us_privacy=1---&coppa=0&puid=1682248743295-963002330228-001183-003-001401&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D57%26auid%3D1682248743295-963002330228-001183-003-001401%26key%3D%24%7BUID%7D
Frame ID: 1477848C7CC9BA074897C42A0603EFC2
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1682248743295-963002330228-001183-003-001401&key=e5c5ebec-706e-40d4-ba2d-0066735349c4&gdpr_consent=null&gdpr=1
Frame ID: 4E10FC18EDD2060B6A100B1D7AC4CAAF
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: E260269009E89F91137CC4641A497AE1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fpbs.aniview.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: FA039B7ACA34BCF59C0BA2711B1E7519
Requests: 1 HTTP requests in this frame

Frame: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AA6947565946D0BE90D5BDA929A20CB2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1995FEBFA94AE6140353BDC3DB32E82D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AD155FC3630B390B2AB78EA0A59811F2
Requests: 2 HTTP requests in this frame

Frame: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 10B254975002787184CFF8F7AAFC66B4
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiR3sHIATAB&v=APEucNWFzPdvdpBuy0cE3JSg7WETTp4p402-4keh7ZHn-hJh78kixU3PLUAWv9LC5v3s3gO44IPewoD3i1byhnXZLb0_wJVUDqSeS05rNXKQWWJ-3Rib8Yv08q3vMxmugGCydqJQoSXF6HJXMq1cV4KdVhtWCY5dO-Tl9DA4UygrI4txzaDnOm4
Frame ID: E4C916CF2E25BA9FE39852D359D87F79
Requests: 5 HTTP requests in this frame

Frame: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 43243D523B2DF06D9DF7A6C01DB08E9F
Requests: 19 HTTP requests in this frame

Frame: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 45879C811DCBD3E8A60442BB0BE0BA3D
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs
Frame ID: 2F71E737CE508C7AB6AFC5E5F5C26A94
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIfHNhCD6DYYkNTV5gEwAQ&v=APEucNUhSK-kVvjYpMOudFxrN7a5c19iWfzEGD0sP5UQwDzg8T3IJ5vblrONSPrlGsr209Xh8mY7MgkpXSx1CAIBwCD2azJ6pp4N7EwMeMA3dSdLr25LlDyoFnq0dDfUj7Ikt34aEIBKEmBa55WPC7q6khxW_R-sUaFolJfM0LfYE1clFD_r9L0
Frame ID: CE336DFDEC05697B469365DD7BB57CAA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxjn3sHIATAB&v=APEucNXMptkX6SxlY8FGUhpQ5hOa7BS-Hr6hNUfd5vfOcuLBgW2fVPUJS9q_BCNORMcSFxoi6q5RTZyqkF9tWc4OH1S6-dhC4NdRnvRTfSg0TVNyTkMBRQPSw3eUEnVMur4vjOaYKNZFQSGKEa97_nn8Ly-EsNtKYIuYN0-R57akLpDyUX-vjzI
Frame ID: 85303EF8BE6FAA37FED1B1347DBBB6AF
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1F84DE997D1E093E8F5A93DE634C6941
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16246292034538192363/728x90/728x90.html
Frame ID: 4DCFEEE12C3701F01DCF3F3A876A88CD
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14190526117967439480/728x90/728x90.html
Frame ID: 2E1A3D487ECE70AF45B16C28A4940805
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
Frame ID: 4F3782A35B4E163EA843E9E465837D83
Requests: 30 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AEA9601F074AFA24F90D876EF995EF10
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 805FA9541E25F5A4E19AACB2B86ECE4A
Requests: 3 HTTP requests in this frame

Frame: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CA950FC057701A9E4AF2CD8E7D29E8FA
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiR3sHIATAB&v=APEucNVlHdYzfHSrlBK1qNQlW4wh7r23onOpw8h2pfY4xnbAN--FiTLvxeFQt7T87RKrbOyFYpEPDLV3W4puYmHaLxECtjVuVp89jWBwOXDcFamQ_zab3Hd3eYKIuy_QJVeZf7o8FKjmEOvb3iPjOp2PakTM7UjPLi6pZYADwaGi7Lj45_BDztA
Frame ID: 6CF6F51F192D6D50022D5AF2DE586EFD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Frame ID: 300940AB9BBAF44B8BABEE0EB2CB2300
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16246292034538192363/728x90/728x90.html
Frame ID: 8E1E55483AD2C1C79F9358A6A8B67F9D
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DF5609BB7CA76C1CF733F5D896BD135A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BFAD421128F7024B17932E62070AA231
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www1.ihdstreams.xyz
Frame ID: 11D8DDF2AD180BE7A1D0FB9AF9E6B0EB
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1682248744211
Frame ID: CEFD7BBE349116FF2304817E187480B4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1682248744470
Frame ID: C8D003611E7E2888B6BB9BC087315831
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 917CCB15C8D301348D91DB5C87C02992
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: CDA5F48884B5A713FCF6AC06FF58498D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1682248744440
Frame ID: B6A31254416BBDBE552003266CF8426D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1682248744222
Frame ID: 32EB417602597D71DF29757E546244CA
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: B7F2B08743173FEB689F53216C121785
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 67C653579ACBAE80D343926AF2E1256B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HDStreams - NBA Streams | NFL - MMA Streams - UFC - Boxing - Formula 1MenuMenu

Page URL History Show full URLs

  1. http://www1.ihdstreams.xyz/ HTTP 301
    https://www1.ihdstreams.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

339
Requests

90 %
HTTPS

38 %
IPv6

56
Domains

89
Subdomains

73
IPs

8
Countries

4270 kB
Transfer

9480 kB
Size

56
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www1.ihdstreams.xyz/ HTTP 301
    https://www1.ihdstreams.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55
  • https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1682248743295-963002330228-001183-003-001401%26key%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1682248743295-963002330228-001183-003-001401%26key%3D%7BPUB_USER_ID%7D HTTP 302
  • https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1682248743295-963002330228-001183-003-001401&key=cf206123-2ffa-4f3b-afe0-824c20f93945
Request Chain 56
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1682248743295-963002330228-001183-003-001401%26key%3D%5BRX_UUID%5D HTTP 302
  • https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1682248743295-963002330228-001183-003-001401&key=OPTOUT
Request Chain 57
  • https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1682248743295-963002330228-001183-003-001401%26key%3D%25%25VGUID%25%25 HTTP 302
  • https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1682248743295-963002330228-001183-003-001401&key=NMjYR4QJlX9b&ev=1&us_privacy=1---&pid=562704
Request Chain 58
  • https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent= HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=852a61ab40caa432e3e9162a8a235ef2&_fw_gdpr=1&_fw_gdpr_consent=
Request Chain 61
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Request Chain 63
  • https://csync.loopme.me/?pubid=11455&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D56%26auid%3D1682248743295-963002330228-001183-003-001401%26key%3D%7Bdevice_id%7D HTTP 307
  • https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1682248743295-963002330228-001183-003-001401&key=e5c5ebec-706e-40d4-ba2d-0066735349c4&gdpr_consent=null&gdpr=1
Request Chain 83
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=G4AeZpGORSi1yUzMO3bCMA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=G4AeZpGORSi1yUzMO3bCMA
Request Chain 87
  • https://ib.adnxs.com/getuid?https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D564534%26nid%3D5466%26put%3D%24UID HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=8152611914254286615
Request Chain 88
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D32128%26nid%3D2915%26put%3D[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=[sas_uid]&cklb=1
Request Chain 89
  • https://um2.eqads.com/um/rc HTTP 302
  • https://um2.eqads.com/um/rc&eq_cc=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=11598&nid=2494&put=b4acf0b1-f372-4df6-919b-829870ce3ac7&expires=30
Request Chain 90
  • https://a.tribalfusion.com/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
Request Chain 185
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7iygv8w-9MLig8XvFsCUM&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7iygv8w-9MLig8XvFsCUM&google_cver=1&C=1
Request Chain 186
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEUUKWXHLtp6YRwKpkoKqAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMn3pbyseMxHtQxkG1vf-bk&google_cver=1
Request Chain 187
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEI70YsUYi-lyWp6qKgLdTIA&google_cver=1
Request Chain 188
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE1MjYxMTkxNDI1NDI4NjYxNQ%3D%3D
Request Chain 189
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-mrFEOFKi6_syel9A9QmE&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-mrFEOFKi6_syel9A9QmE&google_cver=1&C=1
Request Chain 190
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEUUKWXHLtp6YRwKpkoKqAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMn3pbyseMxHtQxkG1vf-bk&google_cver=1
Request Chain 191
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFdi0fBJZGNGXWipaBygL78&google_cver=1
Request Chain 192
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE1MjYxMTkxNDI1NDI4NjYxNQ%3D%3D
Request Chain 193
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMn3pbyseMxHtQxkG1vf-bk&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMn3pbyseMxHtQxkG1vf-bk&google_cver=1&C=1
Request Chain 194
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEUUKWXHLtp6YRwKpkoKqAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMn3pbyseMxHtQxkG1vf-bk&google_cver=1
Request Chain 195
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFdi0fBJZGNGXWipaBygL78&google_cver=1
Request Chain 196
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE1MjYxMTkxNDI1NDI4NjYxNQ%3D%3D
Request Chain 263
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMn3pbyseMxHtQxkG1vf-bk&google_cver=1
Request Chain 264
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEUUKWXHLtp6YRwKpkoKqQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMn3pbyseMxHtQxkG1vf-bk&google_cver=1
Request Chain 265
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFdi0fBJZGNGXWipaBygL78&google_cver=1
Request Chain 266
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE1MjYxMTkxNDI1NDI4NjYxNQ%3D%3D
Request Chain 312
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEO8gDWfEO8xg-nRApdxupM0&google_cver=1&google_push=Aer7DvKOJBqeyDpExZxZ3zW-eHNqz6PlfgTFTkvDwmNxjLjz-0ws5nTJxpSYTkh3HM3Y11T96_pSWJ-Q4phZ-fBS0iTKOuJjxlF0 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEO8gDWfEO8xg-nRApdxupM0&google_cver=1&google_push=Aer7DvKOJBqeyDpExZxZ3zW-eHNqz6PlfgTFTkvDwmNxjLjz-0ws5nTJxpSYTkh3HM3Y11T96_pSWJ-Q4phZ-fBS0iTKOuJjxlF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OTkyTXJDR0UxUFF4S2k1&google_gid=CAESEO8gDWfEO8xg-nRApdxupM0&google_cver=1&google_push=Aer7DvKOJBqeyDpExZxZ3zW-eHNqz6PlfgTFTkvDwmNxjLjz-0ws5nTJxpSYTkh3HM3Y11T96_pSWJ-Q4phZ-fBS0iTKOuJjxlF0
Request Chain 313
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJYKTVEaPadDaiw6Orpmlww&google_cver=1&google_push=Aer7DvKtoIUwLX2Kwjl_rBM1m-Jk8IPf4Vk7MIsImDM9L1L7mQYgbezGFLJIVt-p_gyttIKz6inS05cB0CFsbuU8B9VQ0UCnwH-W HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJYKTVEaPadDaiw6Orpmlww&google_push=Aer7DvKtoIUwLX2Kwjl_rBM1m-Jk8IPf4Vk7MIsImDM9L1L7mQYgbezGFLJIVt-p_gyttIKz6inS05cB0CFsbuU8B9VQ0UCnwH-W
Request Chain 315
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHl2tV3nOOMHWGaG4d2ihw4&google_cver=1&google_push=Aer7DvKMUIsRONVpRue7x9kSM1_xWhLjn8v-czImAICmlUo82nBMzUmsdO69UYZNKpfXuXKr7sohfDaVlUm3-neoXI98U3A8NflD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKMUIsRONVpRue7x9kSM1_xWhLjn8v-czImAICmlUo82nBMzUmsdO69UYZNKpfXuXKr7sohfDaVlUm3-neoXI98U3A8NflD&google_hm=eS04QVJsYW50RTJwRkVzTW5sR2lyNzlmOVpVd1B5cnVpSH5B
Request Chain 316
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEFUwIJprPwd7dQdWdJM4fbY&google_cver=1&google_push=Aer7DvKQKuHkmKqWwYwbDFjb5g5gT6D70ZcCxTo2qd0r1Q5BdktCV_uI45XxO2E5fCW9BVqBlOvArGi4NOZ7P94VFuzanuygLNs HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFUwIJprPwd7dQdWdJM4fbY&google_cver=1&google_push=Aer7DvKQKuHkmKqWwYwbDFjb5g5gT6D70ZcCxTo2qd0r1Q5BdktCV_uI45XxO2E5fCW9BVqBlOvArGi4NOZ7P94VFuzanuygLNs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKQKuHkmKqWwYwbDFjb5g5gT6D70ZcCxTo2qd0r1Q5BdktCV_uI45XxO2E5fCW9BVqBlOvArGi4NOZ7P94VFuzanuygLNs
Request Chain 317
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIZn3mUCLRsQstkBBkPSAC0&google_cver=1&google_push=Aer7DvIpkQtOAO7l1eXK857KF8u7mW_yeft9La-8mTLGVyD-XnntvtFgWhmDV6NzmNpslyWe85dWFEXhjXdHEEsF1W2RkKTMT8M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvIpkQtOAO7l1eXK857KF8u7mW_yeft9La-8mTLGVyD-XnntvtFgWhmDV6NzmNpslyWe85dWFEXhjXdHEEsF1W2RkKTMT8M
Request Chain 327
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ihdstreams.xyz&sn=ChromeSyncframe&so=0&topUrl=www1.ihdstreams.xyz&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=jGpxPnxDUlliRU1hc1NBMUFwZGhyb2xST3BtOWowNjFaaUJvVnl0c2ltQkVTYUtBeWV1QTBIVzdqODhWcVc0clNpWVdyUDlzKzQwamtpQnpRNVFRVEM0WFMrS1NsUmh4cHFYYWF4dmlCcFE2cXhOYXRINTJaOVpRRjdmcTJ6Q3BtWjA1Q1Bpclk5dk1XTHJPRGVNYk1iOTE4U055VVpyY3hyWllDak1UVEdRWm52RkVxMkxYdVVYM0w4VU04MEM3MEhtdVN0RUdtdG1jdE5qVWVTRjlwVzlPS0MvQ1pPcU9abU5GTlRwSjR1MjFLamdKaTlydEtjQnNFVVBNOVpYT1dYRGM2bE9PWHM3eXNOVmxSNWdKaXJlVnBNZ0FSY3g1TE90M1RaUmdubFh6TGpTOD18&cppv=2
Request Chain 332
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&domain=www1.ihdstreams.xyz&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=CgZOBnxhS1l2NGZBSU1wNi90dkJsVU5TVDVsVFJDUXJjRWxQbnFCWEdDZ3BSRGtqQm12RmlmNm1rOFBpK0JxaHF3bFRXL3FaMVB0WFF4dTFZZURpVkc3cWQ3aWd2dWZKYmt5SlM1dzE3SVAzMVNNOWg4SWZ5ZkxaWG5sUE5hSlJZbndvZFR5Vlg1bVJNeVVhSkZhdGJoTWNIaXpyb09rSjFVZFg3cnBiZjBmOXFDYThnYk15eXkvb2NuWlNKYTdXSXgyNlhtbkJ3MmRuZ3dtN3ZtVndpcXNXemlZSGdYM3BLOEpodG9YNnVyNG9PcytFZGZ0bVByN2hWRG1tbnVsL0l3ZFBESXJqQlZsY0hEMk5RYW9vSUhKN3dGTlg3ejRZWnZSTnlrdHlYSGtxZGtLVT18&cppv=2

339 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www1.ihdstreams.xyz/
Redirect Chain
  • http://www1.ihdstreams.xyz/
  • https://www1.ihdstreams.xyz/
18 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www1.ihdstreams.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22ecddde71bfef2cd9670aea448224043def0675f08d20fb8355840555b4d35c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7bc5b58e29bfb7b4-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 23 Apr 2023 11:19:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5eH3%2BYRla%2F%2FEempJkqCo532T7ijNOtJg67zK%2BasDuMYKfrPijtxS8XOAz8wlxFVtLrTvawDhVaxubqmhc1TlCDbF7sk1mI8VTsl%2BIycx1HSytZnICGb9IzWUl6ZuWc%2FJay9EmFPSbPbElxWShhJq034"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
7bc5b58dc8e9b8ca-AMS
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sun, 23 Apr 2023 11:19:02 GMT
Expires
Sun, 23 Apr 2023 12:19:02 GMT
Location
https://www1.ihdstreams.xyz/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9aT01SuVRlCdE3JbphKI%2FATgldqYz3KMFI59yB2QFWehyA970ew1M%2FYTtSyAp4VN4Bg8RygdlIw6l3wRK4ik1JOt7DzJRLITrwgtZ9ot1Hrs8aJnJbXAb17WbIavSxAtw3QAaGqiNvyPz6Hrj1fZcTRl"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		6 KB
1021 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,500,700&display=swap
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b09e2680ab247bb7bbd4442627a5de37eef914ef38505470712d707cdff68293
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 23 Apr 2023 11:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 23 Apr 2023 10:46:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 23 Apr 2023 11:19:02 GMT
icon
fonts.googleapis.com/ 		569 B
439 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 23 Apr 2023 11:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 23 Apr 2023 11:19:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 23 Apr 2023 11:19:02 GMT
app.css
www1.ihdstreams.xyz/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www1.ihdstreams.xyz/css/app.css
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29828638d01d73bfd6bd1ff7c87772facd6910124912ebae7e0ac6429f347196

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
324761
cf-polished
origSize=9528
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 01 Nov 2021 18:21:07 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qaWLng1x5DxyBQeuiZHpWfcNoGqBo7cqNm5t%2FpTJhqnxJwIGIIcKpIfXtWlEb8PaSzSYxYLzUe0Pycg8ygHIIgIzZKBntZP4mcCKr4DOv3MGPyJd4Sh8%2FKsSJ5404jW7hYA3QIZVs9qnv6cCaHELnYA%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7bc5b58e6a12b7b4-AMS
expires
Wed, 26 Apr 2023 17:06:21 GMT
A-letterbigger_Savir.png
jscdn.greeter.me/ 		945 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jscdn.greeter.me/A-letterbigger_Savir.png
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Sun, 10 Jul 2022 13:45:06 GMT
x-amz-request-id
tx0000000000000365f4c1e-0064450f5f-97329064-fra1b
etag
"f07519ec5fbc46385f386b577e6e2a1d"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1682248742.dop109.am5.t,1682248742.cds233.am5.hn,1682248742.cds320.am5.c
content-type
image/png
cache-control
max-age=2377
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
945
nba.png
www1.ihdstreams.xyz/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www1.ihdstreams.xyz/images/nba.png
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9953f046235e5dff6ad5d40a6ee2927f53de1ab7c0a6e061e0551e69e9acddc4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:02 GMT
cf-cache-status
HIT
last-modified
Wed, 10 Feb 2021 20:44:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
476826
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ErcdOB8RG0ZUMoqXVkEk2%2FFVNc32DCW%2FmcyAu9gEBJNz5zoBfo%2BsOHtp3DqF1gCsmM8MGSExxpg%2BS1XjKuBKRP8olIEOaLlCc%2FoMyH%2BJRgGu6R1gck3q1e3FnnltXDCy7qmQHRdPB5u5V2J2aezYvrq"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7bc5b58e8a2fb7b4-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1807
expires
Mon, 24 Apr 2023 22:51:56 GMT
nfl.png
www1.ihdstreams.xyz/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www1.ihdstreams.xyz/images/nfl.png
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c542012c84c6c9b8b31b62c0919d8c76fe2ceb18c8721646cb57f382f38d3020

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:02 GMT
cf-cache-status
HIT
last-modified
Wed, 10 Feb 2021 20:44:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
490565
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGoRlqfvrGdLUHPa25Chih6Y6a5off161lWB%2B2nXr81Ygdq1Wh1BLXrK33TblKp%2FCgncZJdk0NwpalDc%2F5p2ZxkLytpugOVrg3nX7dtlj9ti8xosnLwJrMgXN8WZCo%2F5i2uGJKTEr3pCHSfLd9%2Fg6BdH"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7bc5b58e8a37b7b4-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4018
expires
Mon, 24 Apr 2023 19:02:57 GMT
mlbs.png
www1.ihdstreams.xyz/images/ 		734 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www1.ihdstreams.xyz/images/mlbs.png
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c49942d851969cee2ed7c9d24370dfa247d7507c35af5218f2b47464eb14b2c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:02 GMT
cf-cache-status
HIT
last-modified
Thu, 08 Sep 2022 14:14:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
431956
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNo9rRxgLo%2FGdxN3%2FfR6m2DoGIbNIvHP3LZtbgPH3SMFcXWFm4ThtFSM%2B6qUeiJazb%2FMPVtQmfgBEdl8L6LhARaZAkkoXv87vVEsTEoPnhC85QA8at8J%2FT8%2F%2BEC6Zb5gp%2B2aIB50b4%2Fhdl%2BnoR8swwX0"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7bc5b58e8a3ab7b4-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
734
expires
Tue, 25 Apr 2023 11:19:46 GMT
mma.png
www1.ihdstreams.xyz/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www1.ihdstreams.xyz/images/mma.png
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9757415edc6793a3544240a995b7f19f49c96bacf8d6ae41b2657d9f7bac1be7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:02 GMT
cf-cache-status
HIT
last-modified
Wed, 10 Feb 2021 20:44:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
431955
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vk%2B%2BZLPgwSztkZnEqWzbfW7zMYp8AEVm6ppYRu2SJ7BWb%2Fg0CKrBMAnQPuAOSujNAlKwhXJa9jWbz%2FUlJOTMMY96qv0nmmsrxKVikChq%2F6sSMi%2BVWlocCMNTt5gvvED6BVfiu0GLLYfi75oexqHzdMYl"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7bc5b58e8a3cb7b4-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6673
expires
Tue, 25 Apr 2023 11:19:47 GMT
boxing.png
www1.ihdstreams.xyz/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www1.ihdstreams.xyz/images/boxing.png
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef4e851bde18d7fc0111215f4d6a622bc9f648b0b96700b2e98a67c2cd633799

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:02 GMT
cf-cache-status
HIT
last-modified
Wed, 10 Feb 2021 20:44:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
431955
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zTtTBJl5%2FpztZCY412Y0ZI3tloZPkxETdqBGdySg%2FDRRGQaG0FpUAs5BNVCc7Xsgdp4W%2FuU8vPJV7Gd%2BmMNqFdVOzn8zHi8BZr2KWoIp7W%2BtU9UumhCvkkEgmkUq6brkUaq6O5RL%2BPn%2Fpt7p29X9bzXA"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7bc5b58e8a3fb7b4-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9140
expires
Tue, 25 Apr 2023 11:19:47 GMT
f1.png
www1.ihdstreams.xyz/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www1.ihdstreams.xyz/images/f1.png
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8511af2c0e0f877701ecceabdb9833984f9e4539d05196c05dfd78251dc55a1b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:02 GMT
cf-cache-status
HIT
last-modified
Sun, 28 Mar 2021 15:44:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
431955
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnd1cJrQRoagVLHqqAuDQFkjS97Pmp3kcJttM6tBkTANctI6o%2FJs%2BVagDjrTRvFcJS70nZ3yibueUBTN%2BnQo863cdFCJdy9OSFGTeHrijFw1uGH%2FUso2%2B%2BNaP1uzFDx5Bh8c4TDWEzr%2B8iLvNQrmOw97"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7bc5b58e8a44b7b4-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2022
expires
Tue, 25 Apr 2023 11:19:47 GMT
nhl.jpg
www1.ihdstreams.xyz/images/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www1.ihdstreams.xyz/images/nhl.jpg
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f5ba267e4a28eeeeb5f692e2f89a08cb2d87be40ca4aca4a622c375939578fb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:02 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Mar 2023 20:38:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
431955
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLyuWzSsogXb1%2Bn7n9aRT9RsY2VSU6mH2ol4ZFqRcGpJFQsAqbk%2FtABU6Z67Rc%2FnQmhDOc68SOY27Md%2FgRnuxDaenzlMGoZEljZjW46qmZCaBmpl8WjNCe%2BvI7RlJAbb%2F5AwQk%2BRtz0Dfx1zSHb2X9Jy"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7bc5b58e8a47b7b4-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35380
expires
Tue, 25 Apr 2023 11:19:47 GMT
nccab.png
www1.ihdstreams.xyz/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www1.ihdstreams.xyz/images/nccab.png
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3415d1f3f46175bc47b0e1055fc044b0ca4743150abbdfb8ff2029b80029f36c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:02 GMT
cf-cache-status
HIT
last-modified
Thu, 16 Mar 2023 18:23:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
301261
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ycv55SmjYcOhDqn8hDZydOt08%2BSArEPXLRnbXe%2BN190JmAC0ZrbqZX7dwaBQOefkGHyt1rjDNGHNFq9EI3suqRrIAsJfydhhUbw4iqVH%2FGTs%2FKzjLJXCT2pnl5Da8nxsjGmADfs%2BnHpAz1O00e4alxJk"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7bc5b58e8a4ab7b4-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28608
expires
Wed, 26 Apr 2023 23:38:01 GMT
xfl.png
www1.ihdstreams.xyz/images/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www1.ihdstreams.xyz/images/xfl.png
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94250774030be67093bb2b17844ecb5c73f9fd12afcdaca0fee1f279f709d32a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:02 GMT
cf-cache-status
HIT
last-modified
Fri, 17 Mar 2023 07:44:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
431955
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZfSp9vadSKgJ3cmG1Zqxx6S%2B9W2w20sOb%2FNiCkuUrdoaUBD3obmnN0V0%2FXOSqUoRTjzRehlDCce5E9RYjVWH%2FbGW%2FXDCPzWXXpMY%2BekkN8rhwFL1vbT0ROHH7%2B38Rd3Yig5oOiSCnk0bks7fXFKexh9"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7bc5b58e8a4db7b4-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
52428
expires
Tue, 25 Apr 2023 11:19:47 GMT
wwe.png
www1.ihdstreams.xyz/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www1.ihdstreams.xyz/images/wwe.png
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fca03541a50907237eb1c1872eed044c5a98c6049e9f6064419e08e9cc82af6c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:02 GMT
cf-cache-status
HIT
last-modified
Fri, 17 Mar 2023 08:15:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
431954
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUororvkSJlKi2uDeq54FmR%2BFgYTHVLHfpTzg%2B%2F1wc8SIzITdto4sLfE%2BMYdERZ2lmI8Afge9%2FDpAk8Ka1khWKsMkM9lPkz4E0di3wbXLz9t5QFP%2BHHrdQNufuTNf%2Ft6ekH63zVneHKhPr7QRQrzeClB"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7bc5b58e9a56b7b4-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34006
expires
Tue, 25 Apr 2023 11:19:48 GMT
rocket-loader.min.js
www1.ihdstreams.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www1.ihdstreams.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 Apr 2023 16:29:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"643ec584-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BISVZYFgIpK10TLNOdUBCI9deXlheyKxktRNTZsUS4F1xljgN32kTILAmCbHbVJqxmT53GdtgQxfuLFZUaXN51n7JvmEu4su5yEf2daTb%2BvBNkjmUp6I9djpX0I0qLyCfqKVhFCaeB7xb1LS5DuKCk%2B0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7bc5b58e9a58b7b4-AMS
expires
Tue, 25 Apr 2023 11:19:02 GMT
spt
tg1.modoro360.com/api/adserver/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=632c400f6736d736c5787e64&AV_PUBLISHERID=632c3dff8e62a32fb323cd86
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:25::1726:6216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9972b3148db4640e3162a1507c85a894468325f13e3ce6e24703eff7b7906f95

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-Bamboo-C-SkSt
1
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
Date
Sun, 23 Apr 2023 11:19:02 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Vary
Accept-Encoding
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Content-Length
6924
Expires
Sun, 23 Apr 2023 11:24:02 GMT
ihdstreams.xyzdynamic.js
jscdn.greeter.me/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jscdn.greeter.me/ihdstreams.xyzdynamic.js
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
cecdb772902480238ed72f56e63233f74af64e5db96706a47d8d40363e6f6332
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Sun, 02 Oct 2022 07:54:26 GMT
x-amz-request-id
tx0000000000000366abcb4-0064451426-97329064-fra1b
etag
"06342141a46f1a42c83deb96dfde3cba"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1682248742.dop109.am5.t,1682248742.cds233.am5.hn,1682248742.cds312.am5.pr
content-type
text/javascript
cache-control
max-age=3600
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
7957
ihdstreams.xyzhead.js
jscdn.greeter.me/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jscdn.greeter.me/ihdstreams.xyzhead.js
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
59848ac7fa952227246d55a015096752802cb43ca29d530e1309f770ee54ab7b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Sun, 02 Oct 2022 07:54:26 GMT
x-amz-request-id
tx00000000000003650a822-0064451426-9733ce3a-fra1b
etag
"facc79495eb5555fbbf60d0288371d83"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1682248742.dop109.am5.t,1682248742.cds233.am5.hn,1682248742.cds269.am5.pr
content-type
text/javascript
cache-control
max-age=3600
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
8633
sharethis.js
platform-api.sharethis.com/js/ 		198 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-34.fra60.r.cloudfront.net
Software
/
Resource Hash
d7a1bdec6b5209de5be156a573409f2f9e30488cca22fb380d2234057c7973f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:10:15 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P3
age
527
etag
W/"3184b-xStZrNgO3eG9+q9l3cRkzPWrPx0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
kH9f5ZlJ9xx_lCsXTHv9T1bXP0K7b-F-kSFIgUp3FnH2LnAJOHYXNw==
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www1.ihdstreams.xyz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 14:34:09 GMT
x-content-type-options
nosniff
age
74693
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 14:34:09 GMT
invoke.js
www.profitabledisplaynetwork.com/3ca0f619c604ae8a19b9799a144e8ee5/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.profitabledisplaynetwork.com/3ca0f619c604ae8a19b9799a144e8ee5/invoke.js
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.137.44 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 23 Apr 2023 11:19:02 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
602045c93485470012219531.js
buttons-config.sharethis.com/js/ 		554 B
998 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/602045c93485470012219531.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2319dbc0d652282694fa0847f099ecb17e4dca70baadde117a227a22e188860f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:03 GMT
via
1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sun, 06 Jun 2021 23:18:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
etag
"2b6a1b0751a89208a9aef5d82f937db6"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
554
x-amz-cf-id
JUCrIs0rlpAt6gT-ZKAJ168Dmmr3QbDZFtZmy4_MOaDVL2YGAn2UTQ==
pview
l.sharethis.com/ 		0
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=www1.ihdstreams.xyz&location=%2F&product=sop&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=HDStreams%20-%20NBA%20Streams%20%7C%20NFL%20-%20MMA%20Streams%20-%20UFC%20-%20Boxing%20-%20Formula%201&cms=unknown&publisher=602045c93485470012219531&sop=true&version=st_sop.js&lang=en&description=HDStreams%20is%20new%20Platform%20to%20Reddit%20NBA%20Basketball%20free%20streams%2C%20access%20every%20NBA%20live%20stream%20on%20your%20mobile%2C%20desktop%20and%20tablet%20for%20free&ua=&ua_mobile=false&ua_full_version_list=
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.251.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-251-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 23 Apr 2023 11:19:02 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://www1.ihdstreams.xyz
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
get
feed.avplayer.com/backend/ 		4 KB
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://feed.avplayer.com/backend/get?cmsType=playlist&id=631a2480b3d08269680f4be2&AV_TAGID=632c400f6736d736c5787e64&pid=632c3dff8e62a32fb323cd86&cid=632c3ef859ddd85dcd3fc897&AV_TEMPID=6192229fa59e3976bb4400aa&AV_PUBLISHERID=632c3dff8e62a32fb323cd86
Requested by
Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=632c400f6736d736c5787e64&AV_PUBLISHERID=632c3dff8e62a32fb323cd86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
cce1aee65b9f2093ba86119d6ef979fd5183c77b513a1f6c735e0cd56f951070

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:02 GMT
content-encoding
gzip
x-hw
1682248742.dop123.am5.t,1682248742.cds267.am5.hn,1682248742.cds243.am5.p
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www1.ihdstreams.xyz
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
avcplayer.js
player.avplayer.com/script/8.3/v/ 		772 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/8.3/v/avcplayer.js
Requested by
Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=632c400f6736d736c5787e64&AV_PUBLISHERID=632c3dff8e62a32fb323cd86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
e1cbae1c8cc7d330811eae70eb3cb7a53a15c95a0e0a6bb3f182e50d66ba256c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:02 GMT
content-encoding
gzip
last-modified
Fri, 21 Apr 2023 09:14:00 GMT
etag
"1682068440"
x-hw
1682248742.dop150.am5.t,1682248742.cds267.am5.hn,1682248742.cds018.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
202939
track
servt.modoro360.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.modoro360.com/track?pid=632c3dff8e62a32fb323cd86&cid=632c3ef859ddd85dcd3fc897&cb=1682248742526&r=www1.ihdstreams.xyz&stagid=632c400f6736d736c5787e64&stplid=6192229fa59e3976bb4400aa&d35=&d65=Test1&d66=8&d74=&e=playerLoaded&cpid=631a2480b3d08269680f4be2&str=autostart
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.224.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-224-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:02 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
invoke.js
www.effectivecreativeformat.com/0154b07ef3e758a91da6b0cd107ed2d2/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.effectivecreativeformat.com/0154b07ef3e758a91da6b0cd107ed2d2/invoke.js
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 23 Apr 2023 11:19:03 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
AVmanager.js
player.aniview.com/script/6.1/ Frame 2E7C 		462 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
48270858f29e78f21515fc6d4558e0c24d8a69a1a60c12dfc75b67ab1f055a4f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:02 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycducizISayDO4DRXDgULVRuHQb1B668x8OQQuANw8neb71A12HHAcje9zd2Z3nblZ_frujer413YQ7s8ZP_3FSIGlxDjfskV
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
126163
last-modified
Sun, 23 Apr 2023 08:13:06 GMT
server
UploadServer
etag
"4194f41547dc09fc356fbceb53d11f61"
vary
Accept-Encoding
x-goog-generation
1682237586703949
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=UC78Gw==, md5=QZT0FUfcCfw1b7zrU9EfYQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
126163
accept-ranges
bytes
expires
Sun, 23 Apr 2023 11:29:02 GMT
large-poster.jpg
content1.avplayer.com/60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content1.avplayer.com/60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/large-poster.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
UploadServer /
Resource Hash
9f66145fbaf681859fb04fc4cdedf358806d85dd27355199545b97db90d48829

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:02 GMT
x-guploader-uploadid
ADPycdsik2A0BKfvVf5jSPK_KQs_H3Echubi8vz5n4fvjM2ugWbZr9IcMB-mKl6pWzmeu2EI97rWUMUyJJlD-e4e5627XNw7RN6u
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
16959
last-modified
Thu, 08 Sep 2022 15:38:37 GMT
server
UploadServer
etag
"0ee97d2dcd219d582aee0cecbb70cafd"
x-goog-generation
1662651517684609
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=SZ/7Cg==, md5=Dul9Lc0hnVgq7gzsu3DK/Q==
access-control-expose-headers
Content-Type, range
cache-control
public, max-age=2592000
x-hw
1682248742.dop150.am5.t,1682248742.cds267.am5.hn,1682248742.cds310.am5.c
x-goog-stored-content-length
16959
accept-ranges
bytes
favicon.ico
storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.139.16 , France, ASN16276 (OVH, FR),
Reverse DNS
ip16.ip-145-239-139.eu
Software
/
Resource Hash
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 23 Apr 2023 11:19:03 GMT
X-Openstack-Request-Id
tx084fda1dc6d548e4bfd66-0064451427
Last-Modified
Sun, 31 Jan 2021 12:57:34 GMT
Etag
7bf4f6782dee3b520a65ff84286e3691
Content-Type
image/x-icon
X-Timestamp
1612097853.12655
Accept-Ranges
bytes
Content-Length
15086
X-Trans-Id
tx084fda1dc6d548e4bfd66-0064451427
31d54a4b841c0e438f13.woff
player.avplayer.com/script/8.3/v/assets/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/8.3/v/assets/31d54a4b841c0e438f13.woff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8

Request headers

Referer
https://www1.ihdstreams.xyz/
Origin
https://www1.ihdstreams.xyz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:03 GMT
content-encoding
gzip
last-modified
Fri, 21 Apr 2023 09:14:00 GMT
etag
"1682068440"
x-hw
1682248743.dop123.am5.t,1682248743.cds267.am5.hn,1682248743.cds154.am5.c
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
35197
/
serv.modoro360.com/api/adserver/tag/ 		24 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://serv.modoro360.com/api/adserver/tag/?AV_TAGID=632c400f6736d736c5787e64&AV_PUBLISHERID=632c3dff8e62a32fb323cd86&AV_DURATION=18&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&AV_CHANNELID=632c3ef859ddd85dcd3fc897&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www1.ihdstreams.xyz&AV_DADPOS=1&AV_PLACEMENT=1&AV_TAG=632c400f6736d736c5787e64&AV_TEMPLATE=6192229fa59e3976bb4400aa&d36=6.2.92&responsive=1&sver=4&avtoken=742999&omv=1.0.1&AV_D65=Test1&AV_D66=8.3.3&clsid=9e5fe172-c8fa-46b5-ae50-c2e3316ac48f&rando=23&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1682248743002&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.136.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-136-210.compute-1.amazonaws.com
Software
/
Resource Hash
b216aecc7f40ee5f571dd6d372ecfae63366c5c93ea6034d6c10dd37d1d556d8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:03 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www1.ihdstreams.xyz
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Tue, 11 Apr 2023 21:32:23 GMT
track
servt.modoro360.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.modoro360.com/track?r=www1.ihdstreams.xyz&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=&d36=6.2.92&apppkg=&fv=1&proto=https&d65=Test1&d66=8.3.3&clsid=9e5fe172-c8fa-46b5-ae50-c2e3316ac48f&rando=23&pid=632c3dff8e62a32fb323cd86&cid=632c3ef859ddd85dcd3fc897&stagid=632c400f6736d736c5787e64&stplid=6192229fa59e3976bb4400aa&e=inventory&vi=100&cb=1682248743001
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.224.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-224-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:03 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
js15_as.js
s10.histats.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:18:47 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
51.254.41.128/25
etag
"-375139978"
content-type
text/javascript
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
4364
x-request-id
369557658
get_counts
count-server.sharethis.com/v2.0/ 		258 B
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-103.ams1.r.cloudfront.net
Software
/
Resource Hash
b4ca7381dbde69a6d23904a88fc46b887855d0ae5085b3b12c348a19156afbf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:09:40 GMT
via
1.1 f89ae7540cfd7be6febf2f3e1ef03e18.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
AMS1-P1
age
564
etag
fc64cfdd3cc821f2feee27061cf3c383
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=900
content-length
258
apigw-requestid
D08d7itaIAMESww=
x-amz-cf-id
J_76FL-kHpYx4ijodWhzoBxiER1T3WJkR3pWqq487IWHn4P5_dklDw==
facebook.svg
platform-cdn.sharethis.com/img/ 		301 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/facebook.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 04:08:28 GMT
via
1.1 2d8216898001f8ce3fde38c8796d2fa6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
1759126
x-amz-server-side-encryption
AES256
etag
"c6e9be45643e197ce1db1d7e24a99adc"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
301
x-amz-cf-id
MDXiUtHKe5w8Cq27rSlURf4fZjFPhvOjGRO3Jjv6Es6e201n_YHZ0A==
twitter.svg
platform-cdn.sharethis.com/img/ 		731 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/twitter.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 01:32:34 GMT
via
1.1 2d8216898001f8ce3fde38c8796d2fa6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
2540790
etag
"0af2fb38987598376c99e21af17ade45"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
731
x-amz-cf-id
HQljxlOsOnG_BHO5UU8Y8fQZOe90pjf82BeQ46MLzhUqlPobUnQJFg==
reddit.svg
platform-cdn.sharethis.com/img/ 		910 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/reddit.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 12:36:15 GMT
via
1.1 2d8216898001f8ce3fde38c8796d2fa6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
2155369
etag
"78d796ca648d8a5e665b48ed0217c56a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
910
x-amz-cf-id
QAHhi7tP4u-9nCZ0uyvYWK4sGUYXPcZfc3DJk0f0wbHhb9XBLZ8AVw==
whatsapp.svg
platform-cdn.sharethis.com/img/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/whatsapp.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 13:18:06 GMT
via
1.1 2d8216898001f8ce3fde38c8796d2fa6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
2325658
etag
"afe7fc60ed757db39a88d2950fce69c9"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
832
x-amz-cf-id
-ZBf_hahEfWjt8xrHNlL0p0XFVP-qg2XEW01GYV9K3aYN2WaBibeTA==
messenger.svg
platform-cdn.sharethis.com/img/ 		372 B
798 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/messenger.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 26 Mar 2023 22:46:07 GMT
via
1.1 2d8216898001f8ce3fde38c8796d2fa6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
2377976
etag
"a5aa43fa302867d3e888ac2f69b7b288"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
372
x-amz-cf-id
ZCaX--457_0qUBBskiOUvQGX4sK5dTNnh8A6xWv0fPcHXWQHvGfQVQ==
linkedin.svg
platform-cdn.sharethis.com/img/ 		456 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/linkedin.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 04:41:55 GMT
via
1.1 2d8216898001f8ce3fde38c8796d2fa6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
1665429
etag
"fa43b4ede18498b114fc7185993f6da7"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
456
x-amz-cf-id
nMfoP5tbsn_NeURdcHOtrMgC3d2XyZG_RGjC9C97MzPbhEsM4BvmVA==
pinterest.svg
platform-cdn.sharethis.com/img/ 		771 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/pinterest.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 22:33:18 GMT
via
1.1 2d8216898001f8ce3fde38c8796d2fa6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
2292346
etag
"2b10a062e719c64b686e2e8fcdc216dc"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
771
x-amz-cf-id
Qz-U-XYDnDGw-5aYwQjfdE58p8rmeJUqafC0zFfgeJsJE1pFHITfNw==
sharethis.svg
platform-cdn.sharethis.com/img/ 		514 B
938 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/sharethis.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 08:35:05 GMT
via
1.1 2d8216898001f8ce3fde38c8796d2fa6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
1370108
x-amz-server-side-encryption
AES256
etag
"deecdaa377907db5cc1722fc831670a1"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
514
x-amz-cf-id
773UU5rDCpVOK5wCQmS_OvR52Z4HR59CKKcVTMmsRQE3Be6B-1FzFA==
arrow_left.svg
platform-cdn.sharethis.com/img/ 		565 B
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/arrow_left.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 11:06:15 GMT
via
1.1 2d8216898001f8ce3fde38c8796d2fa6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
AMS1-P2
age
259968
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
565
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
etag
"b55d8d2b9321e381a3c38a4bddb74037"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
BtnbaufkPbI-YW8qCEgKNrMN25xGyqtcaNlTvWDzaXd0ZL5h_E0HQw==
arrow_right.svg
platform-cdn.sharethis.com/img/ 		565 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/arrow_right.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 18:49:53 GMT
via
1.1 2d8216898001f8ce3fde38c8796d2fa6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
AMS1-P2
age
404951
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
565
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
etag
"9928d025bd5792b718ee0a185f62e67c"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
F_-O_hR8PEiJUYcMoNhjqZel51g7JEhFUL6kKBjarB8KpS4byUKtUQ==
hb_736354_16735.js
player.aplhb.adipolo.com/prebidlink/467291/ 		915 B
767 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aplhb.adipolo.com/prebidlink/467291/hb_736354_16735.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ihdstreams.xyzhead.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
d2c81a30c76b5bb6524fa67e4b5c37bbb11108066b565dd4093e028fc416c02b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:03 GMT
content-encoding
gzip
last-modified
Sun, 23 Apr 2023 10:46:19 GMT
server
nginx
etag
W/"64450c7b-393"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Sun, 23 Apr 2023 12:19:03 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ihdstreams.xyzhead.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f09f9111eff260d1136b12ee8d69dbf2a9186df8245088c3cc0f2aa310edd8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25057
x-xss-protection
0
server
cafe
etag
179 / 19470 / 31074079 / config-hash: 6342739278968460252
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 23 Apr 2023 11:19:03 GMT
wrapper_hb_736354_16735.js
player.aplhb.adipolo.com/prebidlink/467291/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aplhb.adipolo.com/prebidlink/467291/wrapper_hb_736354_16735.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ihdstreams.xyzhead.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
65359004a97acaa73ad573bb100db1687b29252374263d5363440d9937b910df

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:03 GMT
content-encoding
gzip
last-modified
Sun, 23 Apr 2023 10:46:19 GMT
server
nginx
etag
W/"64450c7b-6fa"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Sun, 23 Apr 2023 12:19:03 GMT
gpt.js
www.googletagservices.com/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ihdstreams.xyzhead.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21c5a17916d69030c744cb42c6c2d1ea9aa36c4abbc36c7631e81368a81652f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25052
x-xss-protection
0
server
cafe
etag
48 / 19470 / m202304180101 / config-hash: 6342739278968460252
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 23 Apr 2023 11:19:03 GMT
adipolo_logo.png
adipolo.com/wp-content/uploads/2020/06/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:03 GMT
cf-cache-status
HIT
last-modified
Tue, 02 Jun 2020 09:04:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5006911
etag
"5ed61610-1b9c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PROmiV6xCzq74BqPRLBF4%2BbUgzzTIGsbtNFCcvO8Vx4DknD%2FWFt5%2Ff%2Ff7cYa%2FWPjgxuW5IW9fUu3%2Ft9YdliTZSD4QCHEQoiu0lDsU5xQTcrHFDmCrin2EigGJP6PbuRwVHg4AjEAh2tXBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7bc5b595eaddb987-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7068
0.php
s4.histats.com/stats/ 		52 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?2633223&@f16&@g1&@h1&@i1&@j1682248743291&@k0&@l1&@mHDStreams%20-%20NBA%20Streams%20%7C%20NFL%20-%20MMA%20Streams%20-%20UFC%20-%20Boxing%20-%20Formula%201&@n0&@o1000&@q0&@r0&@s514&@ten-US&@u1600&@b1:139154068&@b3:1682248743&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww1.ihdstreams.xyz%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.31 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534110.ip-149-56-240.net
Software
/
Resource Hash
c764d829f9a7d09d25b8be8ae983d80fd57a667633c3ea18c72deb5999067c80

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 23 Apr 2023 11:19:04 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
cc_514.js
s10.histats.com/counters/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/counters/cc_514.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
babfdd8d96853154749421058a8b281d3fa13dc64df98d8e57c477c7c56e41a4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:18:02 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
51.254.41.128/25
etag
"1889425552"
content-type
text/javascript
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
6193
x-request-id
306446761
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4558415f627880263b408b58c30f1c9ae4765038c86beaf568d9c067b79c936

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F44C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1682248743295-963002330228-001183-003-001401%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=28419
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 23 Apr 2023 11:19:03 GMT
expires
Sun, 23 Apr 2023 19:12:42 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
occ
ups.analytics.yahoo.com/ups/58543/ Frame 2F36 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
0
date
Sun, 23 Apr 2023 11:19:03 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
cookiesyncendpoint
servs.modoro360.com/ Frame 72B8
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1682248743295-963002330228-...
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1682248743295-9630023...
  • https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1682248743295-963002330228-001183-003-001401&key=cf206123-2ffa-4f3b-afe0-824c20f93945
0
239 B 		Document
General
Check archive.org
Download Go to
Full URL
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1682248743295-963002330228-001183-003-001401&key=cf206123-2ffa-4f3b-afe0-824c20f93945
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.212.211.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-212-211-193.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-length
0
date
Sun, 23 Apr 2023 11:19:03 GMT

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Sun, 23 Apr 2023 11:19:03 GMT
location
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1682248743295-963002330228-001183-003-001401&key=cf206123-2ffa-4f3b-afe0-824c20f93945
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cookiesyncendpoint
servs.modoro360.com/ Frame 12F9
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26au...
  • https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1682248743295-963002330228-001183-003-001401&key=OPTOUT
0
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1682248743295-963002330228-001183-003-001401&key=OPTOUT
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.212.211.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-212-211-193.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-length
0
date
Sun, 23 Apr 2023 11:19:03 GMT

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sun, 23 Apr 2023 11:19:03 GMT
etag
OPTOUT
expires
0
location
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1682248743295-963002330228-001183-003-001401&key=OPTOUT
pragma
no-cache
cookiesyncendpoint
servs.modoro360.com/ Frame 0C00
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1682248743...
  • https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1682248743295-963002330228-001183-003-001401&key=NMjYR4QJlX9b&ev=1&us_privacy=1---&pid=562704
0
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1682248743295-963002330228-001183-003-001401&key=NMjYR4QJlX9b&ev=1&us_privacy=1---&pid=562704
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.212.211.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-212-211-193.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-length
0
date
Sun, 23 Apr 2023 11:19:03 GMT

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
nl-NL
cw-server
bh-deployment-6995c68ccb-2vd5p
expires
-1
location
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1682248743295-963002330228-001183-003-001401&key=NMjYR4QJlX9b&ev=1&us_privacy=1---&pid=562704
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
cookiesyncendpoint
sync.aniview.com/ Frame 9382
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent=
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=852a61ab40caa432e3e9162a8a235ef2&_fw_gdpr=1&_fw_gdpr_consent=
0
231 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=852a61ab40caa432e3e9162a8a235ef2&_fw_gdpr=1&_fw_gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.47.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-47-164.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-length
0
date
Sun, 23 Apr 2023 11:19:03 GMT

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Sun, 23 Apr 2023 11:19:03 GMT
Expires
Sun, 23 Apr 2023 11:19:03 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=852a61ab40caa432e3e9162a8a235ef2&_fw_gdpr=1&_fw_gdpr_consent=
Pragma
no-cache
Server
nginx
x-sticky-vk
1682248743543042-530
auto-user-sync
ads.stickyadstv.com/ Frame A17E 		43 B
623 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.238.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-238-158.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 23 Apr 2023 11:19:03 GMT
Expires
Sun, 23 Apr 2023 11:19:03 GMT
Pragma
no-cache
Server
nginx
x-sticky-vk
1682248743517050-562
sync
vid.vidoomy.com/ Frame 82F1 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1682248743295-963002330228-001183-003-001401%26key%3D%7B%7BVID%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ce33815b4c0f7c15686c773ff8b0e5092b36696a6c758ef499dc32e5a8f01e9a

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Sun, 23 Apr 2023 11:19:03 GMT
etag
W/"64243ed7-c28e"
last-modified
Wed, 29 Mar 2023 13:36:23 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-cache
MISS
x-77-nzt
AcO1rgVC4C+h
x-77-nzt-ray
25b0213198faa16927144564be118825
x-77-pop
frankfurtDE
x-cache
MISS
usync.html
eus.rubiconproject.com/ Frame 4AFD
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.211.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-211-47.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 23 Apr 2023 11:19:03 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 23 Apr 2023 11:19:03 GMT
location
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server
AkamaiGHost
/
us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif/ Frame 1477 		0
0
cookiesyncendpoint
servs.modoro360.com/ Frame 4E10
Redirect Chain
  • https://csync.loopme.me/?pubid=11455&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D56%26auid%3D1682248743295-9...
  • https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1682248743295-963002330228-001183-003-001401&key=e5c5ebec-706e-40d4-ba2d-0066735349c4&gdpr_consent=nul...
0
240 B 		Document
General
Check archive.org
Download Go to
Full URL
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1682248743295-963002330228-001183-003-001401&key=e5c5ebec-706e-40d4-ba2d-0066735349c4&gdpr_consent=null&gdpr=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.212.211.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-212-211-193.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-length
0
date
Sun, 23 Apr 2023 11:19:03 GMT

Redirect headers

content-length
0
date
Sun, 23 Apr 2023 11:19:03 GMT
location
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1682248743295-963002330228-001183-003-001401&key=e5c5ebec-706e-40d4-ba2d-0066735349c4&gdpr_consent=null&gdpr=1
server
_
/
onetag-sys.com/usync/ Frame E260 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FA03 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fpbs.aniview.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=28419
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 23 Apr 2023 11:19:03 GMT
expires
Sun, 23 Apr 2023 19:12:42 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
avpb7.36.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 2E7C 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.36.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
d5e0ab924e442cf4360cb468f24812a3dc679c88c76d92f0ecf106f3c5f029f5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:03 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtaIfOQo9DrCjdDimpjAg9_oRHKga39HcycDdwH4zYRjjJKb71S86LYPt3O-wQMbWNCmRtkT0Orsd_MaFCPynChDw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
65142
last-modified
Sun, 23 Apr 2023 08:13:07 GMT
server
UploadServer
etag
"dea205b2b93e107b3f7b0b7f9db76723"
vary
Accept-Encoding
x-goog-generation
1682237587346207
x-goog-hash
crc32c=KLxvNA==, md5=3qIFsrk+EHs/ewt/nbdnIw==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
65142
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 23 Apr 2023 11:29:03 GMT
avpb7.36.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame 2E7C 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.36.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0232264ad27dfd7cf41c4f313ff1fb7fad9329297dfd66424bed2a20710398ff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:03 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduc9GAnEWsCWZsf6zL6HNJoq1WrERlVDweR4vjpSK9BtovQ9JwQEvJPPVJ3qbg-0z1tdKn7_4Ywl8OaZ3CmubASkg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
21154
last-modified
Sun, 23 Apr 2023 08:13:07 GMT
server
UploadServer
etag
"7cb951227202df1a5273d495402a3d06"
vary
Accept-Encoding
x-goog-generation
1682237587554418
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=fKRmlQ==, md5=fLlRInIC3xpSc9SVQCo9Bg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
21154
accept-ranges
bytes
expires
Sun, 23 Apr 2023 11:29:03 GMT
sync
x.bidswitch.net/ 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=&user_id=1682248743295-963002330228-001183-003-001401&gdpr=1&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.118.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-118-156.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1682248743295-963002330228-001183-003-001401%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1682248743295-963002330228-001183-003-001401%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.118.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-118-156.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/ 		400 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c470984efff845d5290f15d3a01552b4bff15c1e40a48c944233a5bc5f69539
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 11:36:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
85383
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127052
x-xss-protection
0
server
cafe
etag
14196522953641333499
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 21 Apr 2024 11:36:00 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		1 KB
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www1.ihdstreams.xyz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b06950cc60568dc5dc229e17b6ef1b1ae07180c35d89a0340ee8fafc37c8f519
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
448
x-xss-protection
0
expires
Sun, 23 Apr 2023 11:19:03 GMT
mvo
tag.1rx.io/rmp/217227/0/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/217227/0/mvo?z=1r&hbv=7.36,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.36.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Castricum, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www1.ihdstreams.xyz
pragma
no-cache
date
Sun, 23 Apr 2023 11:19:03 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
PugMaster
image6.pubmatic.com/AdServer/ Frame F44C 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97752394&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1682248743295-963002330228-001183-003-001401%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:02 GMT
content-length
0
usync.js
eus.rubiconproject.com/ Frame 4AFD 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.211.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-211-47.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
868096dc68c7385e06c28965f9d3fce4fbc7ae1595d2cb51b00ceb40e8da59c4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 23 Apr 2023 11:19:03 GMT
Content-Encoding
gzip
Last-Modified
Sun, 23 Apr 2023 04:25:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=61637
Connection
keep-alive
Content-Length
10020
Expires
Mon, 24 Apr 2023 04:26:20 GMT
khaos.jpg
token.rubiconproject.com/ Frame 4AFD 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
urlsvid.json
vpaid.vidoomy.com/sync/ Frame 82F1 		1 KB
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1682248743295-963002330228-001183-003-001401%26key%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
81a4bd27e957576653d3059ac699bf25e16698b98a98e26a6a84cf1d6d9660b5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 23 Apr 2023 11:19:03 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
88696
x-77-nzt
AZySIRCVjw//eFoBAA
x-accel-expires
@1683196847
last-modified
Wed, 29 Mar 2023 10:31:18 GMT
server
CDN77-Turbo
etag
W/"64241376-446"
x-77-nzt-ray
f6587a1d82f363fb27144564f3211c34
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
hbw_master_736354_16735.js
player.aplhb.adipolo.com/prebidlink/x467291/ 		93 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aplhb.adipolo.com/prebidlink/x467291/hbw_master_736354_16735.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/wrapper_hb_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
27545268e07601849a17147b9abcc57fd8938acd2ffd9ad30787f387b1836cb0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:03 GMT
content-encoding
gzip
last-modified
Sun, 23 Apr 2023 10:46:19 GMT
server
nginx
etag
W/"64450c7b-172f9"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Sun, 23 Apr 2023 12:19:03 GMT
hbp_master_736354_16735.js
player.aplhb.adipolo.com/prebidlink/467291/ 		327 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hb_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
162f2f94d1001f4f063672e22f30338e40370a029b8f318d54283f365b00b1f7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:03 GMT
content-encoding
gzip
last-modified
Mon, 27 Mar 2023 11:12:59 GMT
server
nginx
etag
W/"64217a3b-51c76"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Sun, 23 Apr 2023 12:19:03 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 4AFD 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
ad49a0f18e050afeb6359164ab3bd56e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
prebid
rtb.openx.net/sync/ Frame 82F1 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?gdpr=1&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dopenx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:03 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
v40alopuhbeseqn0aj086bj0gf71q612
sync
x.bidswitch.net/ Frame 82F1 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.118.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-118-156.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 82F1 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?gdpr=1&gdpr_consent=&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%7BuserId%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3DCEN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sun, 23 Apr 2023 11:19:03 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
ecm3
s.amazon-adsystem.com/ Frame 4AFD
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=G4AeZpGORSi1yUzMO3bCMA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=G4AeZpGORSi1yUzMO3bCMA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=G4AeZpGORSi1yUzMO3bCMA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Apr 2023 11:19:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D06DGPDSNJM5SZMH7D0F
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=G4AeZpGORSi1yUzMO3bCMA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame 4AFD 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=25470
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame 4AFD 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame 4AFD 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=36584
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4AFD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D564534%26nid%3D5466%26put%3D%24UID
  • https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=8152611914254286615
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=8152611914254286615
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Date
Sun, 23 Apr 2023 11:19:03 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.48.94.48; 37.48.94.48; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
fb321a5a-0c27-400d-b057-7ce471748bda
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=8152611914254286615
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
sync.smartadserver.com/ Frame 4AFD
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D32128%26nid%3D2915%26put%3D[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=[sas_uid]&cklb=1
0
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?gdpr=0&url=https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=[sas_uid]&cklb=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
H2
Server
185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:04 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=[sas_uid]&cklb=1
pragma
no-cache
date
Sun, 23 Apr 2023 11:19:03 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
tap.php
pixel.rubiconproject.com/ Frame 4AFD
Redirect Chain
  • https://um2.eqads.com/um/rc
  • https://um2.eqads.com/um/rc&eq_cc=1
  • https://pixel.rubiconproject.com/tap.php?v=11598&nid=2494&put=b4acf0b1-f372-4df6-919b-829870ce3ac7&expires=30
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=11598&nid=2494&put=b4acf0b1-f372-4df6-919b-829870ce3ac7&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:04 GMT
last-modified
Sun, 23 Apr 2023 11:19:04 GMT
content-type
text/html; charset=utf-8
location
https://pixel.rubiconproject.com/tap.php?v=11598&nid=2494&put=b4acf0b1-f372-4df6-919b-829870ce3ac7&expires=30
cache-control
no-cache, must-revalidate
content-length
144
expires
Sat, 6 May 1995 12:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 4AFD
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
  • https://s.tribalfusion.com/z/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
43 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:04 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7bc5b59b2a64b752-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:04 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
131
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7bc5b599b87ab752-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ghb.aplhb.adipolo.com/geo/ 		147 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/geo/
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/x467291/hbw_master_736354_16735.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
253d9f01f2be6922225d0c297a49d5538d8590bb6e93fa8660b8ba1ac38f20e1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 23 Apr 2023 11:19:04 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://www1.ihdstreams.xyz
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
147
tracking
ghb.aplhb.adipolo.com/adunit/ 		43 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=736354&site_id=16735&full_page_url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&adid=tbgu8p.48&features=81952&vpbv=N133&tte=755&lifecycle_tte=1970
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/x467291/hbw_master_736354_16735.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 23 Apr 2023 11:19:04 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www1.ihdstreams.xyz
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
integrator.js
adservice.google.nl/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=www1.ihdstreams.xyz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www1.ihdstreams.xyz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		691 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=865653913763098&correlator=1362377468020073&eid=31073999%2C31074079%2C31074095%2C31068367&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&iu_parts=7047%3A22821132256%2Capl%2Cnativefeedapl&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=1&adks=1127646166&didk=3551856684&sfv=1-0-40&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682248743998&lmt=1682248743&dlt=1682248742140&idt=1423&adxs=0&adys=1851&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=876716730.1682248744&ga_sid=1682248744&ga_hid=2015945248&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
88dccd1fedf97146e18e3e6e300ccb5f9259da1e036f2d99a30bbb4801799d76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
352
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www1.ihdstreams.xyz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304190101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
644c38e9c9a29d85ba01ca4d12b86809889d7a09a4857b7c0110d7e5b7b8a543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11271
x-xss-protection
0
container.html
a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AA69 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Apr 2023 11:19:04 GMT
expires
Mon, 22 Apr 2024 11:19:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
prebid
id5-sync.com/api/config/ 		135 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.36.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
91d9858a3fbbbbb194b1de253ee64efccf4524e1f7289276deb4be8607995973
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www1.ihdstreams.xyz
date
Sun, 23 Apr 2023 11:19:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
pbhid
id.hadron.ad.gt/api/v1/ 		141 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=239&_it=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.36.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4055685254f3344eedcade727197d24412c3614db15accc6ac61e8e32400906

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 23 Apr 2023 11:19:04 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
7bc5b59ae80b0bce-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
envelope
api.rlcdn.com/api/identity/ 		44 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=105
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.36.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 23 Apr 2023 11:19:04 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www1.ihdstreams.xyz
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 23 Apr 2023 11:19:04 GMT
config.json
player.adtelligent.com/exchange_rates/313490/ 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fwww1.ihdstreams.xyz%2F
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
1e01e1af40dad2c10855f57cc2ce9dc75cd9e67aef45c66352d935cf7eab54cb

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

expires
Tue, 25 Apr 2023 11:19:04 GMT
date
Sun, 23 Apr 2023 11:19:04 GMT
content-encoding
gzip
last-modified
Sat, 22 Apr 2023 12:02:37 GMT
server
nginx
etag
W/"6443ccdd-2a92"
content-type
application/json
access-control-allow-origin
https://www1.ihdstreams.xyz
cache-control
max-age=172800
x-proxy-cache
HIT
arj
adipololtd-d.openx.net/w/1.0/ 		0
0
cdb
bidder.criteo.com/ 		18 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.37.0&cb=3450173961&lsavail=0
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 23 Apr 2023 11:19:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www1.ihdstreams.xyz
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid-request
onetag-sys.com/ 		15 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www1.ihdstreams.xyz
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
mp.4dex.io/ 		114 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72bdb44ead8397c5e6563d6f539923b9eb1ccd9036efe959fe7a8823c7e22041

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Sun, 23 Apr 2023 11:19:04 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Validating the Prebid Request adunits. Unable to parse native image.sizes, Validating the Prebid Request adunits. Unable to parse native image.sizes, Process Seats Booster. unable to get the seat booster engine for organization: 1224
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www1.ihdstreams.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7bc5b59b7a5f0ba6-AMS
expires
0
c
prebid.a-mo.net/a/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Sun, 23 Apr 2023 11:19:03 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www1.ihdstreams.xyz
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
cdb
bidder.criteo.com/ 		18 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.37.0&cb=33379299745&lsavail=0
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 23 Apr 2023 11:19:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www1.ihdstreams.xyz
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
bid
ap.lijit.com/rtb/ 		24 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.37.0
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
5a78816663e23e77747cdd94c956b1e5457b570fe5c1a3b006c133b968bde57d

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 23 Apr 2023 11:19:04 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www1.ihdstreams.xyz
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
cdb
bidder.criteo.com/ 		18 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.37.0&cb=21365760452&lsavail=0
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 23 Apr 2023 11:19:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www1.ihdstreams.xyz
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid
mp.4dex.io/ 		114 B
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fe070cefb33bdefefa4452d5c67edf332820b4e7d14ed0789e48f01c98067a3

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Sun, 23 Apr 2023 11:19:04 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Validating the Prebid Request adunits. Unable to parse native image.sizes, Validating the Prebid Request adunits. Unable to parse native image.sizes, Process Seats Booster. unable to get the seat booster engine for organization: 1224
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www1.ihdstreams.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7bc5b59b7a600ba6-AMS
expires
0
c
prebid.a-mo.net/a/ 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Sun, 23 Apr 2023 11:19:04 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www1.ihdstreams.xyz
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
cdb
bidder.criteo.com/ 		18 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.37.0&cb=49533687038&lsavail=0
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 23 Apr 2023 11:19:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www1.ihdstreams.xyz
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid-request
onetag-sys.com/ 		15 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www1.ihdstreams.xyz
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid
ap.lijit.com/rtb/ 		24 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.37.0
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
2eba8e102a0cffb41a9348626acda896d2f3d7edd17798b0c2afdb8292f494d7

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 23 Apr 2023 11:19:04 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www1.ihdstreams.xyz
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
arj
adipololtd-d.openx.net/w/1.0/ 		0
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.36.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
292634a3f80a0a9ab204416cf35bd92e1aaf45823f8fe683df759f9467512bca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www1.ihdstreams.xyz
date
Sun, 23 Apr 2023 11:19:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1995 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
4782
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Apr 2023 09:59:22 GMT
expires
Mon, 22 Apr 2024 09:59:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AD15 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b1250ec614f67f4dc0741b768511652eb3c7bab80d11728db06c17e320fe1279
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--9WkTaZPz3OAewX8AVboDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce--9WkTaZPz3OAewX8AVboDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 23 Apr 2023 11:19:04 GMT
expires
Sun, 23 Apr 2023 11:19:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
371.json
id5-sync.com/g/v2/ 		216 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/371.json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.36.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
7d4dd42fcb5a07fce2ae586794613b90bceba1f479891571ca14d511568e3249
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www1.ihdstreams.xyz
date
Sun, 23 Apr 2023 11:19:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
pagead2.googlesyndication.com/bg/ Frame 1995 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 16:28:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
154229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14264
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Apr 2024 16:28:35 GMT
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Sun, 23 Apr 2023 11:19:03 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www1.ihdstreams.xyz
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
bid
ap.lijit.com/rtb/ 		25 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.37.0
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
52b98041f17799a618553f84ae31612d094059682c2383b912f8591bc853ae81

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 23 Apr 2023 11:19:04 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www1.ihdstreams.xyz
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
cdb
bidder.criteo.com/ 		18 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.37.0&cb=84098900083&lsavail=0
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 23 Apr 2023 11:19:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www1.ihdstreams.xyz
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid
mp.4dex.io/ 		114 B
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f49ed272e6a24d221826b41d2f62cade037e0ff951e628e368792c4a02a2ef09

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Sun, 23 Apr 2023 11:19:04 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Validating the Prebid Request adunits. Unable to parse native image.sizes, Validating the Prebid Request adunits. Unable to parse native image.sizes, Process Seats Booster. unable to get the seat booster engine for organization: 1224
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www1.ihdstreams.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7bc5b59c7b8d0ba6-AMS
expires
0
arj
adipololtd-d.openx.net/w/1.0/ 		0
0
cdb
bidder.criteo.com/ 		18 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.37.0&cb=82469980737&lsavail=0
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 23 Apr 2023 11:19:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www1.ihdstreams.xyz
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid-request
onetag-sys.com/ 		15 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www1.ihdstreams.xyz
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
sodar
pagead2.googlesyndication.com/pagead/ Frame AD15 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304190101&jk=865653913763098&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
integrator.js
adservice.google.nl/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=www1.ihdstreams.xyz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www1.ihdstreams.xyz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=865653913763098&correlator=3626599942336107&eid=31073999%2C31074079%2C31074095%2C31068367&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&iu_parts=7047%3A22821132256%2Capl%2Caplmcm7047%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90&ifi=2&adks=135192340&didk=1959687422&sfv=1-0-40&prev_scp=test%3Drefresh%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682248744401&lmt=1682248744&dlt=1682248742140&idt=1423&adxs=315&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=876716730.1682248744&ga_sid=1682248744&ga_hid=2015945248&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17417d5dda996d8465b56fedf52908cc2ba8271f5891073353258ac58b5b5865
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6966
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www1.ihdstreams.xyz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid
mp.4dex.io/ 		114 B
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ddc7573b965670564828330e8fd30a9169de349fafaad61cc6c22cb69c4c4d4

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Sun, 23 Apr 2023 11:19:04 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Validating the Prebid Request adunits. Unable to parse native image.sizes, Validating the Prebid Request adunits. Unable to parse native image.sizes, Process Seats Booster. unable to get the seat booster engine for organization: 1224
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www1.ihdstreams.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7bc5b59cbbbd0ba6-AMS
expires
0
bid
ap.lijit.com/rtb/ 		25 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.37.0
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
c86ff4873e9a42ddb7901292db530723ac9276fc23244f60618606d5357f3781

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 23 Apr 2023 11:19:04 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www1.ihdstreams.xyz
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Sun, 23 Apr 2023 11:19:03 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www1.ihdstreams.xyz
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
cdb
bidder.criteo.com/ 		18 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.37.0&cb=54810548345&lsavail=0
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 23 Apr 2023 11:19:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www1.ihdstreams.xyz
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
arj
adipololtd-d.openx.net/w/1.0/ 		0
0
cdb
bidder.criteo.com/ 		18 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.37.0&cb=33290683625&lsavail=0
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 23 Apr 2023 11:19:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www1.ihdstreams.xyz
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid-request
onetag-sys.com/ 		15 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www1.ihdstreams.xyz
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
ads
securepubads.g.doubleclick.net/gampad/ 		107 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=865653913763098&correlator=3067718758633719&eid=31073999%2C31074079%2C31074095%2C31068367&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&iu_parts=7047%3A22821132256%2Capl%2Caplmcm7047%2Ccube2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=3&adks=1535134855&didk=2675907388&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682248744436&lmt=1682248744&dlt=1682248742140&idt=1423&adxs=1170&adys=337&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&frm=20&vis=1&psz=487x24&msz=487x0&fws=0&ohw=0&ga_vid=876716730.1682248744&ga_sid=1682248744&ga_hid=2015945248&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
52593588f9518ae8a52ca878d4209fbb9f428b279cbd977759da1d08593b88a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18375
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www1.ihdstreams.xyz
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=865653913763098&correlator=76759854597979&eid=31073999%2C31074079%2C31074095%2C31068367&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&iu_parts=7047%3A22821132256%2Capl%2Caplmcm7047%2Crich&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=4&adks=3228686164&didk=2675907386&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682248744447&lmt=1682248744&dlt=1682248742140&idt=1423&adxs=166&adys=163&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&frm=20&vis=1&psz=1019x0&msz=1019x0&fws=0&ohw=0&ga_vid=876716730.1682248744&ga_sid=1682248744&ga_hid=2015945248&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d83f5af5af3cff4660a38b3ddf7db32151cee7558df222690e1b9c73339143ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6848
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www1.ihdstreams.xyz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=865653913763098&correlator=3568318960100455&eid=31073999%2C31074079%2C31074095%2C31068367&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&iu_parts=7047%3A22821132256%2Capl%2Caplmcm7047%2Csky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=120x600%7C160x600%7C300x600&ifi=5&adks=2270408103&didk=2675907384&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682248744475&lmt=1682248744&dlt=1682248742140&idt=1423&adxs=1260&adys=377&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&frm=20&vis=1&psz=487x24&msz=487x0&fws=0&ohw=0&ga_vid=876716730.1682248744&ga_sid=1682248744&ga_hid=2015945248&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95f9f8b04e6e9e009e521195ccf754ce16fdc9831bcf37864c49b082a73c8595
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7250
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www1.ihdstreams.xyz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 1995 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?NtJOXA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:04 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
container.html
a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 10B2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Apr 2023 11:19:04 GMT
expires
Mon, 22 Apr 2024 11:19:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame E4C9 		624 B
827 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiR3sHIATAB&v=APEucNWFzPdvdpBuy0cE3JSg7WETTp4p402-4keh7ZHn-hJh78kixU3PLUAWv9LC5v3s3gO44IPewoD3i1byhnXZLb0_wJVUDqSeS05rNXKQWWJ-3Rib8Yv08q3vMxmugGCydqJQoSXF6HJXMq1cV4KdVhtWCY5dO-Tl9DA4UygrI4txzaDnOm4
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Apr 2023 11:19:04 GMT
expires
Sun, 23 Apr 2023 11:19:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 10B2 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 23 Apr 2023 11:19:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 10B2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BLmSgj48H29mt4ueL6xPWkQc7zQiuU_wYqBVASUyAj3bmD0ULNK8nhrW0q1vWk3O4pf4T8BRC10G1mbeGEgTDj4I-5I4LFJmvk1-8wTY2aQoaMwoQ
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 10B2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2628428239467123275&x=1&ct=76
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 10B2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
1
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 May 2023 11:19:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 10B2 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 16:45:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
66839
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8104
x-xss-protection
0
server
cafe
etag
11444945707709536616
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 May 2023 16:45:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 10B2 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 23 Apr 2023 11:19:04 GMT
container.html
a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4324 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Apr 2023 11:19:04 GMT
expires
Mon, 22 Apr 2024 11:19:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4587 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Apr 2023 11:19:04 GMT
expires
Mon, 22 Apr 2024 11:19:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012304062309000/ Frame 2F71 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60d19fcc26403308bd021dd6ce6588cca81c6a42a34472277186bad9a4155022
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 22 Apr 2023 23:33:30 GMT
age
42335
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61901
x-xss-protection
0
server
sffe
etag
"8572ebb49fe3e70f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 21 Apr 2024 23:33:30 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 2F71 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304062309000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a80bc624f7ab3177dcab36c63396d6b7b3f18c41fd09c7a3e5b54792d566904a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 22 Apr 2023 19:41:53 GMT
age
56232
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"ad2d0ddcea45401f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 21 Apr 2024 19:41:53 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 2F71 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304062309000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a767e3a4a89fd5d5747f2e60656de81560b8d24575c7be5df0d541906cb86ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 22 Apr 2023 14:39:29 GMT
age
74376
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28974
x-xss-protection
0
server
sffe
etag
"441c199a95baae2a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 21 Apr 2024 14:39:29 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 2F71 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304062309000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24206ab4713756ffb34eea1118c49184ece7d15687774987e9c71dc22b15c195
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 22 Apr 2023 05:26:30 GMT
age
107555
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16663
x-xss-protection
0
server
sffe
etag
"b1da3222a4215980"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 21 Apr 2024 05:26:30 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 2F71 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304062309000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19d96e062d7e164a34e2a7773fab8c722f36ea442d2b944ce5cb359c8b78fa01
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 20 Apr 2023 12:16:47 GMT
age
255738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1904
x-xss-protection
0
server
sffe
etag
"60fdf036b4edbfa8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 19 Apr 2024 12:16:47 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 2F71 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304062309000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a7522d02dbbc03101dfe3d8cfb3b0ff1c974af884931a79477056345c306648
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 22 Apr 2023 16:28:46 GMT
age
67819
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12949
x-xss-protection
0
server
sffe
etag
"53b4f6addb6819c0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 21 Apr 2024 16:28:46 GMT
truncated
/ Frame 2F71 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bde74e092f728a245a93112d79690cf7817c71894bde7f46b77d0e78ab9e672a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
foto.jpg
tpc.googlesyndication.com/sadbundle/4233151602612256431/images/ Frame 2F71 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/4233151602612256431/images/foto.jpg
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8766f490acac9657a4f3f6cb95b75026efad318be323ddba4bb2d5c4df3cf5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 06:01:46 GMT
x-content-type-options
nosniff
age
19038
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51590
x-xss-protection
0
last-modified
Thu, 13 Apr 2023 11:49:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 22 Apr 2024 06:01:46 GMT
logo.png
tpc.googlesyndication.com/sadbundle/4233151602612256431/images/ Frame 2F71 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/4233151602612256431/images/logo.png
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5392d68d5af09f4d329c68a6726b584393747b01003ea7c79bc06d22286853b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 05:03:08 GMT
x-content-type-options
nosniff
age
195356
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1381
x-xss-protection
0
last-modified
Thu, 13 Apr 2023 11:49:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 20 Apr 2024 05:03:08 GMT
button.png
tpc.googlesyndication.com/sadbundle/4233151602612256431/images/ Frame 2F71 		706 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/4233151602612256431/images/button.png
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0de44804ca9fa2cb2ee9e4068b8cf9940da01fcd3d8a2f780c0c2ad8193a9753
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 06:01:46 GMT
x-content-type-options
nosniff
age
19038
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
706
x-xss-protection
0
last-modified
Thu, 13 Apr 2023 11:49:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 22 Apr 2024 06:01:46 GMT
blauw.png
tpc.googlesyndication.com/sadbundle/4233151602612256431/images/ Frame 2F71 		431 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/4233151602612256431/images/blauw.png
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f7f38f88200cd7d03cfee177d7115bd9c2362f3b5e6e555537d2a0fe4d2c8d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 06:01:46 GMT
x-content-type-options
nosniff
age
19038
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
431
x-xss-protection
0
last-modified
Thu, 13 Apr 2023 11:49:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 22 Apr 2024 06:01:46 GMT
tekst2.png
tpc.googlesyndication.com/sadbundle/4233151602612256431/images/ Frame 2F71 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/4233151602612256431/images/tekst2.png
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85e158b0f79a0475711959ff492b2ca896f518600eef53ed8bfae9e625871349
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 06:01:46 GMT
x-content-type-options
nosniff
age
19038
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1288
x-xss-protection
0
last-modified
Thu, 13 Apr 2023 11:49:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 22 Apr 2024 06:01:46 GMT
tekst1.png
tpc.googlesyndication.com/sadbundle/4233151602612256431/images/ Frame 2F71 		1004 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/4233151602612256431/images/tekst1.png
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ab1732c6b4cd13a734584e8e6b30076852bdf62474f1cb667bf9ee7278084eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 06:17:19 GMT
x-content-type-options
nosniff
age
104505
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1004
x-xss-protection
0
last-modified
Thu, 13 Apr 2023 11:49:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 21 Apr 2024 06:17:19 GMT
border.png
tpc.googlesyndication.com/sadbundle/4233151602612256431/images/ Frame 2F71 		154 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/4233151602612256431/images/border.png
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d24e5776a749da40d6683ed49a1b40dc44f6c5a2b1b5b74aed65a756ffc6c5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 05:03:08 GMT
x-content-type-options
nosniff
age
195356
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
154
x-xss-protection
0
last-modified
Thu, 13 Apr 2023 11:49:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 20 Apr 2024 05:03:08 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2F71 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 08:26:03 GMT
x-content-type-options
nosniff
server
cafe
age
10381
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Mon, 24 Apr 2023 08:26:03 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2F71 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:14:15 GMT
x-content-type-options
nosniff
server
cafe
age
289
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Mon, 24 Apr 2023 11:14:15 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2F71 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CrTa7KBRFZInaHtqVlgTBj5bwCOuZgo9wnpyi37kR2tkeEAEgudvzJmCRBKABp6j-ggPIAQmpAm9kdFcwbrI-4AIAqAMByAMIqgSAAk_Q0q1Q0jhUPOvS-KTRvGMuziZuvpdTNII0labbQEqQkjWQbNF-Qm_pFGxZIp3CDJyZi_oaycGXYFrMd5JINKHiEpRAuuV118tFPRFuvDFl3yW4HASdjXpXA4p1Fo_yqE152ZBa-qoiL5_dozo2Up04qTWWzysIF1lxjcsKEQSr9JgC_zSEQcHRfcnN7YHA1wInRJEAZYSJvgw5YL6TeWXqluvJXsQ7_n3xinfJbNSFpHc5Nw9PqpMA_j0MWkgSX4JBwQzPS8qlODcA3ddFQ4m7UB8i_T2a265VlujHb1xlxfYRcOyqZsuCGu-3xDm0_-XSIGMiEqSnWtxiJw_n1YDABNyuyJu6BOAEAaAGLoAHwdeBfagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPHkL9IIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMD0BUBgBcBshceChwIABIUcHViLTY3MzYyNTY0NzMyMDI3MzMY5MMO&sigh=sDZxBmbnvpw&uach_m=[UACH]&cid=CAQSSwBygQiDJ3dty0yPN6k74B6IGAeta03hS_ydtCU39juby3Ft2iUEVJWbEq9CbZ73fVQ-JMIN73mWdicrktbg0Lk7skHA8hPonr-hXBgB&template_id=419
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame CE33 		624 B
505 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIfHNhCD6DYYkNTV5gEwAQ&v=APEucNUhSK-kVvjYpMOudFxrN7a5c19iWfzEGD0sP5UQwDzg8T3IJ5vblrONSPrlGsr209Xh8mY7MgkpXSx1CAIBwCD2azJ6pp4N7EwMeMA3dSdLr25LlDyoFnq0dDfUj7Ikt34aEIBKEmBa55WPC7q6khxW_R-sUaFolJfM0LfYE1clFD_r9L0
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Apr 2023 11:19:04 GMT
expires
Sun, 23 Apr 2023 11:19:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4324 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 23 Apr 2023 11:19:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4324 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DQFlEqOCTrEqoCIHk6yFftTGDBTALblHJZsZ08lhyRmPm2CqNVVSdM_zAUZpXX_uG7BVuObCz1KhP__xKsG-uGrKrBCxn2fkWvJMhnaB0Yhb7rFLY
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4324 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3861195155816789366&x=1&ct=132
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 4324 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 May 2023 11:19:05 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 4324 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 16:45:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
66839
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8104
x-xss-protection
0
server
cafe
etag
11444945707709536616
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 May 2023 16:45:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4324 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 23 Apr 2023 11:19:04 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8530 		624 B
528 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxjn3sHIATAB&v=APEucNXMptkX6SxlY8FGUhpQ5hOa7BS-Hr6hNUfd5vfOcuLBgW2fVPUJS9q_BCNORMcSFxoi6q5RTZyqkF9tWc4OH1S6-dhC4NdRnvRTfSg0TVNyTkMBRQPSw3eUEnVMur4vjOaYKNZFQSGKEa97_nn8Ly-EsNtKYIuYN0-R57akLpDyUX-vjzI
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Apr 2023 11:19:05 GMT
expires
Sun, 23 Apr 2023 11:19:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4587 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 23 Apr 2023 11:19:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4587 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DRouor_xx6TpUS0JpccL7oIBgjjtvECa2Hz4OIpm6D-J0k12KewIGJ4EhCOIbqTGaiOoIIxeEj41roS8fXpuCyfiY6jThY68FjlNh06o3InKAcI70
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4587 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16437734455238386069&x=1&ct=76
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 4587 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 May 2023 11:19:05 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 4587 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 16:45:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
66839
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8104
x-xss-protection
0
server
cafe
etag
11444945707709536616
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 May 2023 16:45:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4587 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 23 Apr 2023 11:19:04 GMT
rum
dsum-sec.casalemedia.com/ Frame E4C9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7iygv8w-9MLig8XvFsCUM&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7iygv8w-9MLig8XvFsCUM&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7iygv8w-9MLig8XvFsCUM&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiR3sHIATAB&v=APEucNWFzPdvdpBuy0cE3JSg7WETTp4p402-4keh7ZHn-hJh78kixU3PLUAWv9LC5v3s3gO44IPewoD3i1byhnXZLb0_wJVUDqSeS05rNXKQWWJ-3Rib8Yv08q3vMxmugGCydqJQoSXF6HJXMq1cV4KdVhtWCY5dO-Tl9DA4UygrI4txzaDnOm4
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Apr 2023 11:19:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 23 Apr 2023 11:19:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEC7iygv8w-9MLig8XvFsCUM&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame E4C9
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEUUKWXHLtp6YRwKpkoKqAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMn3pbyseMxHtQxkG1vf-bk&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMn3pbyseMxHtQxkG1vf-bk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiR3sHIATAB&v=APEucNWFzPdvdpBuy0cE3JSg7WETTp4p402-4keh7ZHn-hJh78kixU3PLUAWv9LC5v3s3gO44IPewoD3i1byhnXZLb0_wJVUDqSeS05rNXKQWWJ-3Rib8Yv08q3vMxmugGCydqJQoSXF6HJXMq1cV4KdVhtWCY5dO-Tl9DA4UygrI4txzaDnOm4
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Apr 2023 11:19:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMn3pbyseMxHtQxkG1vf-bk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame E4C9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEI70YsUYi-lyWp6qKgLdTIA&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEI70YsUYi-lyWp6qKgLdTIA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiR3sHIATAB&v=APEucNWFzPdvdpBuy0cE3JSg7WETTp4p402-4keh7ZHn-hJh78kixU3PLUAWv9LC5v3s3gO44IPewoD3i1byhnXZLb0_wJVUDqSeS05rNXKQWWJ-3Rib8Yv08q3vMxmugGCydqJQoSXF6HJXMq1cV4KdVhtWCY5dO-Tl9DA4UygrI4txzaDnOm4
Protocol
HTTP/1.1
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Apr 2023 11:19:05 GMT
AN-X-Request-Uuid
80976c77-ba13-4ee2-a1b9-3431055e8120
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
37.48.94.48; 37.48.94.48; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEI70YsUYi-lyWp6qKgLdTIA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E4C9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE1MjYxMTkxNDI1NDI4NjYxNQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE1MjYxMTkxNDI1NDI4NjYxNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiR3sHIATAB&v=APEucNWFzPdvdpBuy0cE3JSg7WETTp4p402-4keh7ZHn-hJh78kixU3PLUAWv9LC5v3s3gO44IPewoD3i1byhnXZLb0_wJVUDqSeS05rNXKQWWJ-3Rib8Yv08q3vMxmugGCydqJQoSXF6HJXMq1cV4KdVhtWCY5dO-Tl9DA4UygrI4txzaDnOm4
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 23 Apr 2023 11:19:05 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.48.94.48; 37.48.94.48; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
807396e1-2620-4cc6-9d86-e2dcfb4c1c9f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE1MjYxMTkxNDI1NDI4NjYxNQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame CE33
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-mrFEOFKi6_syel9A9QmE&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-mrFEOFKi6_syel9A9QmE&google_cver=1&C=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ-mrFEOFKi6_syel9A9QmE&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIfHNhCD6DYYkNTV5gEwAQ&v=APEucNUhSK-kVvjYpMOudFxrN7a5c19iWfzEGD0sP5UQwDzg8T3IJ5vblrONSPrlGsr209Xh8mY7MgkpXSx1CAIBwCD2azJ6pp4N7EwMeMA3dSdLr25LlDyoFnq0dDfUj7Ikt34aEIBKEmBa55WPC7q6khxW_R-sUaFolJfM0LfYE1clFD_r9L0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Apr 2023 11:19:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 23 Apr 2023 11:19:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEJ-mrFEOFKi6_syel9A9QmE&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame CE33
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEUUKWXHLtp6YRwKpkoKqAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMn3pbyseMxHtQxkG1vf-bk&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMn3pbyseMxHtQxkG1vf-bk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIfHNhCD6DYYkNTV5gEwAQ&v=APEucNUhSK-kVvjYpMOudFxrN7a5c19iWfzEGD0sP5UQwDzg8T3IJ5vblrONSPrlGsr209Xh8mY7MgkpXSx1CAIBwCD2azJ6pp4N7EwMeMA3dSdLr25LlDyoFnq0dDfUj7Ikt34aEIBKEmBa55WPC7q6khxW_R-sUaFolJfM0LfYE1clFD_r9L0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Apr 2023 11:19:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMn3pbyseMxHtQxkG1vf-bk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame CE33
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFdi0fBJZGNGXWipaBygL78&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFdi0fBJZGNGXWipaBygL78&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIfHNhCD6DYYkNTV5gEwAQ&v=APEucNUhSK-kVvjYpMOudFxrN7a5c19iWfzEGD0sP5UQwDzg8T3IJ5vblrONSPrlGsr209Xh8mY7MgkpXSx1CAIBwCD2azJ6pp4N7EwMeMA3dSdLr25LlDyoFnq0dDfUj7Ikt34aEIBKEmBa55WPC7q6khxW_R-sUaFolJfM0LfYE1clFD_r9L0
Protocol
HTTP/1.1
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Apr 2023 11:19:05 GMT
AN-X-Request-Uuid
3d1423a5-6ca9-464f-b357-a3869dabd8f5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
37.48.94.48; 37.48.94.48; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFdi0fBJZGNGXWipaBygL78&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CE33
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE1MjYxMTkxNDI1NDI4NjYxNQ%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE1MjYxMTkxNDI1NDI4NjYxNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIfHNhCD6DYYkNTV5gEwAQ&v=APEucNUhSK-kVvjYpMOudFxrN7a5c19iWfzEGD0sP5UQwDzg8T3IJ5vblrONSPrlGsr209Xh8mY7MgkpXSx1CAIBwCD2azJ6pp4N7EwMeMA3dSdLr25LlDyoFnq0dDfUj7Ikt34aEIBKEmBa55WPC7q6khxW_R-sUaFolJfM0LfYE1clFD_r9L0
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 23 Apr 2023 11:19:05 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.48.94.48; 37.48.94.48; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b89bf691-2caf-46aa-9f39-08bb83069ada
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE1MjYxMTkxNDI1NDI4NjYxNQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8530
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMn3pbyseMxHtQxkG1vf-bk&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMn3pbyseMxHtQxkG1vf-bk&google_cver=1&C=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMn3pbyseMxHtQxkG1vf-bk&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxjn3sHIATAB&v=APEucNXMptkX6SxlY8FGUhpQ5hOa7BS-Hr6hNUfd5vfOcuLBgW2fVPUJS9q_BCNORMcSFxoi6q5RTZyqkF9tWc4OH1S6-dhC4NdRnvRTfSg0TVNyTkMBRQPSw3eUEnVMur4vjOaYKNZFQSGKEa97_nn8Ly-EsNtKYIuYN0-R57akLpDyUX-vjzI
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Apr 2023 11:19:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 23 Apr 2023 11:19:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEMn3pbyseMxHtQxkG1vf-bk&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 8530
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEUUKWXHLtp6YRwKpkoKqAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMn3pbyseMxHtQxkG1vf-bk&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMn3pbyseMxHtQxkG1vf-bk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxjn3sHIATAB&v=APEucNXMptkX6SxlY8FGUhpQ5hOa7BS-Hr6hNUfd5vfOcuLBgW2fVPUJS9q_BCNORMcSFxoi6q5RTZyqkF9tWc4OH1S6-dhC4NdRnvRTfSg0TVNyTkMBRQPSw3eUEnVMur4vjOaYKNZFQSGKEa97_nn8Ly-EsNtKYIuYN0-R57akLpDyUX-vjzI
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Apr 2023 11:19:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMn3pbyseMxHtQxkG1vf-bk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 8530
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFdi0fBJZGNGXWipaBygL78&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFdi0fBJZGNGXWipaBygL78&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxjn3sHIATAB&v=APEucNXMptkX6SxlY8FGUhpQ5hOa7BS-Hr6hNUfd5vfOcuLBgW2fVPUJS9q_BCNORMcSFxoi6q5RTZyqkF9tWc4OH1S6-dhC4NdRnvRTfSg0TVNyTkMBRQPSw3eUEnVMur4vjOaYKNZFQSGKEa97_nn8Ly-EsNtKYIuYN0-R57akLpDyUX-vjzI
Protocol
HTTP/1.1
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Apr 2023 11:19:05 GMT
AN-X-Request-Uuid
938f6c7b-52f1-44fb-95d4-0184966dd470
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
37.48.94.48; 37.48.94.48; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFdi0fBJZGNGXWipaBygL78&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8530
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE1MjYxMTkxNDI1NDI4NjYxNQ%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE1MjYxMTkxNDI1NDI4NjYxNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxjn3sHIATAB&v=APEucNXMptkX6SxlY8FGUhpQ5hOa7BS-Hr6hNUfd5vfOcuLBgW2fVPUJS9q_BCNORMcSFxoi6q5RTZyqkF9tWc4OH1S6-dhC4NdRnvRTfSg0TVNyTkMBRQPSw3eUEnVMur4vjOaYKNZFQSGKEa97_nn8Ly-EsNtKYIuYN0-R57akLpDyUX-vjzI
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 23 Apr 2023 11:19:05 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.48.94.48; 37.48.94.48; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3682c020-b6b1-431b-ac04-222589145219
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE1MjYxMTkxNDI1NDI4NjYxNQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304190101&jk=865653913763098&bg=!CwilCFzNAAYfNdXmPzU7ADkAdvg8Wt04o8MlYDTR4N7_ZnU61wJ4sXjPkJ-sav_lfM9lVvaHPvrODJ_zxTwA1gCPMmRZGQnV1SACAAAAeVIAAAACaAEHCgAQZNEePODYGd2q6yTSKyjTGJkC3x5SZimrRLbgNjotd3o-41PakTyQBde6kAxrn6m6swQHMWnd_kAoh0mufwm-2BJf1kcyvnOw1nADzF5IYcT8H4W3207rr0H8aIjtfTW2KeKrYGqbKj7XcXATAP7KDj043y6cdBhEsk-30eKeG3o9JvNKPEDGUpeRxBnznPWfDD7YCW_uEZuYOap59MTs234pkNURyhISKx4sORZbuLx6bu7gVTt60kKkn5OD7WFKYEzaK2Vg2_w3KM61MN1CJl1ZPnSTsU8qic5zQu-_pTpH86KXr8NbSUrXI6TbhxSJNqUFtnOZKxDkqQQ5xP6TRirGs2wCGzyJuwkUF_uuWOS0kaBfST3Ae_pEKS2SkdPq2JyS8FFPzWBNcO09hWqrDsOrkGpejSn-7abJ1XHc9fEIk9R_H9eqtYnBGkPK7YaDzaTUXbZR85o93qld4ngAnnK-Hhog_uxzFjQC4XYK9O9IfyGZVLYDo-1zqFRjm2csim2GCVDTjLqBCblBQiImanTcvyvX_JhCRNddbXL5rCykSVPAtwEyve--xk5mSptsmwqy5MW6a74gjQh3q_RyeRHXR0hNy-x3U9X9VqZ0cnQHlbP7YhF-jMm3ojnv79Wi61yC6y_EW0YYDgiNIR-VMMocujUhup9Gj-Wu1jZB9-dm6_JheXXdNKkyKKwU_8cdEETSIEEYwa0WyC8IJWQSEMPueHeikytV7cL2qwhy9p75gbD4spbS_jtuwCijj4tPsh1d7gbuLdlHPIcx3REnRVkviMU8qR6EjR07fHCHtYxKCOUiuWKm0M531GoI8a_MwzD4KyRYtKmDcHElYNjoRjgMG7IRnKmRET48Eb_Y0SQbnF4HvhTm2eTjUFiK_sN7rhXOIkWruSuaGB2u70VxAoiNBdjFLZjhPQxnV0OPEOYepNuuL45J__hBdL_Kqkpjtda-WGKgeiWAiaVn5InKh_jXQ3_N9IQ72HPJfiTPbpt9Bw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 10B2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5213217910053&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 10B2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5213217910053&version=m202301230201&ct=76&x=1&cor=2628428239467123000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 10B2 		83 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAaCLtJSBLrPx5b3JIr-5qmOvYdSqU0pC0daWC10bOgfNtLHoiDC4ZRO5NVHrN4F56muJXsyVADw0cxvsGxGDqu2SGwA&cry=1&dbm_d=AKAmf-A9-gcJLsviGeEFhZDMQwCaNJTd6MyxPm3oUsw0X5rDfVbzwtVUUYsHGSsoCpqDqd-e-1cukuPnk00-hQnbTZkm69Wmd5qN-nXRNckirwfEIDNW9GEsuA5KKC9Al9ecUEkTibcFoA5tuPeGTpXfy4WqiLyC5P5RLzicIIWzq0aYhC5m_4mZJvSBCy_9ZADOSTKhTP96XMr2jODlVwV8M-soZ8Nnkbo34Dxn2AIQlFD9v8Sqo9LYYGHNAph9GWr0hl8GBq3eCy492UeC6iPiIS1zbn2GLMmTJCEa-0ECOomxP_0GWHLqM8gdsZ8pL1KN_BNpMoHlxRtrjNavdVGwFPVS2Ace3mWUia-Fr8QpRGrb-SBElcK8enAAPDkrrL-7r3oAd8-AiId0dhjNBzCKFcdWn0DOF2J2oTuPDTodOQquFXn6A6SoamYHUVyKl7iETUoF0dgg3jYYI36rLCRTh8KCd7n6Z13EWIqaXhT9C1E3f2l3COliH6QkzrpKyuqXY0UsXZA3Nvyprmbwl17a2v47CKPbR6U5Fof3Hmveer4UhDVzVR_4A02dtzRD8cRkA9x6pSgXKd0GqG3Lrqe-wQuUDVKBVaRzq7TD8TaaDDoVaTpqCEQt-8fYARm1xd624ge88_K8pVZbN6i71XPSh22MMyWCh_9c9bEQxJ4wN_OqTJOq0WJgae9iVP77-kECofHQm-8d0SaGcaS36a4eRMBYayIjHB8dSXs1puXM-fPiauMKF0tYVzjIKb5g2CqZd0AsCUXTcr6bhrL20jwfDsI97EFzXAN3n8Htm1LqGa94chpQHpDekJih9Jd20KIQtro6vRv0p_ghQBjXMclyb7lKptswGxMtSywZxTq-PQNto03OHTcrhtOL7D039ZLJusz_5i8rgeh66oiqxeJVkf4-4zU1iDQwbpbqVPCr6suTf-LNxGj4J8NwV5vyC-MurjAiPx1p7i6GPS4cKtS4Q0JUQNVlea5-W_9Lkbq05wuK9dGAsaSm5hxW9177F1ury3Kaqugd6KW7G0v5i2jL2rtKqpiV62YpMQrHaOA4A4ALAvjB5fKHC_6dd9TJDCQEzAzLSTO9p5cW3H31nuSh0i7ijd1cn4oJyqaeTurKmPvamJkM-731jgYMSKtKwoBBzC7BN_j72QgIbKFg6_2_rMLA5JwAzC85TtXFAu0lm7CNm0Bff4kGr555u9x2xyoxxkqxtYQSnRk_IJTIUvTdinYRLNdi0l6oXMlip9zNUX3IGDOZnSjFUmuNoC9es1jWHRH3UXSH8Cgcx6fRUp43JpWzJivd9-6DozSx36gw33rK3SzxrGIliafMzcvap8kaJ5hxLOULGQB8LoF3CiIeNgLcWztymgWr7-S7m1zNzCJ2rGKqWhoqTl0JnXysd46ko1ZKQhRFwIuvUgCw0LUbdJKccvngShT-hSovFKpeMIPR_p869yWRGERtWCL-xQ6ysmX43oIUfgTsKwiyaAyuPb7HDjZCUPcDmyk_-MdK5-ni4iUZ6nhpgSGrC_hhXA-UPpiwMKgc5BZweHOudgqXnPrJGtrURdMFj74UnJqJ1RKYYXEBKjnXoiA5oia8QGoWYphrJ8pAtc03Zrf452UczbNE3yAVSFPUQFehU3b7ifMwPa69i8ImfWXvD_q8u3_diIrEOsmTC41KsjNYHUNpR6G0f5t1loKWJLnro7xgPgkec57mwb-KPAvNXdrXiqEHgDznpFurIKaOVZVXx6_LIktG6c-NIPOTTPBMGVcIuNgECjWFT7pyD0MBQNgb02kjWonQTT2MR7uhwlgaRfybSXHvmrvZLslACf69cHl6eRVtZ2rafNx5PMk_yuFIZqpFD0rPvLIf8NIcM4ujeOsq6f0GJUN_wh9Jg-QQSbS3y8OZf-3-WVOLhRQXO9bTYJ29Fal6DF_VaCKKnVytMpRFpzjDd8SGdmwlLogxQ9rPFssLZxZg17pwt4LZ8yvbwNeyfXn4FFCSA8aCLCTZF5kvWYab3EsC9aUIXPwdbWY2TPlb5ffrY1NagtI2aE15Drtd8V8D0yetsK0ipPgu_awrX52F6GqXD-t61FOGBxIPp1eb6rF8ecHzPys4pfiz9tDS7qkq__Z6DO4vHcoMz6nOMwlERamkitGeSMh_3ocnPIwDH3V-MqLJxXz7eBA_HfNZX0lRoNTjSm2j_QQAsOmXSPeO9MbgQ8xLrpaftR-BdzteSXbeDJSZOUd4Zr1yUA4EPmvDFNsPWySygBqpvCSIypm4bMSxy1O-kv9Eslgkku3gOvoWRRHZM5JF39eI1yQGa8Pe_VX7vHFVNq9NaVIfAy3APwb8DjL_S9cDqvV2hfBJqkSbs5fJNF3caSmm-Xt5dFgEuBHVLfia3AyyItBlkWAi2-nyjFWTMoW-8Jo7COKX-6xhXbbTQ5I4OLWMavZDKxXWKHp0IItEG8FSX0mv-hTLYnrwbxAybS9r2egEDk_au5TeVernZ1aNPVWRYL3T4-A7EjQRrgGhbU7A44P4D3OFMrCrjFo7TG1TIjwqXgoGw1UhCg_jIPbsbqzVPkKLzrWSATPIVqUCyRdhpd6qBA0Ae1KJ1GiM6LwSwvYf3pmwNPy31bgdWbw04VOEzMNXe5DQCom4ePw25sfz9od2BGKmtJ2hTrRxEziVcNemx-BJYsbXtuWCn86e-eXHlXhLzG67X8gr4hXyxeJFecnhXXkMSYE3lSWVFHLjc6kG3-NeBeumySy5Mv00x3TGndvK_4HADMFf6rZtzPfiMWYZkZevjRq1u2P1AWH2OpBFP0wqoGCjyOZuL0j-EynI7Aq4_gpqIt_W9W8nV433Ssivss0bzLXR6eZFXz5S4LY8CbwOTq2QcQdWOcMJw2j7z8ZhwGTfGglQrnHHdAPU1QHnl15-ABXYuFOSbmgkPCWf6IzlKT0EF9XX2kamT3uz561-0BMk_qn_w4lrIjuLr1vko6c56vw4HWvwX60G2mFNgo8aI3KlPhgOh2mf_C_hcTicfVtK57vAQcWdvq1i39fs8e1PLM0hPlcDFKHkQvAos8Ptqe_mU2gZ-SOkCYAjXG8h3icXLg0nFRS90PbOJChSY7soqTBzksORZIDsy8F3kOblzcJDHvLLRkE0tZZU20C0R4EHjeE8Gb_K0pI4-TU2L7IrjeiKCLHMJ72WgYQBzJkzQEHuonIhNhmUhFgpV-ZwoZh8ZNPwLDROn88ru9HuyHi95T1kS3WkbKHivwjaSun7gdSlhHWItV8xsUqQGI59ltY9Sy76OsaHz9p8otU24SjN1v7gfhMO2oASNVIb7Y8thUbtlTVGXa5xVW2xKHSSwpat0TfHUPkF1-hBcKweUqOQp5IS2uPYsKTn-PYAegT4gYn23MxuxJZi1t-UkYt9uSERgoJw52epFd1q4Us3HTjXuDAFYY9ftBArKs8Yy9dr7dImk1p6-fNl3EmlVcJ2O111TmQFWFsn3-aWAPGS53KoM9UoWw&cid=CAQSSwBygQiDHFBpb_EYhqfpmCVW0sgTys8cS_btL3ut_CuiWNO3fev9Vlmz5fzROjCo6KSFyBApLSWxCXU9Zu1BkKuS7qFyX5POjCJlExgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ds=l&xdt=1&iif=1&cor=2628428239467123000&adk=2086295851&idt=168&cac=0&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d856a9d8cb4553f58312d142670209fa537463a4530ca563a1625e24cbd7cc8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35713
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 10B2 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
Origin
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 09:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 24 Apr 2023 09:27:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/ Frame 10B2 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAaCLtJSBLrPx5b3JIr-5qmOvYdSqU0pC0daWC10bOgfNtLHoiDC4ZRO5NVHrN4F56muJXsyVADw0cxvsGxGDqu2SGwA&cry=1&dbm_d=AKAmf-A9-gcJLsviGeEFhZDMQwCaNJTd6MyxPm3oUsw0X5rDfVbzwtVUUYsHGSsoCpqDqd-e-1cukuPnk00-hQnbTZkm69Wmd5qN-nXRNckirwfEIDNW9GEsuA5KKC9Al9ecUEkTibcFoA5tuPeGTpXfy4WqiLyC5P5RLzicIIWzq0aYhC5m_4mZJvSBCy_9ZADOSTKhTP96XMr2jODlVwV8M-soZ8Nnkbo34Dxn2AIQlFD9v8Sqo9LYYGHNAph9GWr0hl8GBq3eCy492UeC6iPiIS1zbn2GLMmTJCEa-0ECOomxP_0GWHLqM8gdsZ8pL1KN_BNpMoHlxRtrjNavdVGwFPVS2Ace3mWUia-Fr8QpRGrb-SBElcK8enAAPDkrrL-7r3oAd8-AiId0dhjNBzCKFcdWn0DOF2J2oTuPDTodOQquFXn6A6SoamYHUVyKl7iETUoF0dgg3jYYI36rLCRTh8KCd7n6Z13EWIqaXhT9C1E3f2l3COliH6QkzrpKyuqXY0UsXZA3Nvyprmbwl17a2v47CKPbR6U5Fof3Hmveer4UhDVzVR_4A02dtzRD8cRkA9x6pSgXKd0GqG3Lrqe-wQuUDVKBVaRzq7TD8TaaDDoVaTpqCEQt-8fYARm1xd624ge88_K8pVZbN6i71XPSh22MMyWCh_9c9bEQxJ4wN_OqTJOq0WJgae9iVP77-kECofHQm-8d0SaGcaS36a4eRMBYayIjHB8dSXs1puXM-fPiauMKF0tYVzjIKb5g2CqZd0AsCUXTcr6bhrL20jwfDsI97EFzXAN3n8Htm1LqGa94chpQHpDekJih9Jd20KIQtro6vRv0p_ghQBjXMclyb7lKptswGxMtSywZxTq-PQNto03OHTcrhtOL7D039ZLJusz_5i8rgeh66oiqxeJVkf4-4zU1iDQwbpbqVPCr6suTf-LNxGj4J8NwV5vyC-MurjAiPx1p7i6GPS4cKtS4Q0JUQNVlea5-W_9Lkbq05wuK9dGAsaSm5hxW9177F1ury3Kaqugd6KW7G0v5i2jL2rtKqpiV62YpMQrHaOA4A4ALAvjB5fKHC_6dd9TJDCQEzAzLSTO9p5cW3H31nuSh0i7ijd1cn4oJyqaeTurKmPvamJkM-731jgYMSKtKwoBBzC7BN_j72QgIbKFg6_2_rMLA5JwAzC85TtXFAu0lm7CNm0Bff4kGr555u9x2xyoxxkqxtYQSnRk_IJTIUvTdinYRLNdi0l6oXMlip9zNUX3IGDOZnSjFUmuNoC9es1jWHRH3UXSH8Cgcx6fRUp43JpWzJivd9-6DozSx36gw33rK3SzxrGIliafMzcvap8kaJ5hxLOULGQB8LoF3CiIeNgLcWztymgWr7-S7m1zNzCJ2rGKqWhoqTl0JnXysd46ko1ZKQhRFwIuvUgCw0LUbdJKccvngShT-hSovFKpeMIPR_p869yWRGERtWCL-xQ6ysmX43oIUfgTsKwiyaAyuPb7HDjZCUPcDmyk_-MdK5-ni4iUZ6nhpgSGrC_hhXA-UPpiwMKgc5BZweHOudgqXnPrJGtrURdMFj74UnJqJ1RKYYXEBKjnXoiA5oia8QGoWYphrJ8pAtc03Zrf452UczbNE3yAVSFPUQFehU3b7ifMwPa69i8ImfWXvD_q8u3_diIrEOsmTC41KsjNYHUNpR6G0f5t1loKWJLnro7xgPgkec57mwb-KPAvNXdrXiqEHgDznpFurIKaOVZVXx6_LIktG6c-NIPOTTPBMGVcIuNgECjWFT7pyD0MBQNgb02kjWonQTT2MR7uhwlgaRfybSXHvmrvZLslACf69cHl6eRVtZ2rafNx5PMk_yuFIZqpFD0rPvLIf8NIcM4ujeOsq6f0GJUN_wh9Jg-QQSbS3y8OZf-3-WVOLhRQXO9bTYJ29Fal6DF_VaCKKnVytMpRFpzjDd8SGdmwlLogxQ9rPFssLZxZg17pwt4LZ8yvbwNeyfXn4FFCSA8aCLCTZF5kvWYab3EsC9aUIXPwdbWY2TPlb5ffrY1NagtI2aE15Drtd8V8D0yetsK0ipPgu_awrX52F6GqXD-t61FOGBxIPp1eb6rF8ecHzPys4pfiz9tDS7qkq__Z6DO4vHcoMz6nOMwlERamkitGeSMh_3ocnPIwDH3V-MqLJxXz7eBA_HfNZX0lRoNTjSm2j_QQAsOmXSPeO9MbgQ8xLrpaftR-BdzteSXbeDJSZOUd4Zr1yUA4EPmvDFNsPWySygBqpvCSIypm4bMSxy1O-kv9Eslgkku3gOvoWRRHZM5JF39eI1yQGa8Pe_VX7vHFVNq9NaVIfAy3APwb8DjL_S9cDqvV2hfBJqkSbs5fJNF3caSmm-Xt5dFgEuBHVLfia3AyyItBlkWAi2-nyjFWTMoW-8Jo7COKX-6xhXbbTQ5I4OLWMavZDKxXWKHp0IItEG8FSX0mv-hTLYnrwbxAybS9r2egEDk_au5TeVernZ1aNPVWRYL3T4-A7EjQRrgGhbU7A44P4D3OFMrCrjFo7TG1TIjwqXgoGw1UhCg_jIPbsbqzVPkKLzrWSATPIVqUCyRdhpd6qBA0Ae1KJ1GiM6LwSwvYf3pmwNPy31bgdWbw04VOEzMNXe5DQCom4ePw25sfz9od2BGKmtJ2hTrRxEziVcNemx-BJYsbXtuWCn86e-eXHlXhLzG67X8gr4hXyxeJFecnhXXkMSYE3lSWVFHLjc6kG3-NeBeumySy5Mv00x3TGndvK_4HADMFf6rZtzPfiMWYZkZevjRq1u2P1AWH2OpBFP0wqoGCjyOZuL0j-EynI7Aq4_gpqIt_W9W8nV433Ssivss0bzLXR6eZFXz5S4LY8CbwOTq2QcQdWOcMJw2j7z8ZhwGTfGglQrnHHdAPU1QHnl15-ABXYuFOSbmgkPCWf6IzlKT0EF9XX2kamT3uz561-0BMk_qn_w4lrIjuLr1vko6c56vw4HWvwX60G2mFNgo8aI3KlPhgOh2mf_C_hcTicfVtK57vAQcWdvq1i39fs8e1PLM0hPlcDFKHkQvAos8Ptqe_mU2gZ-SOkCYAjXG8h3icXLg0nFRS90PbOJChSY7soqTBzksORZIDsy8F3kOblzcJDHvLLRkE0tZZU20C0R4EHjeE8Gb_K0pI4-TU2L7IrjeiKCLHMJ72WgYQBzJkzQEHuonIhNhmUhFgpV-ZwoZh8ZNPwLDROn88ru9HuyHi95T1kS3WkbKHivwjaSun7gdSlhHWItV8xsUqQGI59ltY9Sy76OsaHz9p8otU24SjN1v7gfhMO2oASNVIb7Y8thUbtlTVGXa5xVW2xKHSSwpat0TfHUPkF1-hBcKweUqOQp5IS2uPYsKTn-PYAegT4gYn23MxuxJZi1t-UkYt9uSERgoJw52epFd1q4Us3HTjXuDAFYY9ftBArKs8Yy9dr7dImk1p6-fNl3EmlVcJ2O111TmQFWFsn3-aWAPGS53KoM9UoWw&cid=CAQSSwBygQiDHFBpb_EYhqfpmCVW0sgTys8cS_btL3ut_CuiWNO3fev9Vlmz5fzROjCo6KSFyBApLSWxCXU9Zu1BkKuS7qFyX5POjCJlExgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ds=l&xdt=1&iif=1&cor=2628428239467123000&adk=2086295851&idt=168&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 17:02:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
65770
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4123
x-xss-protection
0
server
cafe
etag
4541610132340792384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 May 2023 17:02:55 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 10B2 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAaCLtJSBLrPx5b3JIr-5qmOvYdSqU0pC0daWC10bOgfNtLHoiDC4ZRO5NVHrN4F56muJXsyVADw0cxvsGxGDqu2SGwA&cry=1&dbm_d=AKAmf-A9-gcJLsviGeEFhZDMQwCaNJTd6MyxPm3oUsw0X5rDfVbzwtVUUYsHGSsoCpqDqd-e-1cukuPnk00-hQnbTZkm69Wmd5qN-nXRNckirwfEIDNW9GEsuA5KKC9Al9ecUEkTibcFoA5tuPeGTpXfy4WqiLyC5P5RLzicIIWzq0aYhC5m_4mZJvSBCy_9ZADOSTKhTP96XMr2jODlVwV8M-soZ8Nnkbo34Dxn2AIQlFD9v8Sqo9LYYGHNAph9GWr0hl8GBq3eCy492UeC6iPiIS1zbn2GLMmTJCEa-0ECOomxP_0GWHLqM8gdsZ8pL1KN_BNpMoHlxRtrjNavdVGwFPVS2Ace3mWUia-Fr8QpRGrb-SBElcK8enAAPDkrrL-7r3oAd8-AiId0dhjNBzCKFcdWn0DOF2J2oTuPDTodOQquFXn6A6SoamYHUVyKl7iETUoF0dgg3jYYI36rLCRTh8KCd7n6Z13EWIqaXhT9C1E3f2l3COliH6QkzrpKyuqXY0UsXZA3Nvyprmbwl17a2v47CKPbR6U5Fof3Hmveer4UhDVzVR_4A02dtzRD8cRkA9x6pSgXKd0GqG3Lrqe-wQuUDVKBVaRzq7TD8TaaDDoVaTpqCEQt-8fYARm1xd624ge88_K8pVZbN6i71XPSh22MMyWCh_9c9bEQxJ4wN_OqTJOq0WJgae9iVP77-kECofHQm-8d0SaGcaS36a4eRMBYayIjHB8dSXs1puXM-fPiauMKF0tYVzjIKb5g2CqZd0AsCUXTcr6bhrL20jwfDsI97EFzXAN3n8Htm1LqGa94chpQHpDekJih9Jd20KIQtro6vRv0p_ghQBjXMclyb7lKptswGxMtSywZxTq-PQNto03OHTcrhtOL7D039ZLJusz_5i8rgeh66oiqxeJVkf4-4zU1iDQwbpbqVPCr6suTf-LNxGj4J8NwV5vyC-MurjAiPx1p7i6GPS4cKtS4Q0JUQNVlea5-W_9Lkbq05wuK9dGAsaSm5hxW9177F1ury3Kaqugd6KW7G0v5i2jL2rtKqpiV62YpMQrHaOA4A4ALAvjB5fKHC_6dd9TJDCQEzAzLSTO9p5cW3H31nuSh0i7ijd1cn4oJyqaeTurKmPvamJkM-731jgYMSKtKwoBBzC7BN_j72QgIbKFg6_2_rMLA5JwAzC85TtXFAu0lm7CNm0Bff4kGr555u9x2xyoxxkqxtYQSnRk_IJTIUvTdinYRLNdi0l6oXMlip9zNUX3IGDOZnSjFUmuNoC9es1jWHRH3UXSH8Cgcx6fRUp43JpWzJivd9-6DozSx36gw33rK3SzxrGIliafMzcvap8kaJ5hxLOULGQB8LoF3CiIeNgLcWztymgWr7-S7m1zNzCJ2rGKqWhoqTl0JnXysd46ko1ZKQhRFwIuvUgCw0LUbdJKccvngShT-hSovFKpeMIPR_p869yWRGERtWCL-xQ6ysmX43oIUfgTsKwiyaAyuPb7HDjZCUPcDmyk_-MdK5-ni4iUZ6nhpgSGrC_hhXA-UPpiwMKgc5BZweHOudgqXnPrJGtrURdMFj74UnJqJ1RKYYXEBKjnXoiA5oia8QGoWYphrJ8pAtc03Zrf452UczbNE3yAVSFPUQFehU3b7ifMwPa69i8ImfWXvD_q8u3_diIrEOsmTC41KsjNYHUNpR6G0f5t1loKWJLnro7xgPgkec57mwb-KPAvNXdrXiqEHgDznpFurIKaOVZVXx6_LIktG6c-NIPOTTPBMGVcIuNgECjWFT7pyD0MBQNgb02kjWonQTT2MR7uhwlgaRfybSXHvmrvZLslACf69cHl6eRVtZ2rafNx5PMk_yuFIZqpFD0rPvLIf8NIcM4ujeOsq6f0GJUN_wh9Jg-QQSbS3y8OZf-3-WVOLhRQXO9bTYJ29Fal6DF_VaCKKnVytMpRFpzjDd8SGdmwlLogxQ9rPFssLZxZg17pwt4LZ8yvbwNeyfXn4FFCSA8aCLCTZF5kvWYab3EsC9aUIXPwdbWY2TPlb5ffrY1NagtI2aE15Drtd8V8D0yetsK0ipPgu_awrX52F6GqXD-t61FOGBxIPp1eb6rF8ecHzPys4pfiz9tDS7qkq__Z6DO4vHcoMz6nOMwlERamkitGeSMh_3ocnPIwDH3V-MqLJxXz7eBA_HfNZX0lRoNTjSm2j_QQAsOmXSPeO9MbgQ8xLrpaftR-BdzteSXbeDJSZOUd4Zr1yUA4EPmvDFNsPWySygBqpvCSIypm4bMSxy1O-kv9Eslgkku3gOvoWRRHZM5JF39eI1yQGa8Pe_VX7vHFVNq9NaVIfAy3APwb8DjL_S9cDqvV2hfBJqkSbs5fJNF3caSmm-Xt5dFgEuBHVLfia3AyyItBlkWAi2-nyjFWTMoW-8Jo7COKX-6xhXbbTQ5I4OLWMavZDKxXWKHp0IItEG8FSX0mv-hTLYnrwbxAybS9r2egEDk_au5TeVernZ1aNPVWRYL3T4-A7EjQRrgGhbU7A44P4D3OFMrCrjFo7TG1TIjwqXgoGw1UhCg_jIPbsbqzVPkKLzrWSATPIVqUCyRdhpd6qBA0Ae1KJ1GiM6LwSwvYf3pmwNPy31bgdWbw04VOEzMNXe5DQCom4ePw25sfz9od2BGKmtJ2hTrRxEziVcNemx-BJYsbXtuWCn86e-eXHlXhLzG67X8gr4hXyxeJFecnhXXkMSYE3lSWVFHLjc6kG3-NeBeumySy5Mv00x3TGndvK_4HADMFf6rZtzPfiMWYZkZevjRq1u2P1AWH2OpBFP0wqoGCjyOZuL0j-EynI7Aq4_gpqIt_W9W8nV433Ssivss0bzLXR6eZFXz5S4LY8CbwOTq2QcQdWOcMJw2j7z8ZhwGTfGglQrnHHdAPU1QHnl15-ABXYuFOSbmgkPCWf6IzlKT0EF9XX2kamT3uz561-0BMk_qn_w4lrIjuLr1vko6c56vw4HWvwX60G2mFNgo8aI3KlPhgOh2mf_C_hcTicfVtK57vAQcWdvq1i39fs8e1PLM0hPlcDFKHkQvAos8Ptqe_mU2gZ-SOkCYAjXG8h3icXLg0nFRS90PbOJChSY7soqTBzksORZIDsy8F3kOblzcJDHvLLRkE0tZZU20C0R4EHjeE8Gb_K0pI4-TU2L7IrjeiKCLHMJ72WgYQBzJkzQEHuonIhNhmUhFgpV-ZwoZh8ZNPwLDROn88ru9HuyHi95T1kS3WkbKHivwjaSun7gdSlhHWItV8xsUqQGI59ltY9Sy76OsaHz9p8otU24SjN1v7gfhMO2oASNVIb7Y8thUbtlTVGXa5xVW2xKHSSwpat0TfHUPkF1-hBcKweUqOQp5IS2uPYsKTn-PYAegT4gYn23MxuxJZi1t-UkYt9uSERgoJw52epFd1q4Us3HTjXuDAFYY9ftBArKs8Yy9dr7dImk1p6-fNl3EmlVcJ2O111TmQFWFsn3-aWAPGS53KoM9UoWw&cid=CAQSSwBygQiDHFBpb_EYhqfpmCVW0sgTys8cS_btL3ut_CuiWNO3fev9Vlmz5fzROjCo6KSFyBApLSWxCXU9Zu1BkKuS7qFyX5POjCJlExgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ds=l&xdt=1&iif=1&cor=2628428239467123000&adk=2086295851&idt=168&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 17:53:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
62758
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10768
x-xss-protection
0
server
cafe
etag
11141491900784070631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 May 2023 17:53:07 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4587 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7422846029450&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4587 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7422846029450&version=m202301230201&ct=76&x=1&cor=16437734455238386000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4587 		83 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTUZkrbXosXqnugGCZDQ2-F3hqgufDjmHzx7d4-TdrdnIPy8FNOncre2zlU9kpb5WwVyWMotTl9I7gQhzd4cDRMb3IRw&cry=1&dbm_d=AKAmf-BVw2KmuDm5WJY6OBaoZYi0tnB7UgxTUChFaDripb2T3alHnPiBeD7ZOism0Yy7iXtMg6ZRq4a30ZH14SNRgXsEY_q5bXyuIyWyJj9gCrfPtL55F9J4ehkuLFlMJGAnuATB0xo5ejtAOJKgHjC38MUFu3-ThGOK8wxq1lFh_oDVQ_A8XK1SzKJoOVvnpN7BT5XaUBAHIbeON9bxJ7Jt864x_SlXb4JerABKPEM6Ra_AviTXFDrtAsYmIdYHsXQyZFU2zPwBs9Sfnr54I637rxfmvTSHeDPtDVvUplPFEKNofxRWfCivSIbr37yAGdSXWbAK7QZt2aUeSKM2gRRKWLhXn15KnMPftdzc-ZkcuTYyeZ0ZNBKaA6hqA7k7czVWoZ4l6ye4Fsj0cklsD5lq5QpBfH3eaaSWZwVdO2JXIQgRJsadRGCtStMaH4oIPXeIqJyCkwsX0COFU0l472MYCtDA6c8JTTyaDL9NDvvAn4ccGb4fFf_YDP6W5RqwYMZ-Deq6HevM8LiINvXX6dMimk5ninbIb8AyKL1HTIIdSVY06rWUQWSZe_4snqQ8wgRI-q-tw7PY9Gd9UZGB5CWDzHW0zMVrtToCAokyOTouzP4KOT5GoIXIKvkGPq0mZqMkn64CmNnqrV_41JAaHPKAofchL1ScCiDCxbzlI7zBbsNI97zCXq5C1E0-mJ-dinCC0oEqCXOkpigf_hAZuYoGnmlxcQKQM_FVPQrRgV6ZVLY79l0pjE68G1k9IyRlUZuC1rSvQrpEEZwbscQEEDxy8ierS81bZE6BXOB-aPUfptaDllO4wAYY9JJUAhkJZy8E94I9ixACUNLgR1UkCa4UuxNZ6h0bQ4PUIO65_faneTB0tLHXS14TrmE00Cx6TJjndVDevr8-AmPIekUN5RtyoXY6B2LRqpREJ15iq4J8Ya7wwuAlt3vFK_qvg_don2S1zjvjiQa5fBFcFEH5alMqLj2gXubutZDsLFr8tOezPYEmsWB1s64-0C5u_7ThNg8PCYuAyyMbSHtHhS1xlgtgc4FGz9kb-dOQ_W1th-nRkwC0-aR5tUqMmZr0SkkBNFTATZpWbCBs5UQOtYdROLQSWkxgPT90jFNOiF_LtaM5TeXlu95c7QWtkl0tdSd6J5uY1SXNzqsoFtCXV9P1Svkzs4_q6hW1ABS8FtFqzDZavO8aEr8geEsAei2q8arLLrUB86tHfCKhBOY98hanBwlzLLDG5up6Hbf05Vn1RAa_JFlqNxbN3TUNsJXqf8O39E1OMOSrHeETscbhXlSy5wMR88rGaoFJnwpNWbd91LgDFeHNFScLSXqtYXegTzrObz07iMncnuU6mehmYZwuNn_preTU6v0tiHokrc1tW_2Z70L-wnc4rbhjihSi9k6uywLp70y83SHQ4Hf0b6ccU78B0p8YFnu0OzGzfzvyXr_LAcBPlOJRNhi3I97emOlkvXIfPb9QKnkqhocpvuHqgY4mh8rgkA-oAuVdi02d8vyh0rYQZuN9g-x1tDY1FKXOW69vJl0Ym_RNkvcZ_8T7hAYR5eFl3_VOO6FBXbGhx8b8aF29n0BLoePag8tdufC7cDBmxOziOEcgSaoXqNU7Z_TGmPcHVbTGZaurpxV8uQjJILPs5rjqDQ7fizP-oesbL_w4HSwvio38zZE17gTLOCkqRqmi7vD09J6KTN59dKNiITWUb3og27SRZ3ps53sqFkA4s5d4RJusM9Ru_7SmzpKQrvYYa8z98qlgLtfHetJdoAeR_zhUEX8fMVP-PhgXWKq5Dzh4u8Tazq4TEeM3mkad8IRYHM92wlY4AFhO9IllgevILnbznMsVRnzXBf2_oYVr53kFTfgYN_gaHVLLePxzW0xBx6_ZkE5wiIfBtxAXQXHkDhZ6NC4K1STMdr_F7TI49YiBoT2T2pgXY6mR2vZL_zSPucylIoMn-dFz7hxnGfXA7XsjlxX_955bI4B7cShRLX5DDHGw-6Lrv0vwdNEi2jCowikPc4YWvuIBj0guhX0MP3DLC7OmxeE5gGsMoPqUOqa6rYJg1BU6PnDu55v_ORcvmTbjH4frDMbQtWpPgMKvmBctjKXkdkaeIYbxU54sgNfeX_rWLw8VyWr21dDo47RXsbs4UAYqPC3BL-dw9mB0tmwXA1o61gN_cVct-dLtzfQRMp9F_8CEWuuuItj1gf5Lw9ThXlPjIaJZ2gz1UFmxlWmNWcexc0-ljoJqHIahEB5OinHy1gZm5eo-uhygCHMik7JbwKYhU1bEGkEHcXUrOkI8WbjQiodqzgnANjSEICpSc95LiXQc8YGN62hXIM6y6D071ghCz6V2dg4ZmwDQrE4pAzpYIJQfcu2Ai-H1La3kdO5_kHY2KKkkUzOqCxkkibp7ivOi09_wVOH88tnidhGkIBbAf7hTKesSXbaw1CBRuVIKfqta1C0yLWDu9PdE3AU8Z9jbBWQ08D3h-E1w0XqKIwu1vH3fYSHFDA5voA7-IfUoEHKOCmiuGwT4SOneHfvcAWEfmtfUdph0f3WVCmkBtC8OcI1A60XykYUiRSLR6xh_2-eNZxDGnCgYw-_IBlcle2P5EQ_VMYQxgaaVRlN_jpixctfJmVQJwESpa5O-k8fGJ8N9-Z-1huZR3IJN7dHupMB24at0tgSmVvnO4lEMJmbQc7qx4PCwlN2uAHDDHo7PFaiEHQzoyf4dxNNikLjoJ0n_Zce3CZeM-hKKNy9VQj5KZH0BtkOtTpeGtLaLNcznQCpkcDa_ukXBqR5FOXWhponDw-xiY-MNFodWkZJKxT0ZA2YeQjl_XCN7K4XeXlXhqW5f3hIhs2ECHzs4jIBo9SN3QA7kA8nsUkAp58wX5ZsULR_ogf4ZS5wSOdX0Mqo14t4vXbytt1elN3larV8HKVXzvHeBRC7POM76xRx2D9BKI7FrurZzNLS_bbjLw_a6yu-XPr_OEITho4zBpSXJNU1mCrJw6KX2nsZXxfesb8cmfhmOL1ViA9TLnG1m_0k9HEjTFx6gK7oipZrhC3o3dulO4LAvoFuDPtukmi7pQ_F9Dyn8NVCWWnj7h82-l8AI4MeUofra3ARg4_dws14xJcRu1nGbdMlphoh0OWhJCjH7zdA6l5ZrxNKfQIIQNHXZRsF8YtTsN2sA5gkkZ5Bj-rdqkiQQ0m8iqVKnr6YTt2qRfM7lrD_lQ92owGwHFGZJCT0J6oDfmbXZc9676rISDkQyaHrQW33RdDikbhUmIxWeeWqlokSAWdl_zYfnD1mT-RqezgQ_pq35KmUQeC0bwvrIrSMOQ7Q3_d9P2RgmAx0jBIrh8lU4a_--GEvvmYc2qm2hPqFO2eZqczxywLlByCzVjm8NUl7DY7Yezga7tKE_oZpRZ1GJC1OzL5iVolf8uT8HuAcZ-DZWIDWPCKLkr3IoO0pI72RsmjNdde8TxYZC6DkKb2KIhYp4ywas6RDR3RkVSQEDfrc6Z60yMSJ2k0qfaTj2JSLs7G-tciSlf4KLvcqXCStktjYUpLFlYjeOstpB1Z5gPOSkdzDbV0JeFxYwx7qnS1p4ejHtWVK0NOgVFCRBWCljQ2NMYw6D-X7U&cid=CAQSTABygQiD8L2pAVD5b05Z4r5fHMn8kiaYtnBOyYufRil3-CL9V9KLswNaHz_ffOYhjI4UxhjDBKHX5nizjjbsUXzDh4HG8SRtFRbeeHgYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ds=l&xdt=1&iif=1&cor=16437734455238386000&adk=943508955&idt=231&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
82b08e0322f123b86837b48ebcc6f3ca7e439d277074195233a766e3bbe427e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35782
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 10B2 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 19:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56023
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 19:45:22 GMT
truncated
/ Frame 10B2 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
daf93e9515d3dd837147e5b141deaba8ab0b6bf9cadf5c90cde1281790c321ad

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4324 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=253570196544&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4324 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=253570196544&version=m202301230201&ct=132&x=1&cor=3861195155816789500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4324 		86 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bk1diRs4n0SV7CwuIrczBwwlvRdlbLVuZh8SwJ8gb8kKTOYtAFU1b2iKR7W__wG9jYYBOFMol63k8twIyLDrqyO2u7kPtCy8dWnHTKZa4sZ2k-NuBTrbGEP10NzbBfmz7Ryn3gRWfbi1OOaAQzyaCatVDxt2z6CQ-Yh4JcMZaomm1gmaiiw7bFt3DCpoF_joX4a7wZ&cry=1&dbm_d=AKAmf-D59Dj7mvA14ctKPUdPxkIVyC7D0PP8gaSV3q1OMWKkB0GYb5sbf6VrId0O4VDu0-6aNlbMZFLIosGCjtnVIId5DUQjs9nNNi0tKb958X2YxyufbnQllwyHEEJJQLVkDxgJLPfywrolteIjFSDJZgS3WBxGiWmEstKVLiPdo6lGdW4H80V5eDx5OlaOR0Z_pRHfZy476fVxrpQMbGBgdJXS82cUcNw7g_aajoLgRxYRK5fY0-_0VXfRgXneiFYYXMI32bzM3h_xrlc-DGh0a3YxEuwJa5lC3LlF5CmoVtqqc1muOSkQQ6v3Q-Uf4ALrRLFhD_VLU7YFzMdftjbj-vXa4ENA_vRbglLwu7l4fjOxcxxnDl6x63nyoi05YsXsJnaShcjUPqNx8ns1zgqxTqAw4SpVPGNeQOEodGEgHxtc7rNK6XpXnK6Fnal8ZYdLpxOJJHYhWQTMKvhGuGhmf48MfyL9cNCy9nXLjyZCCPANDURph5LfRRBE7rsNLHtx2qxaG6BeiduncXU-DaMRuChtAwb5cR4QFl_gVCkOriMG_2LUQ8cyVE0KZZvqnxnK8E3bqBmllev9HaDXaMz8cKIcCOtbfAzhhWwF3oTErSr34u_AfkPmfkodrdMdQocAj4Pi1WpkBLZkk8ZgO9La80am8ns8cyd9ffCS-XJ7punh6xGcVTXnZujN0GCNUFe5yUxXpQC5LNzrTt1zBrGGO9pYq38eE7Sb-9G9oC8Z0t5dE_KxdjgQ9DHwmp_-DAl1uQcFZe0iK0gEch6r6Ik_Eham0m1zrav0l4_2-14YINNQatc5TS24veKwkybUZU0FPvV3eH4m6dlEt0DfNceS3NjKXeqerpaeaLMsp6y3OdYSdRGG887xEVrrwawYrEfirs_GAPvOtrQyKNRnoX3xHP138WovIeUJc2Ci2vkPMDyzEOOEFn8eRU22yjCkD_ZRE_fSlDuztAHpz6VLAIhA-wUfNz_yUFg0Mc1K0z_1l-rWBrHkHHHxVMEMVefah4pNkQ84slEXcbadYixUWmFy4CgOnHyYsn7i4vDBo1eqrDSN1J1EoI3XeuvPy75otqeMoGMSoCD0C0w0hlW9bUW8mlXmOmPGEOMsp_1gXNBSDA9jElotJjWq1nsLDpusrltxmVDAwY0VA_zOV9XFw5s0niI8MEkZA6miKVXk-PEhrRnOaw1YQNRd2jIJ_88EBfHRnAWhe9KYPu2BO8zE9qjhylpSudJ-6bnZo-OxnSXnP4dlPo0JrufE-2tw8D3P45hCC_hBnKgU8_5XwDWXjgT2Ik-cxBroo8rcfdHWguERAN7BnGoALjJ6DQH5obVzSfvZc9EMbwQfhwGor09zg7zJS70Njn9N-UcAseGQ0vYDDckxS1SFUo0jxaIKni9YonS46UYG0FtLIozWnbYwxpNmTd8ELI2YX5iTqMD1ncbOc1-jtqtS1JjmYohFBFV8UqeeBwfyTHOD2YO1-990ZOJjhooN6Se2_CJ2PFYFR0W1wz8qvo9aLa2AJJId_81T5o8w-KCbIjf9cAtJp3biTAU-ToN7hXDi5JOKv0d82-0t1M73QxpsmAivFNJs-US3Bopp5ETFIMtAfHQvYKaQCmshTPMzfYG2E8PccPBUXAIztUObmAQC8mFmNiVU48W21hoHusz2gt7l_6zdy9mIidaJb_pYGCIT91DbYMbIqg-JaNNRcCcg-4lt-ut3ZkTFOpbV2XDuRxM5O0YgW-Q1RwBBLzcxbox6MBmngPe3D5EFBT_AqjWNGkVRVuc2rQ8j6a0oJ5gN-prPSmbna9Ke6UIjEJjJwZTQJi6c1EMlNR74-Dp5AdWDm3XjbklBxmsn0XkNGPNGm5cgPgYNhU8oibs-9w1UlieS9jSkXfk722ajFBDEyzUujgmrPZdXyk0miOzF4YHGFUc4NKoagLbA_qfk1EPHOxAbsedjWwiCSIF1kyQMnsiIDK0Iuq4Q-pkV6FZiYaqwtJwxypYe4AClO-KpDOpzqpohymR2F8Ou_zIU7tjjBUU9FWtxdEmc9lGJQZ6sWaxsw5VytJ--0tlXqLLZb3t0mqf85FssrSuv2zJWcqXwBJ9dGTP7NZjU4Npbt-af3UQ5Hv2a1G1lctSlZKWNJtolR1QZEJn-buoPxUenozD0QIFs8VRipMmjeV9qL5F3NUbcQmVPu5blXQRnoljzc_TCYq2V04fJcQztu-W488Ny8FgsCY1fKibwadvRG_aU3VmKiLU4hJzSh-PpHpJUCW5mwk-82Y2CQL0HMDmTlFAXaeEj5NLwwj8-s97qfiTSV_8E-BPIPvHzpAnlf5XV6SzCsdVMHvNN_6qQHhcDHKWRBXWIv7V38ILdcDTUViPTVORRn95lxcQN3Moe04_dHKw7nWqiW_zHtF6FuGqTPvlIX0C98_QBxMW1NFLA8TeM7QpMCEJ3cO-YSAu4GPFPCVLRpvnfb9ftq93pTEK9FiIZevJ6gDtkxQYpuCzCbfQLkis-EjCFxzPdBHsI5eFwRHxnOaPq7kU4uaqpkKak4O67oKzQG75LzDfwYBu_oEtIs16x9RCmVsSTWvfvPpf5mu65xnRQs1oHQQx53Bk4qrbjH2XB0nYw1DM0nk2YqxIEF3lJEqtvTUqhuRjULHGAvQX9oCWL35-Mfmtvg0F1f0h6bBgWXvwD6f_2u91J_kSoj4VWek2TyBPIbEMtlbjhcGpMOdjy3mPG504flXi5Bz4PwEYyYZMB0LGQA0pbSoo-DZJB1CF_OOkOI3qWcyCTAtxz_PfbmmUuT-XLldzAe0iPbzbwhxJGNl_e-R3U6yLpFh9hPER2XnRZk6fJ-nfqBZIb2rAedLUEckVqPeF_HXCHvvyAD4bVncZl2thVXG5kzibHYytmqtQ1yDNsxE_yCPXK4ckrH5uZqJRh9e-gZK7EzBQGqc-kJO9FPIm3ZmIw7UEUveSBy2spn_u-oRv-nz1SjdD6oJSfZoPxqKiLTqiqstlxr5XmbZz6CVjRaOqlV_ULLK-X1kUWYIUQ4Cn3rno_dKgFZoQ35Fbf-rcGRJpJe9Ac1b-SetG_fgikKB-kM50bw-cGFi4NcSjVCi6rt-0Gc4oXhm2Ff-BymA-VeFJFQItVk5pNtDG2fV0FzI8FV7Nj1p7nm2h4MUvSmUFoLe0FXALoedNoNCXU2jdiKB0VDJYi1mHivpUZKiiZE1Nr0YK4g4Jl506soEEspp3r4RhxmFGq05yRBi4RncZwcklwLihjO-qlNSX5MBxVBKNKZkc9MGBs2aNhNNP5Md6AQ7qzFjI-R8SP4wUzo2nACLnLeRzKZAqPgk1LcEeRRn24zr_vu8VVVqYoJiCFIvqVzZJxVdepBmYyOKpH44oEsSZH2AC3bMfamW7xAvbVyBLttmfcu0ICAZkFkmQ576fNOll44nonJn2AOf3Tb9r3qboEifkCRdc-n3OQdUN4gf2xXjXVxwQ_s3uB8VmIzVLhb_0q6kVVx9KEudRytTTLCoRVZFQUD8qOY3V_FXtAe6Ab7eZs8ZPaGA6QGRvA2U1-5VcdWIjF5Lntu33b0ZdCBcF8Exj8R8a41VYn9Lu-a3bU5cF6-KCbpGp0tPlqnLd6m9dgDwvVKYB46fpByF8R76DTZA2Se8Jh6dQY76hB52hCHxdlSOfskqGSqnm1-zh8nN9olK1Hx0VyM_VsL571FTeSO0O2jCIxAXlhwG9nP1iO79iN-OTcDM-P0L1iDVISv3bm6tn4Ge5MnwcOlQ2tcHflppYc2ftSOIp3eLEEqsMgaePKOvPsousy-5Qn7UwuFUVgk0_yrynZZlC_i4mirmzk8_7rMyA&cid=CAQSSwBygQiDTDOuz-mzJC6oAXrChVHiSs2CZAjefeFMkGCoN6WSIrLl4fcXiwnYFi7ZwianKPXlunfyW0gba8sJWkgLJH8MqVK-vbB21xgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ds=l&xdt=1&iif=1&cor=3861195155816789500&adk=3944675600&idt=264&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d7453cba618e16cce55d7e9e19fcc415070c86d3e4716274f190a73a06e38481
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36374
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.nl/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=www1.ihdstreams.xyz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www1.ihdstreams.xyz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=865653913763098&correlator=4243745046042814&eid=31073999%2C31074079%2C31074095%2C31068367&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&iu_parts=7047%3A22821132256%2Capl%2Caplmcm7047%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=6&adks=2382128833&didk=3124772708&sfv=1-0-40&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D3b02cb78a26e84e2%3AT%3D1682248744%3AS%3DALNI_MYvOJIZnqdrVhdPScw6pMm4ddFkJQ&gpic=UID%3D00000c08a1a7f47b%3AT%3D1682248744%3ART%3D1682248744%3AS%3DALNI_MYtTOaDQAoKkKmuLdIgsqKVHG5DQA&abxe=1&dt=1682248745271&lmt=1682248745&dlt=1682248742140&idt=1423&adxs=436&adys=1219&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=728&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=876716730.1682248744&ga_sid=1682248744&ga_hid=2015945248&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ba897afaf4fe5ed3b038c92bb94098e52809e1225529c42c6fb5b3a22fa45e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8482
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www1.ihdstreams.xyz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1F84 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
68059
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 16:24:46 GMT
expires
Sun, 21 Apr 2024 16:24:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 4587 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
Origin
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 09:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 24 Apr 2023 09:27:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/ Frame 4587 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTUZkrbXosXqnugGCZDQ2-F3hqgufDjmHzx7d4-TdrdnIPy8FNOncre2zlU9kpb5WwVyWMotTl9I7gQhzd4cDRMb3IRw&cry=1&dbm_d=AKAmf-BVw2KmuDm5WJY6OBaoZYi0tnB7UgxTUChFaDripb2T3alHnPiBeD7ZOism0Yy7iXtMg6ZRq4a30ZH14SNRgXsEY_q5bXyuIyWyJj9gCrfPtL55F9J4ehkuLFlMJGAnuATB0xo5ejtAOJKgHjC38MUFu3-ThGOK8wxq1lFh_oDVQ_A8XK1SzKJoOVvnpN7BT5XaUBAHIbeON9bxJ7Jt864x_SlXb4JerABKPEM6Ra_AviTXFDrtAsYmIdYHsXQyZFU2zPwBs9Sfnr54I637rxfmvTSHeDPtDVvUplPFEKNofxRWfCivSIbr37yAGdSXWbAK7QZt2aUeSKM2gRRKWLhXn15KnMPftdzc-ZkcuTYyeZ0ZNBKaA6hqA7k7czVWoZ4l6ye4Fsj0cklsD5lq5QpBfH3eaaSWZwVdO2JXIQgRJsadRGCtStMaH4oIPXeIqJyCkwsX0COFU0l472MYCtDA6c8JTTyaDL9NDvvAn4ccGb4fFf_YDP6W5RqwYMZ-Deq6HevM8LiINvXX6dMimk5ninbIb8AyKL1HTIIdSVY06rWUQWSZe_4snqQ8wgRI-q-tw7PY9Gd9UZGB5CWDzHW0zMVrtToCAokyOTouzP4KOT5GoIXIKvkGPq0mZqMkn64CmNnqrV_41JAaHPKAofchL1ScCiDCxbzlI7zBbsNI97zCXq5C1E0-mJ-dinCC0oEqCXOkpigf_hAZuYoGnmlxcQKQM_FVPQrRgV6ZVLY79l0pjE68G1k9IyRlUZuC1rSvQrpEEZwbscQEEDxy8ierS81bZE6BXOB-aPUfptaDllO4wAYY9JJUAhkJZy8E94I9ixACUNLgR1UkCa4UuxNZ6h0bQ4PUIO65_faneTB0tLHXS14TrmE00Cx6TJjndVDevr8-AmPIekUN5RtyoXY6B2LRqpREJ15iq4J8Ya7wwuAlt3vFK_qvg_don2S1zjvjiQa5fBFcFEH5alMqLj2gXubutZDsLFr8tOezPYEmsWB1s64-0C5u_7ThNg8PCYuAyyMbSHtHhS1xlgtgc4FGz9kb-dOQ_W1th-nRkwC0-aR5tUqMmZr0SkkBNFTATZpWbCBs5UQOtYdROLQSWkxgPT90jFNOiF_LtaM5TeXlu95c7QWtkl0tdSd6J5uY1SXNzqsoFtCXV9P1Svkzs4_q6hW1ABS8FtFqzDZavO8aEr8geEsAei2q8arLLrUB86tHfCKhBOY98hanBwlzLLDG5up6Hbf05Vn1RAa_JFlqNxbN3TUNsJXqf8O39E1OMOSrHeETscbhXlSy5wMR88rGaoFJnwpNWbd91LgDFeHNFScLSXqtYXegTzrObz07iMncnuU6mehmYZwuNn_preTU6v0tiHokrc1tW_2Z70L-wnc4rbhjihSi9k6uywLp70y83SHQ4Hf0b6ccU78B0p8YFnu0OzGzfzvyXr_LAcBPlOJRNhi3I97emOlkvXIfPb9QKnkqhocpvuHqgY4mh8rgkA-oAuVdi02d8vyh0rYQZuN9g-x1tDY1FKXOW69vJl0Ym_RNkvcZ_8T7hAYR5eFl3_VOO6FBXbGhx8b8aF29n0BLoePag8tdufC7cDBmxOziOEcgSaoXqNU7Z_TGmPcHVbTGZaurpxV8uQjJILPs5rjqDQ7fizP-oesbL_w4HSwvio38zZE17gTLOCkqRqmi7vD09J6KTN59dKNiITWUb3og27SRZ3ps53sqFkA4s5d4RJusM9Ru_7SmzpKQrvYYa8z98qlgLtfHetJdoAeR_zhUEX8fMVP-PhgXWKq5Dzh4u8Tazq4TEeM3mkad8IRYHM92wlY4AFhO9IllgevILnbznMsVRnzXBf2_oYVr53kFTfgYN_gaHVLLePxzW0xBx6_ZkE5wiIfBtxAXQXHkDhZ6NC4K1STMdr_F7TI49YiBoT2T2pgXY6mR2vZL_zSPucylIoMn-dFz7hxnGfXA7XsjlxX_955bI4B7cShRLX5DDHGw-6Lrv0vwdNEi2jCowikPc4YWvuIBj0guhX0MP3DLC7OmxeE5gGsMoPqUOqa6rYJg1BU6PnDu55v_ORcvmTbjH4frDMbQtWpPgMKvmBctjKXkdkaeIYbxU54sgNfeX_rWLw8VyWr21dDo47RXsbs4UAYqPC3BL-dw9mB0tmwXA1o61gN_cVct-dLtzfQRMp9F_8CEWuuuItj1gf5Lw9ThXlPjIaJZ2gz1UFmxlWmNWcexc0-ljoJqHIahEB5OinHy1gZm5eo-uhygCHMik7JbwKYhU1bEGkEHcXUrOkI8WbjQiodqzgnANjSEICpSc95LiXQc8YGN62hXIM6y6D071ghCz6V2dg4ZmwDQrE4pAzpYIJQfcu2Ai-H1La3kdO5_kHY2KKkkUzOqCxkkibp7ivOi09_wVOH88tnidhGkIBbAf7hTKesSXbaw1CBRuVIKfqta1C0yLWDu9PdE3AU8Z9jbBWQ08D3h-E1w0XqKIwu1vH3fYSHFDA5voA7-IfUoEHKOCmiuGwT4SOneHfvcAWEfmtfUdph0f3WVCmkBtC8OcI1A60XykYUiRSLR6xh_2-eNZxDGnCgYw-_IBlcle2P5EQ_VMYQxgaaVRlN_jpixctfJmVQJwESpa5O-k8fGJ8N9-Z-1huZR3IJN7dHupMB24at0tgSmVvnO4lEMJmbQc7qx4PCwlN2uAHDDHo7PFaiEHQzoyf4dxNNikLjoJ0n_Zce3CZeM-hKKNy9VQj5KZH0BtkOtTpeGtLaLNcznQCpkcDa_ukXBqR5FOXWhponDw-xiY-MNFodWkZJKxT0ZA2YeQjl_XCN7K4XeXlXhqW5f3hIhs2ECHzs4jIBo9SN3QA7kA8nsUkAp58wX5ZsULR_ogf4ZS5wSOdX0Mqo14t4vXbytt1elN3larV8HKVXzvHeBRC7POM76xRx2D9BKI7FrurZzNLS_bbjLw_a6yu-XPr_OEITho4zBpSXJNU1mCrJw6KX2nsZXxfesb8cmfhmOL1ViA9TLnG1m_0k9HEjTFx6gK7oipZrhC3o3dulO4LAvoFuDPtukmi7pQ_F9Dyn8NVCWWnj7h82-l8AI4MeUofra3ARg4_dws14xJcRu1nGbdMlphoh0OWhJCjH7zdA6l5ZrxNKfQIIQNHXZRsF8YtTsN2sA5gkkZ5Bj-rdqkiQQ0m8iqVKnr6YTt2qRfM7lrD_lQ92owGwHFGZJCT0J6oDfmbXZc9676rISDkQyaHrQW33RdDikbhUmIxWeeWqlokSAWdl_zYfnD1mT-RqezgQ_pq35KmUQeC0bwvrIrSMOQ7Q3_d9P2RgmAx0jBIrh8lU4a_--GEvvmYc2qm2hPqFO2eZqczxywLlByCzVjm8NUl7DY7Yezga7tKE_oZpRZ1GJC1OzL5iVolf8uT8HuAcZ-DZWIDWPCKLkr3IoO0pI72RsmjNdde8TxYZC6DkKb2KIhYp4ywas6RDR3RkVSQEDfrc6Z60yMSJ2k0qfaTj2JSLs7G-tciSlf4KLvcqXCStktjYUpLFlYjeOstpB1Z5gPOSkdzDbV0JeFxYwx7qnS1p4ejHtWVK0NOgVFCRBWCljQ2NMYw6D-X7U&cid=CAQSTABygQiD8L2pAVD5b05Z4r5fHMn8kiaYtnBOyYufRil3-CL9V9KLswNaHz_ffOYhjI4UxhjDBKHX5nizjjbsUXzDh4HG8SRtFRbeeHgYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ds=l&xdt=1&iif=1&cor=16437734455238386000&adk=943508955&idt=231&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 17:02:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
65770
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4123
x-xss-protection
0
server
cafe
etag
4541610132340792384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 May 2023 17:02:55 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 4587 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTUZkrbXosXqnugGCZDQ2-F3hqgufDjmHzx7d4-TdrdnIPy8FNOncre2zlU9kpb5WwVyWMotTl9I7gQhzd4cDRMb3IRw&cry=1&dbm_d=AKAmf-BVw2KmuDm5WJY6OBaoZYi0tnB7UgxTUChFaDripb2T3alHnPiBeD7ZOism0Yy7iXtMg6ZRq4a30ZH14SNRgXsEY_q5bXyuIyWyJj9gCrfPtL55F9J4ehkuLFlMJGAnuATB0xo5ejtAOJKgHjC38MUFu3-ThGOK8wxq1lFh_oDVQ_A8XK1SzKJoOVvnpN7BT5XaUBAHIbeON9bxJ7Jt864x_SlXb4JerABKPEM6Ra_AviTXFDrtAsYmIdYHsXQyZFU2zPwBs9Sfnr54I637rxfmvTSHeDPtDVvUplPFEKNofxRWfCivSIbr37yAGdSXWbAK7QZt2aUeSKM2gRRKWLhXn15KnMPftdzc-ZkcuTYyeZ0ZNBKaA6hqA7k7czVWoZ4l6ye4Fsj0cklsD5lq5QpBfH3eaaSWZwVdO2JXIQgRJsadRGCtStMaH4oIPXeIqJyCkwsX0COFU0l472MYCtDA6c8JTTyaDL9NDvvAn4ccGb4fFf_YDP6W5RqwYMZ-Deq6HevM8LiINvXX6dMimk5ninbIb8AyKL1HTIIdSVY06rWUQWSZe_4snqQ8wgRI-q-tw7PY9Gd9UZGB5CWDzHW0zMVrtToCAokyOTouzP4KOT5GoIXIKvkGPq0mZqMkn64CmNnqrV_41JAaHPKAofchL1ScCiDCxbzlI7zBbsNI97zCXq5C1E0-mJ-dinCC0oEqCXOkpigf_hAZuYoGnmlxcQKQM_FVPQrRgV6ZVLY79l0pjE68G1k9IyRlUZuC1rSvQrpEEZwbscQEEDxy8ierS81bZE6BXOB-aPUfptaDllO4wAYY9JJUAhkJZy8E94I9ixACUNLgR1UkCa4UuxNZ6h0bQ4PUIO65_faneTB0tLHXS14TrmE00Cx6TJjndVDevr8-AmPIekUN5RtyoXY6B2LRqpREJ15iq4J8Ya7wwuAlt3vFK_qvg_don2S1zjvjiQa5fBFcFEH5alMqLj2gXubutZDsLFr8tOezPYEmsWB1s64-0C5u_7ThNg8PCYuAyyMbSHtHhS1xlgtgc4FGz9kb-dOQ_W1th-nRkwC0-aR5tUqMmZr0SkkBNFTATZpWbCBs5UQOtYdROLQSWkxgPT90jFNOiF_LtaM5TeXlu95c7QWtkl0tdSd6J5uY1SXNzqsoFtCXV9P1Svkzs4_q6hW1ABS8FtFqzDZavO8aEr8geEsAei2q8arLLrUB86tHfCKhBOY98hanBwlzLLDG5up6Hbf05Vn1RAa_JFlqNxbN3TUNsJXqf8O39E1OMOSrHeETscbhXlSy5wMR88rGaoFJnwpNWbd91LgDFeHNFScLSXqtYXegTzrObz07iMncnuU6mehmYZwuNn_preTU6v0tiHokrc1tW_2Z70L-wnc4rbhjihSi9k6uywLp70y83SHQ4Hf0b6ccU78B0p8YFnu0OzGzfzvyXr_LAcBPlOJRNhi3I97emOlkvXIfPb9QKnkqhocpvuHqgY4mh8rgkA-oAuVdi02d8vyh0rYQZuN9g-x1tDY1FKXOW69vJl0Ym_RNkvcZ_8T7hAYR5eFl3_VOO6FBXbGhx8b8aF29n0BLoePag8tdufC7cDBmxOziOEcgSaoXqNU7Z_TGmPcHVbTGZaurpxV8uQjJILPs5rjqDQ7fizP-oesbL_w4HSwvio38zZE17gTLOCkqRqmi7vD09J6KTN59dKNiITWUb3og27SRZ3ps53sqFkA4s5d4RJusM9Ru_7SmzpKQrvYYa8z98qlgLtfHetJdoAeR_zhUEX8fMVP-PhgXWKq5Dzh4u8Tazq4TEeM3mkad8IRYHM92wlY4AFhO9IllgevILnbznMsVRnzXBf2_oYVr53kFTfgYN_gaHVLLePxzW0xBx6_ZkE5wiIfBtxAXQXHkDhZ6NC4K1STMdr_F7TI49YiBoT2T2pgXY6mR2vZL_zSPucylIoMn-dFz7hxnGfXA7XsjlxX_955bI4B7cShRLX5DDHGw-6Lrv0vwdNEi2jCowikPc4YWvuIBj0guhX0MP3DLC7OmxeE5gGsMoPqUOqa6rYJg1BU6PnDu55v_ORcvmTbjH4frDMbQtWpPgMKvmBctjKXkdkaeIYbxU54sgNfeX_rWLw8VyWr21dDo47RXsbs4UAYqPC3BL-dw9mB0tmwXA1o61gN_cVct-dLtzfQRMp9F_8CEWuuuItj1gf5Lw9ThXlPjIaJZ2gz1UFmxlWmNWcexc0-ljoJqHIahEB5OinHy1gZm5eo-uhygCHMik7JbwKYhU1bEGkEHcXUrOkI8WbjQiodqzgnANjSEICpSc95LiXQc8YGN62hXIM6y6D071ghCz6V2dg4ZmwDQrE4pAzpYIJQfcu2Ai-H1La3kdO5_kHY2KKkkUzOqCxkkibp7ivOi09_wVOH88tnidhGkIBbAf7hTKesSXbaw1CBRuVIKfqta1C0yLWDu9PdE3AU8Z9jbBWQ08D3h-E1w0XqKIwu1vH3fYSHFDA5voA7-IfUoEHKOCmiuGwT4SOneHfvcAWEfmtfUdph0f3WVCmkBtC8OcI1A60XykYUiRSLR6xh_2-eNZxDGnCgYw-_IBlcle2P5EQ_VMYQxgaaVRlN_jpixctfJmVQJwESpa5O-k8fGJ8N9-Z-1huZR3IJN7dHupMB24at0tgSmVvnO4lEMJmbQc7qx4PCwlN2uAHDDHo7PFaiEHQzoyf4dxNNikLjoJ0n_Zce3CZeM-hKKNy9VQj5KZH0BtkOtTpeGtLaLNcznQCpkcDa_ukXBqR5FOXWhponDw-xiY-MNFodWkZJKxT0ZA2YeQjl_XCN7K4XeXlXhqW5f3hIhs2ECHzs4jIBo9SN3QA7kA8nsUkAp58wX5ZsULR_ogf4ZS5wSOdX0Mqo14t4vXbytt1elN3larV8HKVXzvHeBRC7POM76xRx2D9BKI7FrurZzNLS_bbjLw_a6yu-XPr_OEITho4zBpSXJNU1mCrJw6KX2nsZXxfesb8cmfhmOL1ViA9TLnG1m_0k9HEjTFx6gK7oipZrhC3o3dulO4LAvoFuDPtukmi7pQ_F9Dyn8NVCWWnj7h82-l8AI4MeUofra3ARg4_dws14xJcRu1nGbdMlphoh0OWhJCjH7zdA6l5ZrxNKfQIIQNHXZRsF8YtTsN2sA5gkkZ5Bj-rdqkiQQ0m8iqVKnr6YTt2qRfM7lrD_lQ92owGwHFGZJCT0J6oDfmbXZc9676rISDkQyaHrQW33RdDikbhUmIxWeeWqlokSAWdl_zYfnD1mT-RqezgQ_pq35KmUQeC0bwvrIrSMOQ7Q3_d9P2RgmAx0jBIrh8lU4a_--GEvvmYc2qm2hPqFO2eZqczxywLlByCzVjm8NUl7DY7Yezga7tKE_oZpRZ1GJC1OzL5iVolf8uT8HuAcZ-DZWIDWPCKLkr3IoO0pI72RsmjNdde8TxYZC6DkKb2KIhYp4ywas6RDR3RkVSQEDfrc6Z60yMSJ2k0qfaTj2JSLs7G-tciSlf4KLvcqXCStktjYUpLFlYjeOstpB1Z5gPOSkdzDbV0JeFxYwx7qnS1p4ejHtWVK0NOgVFCRBWCljQ2NMYw6D-X7U&cid=CAQSTABygQiD8L2pAVD5b05Z4r5fHMn8kiaYtnBOyYufRil3-CL9V9KLswNaHz_ffOYhjI4UxhjDBKHX5nizjjbsUXzDh4HG8SRtFRbeeHgYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ds=l&xdt=1&iif=1&cor=16437734455238386000&adk=943508955&idt=231&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 17:53:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
62758
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10768
x-xss-protection
0
server
cafe
etag
11141491900784070631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 May 2023 17:53:07 GMT
728x90.html
s0.2mdn.net/sadbundle/16246292034538192363/728x90/ Frame 4DCF 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16246292034538192363/728x90/728x90.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a79e170025bc60f0f8190e8baa0ffa6b368f07cf618348fc68cd29a02f831b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
104064
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2320
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 06:24:41 GMT
expires
Sun, 21 Apr 2024 06:24:41 GMT
last-modified
Wed, 22 Mar 2023 17:21:36 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 10B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIMolMb9GUX6M0tYyoVMuzqrSXoelbF9O9OwH4sRjPGyKJFynpejEtf8Fq002NHrr9gMPeYrLDS4W2X-UEj6VNDTO9CqefDFpQrVJzSIijM0b_95tLXxKBEOhuv_gx_HsPnRb3jUNBdEDhla5KUWGvcyjd-kMelA35ji5ukznK3njIr-KrQVFLH2mSXKK8Z2zU-vp8MFxZ7yBuDpRU0YMSQcv5N61u_GD_9rfSNTAtPowG-o8bJJWFgZCujvZE2pduRpROxuQvMEZSb93W1m0p-OFcAIhRtSL923059e0v9hpS943RLuQhcqnwwgx6S0iiN-ezXm1Y_4ZHGYvAr2OypPnEfeYsrYq67OUtdS1Hhj6ZJ7IMBAW5BhuxeHbm0_qNB3i8f4_R3W85seSuo7mZ0LrzP8BZo7KToyJAPSPOKS1wztg25JmOPIVYYW8HrtWTTcHsGMRrty71PQ7LLx5ViLl0wn7z_hsuYGT4V3PcEhnwrgfpE68QQ49aVglmsa-sA_pHAe_m1bLIYsfSRNPA1LSfSxaWVsx4nyOp1bMZyZtC7j0jmi4x296r_oTO3t4eXqxaXTw3ZnQ-tpBT8hs-z72Vl0uAqDWn5XT-1UXcTA24dOWpCFULyj8teBkmmHARbhPdMg9VKDfNiUFwxDXBHXbf9xJgVX2pWdsNsXxAh6YKYCV2nI37YoMzf-83yyeWEDmxL169f43MezZE6QNscVBARFVscrmh8fuNxySI4mbC3VuPnEBDMuirVy1AQU8fC3s0fAtcsx6OmMQWrX1V_J79Am9jQ-8U-aqm3zsxrsh6TG2IZi4hO5GKH8ZLzNVIAz6gFhdOXCQ6Bw8drefzBHbU_epPDZXKKz_1eeh_bxhpPrug-sANH5nos9LEbNYqifpzTToKJhk-1wNaxK58LjZEAMWatIu8J0uLQICWu5Sji0E75kwV2oLyDuVlM752GfRWjNg1zP3qPqjDrZ1eTWZnAvfCXBkTXzYiJc_YEUUCX_3WulrfxP7sJk-D_h91-B8WiTIsVD5gdb96aFCg7oU1adKIzSatCRYrJIv4AB9pzEhQZMuTdQoU_Elhsfxlf_JxsxXAOuJ6BPZFAah1fDyc95HYYufoJ91R69Rg1EHqJd8HRXnqenGER1OzmMmtxoKiSFGZlo6OutYOoNCj_xk0EeqMUoaRYrL9YkQ_qr_Aelh4YwaJ1QR0y7wr0WgWnhJa6TeZpxi_J6oMYeWazZEwx9d93B34tjGkSRFJe7X5kyvIMGeEnUeoDH5chJxk7Q&sai=AMfl-YRTfqJPGkabKmt8yr1k_WDsfKwIC7ABYihJKvfNNJJ7c93dpleHyyszWLkuZhgBP_FfVv6Pv6_EvPxLyGT_R6bJkLuqvib_9PRKCyKfyifhDzjtvBY4u3V098TMaZ3bcbyYW3W-om9wpjh45El-tkAUbIE15T-dy9nSr6l4NcWgnjMZ9I3RLKYiTPdP50ekHzI41IrCB6La__NYlXeatI7Hs3ESnlkjQfQNYhEh2-KelHJlmGUO2277VF0sk-R9FeqZVoZkEfMxWHJ4ly3aCW83VNZJHZ-Q&sig=Cg0ArKJSzJFBDkt2KvoXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=157&cbvp=1&cstd=154&cisv=r20230418.85352&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 23 Apr 2023 11:19:05 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 23 Apr 2023 11:19:05 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 4324 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
Origin
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85366
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 23 Apr 2023 11:36:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/ Frame 4324 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bk1diRs4n0SV7CwuIrczBwwlvRdlbLVuZh8SwJ8gb8kKTOYtAFU1b2iKR7W__wG9jYYBOFMol63k8twIyLDrqyO2u7kPtCy8dWnHTKZa4sZ2k-NuBTrbGEP10NzbBfmz7Ryn3gRWfbi1OOaAQzyaCatVDxt2z6CQ-Yh4JcMZaomm1gmaiiw7bFt3DCpoF_joX4a7wZ&cry=1&dbm_d=AKAmf-D59Dj7mvA14ctKPUdPxkIVyC7D0PP8gaSV3q1OMWKkB0GYb5sbf6VrId0O4VDu0-6aNlbMZFLIosGCjtnVIId5DUQjs9nNNi0tKb958X2YxyufbnQllwyHEEJJQLVkDxgJLPfywrolteIjFSDJZgS3WBxGiWmEstKVLiPdo6lGdW4H80V5eDx5OlaOR0Z_pRHfZy476fVxrpQMbGBgdJXS82cUcNw7g_aajoLgRxYRK5fY0-_0VXfRgXneiFYYXMI32bzM3h_xrlc-DGh0a3YxEuwJa5lC3LlF5CmoVtqqc1muOSkQQ6v3Q-Uf4ALrRLFhD_VLU7YFzMdftjbj-vXa4ENA_vRbglLwu7l4fjOxcxxnDl6x63nyoi05YsXsJnaShcjUPqNx8ns1zgqxTqAw4SpVPGNeQOEodGEgHxtc7rNK6XpXnK6Fnal8ZYdLpxOJJHYhWQTMKvhGuGhmf48MfyL9cNCy9nXLjyZCCPANDURph5LfRRBE7rsNLHtx2qxaG6BeiduncXU-DaMRuChtAwb5cR4QFl_gVCkOriMG_2LUQ8cyVE0KZZvqnxnK8E3bqBmllev9HaDXaMz8cKIcCOtbfAzhhWwF3oTErSr34u_AfkPmfkodrdMdQocAj4Pi1WpkBLZkk8ZgO9La80am8ns8cyd9ffCS-XJ7punh6xGcVTXnZujN0GCNUFe5yUxXpQC5LNzrTt1zBrGGO9pYq38eE7Sb-9G9oC8Z0t5dE_KxdjgQ9DHwmp_-DAl1uQcFZe0iK0gEch6r6Ik_Eham0m1zrav0l4_2-14YINNQatc5TS24veKwkybUZU0FPvV3eH4m6dlEt0DfNceS3NjKXeqerpaeaLMsp6y3OdYSdRGG887xEVrrwawYrEfirs_GAPvOtrQyKNRnoX3xHP138WovIeUJc2Ci2vkPMDyzEOOEFn8eRU22yjCkD_ZRE_fSlDuztAHpz6VLAIhA-wUfNz_yUFg0Mc1K0z_1l-rWBrHkHHHxVMEMVefah4pNkQ84slEXcbadYixUWmFy4CgOnHyYsn7i4vDBo1eqrDSN1J1EoI3XeuvPy75otqeMoGMSoCD0C0w0hlW9bUW8mlXmOmPGEOMsp_1gXNBSDA9jElotJjWq1nsLDpusrltxmVDAwY0VA_zOV9XFw5s0niI8MEkZA6miKVXk-PEhrRnOaw1YQNRd2jIJ_88EBfHRnAWhe9KYPu2BO8zE9qjhylpSudJ-6bnZo-OxnSXnP4dlPo0JrufE-2tw8D3P45hCC_hBnKgU8_5XwDWXjgT2Ik-cxBroo8rcfdHWguERAN7BnGoALjJ6DQH5obVzSfvZc9EMbwQfhwGor09zg7zJS70Njn9N-UcAseGQ0vYDDckxS1SFUo0jxaIKni9YonS46UYG0FtLIozWnbYwxpNmTd8ELI2YX5iTqMD1ncbOc1-jtqtS1JjmYohFBFV8UqeeBwfyTHOD2YO1-990ZOJjhooN6Se2_CJ2PFYFR0W1wz8qvo9aLa2AJJId_81T5o8w-KCbIjf9cAtJp3biTAU-ToN7hXDi5JOKv0d82-0t1M73QxpsmAivFNJs-US3Bopp5ETFIMtAfHQvYKaQCmshTPMzfYG2E8PccPBUXAIztUObmAQC8mFmNiVU48W21hoHusz2gt7l_6zdy9mIidaJb_pYGCIT91DbYMbIqg-JaNNRcCcg-4lt-ut3ZkTFOpbV2XDuRxM5O0YgW-Q1RwBBLzcxbox6MBmngPe3D5EFBT_AqjWNGkVRVuc2rQ8j6a0oJ5gN-prPSmbna9Ke6UIjEJjJwZTQJi6c1EMlNR74-Dp5AdWDm3XjbklBxmsn0XkNGPNGm5cgPgYNhU8oibs-9w1UlieS9jSkXfk722ajFBDEyzUujgmrPZdXyk0miOzF4YHGFUc4NKoagLbA_qfk1EPHOxAbsedjWwiCSIF1kyQMnsiIDK0Iuq4Q-pkV6FZiYaqwtJwxypYe4AClO-KpDOpzqpohymR2F8Ou_zIU7tjjBUU9FWtxdEmc9lGJQZ6sWaxsw5VytJ--0tlXqLLZb3t0mqf85FssrSuv2zJWcqXwBJ9dGTP7NZjU4Npbt-af3UQ5Hv2a1G1lctSlZKWNJtolR1QZEJn-buoPxUenozD0QIFs8VRipMmjeV9qL5F3NUbcQmVPu5blXQRnoljzc_TCYq2V04fJcQztu-W488Ny8FgsCY1fKibwadvRG_aU3VmKiLU4hJzSh-PpHpJUCW5mwk-82Y2CQL0HMDmTlFAXaeEj5NLwwj8-s97qfiTSV_8E-BPIPvHzpAnlf5XV6SzCsdVMHvNN_6qQHhcDHKWRBXWIv7V38ILdcDTUViPTVORRn95lxcQN3Moe04_dHKw7nWqiW_zHtF6FuGqTPvlIX0C98_QBxMW1NFLA8TeM7QpMCEJ3cO-YSAu4GPFPCVLRpvnfb9ftq93pTEK9FiIZevJ6gDtkxQYpuCzCbfQLkis-EjCFxzPdBHsI5eFwRHxnOaPq7kU4uaqpkKak4O67oKzQG75LzDfwYBu_oEtIs16x9RCmVsSTWvfvPpf5mu65xnRQs1oHQQx53Bk4qrbjH2XB0nYw1DM0nk2YqxIEF3lJEqtvTUqhuRjULHGAvQX9oCWL35-Mfmtvg0F1f0h6bBgWXvwD6f_2u91J_kSoj4VWek2TyBPIbEMtlbjhcGpMOdjy3mPG504flXi5Bz4PwEYyYZMB0LGQA0pbSoo-DZJB1CF_OOkOI3qWcyCTAtxz_PfbmmUuT-XLldzAe0iPbzbwhxJGNl_e-R3U6yLpFh9hPER2XnRZk6fJ-nfqBZIb2rAedLUEckVqPeF_HXCHvvyAD4bVncZl2thVXG5kzibHYytmqtQ1yDNsxE_yCPXK4ckrH5uZqJRh9e-gZK7EzBQGqc-kJO9FPIm3ZmIw7UEUveSBy2spn_u-oRv-nz1SjdD6oJSfZoPxqKiLTqiqstlxr5XmbZz6CVjRaOqlV_ULLK-X1kUWYIUQ4Cn3rno_dKgFZoQ35Fbf-rcGRJpJe9Ac1b-SetG_fgikKB-kM50bw-cGFi4NcSjVCi6rt-0Gc4oXhm2Ff-BymA-VeFJFQItVk5pNtDG2fV0FzI8FV7Nj1p7nm2h4MUvSmUFoLe0FXALoedNoNCXU2jdiKB0VDJYi1mHivpUZKiiZE1Nr0YK4g4Jl506soEEspp3r4RhxmFGq05yRBi4RncZwcklwLihjO-qlNSX5MBxVBKNKZkc9MGBs2aNhNNP5Md6AQ7qzFjI-R8SP4wUzo2nACLnLeRzKZAqPgk1LcEeRRn24zr_vu8VVVqYoJiCFIvqVzZJxVdepBmYyOKpH44oEsSZH2AC3bMfamW7xAvbVyBLttmfcu0ICAZkFkmQ576fNOll44nonJn2AOf3Tb9r3qboEifkCRdc-n3OQdUN4gf2xXjXVxwQ_s3uB8VmIzVLhb_0q6kVVx9KEudRytTTLCoRVZFQUD8qOY3V_FXtAe6Ab7eZs8ZPaGA6QGRvA2U1-5VcdWIjF5Lntu33b0ZdCBcF8Exj8R8a41VYn9Lu-a3bU5cF6-KCbpGp0tPlqnLd6m9dgDwvVKYB46fpByF8R76DTZA2Se8Jh6dQY76hB52hCHxdlSOfskqGSqnm1-zh8nN9olK1Hx0VyM_VsL571FTeSO0O2jCIxAXlhwG9nP1iO79iN-OTcDM-P0L1iDVISv3bm6tn4Ge5MnwcOlQ2tcHflppYc2ftSOIp3eLEEqsMgaePKOvPsousy-5Qn7UwuFUVgk0_yrynZZlC_i4mirmzk8_7rMyA&cid=CAQSSwBygQiDTDOuz-mzJC6oAXrChVHiSs2CZAjefeFMkGCoN6WSIrLl4fcXiwnYFi7ZwianKPXlunfyW0gba8sJWkgLJH8MqVK-vbB21xgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ds=l&xdt=1&iif=1&cor=3861195155816789500&adk=3944675600&idt=264&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 17:02:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
65770
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4123
x-xss-protection
0
server
cafe
etag
4541610132340792384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 May 2023 17:02:55 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 4324 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bk1diRs4n0SV7CwuIrczBwwlvRdlbLVuZh8SwJ8gb8kKTOYtAFU1b2iKR7W__wG9jYYBOFMol63k8twIyLDrqyO2u7kPtCy8dWnHTKZa4sZ2k-NuBTrbGEP10NzbBfmz7Ryn3gRWfbi1OOaAQzyaCatVDxt2z6CQ-Yh4JcMZaomm1gmaiiw7bFt3DCpoF_joX4a7wZ&cry=1&dbm_d=AKAmf-D59Dj7mvA14ctKPUdPxkIVyC7D0PP8gaSV3q1OMWKkB0GYb5sbf6VrId0O4VDu0-6aNlbMZFLIosGCjtnVIId5DUQjs9nNNi0tKb958X2YxyufbnQllwyHEEJJQLVkDxgJLPfywrolteIjFSDJZgS3WBxGiWmEstKVLiPdo6lGdW4H80V5eDx5OlaOR0Z_pRHfZy476fVxrpQMbGBgdJXS82cUcNw7g_aajoLgRxYRK5fY0-_0VXfRgXneiFYYXMI32bzM3h_xrlc-DGh0a3YxEuwJa5lC3LlF5CmoVtqqc1muOSkQQ6v3Q-Uf4ALrRLFhD_VLU7YFzMdftjbj-vXa4ENA_vRbglLwu7l4fjOxcxxnDl6x63nyoi05YsXsJnaShcjUPqNx8ns1zgqxTqAw4SpVPGNeQOEodGEgHxtc7rNK6XpXnK6Fnal8ZYdLpxOJJHYhWQTMKvhGuGhmf48MfyL9cNCy9nXLjyZCCPANDURph5LfRRBE7rsNLHtx2qxaG6BeiduncXU-DaMRuChtAwb5cR4QFl_gVCkOriMG_2LUQ8cyVE0KZZvqnxnK8E3bqBmllev9HaDXaMz8cKIcCOtbfAzhhWwF3oTErSr34u_AfkPmfkodrdMdQocAj4Pi1WpkBLZkk8ZgO9La80am8ns8cyd9ffCS-XJ7punh6xGcVTXnZujN0GCNUFe5yUxXpQC5LNzrTt1zBrGGO9pYq38eE7Sb-9G9oC8Z0t5dE_KxdjgQ9DHwmp_-DAl1uQcFZe0iK0gEch6r6Ik_Eham0m1zrav0l4_2-14YINNQatc5TS24veKwkybUZU0FPvV3eH4m6dlEt0DfNceS3NjKXeqerpaeaLMsp6y3OdYSdRGG887xEVrrwawYrEfirs_GAPvOtrQyKNRnoX3xHP138WovIeUJc2Ci2vkPMDyzEOOEFn8eRU22yjCkD_ZRE_fSlDuztAHpz6VLAIhA-wUfNz_yUFg0Mc1K0z_1l-rWBrHkHHHxVMEMVefah4pNkQ84slEXcbadYixUWmFy4CgOnHyYsn7i4vDBo1eqrDSN1J1EoI3XeuvPy75otqeMoGMSoCD0C0w0hlW9bUW8mlXmOmPGEOMsp_1gXNBSDA9jElotJjWq1nsLDpusrltxmVDAwY0VA_zOV9XFw5s0niI8MEkZA6miKVXk-PEhrRnOaw1YQNRd2jIJ_88EBfHRnAWhe9KYPu2BO8zE9qjhylpSudJ-6bnZo-OxnSXnP4dlPo0JrufE-2tw8D3P45hCC_hBnKgU8_5XwDWXjgT2Ik-cxBroo8rcfdHWguERAN7BnGoALjJ6DQH5obVzSfvZc9EMbwQfhwGor09zg7zJS70Njn9N-UcAseGQ0vYDDckxS1SFUo0jxaIKni9YonS46UYG0FtLIozWnbYwxpNmTd8ELI2YX5iTqMD1ncbOc1-jtqtS1JjmYohFBFV8UqeeBwfyTHOD2YO1-990ZOJjhooN6Se2_CJ2PFYFR0W1wz8qvo9aLa2AJJId_81T5o8w-KCbIjf9cAtJp3biTAU-ToN7hXDi5JOKv0d82-0t1M73QxpsmAivFNJs-US3Bopp5ETFIMtAfHQvYKaQCmshTPMzfYG2E8PccPBUXAIztUObmAQC8mFmNiVU48W21hoHusz2gt7l_6zdy9mIidaJb_pYGCIT91DbYMbIqg-JaNNRcCcg-4lt-ut3ZkTFOpbV2XDuRxM5O0YgW-Q1RwBBLzcxbox6MBmngPe3D5EFBT_AqjWNGkVRVuc2rQ8j6a0oJ5gN-prPSmbna9Ke6UIjEJjJwZTQJi6c1EMlNR74-Dp5AdWDm3XjbklBxmsn0XkNGPNGm5cgPgYNhU8oibs-9w1UlieS9jSkXfk722ajFBDEyzUujgmrPZdXyk0miOzF4YHGFUc4NKoagLbA_qfk1EPHOxAbsedjWwiCSIF1kyQMnsiIDK0Iuq4Q-pkV6FZiYaqwtJwxypYe4AClO-KpDOpzqpohymR2F8Ou_zIU7tjjBUU9FWtxdEmc9lGJQZ6sWaxsw5VytJ--0tlXqLLZb3t0mqf85FssrSuv2zJWcqXwBJ9dGTP7NZjU4Npbt-af3UQ5Hv2a1G1lctSlZKWNJtolR1QZEJn-buoPxUenozD0QIFs8VRipMmjeV9qL5F3NUbcQmVPu5blXQRnoljzc_TCYq2V04fJcQztu-W488Ny8FgsCY1fKibwadvRG_aU3VmKiLU4hJzSh-PpHpJUCW5mwk-82Y2CQL0HMDmTlFAXaeEj5NLwwj8-s97qfiTSV_8E-BPIPvHzpAnlf5XV6SzCsdVMHvNN_6qQHhcDHKWRBXWIv7V38ILdcDTUViPTVORRn95lxcQN3Moe04_dHKw7nWqiW_zHtF6FuGqTPvlIX0C98_QBxMW1NFLA8TeM7QpMCEJ3cO-YSAu4GPFPCVLRpvnfb9ftq93pTEK9FiIZevJ6gDtkxQYpuCzCbfQLkis-EjCFxzPdBHsI5eFwRHxnOaPq7kU4uaqpkKak4O67oKzQG75LzDfwYBu_oEtIs16x9RCmVsSTWvfvPpf5mu65xnRQs1oHQQx53Bk4qrbjH2XB0nYw1DM0nk2YqxIEF3lJEqtvTUqhuRjULHGAvQX9oCWL35-Mfmtvg0F1f0h6bBgWXvwD6f_2u91J_kSoj4VWek2TyBPIbEMtlbjhcGpMOdjy3mPG504flXi5Bz4PwEYyYZMB0LGQA0pbSoo-DZJB1CF_OOkOI3qWcyCTAtxz_PfbmmUuT-XLldzAe0iPbzbwhxJGNl_e-R3U6yLpFh9hPER2XnRZk6fJ-nfqBZIb2rAedLUEckVqPeF_HXCHvvyAD4bVncZl2thVXG5kzibHYytmqtQ1yDNsxE_yCPXK4ckrH5uZqJRh9e-gZK7EzBQGqc-kJO9FPIm3ZmIw7UEUveSBy2spn_u-oRv-nz1SjdD6oJSfZoPxqKiLTqiqstlxr5XmbZz6CVjRaOqlV_ULLK-X1kUWYIUQ4Cn3rno_dKgFZoQ35Fbf-rcGRJpJe9Ac1b-SetG_fgikKB-kM50bw-cGFi4NcSjVCi6rt-0Gc4oXhm2Ff-BymA-VeFJFQItVk5pNtDG2fV0FzI8FV7Nj1p7nm2h4MUvSmUFoLe0FXALoedNoNCXU2jdiKB0VDJYi1mHivpUZKiiZE1Nr0YK4g4Jl506soEEspp3r4RhxmFGq05yRBi4RncZwcklwLihjO-qlNSX5MBxVBKNKZkc9MGBs2aNhNNP5Md6AQ7qzFjI-R8SP4wUzo2nACLnLeRzKZAqPgk1LcEeRRn24zr_vu8VVVqYoJiCFIvqVzZJxVdepBmYyOKpH44oEsSZH2AC3bMfamW7xAvbVyBLttmfcu0ICAZkFkmQ576fNOll44nonJn2AOf3Tb9r3qboEifkCRdc-n3OQdUN4gf2xXjXVxwQ_s3uB8VmIzVLhb_0q6kVVx9KEudRytTTLCoRVZFQUD8qOY3V_FXtAe6Ab7eZs8ZPaGA6QGRvA2U1-5VcdWIjF5Lntu33b0ZdCBcF8Exj8R8a41VYn9Lu-a3bU5cF6-KCbpGp0tPlqnLd6m9dgDwvVKYB46fpByF8R76DTZA2Se8Jh6dQY76hB52hCHxdlSOfskqGSqnm1-zh8nN9olK1Hx0VyM_VsL571FTeSO0O2jCIxAXlhwG9nP1iO79iN-OTcDM-P0L1iDVISv3bm6tn4Ge5MnwcOlQ2tcHflppYc2ftSOIp3eLEEqsMgaePKOvPsousy-5Qn7UwuFUVgk0_yrynZZlC_i4mirmzk8_7rMyA&cid=CAQSSwBygQiDTDOuz-mzJC6oAXrChVHiSs2CZAjefeFMkGCoN6WSIrLl4fcXiwnYFi7ZwianKPXlunfyW0gba8sJWkgLJH8MqVK-vbB21xgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ds=l&xdt=1&iif=1&cor=3861195155816789500&adk=3944675600&idt=264&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 17:53:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
62758
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10768
x-xss-protection
0
server
cafe
etag
11141491900784070631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 May 2023 17:53:07 GMT
728x90.html
s0.2mdn.net/sadbundle/14190526117967439480/728x90/ Frame 2E1A 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14190526117967439480/728x90/728x90.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a79e170025bc60f0f8190e8baa0ffa6b368f07cf618348fc68cd29a02f831b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
205897
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2320
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 02:07:28 GMT
expires
Sat, 20 Apr 2024 02:07:28 GMT
last-modified
Wed, 22 Mar 2023 16:45:06 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4587 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstGc9oeQQSIrTv6bWyWV53iKW3q_gQpB2FdN3Op0DXafELuQlgaCMg9MVyuWwzYaDX58MmTXUgS3zCCvUEdrrG4VObb5P7iNZdkplNPewBwMRVCrpNf_YRUTqU4xaijHZMJqihI-fzKARViUfFeoIVf13ejhxnzlMrSl3Ms8TcdaWGfGQLCTqHmE3ip77AyFvDsGAVQex49io_1KOOBY4-kpXCU80jbw28MF6TkmseaZjA-bua0EYk92g4mvojI4OGo96Guun_lX1KIk44rmyp5U-BkoV3SzJ7yamvagnqes2-ruFSQzcG9TT569-2V4npfXnoTvYKeRCOG2AhfNuIHiAZTdtEc4SKxvfKSvDREyEATGVXsd9mWsrM03-mH1njuJC2UzOA8nwVFHbsUjk1dNr9XtVG98zdOaDVSO25swwEiBviieage_ooSutrJjVyqzK_Tz8wRLhCfd8rFy1Xfm4zWL6SfmmK_vZ-avvdAEbIuSUcHLah5XYBBZ6-RBGI_WHLdfWdrBzMtBbN0jQ0Y2IDwPrsn4MsIjE_k_nKUAS2UTXHnSwoAbCwrYq3jQCuhg4yCdzhsaJHJyAOXybqlbAL7GPOWQOSzZ-CYd74pjidkPXE3YmjNc-Trlbtq4d656M83GmDAq9-6v_g8oKdJ09dNEG3yaWh17ehE64wVzit13cehldJEB7HQrupfFyAS32PAADBHGN_OOcj53N0lqnPYwWWkd9Fr01xFnreQs66wTKKrWwGvSNcvHtCRfj9CyTgYdt-HUnB6akUTVPS6O9JH3or2k2BkhykE-DfxLKJIRDBZnzUMfcmyN-7_MU9sah-Z74UMFO4-PC8_3z5B5h6FuSxbiDWnw4_SIboSQEAxB9BFS7lOn4Gdc5XTYAjPHLqC3upe2m059c6M9u2ORpz7Ds3KxvjaE5UdJt7-zbr-XNOEWGqUQ3iMhLGjA3mvydWXeXmWQKcsn-Ujg25jGxhONZ0ASvX_rFBKxuH6JbrMT8E0PSlSUXA9Ik4b6vHTyvWNV2yBx0-oZ348nUXvn44IkFxmi2ScNlmXg9JQaYFTHkEPRYa4v6d_Q2xEEswN7Umv6WQ7O7Rp8WgWf9-aPYwtjHl7wH5EERrOINWRUwW1rcnddgR6JO_8Ut2TTdXO8NAGqGwvZG6qEorl2FA0SY5-o40_4aH7AjHYXNs5Ux8Lisdhl-FOjYycjal2qUkC2aq9r_KPS5LyIGfYcNrCSmfYS3FAC1zOLdYjeIcAO7mm1LrqAsWtjvriOQR6&sai=AMfl-YTB1yV6foCOWvlEmNtwnILWNDKQsyJB3a4ii8-2aJbe9k84_ZRd2OrDx9ToZoOyydOtW9Qzpq_uNUlKx5aoqMgl0_xPpzmU3ypH8nhi0Z8SozBMZv3cfJjUKg_S_fRtljLBJM4Ma5iyEzw_d3X_DYlKfh3hcMgCOtfPT0v3vrxGUraHd9H6QKc2lsxbR54wzEN16FIu5wlk7PtSvfZL1-gBNJVNaxmAyrP8qlQxtlzJY7tSLF629jlGRJ-2SC2YvW1jY6E0ulTCM_wUlyBzMnON2l_gtkhcqGdP&sig=Cg0ArKJSzK5CtQnXrVWtEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=59&cbvp=1&cstd=57&cisv=r20230418.71133&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 23 Apr 2023 11:19:05 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 23 Apr 2023 11:19:05 GMT
FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
pagead2.googlesyndication.com/bg/ Frame 1F84 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 16:28:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
154230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14264
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Apr 2024 16:28:35 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4587 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 19:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56023
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 19:45:22 GMT
truncated
/ Frame 4587 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d58c8b785197b3325d8c4c6b7e78015d4124110c7ef045a3c23702e24c81e6be

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4324 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 19:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56023
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 19:45:22 GMT
truncated
/ Frame 4324 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5cf5a31ceb90763b23bc028dc514fc14792f49667d60f2e0154b851d0486159

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/8656519294634426368/ Frame 4F37 		62 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
033b141c2dc9c1673f5eb46b75a5edba77dfb989f32af242c662c37da3628615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Apr 2023 11:19:05 GMT
expires
Mon, 22 Apr 2024 11:19:05 GMT
last-modified
Fri, 14 Apr 2023 12:57:05 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4324 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7eghYQ1WIKumhTgDAsqC1A790UojU7AEKmBgh63Pmpy4iPVhyhiqWMt1xgRxhExOcrsxYCGM94GQS1ymhlTLtH3K8Imm8wUi2Hn7e9fKsUEYPqVy9EOxDJRX8OKUE9KMzYmCThC-2tg1kr8I2mWQQj9_ip74hJIEe-nO1Igo9_ivXBSqVdbHcjvl3A3tIMUMaWeOVsZrVvIdTpOMGQhKnL2dZP6QfoFr2tISNzKTz1hThxO_qsuInaRw4vVxnHAvOyQoXisCPZXQf_-7h64DkbdgO_PQ6-gIppny99D-WuMgo6AJww44ExVi_xMmvNn2dX_fw67YRFXd9ufXYCw3Dqw1XoF9RxUFkjoyqvTxbYvHQWwuDTFxVEVmEoPyLGxXlA-PjskjOXTnLcKqU2Q3YnW-b8-otUT1GS__2wnn4QPadC_jw-UUqjA2RkHBH6W6i0BHXC5mblwEt6bLXGGFQZO5W8sqRwvBK4_BG5ctfFbjinVQDtTtY0YlTFJg0JrWXI-gluZwd1BzsrpvzPCHlJelyCoCOnx_7tOnxJIAGA426V9CfrkzX_50g9SO1zstAx1F40hCSvnLW6qsqpwjfKkt8L9Ph6mHTdeUdWKRmbQSyzuWDsV729pbYcRuAfg5dlraQgaN4FPzUiIA1O2QV4aPb_n5Js-qIYsabtzsIWiUT0Ie6HyIVG9vOzdtLSyDDA7kMXOuwxSRBfrFtYKBfBpkZqrjmxSTjN1JpJSpMjn7jKeupamEWySVzBAfyG6c0jCHNi9TZrG6BxIMe7dNObq9Hv5cH49JPNKntksTtqgdxCzp94PPPam4TER8486LzJO9spT1ueSeVB-fcY2453z6lE4N-oDpsrMfXEoodq5Ts8ewBQB6-ZP-SNJ0QEb7Y3hFDrPZWcDqPtNefMZcnm_vCqKaabUyCKgaPTrAHq9kaiNDtxXxD0ob1oWD1c9w7npR4eml2h3lZYO7HetFAaYH8IxOfwCBKAGudcfqp8wtiGNVpVdocvbkhelTwvQ9RnEGlyhiIYpYhBIBmkD66mfW_YS_hnOg3M0sCo4VxRzKGK543E8p8uG51ywpK2ef6zV5I86ZSGEXydL3pmeuRumZtWzpBy2klIWOShx-KV5hmBQDkPMz8_rSkCdvoa5z7aSndcWNc8qOYi-gbDfwgLndADEGT7_nLE6Zkk-k486dfMIWr2Hc8wQwoWpHmM0m9q2aQV7PwufyYvEdeJjyA34a12I2PL2M8qWD-LEw_p9BokTUKyuQtt6tUVgshobpJ5Xqmtzi4R2GKyC4BAFwjMjNXVeoVh3r7vp7_jcMknNViwgqyn5MXnb_Fc9xH5bpvoljbZ9TIHHM4o8f1BhUscQ&sai=AMfl-YQKq2w90Oa7csl3Ztf-2Uu2xBMfSNL-0DixosAfalSKBnOJkajKWXwZjU1n9tBtY8AM4P-cH0uEQxbwrK16QCVtJ_6eT4nbiTz1znr75itzhhPRR8zh6Prf5J-pXHBndh3pDlfgK94ni58ZldFI3Xe5HspoaRYG62Jy6wmlEhZ66W34-MVWq3jpKCa3HcDEB7_PsJajjsr3ap8nhBcpor5rd3wNaMDeWuHGc4Q4pd4WJozTN69au4nAvmp1aOGdatTZAGwOiq1BGrXJHcqCPqxKtlh-9lkOHGuTjfMZDmKWqnfKe_ytWExs&sig=Cg0ArKJSzBqkaZD8XThcEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=96&cbvp=1&cstd=90&cisv=r20230418.47831&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 23 Apr 2023 11:19:05 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 23 Apr 2023 11:19:05 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame 4DCF 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16246292034538192363/728x90/728x90.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:e::210:f105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:05 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Sun, 23 Apr 2023 11:34:05 GMT
728x90.js
s0.2mdn.net/sadbundle/16246292034538192363/728x90/ Frame 4DCF 		38 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16246292034538192363/728x90/728x90.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16246292034538192363/728x90/728x90.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
237c34a74aa8af6faa636c031ad3420ac4845b6ed3bc32206634ecf23ad4a73c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16246292034538192363/728x90/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 21:31:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49653
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8420
x-xss-protection
0
last-modified
Wed, 22 Mar 2023 17:21:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 21:31:32 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame 2E1A 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14190526117967439480/728x90/728x90.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:e::210:f105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:05 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Sun, 23 Apr 2023 11:34:05 GMT
728x90.js
s0.2mdn.net/sadbundle/14190526117967439480/728x90/ Frame 2E1A 		38 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14190526117967439480/728x90/728x90.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14190526117967439480/728x90/728x90.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
237c34a74aa8af6faa636c031ad3420ac4845b6ed3bc32206634ecf23ad4a73c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14190526117967439480/728x90/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205897
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8420
x-xss-protection
0
last-modified
Wed, 22 Mar 2023 16:45:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 Apr 2024 02:07:28 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AEA9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
68059
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 16:24:46 GMT
expires
Sun, 21 Apr 2024 16:24:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
style.css
s0.2mdn.net/sadbundle/8656519294634426368/ Frame 4F37 		222 B
168 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8656519294634426368/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c7089f98721eecdbbb450c9e2b45a1af7f93b3a7b72b7d28ca2cfd3db468eed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 17:16:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64979
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 12:57:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 17:16:06 GMT
fonts.css
s0.2mdn.net/sadbundle/8656519294634426368/ Frame 4F37 		215 KB
163 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8656519294634426368/fonts.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4e980c3fbbbe26dceaf863bfde4520bcc15e129758977b15717b759bfe93166
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 06:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105160
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166769
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 12:57:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 06:06:25 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 4F37 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 23 Apr 2023 11:19:05 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 4F37 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 08:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10008
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 24 Apr 2023 08:32:17 GMT
webfont.js
s0.2mdn.net/sadbundle/8656519294634426368/ Frame 4F37 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8656519294634426368/webfont.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
291f3994773299e55d68a325cba52cabf111a4ea9563fc844ec3679635d9ff5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 20:46:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52378
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4962
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 12:57:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 20:46:07 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 805F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
68059
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 16:24:46 GMT
expires
Sun, 21 Apr 2024 16:24:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
pagead2.googlesyndication.com/bg/ Frame AEA9 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 16:28:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
154230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14264
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Apr 2024 16:28:35 GMT
FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
pagead2.googlesyndication.com/bg/ Frame 805F 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 16:28:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
154230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14264
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Apr 2024 16:28:35 GMT
container.html
a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CA95 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Apr 2023 11:19:04 GMT
expires
Mon, 22 Apr 2024 11:19:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F84 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BAxITKRRFZMGlBrfCx_APz6isoAkAAAAAOAHgBAI&bg=!V1SlVADNAAYfNdXmPzU7ADkAdvg8Wo9Jou67yXOjmTXplVONxXdo1kNm0bgfdkG168s4m0ySzrK00fplOKNwC5noKs24hJXo_AQCAAAAhlIAAAABaAEHmQM7mLKpRRYO7K1FwHZy4O_EasX0FRMXVqVqokAGGdm4V3uvzv79_hgczk5jR6xn-ng6MA7V6krm9c54KaLHQ_tey2_i_ns-IGZy2ROUlJ_RPQtyO3cllmJgoL101oGWy8jQhcUOGc8p5YOMV8_NYHPSnMzteGAHUA2Kdd7wYpcAJyhQ0Za3QpUTCi0fJGQBGAsHx_m5FVoHQLlHMMjYHO71QtYNE8WTGyUJZjzrpMjjrrtRmbjs5kdt8s_wTdcDffXMfnJHSbMVCxo1puILftsqmo29unAIsWzTHzFL82c8G7n1dc3MEkK9Gpx0hzYxSEkAje_2OmcvaV4lYgVGuajVelpF1Ecb3gdBAajQLo-S1k83qhLCX6TyxveGsUWgZeSghS_ArRK14KJcTcQriiLKUco80nqL0nLKKviL8La9x9ZJmV_VO-1vxYOTJQsJSPb-6KgKXOsLoMSYEVG4bJq-iyw7Megi38JTqzXhcNFc5oY85iwc-W7aty0h_B4hdp-M2cvxqvSBsBmU6EEREZ2hVu9Qpj34nxJ6egsn51fHan6L6RH8Co9OHxruwwvzlqK0ksWAfORWgykMhh14h0Zk8I3QnTC_QWozg8-NoOAEGsFZcKOQCF6apD1sAl2Od2YZ9466dxIcABIJQGfhh6F_ptRvFo7qGHXOqThXoBvka1Cy3fzF7aT11rl-cM4ndQ6DgOynv_4x-R5DLi-i0zMSrZbyzuqF4NbCWceYf0Ez1zKi_oD8L6bwUjUF0StRuFJY4TqaZPUe36kfSGX2GrNa2ULG7q2JsxsAj6D9hkstU7hsMNOc3SKgf9ucNR331BRFremVLfHj-Skpnx4iRLB8TLyUY6ZfUfR31dAXsTroBoRgBRJCL13kd5nGgcdkllpJ8tKAvW0R1ELZdVU8QQtjZNHmpeExHmigwXHWFIX_Q0mNShOrx6Z0j9tmQLE7MqiekFCMq8E18fzeo3Uz9wn_lPUIjBFIuFdGbPlFCuY4Lp3bdOJpp6PzF6VogdnqS8B2A4kiGVh2-LKV5BBPwZPMLXktookPchzlzqMq_q3YrYZ-3GwjpP5-YdusQw6HJ2cl8q8ITjk5e-1NG78
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
h_lifestyle_adobestock_255232577_half.jpg
s0.2mdn.net/sadbundle/16246292034538192363/728x90/images/ Frame 4DCF 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16246292034538192363/728x90/images/h_lifestyle_adobestock_255232577_half.jpg
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63baffa868a9c730c0643da094da30ee551e8718c1e3d4728042a54e49868d0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16246292034538192363/728x90/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 21:12:32 GMT
x-content-type-options
nosniff
age
50793
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138330
x-xss-protection
0
last-modified
Wed, 22 Mar 2023 17:21:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 21:12:32 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 10B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIMolMb9GUX6M0tYyoVMuzqrSXoelbF9O9OwH4sRjPGyKJFynpejEtf8Fq002NHrr9gMPeYrLDS4W2X-UEj6VNDTO9CqefDFpQrVJzSIijM0b_95tLXxKBEOhuv_gx_HsPnRb3jUNBdEDhla5KUWGvcyjd-kMelA35ji5ukznK3njIr-KrQVFLH2mSXKK8Z2zU-vp8MFxZ7yBuDpRU0YMSQcv5N61u_GD_9rfSNTAtPowG-o8bJJWFgZCujvZE2pduRpROxuQvMEZSb93W1m0p-OFcAIhRtSL923059e0v9hpS943RLuQhcqnwwgx6S0iiN-ezXm1Y_4ZHGYvAr2OypPnEfeYsrYq67OUtdS1Hhj6ZJ7IMBAW5BhuxeHbm0_qNB3i8f4_R3W85seSuo7mZ0LrzP8BZo7KToyJAPSPOKS1wztg25JmOPIVYYW8HrtWTTcHsGMRrty71PQ7LLx5ViLl0wn7z_hsuYGT4V3PcEhnwrgfpE68QQ49aVglmsa-sA_pHAe_m1bLIYsfSRNPA1LSfSxaWVsx4nyOp1bMZyZtC7j0jmi4x296r_oTO3t4eXqxaXTw3ZnQ-tpBT8hs-z72Vl0uAqDWn5XT-1UXcTA24dOWpCFULyj8teBkmmHARbhPdMg9VKDfNiUFwxDXBHXbf9xJgVX2pWdsNsXxAh6YKYCV2nI37YoMzf-83yyeWEDmxL169f43MezZE6QNscVBARFVscrmh8fuNxySI4mbC3VuPnEBDMuirVy1AQU8fC3s0fAtcsx6OmMQWrX1V_J79Am9jQ-8U-aqm3zsxrsh6TG2IZi4hO5GKH8ZLzNVIAz6gFhdOXCQ6Bw8drefzBHbU_epPDZXKKz_1eeh_bxhpPrug-sANH5nos9LEbNYqifpzTToKJhk-1wNaxK58LjZEAMWatIu8J0uLQICWu5Sji0E75kwV2oLyDuVlM752GfRWjNg1zP3qPqjDrZ1eTWZnAvfCXBkTXzYiJc_YEUUCX_3WulrfxP7sJk-D_h91-B8WiTIsVD5gdb96aFCg7oU1adKIzSatCRYrJIv4AB9pzEhQZMuTdQoU_Elhsfxlf_JxsxXAOuJ6BPZFAah1fDyc95HYYufoJ91R69Rg1EHqJd8HRXnqenGER1OzmMmtxoKiSFGZlo6OutYOoNCj_xk0EeqMUoaRYrL9YkQ_qr_Aelh4YwaJ1QR0y7wr0WgWnhJa6TeZpxi_J6oMYeWazZEwx9d93B34tjGkSRFJe7X5kyvIMGeEnUeoDH5chJxk7Q&sai=AMfl-YRTfqJPGkabKmt8yr1k_WDsfKwIC7ABYihJKvfNNJJ7c93dpleHyyszWLkuZhgBP_FfVv6Pv6_EvPxLyGT_R6bJkLuqvib_9PRKCyKfyifhDzjtvBY4u3V098TMaZ3bcbyYW3W-om9wpjh45El-tkAUbIE15T-dy9nSr6l4NcWgnjMZ9I3RLKYiTPdP50ekHzI41IrCB6La__NYlXeatI7Hs3ESnlkjQfQNYhEh2-KelHJlmGUO2277VF0sk-R9FeqZVoZkEfMxWHJ4ly3aCW83VNZJHZ-Q&sig=Cg0ArKJSzJFBDkt2KvoXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=539&vt=11&dtpt=382&dett=3&cstd=154&cisv=r20230418.85352&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 23 Apr 2023 11:19:05 GMT
h_lifestyle_adobestock_255232577_half.jpg
s0.2mdn.net/sadbundle/14190526117967439480/728x90/images/ Frame 2E1A 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14190526117967439480/728x90/images/h_lifestyle_adobestock_255232577_half.jpg
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63baffa868a9c730c0643da094da30ee551e8718c1e3d4728042a54e49868d0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14190526117967439480/728x90/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 06:14:59 GMT
x-content-type-options
nosniff
age
104646
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138330
x-xss-protection
0
last-modified
Wed, 22 Mar 2023 16:45:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 06:14:59 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4587 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstGc9oeQQSIrTv6bWyWV53iKW3q_gQpB2FdN3Op0DXafELuQlgaCMg9MVyuWwzYaDX58MmTXUgS3zCCvUEdrrG4VObb5P7iNZdkplNPewBwMRVCrpNf_YRUTqU4xaijHZMJqihI-fzKARViUfFeoIVf13ejhxnzlMrSl3Ms8TcdaWGfGQLCTqHmE3ip77AyFvDsGAVQex49io_1KOOBY4-kpXCU80jbw28MF6TkmseaZjA-bua0EYk92g4mvojI4OGo96Guun_lX1KIk44rmyp5U-BkoV3SzJ7yamvagnqes2-ruFSQzcG9TT569-2V4npfXnoTvYKeRCOG2AhfNuIHiAZTdtEc4SKxvfKSvDREyEATGVXsd9mWsrM03-mH1njuJC2UzOA8nwVFHbsUjk1dNr9XtVG98zdOaDVSO25swwEiBviieage_ooSutrJjVyqzK_Tz8wRLhCfd8rFy1Xfm4zWL6SfmmK_vZ-avvdAEbIuSUcHLah5XYBBZ6-RBGI_WHLdfWdrBzMtBbN0jQ0Y2IDwPrsn4MsIjE_k_nKUAS2UTXHnSwoAbCwrYq3jQCuhg4yCdzhsaJHJyAOXybqlbAL7GPOWQOSzZ-CYd74pjidkPXE3YmjNc-Trlbtq4d656M83GmDAq9-6v_g8oKdJ09dNEG3yaWh17ehE64wVzit13cehldJEB7HQrupfFyAS32PAADBHGN_OOcj53N0lqnPYwWWkd9Fr01xFnreQs66wTKKrWwGvSNcvHtCRfj9CyTgYdt-HUnB6akUTVPS6O9JH3or2k2BkhykE-DfxLKJIRDBZnzUMfcmyN-7_MU9sah-Z74UMFO4-PC8_3z5B5h6FuSxbiDWnw4_SIboSQEAxB9BFS7lOn4Gdc5XTYAjPHLqC3upe2m059c6M9u2ORpz7Ds3KxvjaE5UdJt7-zbr-XNOEWGqUQ3iMhLGjA3mvydWXeXmWQKcsn-Ujg25jGxhONZ0ASvX_rFBKxuH6JbrMT8E0PSlSUXA9Ik4b6vHTyvWNV2yBx0-oZ348nUXvn44IkFxmi2ScNlmXg9JQaYFTHkEPRYa4v6d_Q2xEEswN7Umv6WQ7O7Rp8WgWf9-aPYwtjHl7wH5EERrOINWRUwW1rcnddgR6JO_8Ut2TTdXO8NAGqGwvZG6qEorl2FA0SY5-o40_4aH7AjHYXNs5Ux8Lisdhl-FOjYycjal2qUkC2aq9r_KPS5LyIGfYcNrCSmfYS3FAC1zOLdYjeIcAO7mm1LrqAsWtjvriOQR6&sai=AMfl-YTB1yV6foCOWvlEmNtwnILWNDKQsyJB3a4ii8-2aJbe9k84_ZRd2OrDx9ToZoOyydOtW9Qzpq_uNUlKx5aoqMgl0_xPpzmU3ypH8nhi0Z8SozBMZv3cfJjUKg_S_fRtljLBJM4Ma5iyEzw_d3X_DYlKfh3hcMgCOtfPT0v3vrxGUraHd9H6QKc2lsxbR54wzEN16FIu5wlk7PtSvfZL1-gBNJVNaxmAyrP8qlQxtlzJY7tSLF629jlGRJ-2SC2YvW1jY6E0ulTCM_wUlyBzMnON2l_gtkhcqGdP&sig=Cg0ArKJSzK5CtQnXrVWtEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=407&vt=11&dtpt=348&dett=3&cstd=57&cisv=r20230418.71133&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 23 Apr 2023 11:19:05 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6CF6 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiR3sHIATAB&v=APEucNVlHdYzfHSrlBK1qNQlW4wh7r23onOpw8h2pfY4xnbAN--FiTLvxeFQt7T87RKrbOyFYpEPDLV3W4puYmHaLxECtjVuVp89jWBwOXDcFamQ_zab3Hd3eYKIuy_QJVeZf7o8FKjmEOvb3iPjOp2PakTM7UjPLi6pZYADwaGi7Lj45_BDztA
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Apr 2023 11:19:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame CA95 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 23 Apr 2023 11:19:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CA95 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BeqDDLL7Y967GTxKkMkKu9-btthnwCH57v3m4YZozBuN3fDyO5sKirxo7vwDmG3vPilRWxZrG9DtlByQOp5pL-xVPrKrrShTiOjxqXR1SG2dQle7g
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CA95 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=733682005530488370&x=1&ct=76
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame CA95 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 May 2023 11:19:05 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame CA95 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 16:45:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
66840
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8104
x-xss-protection
0
server
cafe
etag
11444945707709536616
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 May 2023 16:45:05 GMT
l
www.google.com/ads/measurement/ Frame CA95 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRolzQtn7e4exwfBVEyw6qLgojjxIXtuHu_ORzEuu_o3395VUuqDeW_ddSDKRuT69snOwVdYnCHaCdmPWGe47f7v1GV7g
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CA95 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 23 Apr 2023 11:19:05 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4324 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7eghYQ1WIKumhTgDAsqC1A790UojU7AEKmBgh63Pmpy4iPVhyhiqWMt1xgRxhExOcrsxYCGM94GQS1ymhlTLtH3K8Imm8wUi2Hn7e9fKsUEYPqVy9EOxDJRX8OKUE9KMzYmCThC-2tg1kr8I2mWQQj9_ip74hJIEe-nO1Igo9_ivXBSqVdbHcjvl3A3tIMUMaWeOVsZrVvIdTpOMGQhKnL2dZP6QfoFr2tISNzKTz1hThxO_qsuInaRw4vVxnHAvOyQoXisCPZXQf_-7h64DkbdgO_PQ6-gIppny99D-WuMgo6AJww44ExVi_xMmvNn2dX_fw67YRFXd9ufXYCw3Dqw1XoF9RxUFkjoyqvTxbYvHQWwuDTFxVEVmEoPyLGxXlA-PjskjOXTnLcKqU2Q3YnW-b8-otUT1GS__2wnn4QPadC_jw-UUqjA2RkHBH6W6i0BHXC5mblwEt6bLXGGFQZO5W8sqRwvBK4_BG5ctfFbjinVQDtTtY0YlTFJg0JrWXI-gluZwd1BzsrpvzPCHlJelyCoCOnx_7tOnxJIAGA426V9CfrkzX_50g9SO1zstAx1F40hCSvnLW6qsqpwjfKkt8L9Ph6mHTdeUdWKRmbQSyzuWDsV729pbYcRuAfg5dlraQgaN4FPzUiIA1O2QV4aPb_n5Js-qIYsabtzsIWiUT0Ie6HyIVG9vOzdtLSyDDA7kMXOuwxSRBfrFtYKBfBpkZqrjmxSTjN1JpJSpMjn7jKeupamEWySVzBAfyG6c0jCHNi9TZrG6BxIMe7dNObq9Hv5cH49JPNKntksTtqgdxCzp94PPPam4TER8486LzJO9spT1ueSeVB-fcY2453z6lE4N-oDpsrMfXEoodq5Ts8ewBQB6-ZP-SNJ0QEb7Y3hFDrPZWcDqPtNefMZcnm_vCqKaabUyCKgaPTrAHq9kaiNDtxXxD0ob1oWD1c9w7npR4eml2h3lZYO7HetFAaYH8IxOfwCBKAGudcfqp8wtiGNVpVdocvbkhelTwvQ9RnEGlyhiIYpYhBIBmkD66mfW_YS_hnOg3M0sCo4VxRzKGK543E8p8uG51ywpK2ef6zV5I86ZSGEXydL3pmeuRumZtWzpBy2klIWOShx-KV5hmBQDkPMz8_rSkCdvoa5z7aSndcWNc8qOYi-gbDfwgLndADEGT7_nLE6Zkk-k486dfMIWr2Hc8wQwoWpHmM0m9q2aQV7PwufyYvEdeJjyA34a12I2PL2M8qWD-LEw_p9BokTUKyuQtt6tUVgshobpJ5Xqmtzi4R2GKyC4BAFwjMjNXVeoVh3r7vp7_jcMknNViwgqyn5MXnb_Fc9xH5bpvoljbZ9TIHHM4o8f1BhUscQ&sai=AMfl-YQKq2w90Oa7csl3Ztf-2Uu2xBMfSNL-0DixosAfalSKBnOJkajKWXwZjU1n9tBtY8AM4P-cH0uEQxbwrK16QCVtJ_6eT4nbiTz1znr75itzhhPRR8zh6Prf5J-pXHBndh3pDlfgK94ni58ZldFI3Xe5HspoaRYG62Jy6wmlEhZ66W34-MVWq3jpKCa3HcDEB7_PsJajjsr3ap8nhBcpor5rd3wNaMDeWuHGc4Q4pd4WJozTN69au4nAvmp1aOGdatTZAGwOiq1BGrXJHcqCPqxKtlh-9lkOHGuTjfMZDmKWqnfKe_ytWExs&sig=Cg0ArKJSzBqkaZD8XThcEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=391&vt=11&dtpt=295&dett=3&cstd=90&cisv=r20230418.47831&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 23 Apr 2023 11:19:05 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4F37 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f29a35ed33fa48d501f06b8ee0b29270df19b1c927d0aa9ae82d98583cf5ecbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5765
x-xss-protection
0
prod_studio_01_247_configurablemodule.js
s0.2mdn.net/879366/ Frame 4F37 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_247_configurablemodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8460aaf36b73e229c6b0fcaf7bac791e23c3145e87de6a04d0d91541e39289b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 05:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19722
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10616
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 24 Apr 2023 05:50:23 GMT
rum
dsum-sec.casalemedia.com/ Frame 6CF6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMn3pbyseMxHtQxkG1vf-bk&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMn3pbyseMxHtQxkG1vf-bk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiR3sHIATAB&v=APEucNVlHdYzfHSrlBK1qNQlW4wh7r23onOpw8h2pfY4xnbAN--FiTLvxeFQt7T87RKrbOyFYpEPDLV3W4puYmHaLxECtjVuVp89jWBwOXDcFamQ_zab3Hd3eYKIuy_QJVeZf7o8FKjmEOvb3iPjOp2PakTM7UjPLi6pZYADwaGi7Lj45_BDztA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Apr 2023 11:19:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMn3pbyseMxHtQxkG1vf-bk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6CF6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEUUKWXHLtp6YRwKpkoKqQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMn3pbyseMxHtQxkG1vf-bk&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMn3pbyseMxHtQxkG1vf-bk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiR3sHIATAB&v=APEucNVlHdYzfHSrlBK1qNQlW4wh7r23onOpw8h2pfY4xnbAN--FiTLvxeFQt7T87RKrbOyFYpEPDLV3W4puYmHaLxECtjVuVp89jWBwOXDcFamQ_zab3Hd3eYKIuy_QJVeZf7o8FKjmEOvb3iPjOp2PakTM7UjPLi6pZYADwaGi7Lj45_BDztA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Apr 2023 11:19:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMn3pbyseMxHtQxkG1vf-bk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6CF6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFdi0fBJZGNGXWipaBygL78&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFdi0fBJZGNGXWipaBygL78&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiR3sHIATAB&v=APEucNVlHdYzfHSrlBK1qNQlW4wh7r23onOpw8h2pfY4xnbAN--FiTLvxeFQt7T87RKrbOyFYpEPDLV3W4puYmHaLxECtjVuVp89jWBwOXDcFamQ_zab3Hd3eYKIuy_QJVeZf7o8FKjmEOvb3iPjOp2PakTM7UjPLi6pZYADwaGi7Lj45_BDztA
Protocol
HTTP/1.1
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Apr 2023 11:19:05 GMT
AN-X-Request-Uuid
fc663f57-042f-4d0e-ba66-5f002add93a8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
37.48.94.48; 37.48.94.48; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFdi0fBJZGNGXWipaBygL78&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6CF6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE1MjYxMTkxNDI1NDI4NjYxNQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE1MjYxMTkxNDI1NDI4NjYxNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiR3sHIATAB&v=APEucNVlHdYzfHSrlBK1qNQlW4wh7r23onOpw8h2pfY4xnbAN--FiTLvxeFQt7T87RKrbOyFYpEPDLV3W4puYmHaLxECtjVuVp89jWBwOXDcFamQ_zab3Hd3eYKIuy_QJVeZf7o8FKjmEOvb3iPjOp2PakTM7UjPLi6pZYADwaGi7Lj45_BDztA
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 23 Apr 2023 11:19:05 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.48.94.48; 37.48.94.48; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
54314034-12eb-49f4-8bc7-053fe1b3ee5f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE1MjYxMTkxNDI1NDI4NjYxNQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4F37 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 23 Apr 2023 11:19:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CA95 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3788460234056&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CA95 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3788460234056&version=m202301230201&ct=76&x=1&cor=733682005530488300
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame CA95 		82 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ckp1xxJPwrApD785NfHGts0lhH51H-LBwUk1234XbnMjB9oCsoFeRey59wed9dGdPqdVztVrE7M_eRDWKgjk6ASyz9iA&cry=1&dbm_d=AKAmf-CxR9nCVVG1OM5MchmLWXOVxXRztncx2YgVWxob32IfeH_oK9Q4xwnB91Ps-nLZKGNMcSgYdsBVvVO14vB746pHWMVVunxC-vKevXyKUWqnkX6z-_KxCBgsXODRJ6oNTo0lQADHIwg4e-GfvF-wnJ956cLpB2OhEQa9SmZ4lXLhR4ExooN2-gUlejfwUz0-WOYc564UFJX9exJenCRbZC3myRaSoXMtmCZK5_9gyJOwg-hPHVc58QgjgVQEzJUnokBGnoY9o6dngeFQid24mHzGYYH30Hao_81rLxqjSoWZQwbzybW57s70zjBT_0k5nubvUqo96GKXKBBukkrjiCh0mIBhR59Kow6XtDkf4ujTOMCgBTYc1stNxI8tdtu-zcw3wlTpTVTy0K-FmDiVK6VLdr6iByRdMzAXeXMbGCC0byuLqKVLze5_3aSbjKGMPy47SeAdQaCZLmtIE7K2OAkzA-5fcY2jKylUzxKEp4D7F6lnJPAxXTUuYLiGqYmZaN_lOYYMuXUXbAP-kEXg6CsA3_bd0mmeZFrIoZPlvhZKJlUqx9E8_qylZOHHojlfyXLp5BbuBct_RUHxKqryy7djK17JdqgTcEFo00UpbbuGa6DqIyJv9HxU545D5E88WcA_FDQQIIyOxCGkbWfj0Osva9kioKWrWaaDajuvPIxPCBCXNe3St4ZdCBfSxxbgdA_RJlCRPEUtLy6SdJ5E95ClsIoOiHmcvorwKYW9NNpJ2Viotrg1YYHnisBlz-WeNL39gArKHi5zdT74_tYXmjljReEJ0ogsMoKcvKdbAfxbyrB82-F-Ugjos-6isqomvl4M3yY1R30MpvIovcYgilKqGAnXcrbod-4M2X145NYtT32zXdNYQ69uMFoTvDMU-0wbr0LgzxF290xlos9z9FYwCWnKWVpjPCbQPrzafLjXpdt8ra375WuGzEkRVzB1QD_DuauyZzsUMVjgZVaSXN1h_TBfqcPGzAnvkH13TJPYUu47JPNgpTZ9UCzR2xOxHQNBRkzluovsNGjk2FTZS4ChycVlRbiCC7zVIzMlw_LyhVMOT5u5HJZXgojtjU905CdbCR5EKZbByIk8Bf16KXsqdtQTWtAYbV29AxmCluvvTocBmJkKUBd2b2V0RYPmUube4E0OqLaNOpP4I_A4paJ-EjgUi3O_tQ5e-G_50x_ylZfj7nWUh8ndN9jujNPG5jfP-oUieXfusHB6O1NAVTmJqB5Q3CFL5SunCRKxvca8xU6SZgOt-z6Av99WBmJtJd22jabuKYZb17dqwHZGZboe06MSQfX3PbFZLo86ZTTNju9UqYmdhnGXvgZlzzxHSaadNQDUndtF1cFa02bMB9DkhRk5Vq1I9kQ4xOXD99TMPbFZ9dyAqqzfH0019mSrQ-F-SFS2OTi1avIMAtGg2FbGt7sf_T-oIub9lKLu2hS_ss6KExtDjxdN895oT-oKFHhYp_ZXyAM_hJVNKriC8l0-bU04mJzG519EZtVj3AvlBrfzfFunDGpK3Tzii1_cjDZ8j3SrPWSd3TAL5ouzwxlB6xN7F1GU-3Q-mXiiYpzVpe5MeKtyiYJAaLBCudCMto_yWvxuQo4Q-0wx1zfLwSAX6jkLp9yod2J5ay1xMUYSz-W4x211rAnrsLZxHe8AGYAeMELKjbeXzK77yDFlKotAv1yY3ssmOOPB1pA-BmKLVdgHEaPsEXtBJKJHpo7gEWfvE4x0a6ALB8wVkYDYuaJAIZ1VZ-7LhZ5ow9qqYGL1NxIcn8OzfrGO7_7V0eW91BfMyiEKQROoUZTrYAu1FDX6gZ9wPUeX1z7NyVGnVgstOZGwj_aZpdJ3PiNtRwzkIEVo78H0I2LKTVUKl2L164uC9VVkv4KM4ZiFQVPDb66opKO1cGjhUO_CfggmeMUxIs77HYtTjU6dL9jvx27zmtUtygTTDetCkR4qRO5pCvqjIqcRC2UzfA-_PKe2QIiXOA42nm2UaycdpNVU6nGe7VXLvz-ezLG42k0a-w42AhTl_mgWnnvWVzc4kelcPRp8swRdeQXbOPGCRfF0rJ9jkRdlm5yEnRGyB2fCiXb_eny0y_9M6OphvolGiVDKxnstNDEuS1uTl5XFxXSuv2V30X-UQL0s92qGhm2FD1foYNxuTuEZjYpjaRfa7wfJ2CUgN0iSv1gIiP42B6URR7WtT45NEGxwQb__Gu1ZRccvDGRRrjLaU-q2gfap2O2sOpPc8yWKkTrcr3y-ZdjfwxPSoqwU8jM5Q4sITBlkrpK-oeiU6yqQTjcpSQ4lLavGNEGKsT5PUKbZ2r7RFHWp_FRsJeoEs6f02kWdt_sjP4PigzJgL-ZSAWDieXmXs2KMfE722KZamQiCdKyQCSZXVNi8OaBU-_aFvVjDtO119kXVrbfTF6Dn23_c5-Lcjux2SKLlI-IoWUuI4iNW_FTnPJL0hcqk3yEo1qEO3CezupG7fZRtRabfIXcR9fV_rWe_JdK7ZWUhXvqeC6lqGn0sg_B7CFUEIRa5eOllPY23TdSuKjbrPlaVe2Y24Sg2A-GnYQUkm9Nu2-rMiOqeGPbFeNiEH07hBAdSn1v0m9-nhEMYN8TSyBlKZCakrVHhxGlImoxBf_IGtih8H6W08Asb9ey2dQMbYaLEjyJWvWxpGJNj12tRoPNc-TwRukqihjXfANgZRKpvorOV7JD1H5jw68XZY0yjvsZAg_TNSEFq_eJVDGqHJaKW3cJJ7lWyc4hlFYvY0aEl-FpZ7cxtiX60S8aoQrAYiqry9yQhPe8iKQmaGVq8lR0gKIOlz3usDTHWB-GegK7hSDc-pIQzVeOQc2n_rEqXMQBkzk9CNptrk8SsWouTTVzCRBbbez9fAggm-GbJ8Hn1Lq5xKwpFF3zw4snqR7X1yE1mYgPwYbXiG_zOy8AmdakH0_pcWIP4Z63TAINjfkzCuBfviTaup4ojaXaeR9emhxxYpMGnz7saXayCr4vbvy9sWpZYzAGHSo6CQXZ3yvig7kQ5i_q9bA9qTN00HBNgZ7Ndy7AeIAorAeqac9ryzUfOzI1JmqrJad9SDtHDAKl1RM65ekqkjQ6DbY2zPCkKwW48_l56JAC6Y7q370LvkgpAjhmtZUZWwNtj3Imgi55fjiR3zIli79MxNWHf0U6ndUwN6uEu94hsn1WyqmVB_1kwmtfahNGWGRShDN7g35ccI7Y8zmRjSZ_0k3YX1xbgXsSmk1bZ6GnmTm5513StF9OaoITqecRgWUTNyJA3dzcVA-Ae5MAHAWucOoEsU8ZAfh0dpa2_nAv4GpC7buRS9kGZNKMxgoRgGzuhobyIFVzvsAgKTqD2fqLKo2zKpSg0UKMmkf35Uk1ZSMao906ZxtaulA0uIXH8WzdWSziWaWuyrcKkRIuBq6ORVEAGUrZGqoLYlcbLlfIma20OiloHxYm34tfHfERLo_PqP5Jta438TAQxlyW2UrVCCTsB5azIakKmk67g7TfcJZF1EiYT6gBbvPs&cid=CAQSOwBygQiDclgWEoe5wV9s1l7PQSa_67z-IHHNyrtgoqKaWVo8q95g0IPDTfoDiUTj-e2tXg8kixRyiyhGGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ds=l&xdt=1&iif=1&cor=733682005530488300&adk=1033480531&idt=92&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13369c42454445014ed09e0a17f5415129fad4db2cb31784ace3b8661746df6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35722
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
300x600.js
s0.2mdn.net/sadbundle/8656519294634426368/ Frame 4F37 		126 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8656519294634426368/300x600.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b59f9e7e5e04f01ea36f95ac5f5ad7df0d6427c527cb863d9b38e858ac6013b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 06:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104055
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28726
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 12:57:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 06:24:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AEA9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bqo7oKRRFZP2CDsrYx_APl4eUSAAAAAA4AeAEAg&bg=!4eKl4rbNAAYfNdXmPzU7ADkAdvg8WpSWLEfFHyRFh_nKnGKezTtfCIK_fmllhp4kWU3KQfT3IRoieGlzo3_n92lKI9aq3YGpxjsCAAAA81IAAAACaAEHmQMxZWOvLyneuQF4kuce_gZEx1GvJe1lCORjpSJY8PsVgBxQtDLycu8arK901haq1_ZX0c2VnDevZRUmy6bhYirwb-qrcSul3gyRvcrDeMiuCyN3IFpoLOabo0MBB1WyjBCHwQqs8VBPmTXL1q7-Fjk3wY6m9XthGIm4aL9cc6z_aPHK9utG9mboaUbWZKRSw0cwi0BYrcZzjiM7RQ5-JNfhZF2N5GUo7C1LHulbpG1Fe00BvWEhhIzybF9JrUIWc1TSRCOzNPCUpceVHV_dr5Dzh5CRq4f2hBtd_pEmg3gcDbm6TS_KeuNCU_m2wiCkQeHSZHa5W13l2PPbPFbpiT5m2KDrLLOafhnN3BuZmsaUvfpcGuSl-tCwhfHJnJ2ZTGiIKvBnipy7q41NbtlsBBX7dbA8Fo-SKQ5o-uDVQLEkPHVkdggWn0gwM4A_3Fzu-w9lUoed8N5NraJ1wvgTAfckzUCRwQySYzuLuxsss9g9nim_N2TailmB5aOtcrP0djyhnGrdGLjkMt9J_ud64N2Woq8REG6LpYvipY9YW2UJqYv-XYIttyEy3Xm_x0uhzx8qPTgnvOw5DoXw4M_VcUoV367OtBL_l-pO0diS31uHmbGtyrdgFQ1VXBfWr-kJLYTIWxs_FLSnbjBirk59-isiaR2_tcfeWs2VkFoo9GeVK8OiwbMrAmTEUNNlcPtO5xQAOkBRhEnRk_plDYRrTxURLfqkHmfyBsiIDVdrBNwFw9x0RQ_9j6Q-PpXwK-4_0uZ_pfSSQYboSKCc_OvBj4g-E6QjBIoEvucW5ttOBtd8CLJM2OGzyVzcXQ3YzLv880HKv95zm2bJ9oLysukG5kISlNoiDwp41WRpS4UIQfFKq6SbiI7mhA_TUYxRtYCDFM6XpgTzPBYbwDLEIEVNcJR306-G3xKsAV7b3v9WRNubSXXMQHpJIDItcLAanGwTrOjGd6fD-bc9mXlazxRSUIspx-F6GZ0POYJHloWWXnm9HUsP_CphvE_hL-WURpVAsAW2QW2VcBWOHJMKU34gZT1dIrIQ8zo98sFSPN7LRUdnQI5JKF8Ny0in9CHFl2Xthl2V8g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
pagead2.googlesyndication.com/bg/ Frame 3009 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 16:28:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
154230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14264
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Apr 2024 16:28:35 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 805F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1QczKRRFZMnmEISE3wOFsJHIBQAAAAA4AeAEAg&bg=!7O-l77vNAAYfNdXmPzU7ADkAdvg8WoCBExOpi8TbLhw0gFlqnba91i3EkLM6xqxYd00lP5Y6oh0eu7mpLgksLcZXjW3Rba7DrgYCAAABCVIAAAACaAEHCgBBgN-tViGU01RjNhaitlWCM2LG0X7UHMfxXKQZwcVcUMCizMhyJpg9vnkAXxua8eOXokeASie5Hijw1B8415ePxuSZAzvftwn6fC0SQGcEljhp-fPQz9FcPIYonYMpjnw8w4vWwJN4e3Wcf89yWuagVOZjTIOha0ctGf2V7Oz9W7LCpsNA2rX7aw-fWKOOPSVkpwuhjRfH6jMnuhd_Dj10g2PAa5154t_yakBQHzdYqzlq1Hd79C6DWII-p5hq7YgzrpufDZh5hXBZb1hb4rKIYdcktePAT_1OEE4unuTpiqIbDP9yGpVSsP0tD_rfiWD3U1CZsiHh1NpCZJiJg0EibaznoQVlAK4WrbxpdWA7CqDlux39lt2wE2dRO_zCEzXQRz5qc6Y_8Zlx6m8QlueOObq15C37mIR12DlrF6EZ_YzTAKKiIQWVSh8tJJQpK6DIjXAdWeCeHrH1nLsxPYDz9L9WO6icZX4cwLTqcmGOxYMWqwPxIL6k8WGhgSNrR41gNmbzviRDHR4GleJSe8iJNPG0f1Yyrz0Htyu42jQyWv-te2pi59wNVLynRQjA8wT5h8N4zxVegnlWszdDHegekH1eeln1puBr2lEMrQfkyZguFV2uzQ1OButPBAdEXBGJhSmdDUe6ytM4RqV_94SKmD3XGkksWmzdfeMp06BVT2CyNXFCUvpZ9WOO9WXZCpzCR1IDG6SdFmkL0cNjm_Ex630WqgxCExJ2ejbgyrcFu6hPjjmjFmXswbnS_p8eoOF9fBIsqRxPX9oISFc5a0NNhnlKDBU6RRco-AOXkbHedP9QiTz2pwMnhn7_9B68yAmba4A2tBa5jxnVsc5aaj34AOdKMhi3eprkIMV4lOJ_eS-pMwMoIH6x4l1Hrn-VEDPCXAj1e1Yh49lhlWq63VZ11dO2iCX6ZLcvUIPX_ekkzFo4wOVcxTymOONBWqqqf0r2iVRKBauWwugzWMnjI65ZF4Gr8zV4aVj-kmSYzSaToFfO3U5-QSF6XT21-30vhDxlckWRRCmIt82J_WuXjfYfm_efrJNnmlSmLv7sF-9Fwah4M_yc2XvY9WPeUciacVyn0cUv9dTTQkV5mCO3_rBezXq0A0Cg83xsvH7T6O0WAyr3UEqXstrIvg5JS7tfaWAx75W9_62vr0D7jvWER4v4dcLXNgMr6q_zbBtUfS_9QQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
300x600_bg.jpg
s0.2mdn.net/sadbundle/8656519294634426368/ Frame 4F37 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8656519294634426368/300x600_bg.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c82515f1fb7417eeb8c89cad47175238c494269573ab34ce32d698766ab9848
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 22:58:44 GMT
x-content-type-options
nosniff
age
44421
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4577
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 12:57:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 22:58:44 GMT
300x600_intro_stopmotion_1.jpg
s0.2mdn.net/sadbundle/8656519294634426368/ Frame 4F37 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8656519294634426368/300x600_intro_stopmotion_1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4eeddb7276d7cfbccf3959f45339e8cc5e5a44c4d38a81cf52ee143e9edec3e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 20:14:46 GMT
x-content-type-options
nosniff
age
54259
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37369
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 12:57:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 20:14:46 GMT
300x600_intro_stopmotion_2.jpg
s0.2mdn.net/sadbundle/8656519294634426368/ Frame 4F37 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8656519294634426368/300x600_intro_stopmotion_2.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f349bdf1da0e51f20074d227417692c78c799bb5d4b95380ca6f471cc6aab75c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 20:39:15 GMT
x-content-type-options
nosniff
age
52790
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37140
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 12:57:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 20:39:15 GMT
300x600_intro_stopmotion_3.jpg
s0.2mdn.net/sadbundle/8656519294634426368/ Frame 4F37 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8656519294634426368/300x600_intro_stopmotion_3.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4694e2402e7cec19ae2b3e28d7bb0a408f1d3478deb47684ac7bea3d36b23e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 06:06:02 GMT
x-content-type-options
nosniff
age
105183
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38165
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 12:57:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 06:06:02 GMT
300x600_intro_stopmotion_4.jpg
s0.2mdn.net/sadbundle/8656519294634426368/ Frame 4F37 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8656519294634426368/300x600_intro_stopmotion_4.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a06445086f0c4b8c4c1e75f247d2b8e50f3e7e9c3e9caf20d86532cf1873b30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 15:43:39 GMT
x-content-type-options
nosniff
age
70526
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36693
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 12:57:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 15:43:39 GMT
300x600_intro_stopmotion_5.jpg
s0.2mdn.net/sadbundle/8656519294634426368/ Frame 4F37 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8656519294634426368/300x600_intro_stopmotion_5.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4da9b0edef16e67866fd44fb4cfcbe53d5d44972dfb8bc11104ab651623b043
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 22:39:28 GMT
x-content-type-options
nosniff
age
45577
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36132
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 12:57:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 22:39:28 GMT
300x600_toggle_sleeve.jpg
s0.2mdn.net/sadbundle/8656519294634426368/ Frame 4F37 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8656519294634426368/300x600_toggle_sleeve.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe56b62bae82f4de230860f5784d46bee9f28e8afd36f19198c0b0fd88293faf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 22:41:50 GMT
x-content-type-options
nosniff
age
45435
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4569
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 12:57:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 22:41:50 GMT
300x600_btn_up.png
s0.2mdn.net/sadbundle/8656519294634426368/ Frame 4F37 		634 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8656519294634426368/300x600_btn_up.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bc5d45152d8be4a6a9485560823b2c98d1dc3eb5f824d44851572cf8316e7c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 20:28:08 GMT
x-content-type-options
nosniff
age
53457
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
634
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 12:57:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 20:28:08 GMT
300x600_btn_over.png
s0.2mdn.net/sadbundle/8656519294634426368/ Frame 4F37 		634 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8656519294634426368/300x600_btn_over.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cc3335f2ae3d8cfa56d710e5dbedee8d479dc5fa41ad5c390d807a85b9976e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 22:32:21 GMT
x-content-type-options
nosniff
age
46004
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
634
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 12:57:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 22:32:21 GMT
sprite_300x600_retina.png
s0.2mdn.net/sadbundle/8656519294634426368/ Frame 4F37 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8656519294634426368/sprite_300x600_retina.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
035a1ebcc1f734237ebc8ff4fd2083b1f8bef5d4098fef47eb780b427b1f4f78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 06:29:02 GMT
x-content-type-options
nosniff
age
103803
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17921
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 12:57:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 06:29:02 GMT
13266631220353858764
s0.2mdn.net/simgad/ Frame 4F37 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13266631220353858764
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f00ca0c5e2e0ed94cdb593c8a5e00eeaf4123255ba9172041f8881657cfe1821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 06:07:22 GMT
x-content-type-options
nosniff
age
105103
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39489
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 13:00:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 06:07:22 GMT
3045646430521430549
s0.2mdn.net/simgad/ Frame 4F37 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3045646430521430549
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69757a999e346299ac9206d3c973eee6950b05596ded42e08c52abac0f8b56c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 20:31:13 GMT
x-content-type-options
nosniff
age
53272
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88314
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 13:01:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 20:31:13 GMT
13583499108192393389
s0.2mdn.net/simgad/ Frame 4F37 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13583499108192393389
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91a92d130107c9ebc01d0ed64eb597aba094680cd9500f3f09459db1d5caf4f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 21:00:20 GMT
x-content-type-options
nosniff
age
51525
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5382
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 13:00:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 21:00:20 GMT
2580457590089354956
s0.2mdn.net/simgad/ Frame 4F37 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2580457590089354956
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9bce0180a3a98168d3f8b1c49366ba3ac4937dac908e746d40d4a039157732ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 22:11:47 GMT
x-content-type-options
nosniff
age
47238
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88197
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 13:01:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 22:11:47 GMT
7600535878171723904
s0.2mdn.net/simgad/ Frame 4F37 		206 KB
206 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7600535878171723904
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
501b65ee1b5dacca10ad1efdc68d3fb16aa58c6f825900bba277591cc6017352
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 22:41:19 GMT
x-content-type-options
nosniff
age
45466
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
210599
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 13:01:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 22:41:19 GMT
16051342421364052060
s0.2mdn.net/simgad/ Frame 4F37 		137 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/16051342421364052060
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70d4c7dc4e27349b8e8c174e19980d08a7ec29cede9d0c7027538da3b2c28a24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8656519294634426368/index.html?e=69&leftOffset=0&topOffset=0&c=7WtaCERVGZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 22:54:18 GMT
x-content-type-options
nosniff
age
44687
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140768
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 13:01:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 22:54:18 GMT
truncated
/ Frame 4F37 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60840c41a1567ff9974fedf13d208e77bfca3ef67e68bb3301a52469fabad13f

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
application/font-woff2
truncated
/ Frame 4F37 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
daa899c75bad708ce043380a98297b232741bd4a4fa9f8a15504c486249f9496

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
application/font-woff2
truncated
/ Frame 4F37 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfd3e50696a0ff9d8ba64c1b9d64171dadfa107bbed4cf26b3044532f809b96

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
application/font-woff2
truncated
/ Frame 4F37 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95fe8ca52a16ffdf66b7c7189d53db21f10a4ffa8ca9490dd9ce0f0a51d52931

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
application/font-woff2
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame CA95 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
Origin
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 09:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 24 Apr 2023 09:27:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/ Frame CA95 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ckp1xxJPwrApD785NfHGts0lhH51H-LBwUk1234XbnMjB9oCsoFeRey59wed9dGdPqdVztVrE7M_eRDWKgjk6ASyz9iA&cry=1&dbm_d=AKAmf-CxR9nCVVG1OM5MchmLWXOVxXRztncx2YgVWxob32IfeH_oK9Q4xwnB91Ps-nLZKGNMcSgYdsBVvVO14vB746pHWMVVunxC-vKevXyKUWqnkX6z-_KxCBgsXODRJ6oNTo0lQADHIwg4e-GfvF-wnJ956cLpB2OhEQa9SmZ4lXLhR4ExooN2-gUlejfwUz0-WOYc564UFJX9exJenCRbZC3myRaSoXMtmCZK5_9gyJOwg-hPHVc58QgjgVQEzJUnokBGnoY9o6dngeFQid24mHzGYYH30Hao_81rLxqjSoWZQwbzybW57s70zjBT_0k5nubvUqo96GKXKBBukkrjiCh0mIBhR59Kow6XtDkf4ujTOMCgBTYc1stNxI8tdtu-zcw3wlTpTVTy0K-FmDiVK6VLdr6iByRdMzAXeXMbGCC0byuLqKVLze5_3aSbjKGMPy47SeAdQaCZLmtIE7K2OAkzA-5fcY2jKylUzxKEp4D7F6lnJPAxXTUuYLiGqYmZaN_lOYYMuXUXbAP-kEXg6CsA3_bd0mmeZFrIoZPlvhZKJlUqx9E8_qylZOHHojlfyXLp5BbuBct_RUHxKqryy7djK17JdqgTcEFo00UpbbuGa6DqIyJv9HxU545D5E88WcA_FDQQIIyOxCGkbWfj0Osva9kioKWrWaaDajuvPIxPCBCXNe3St4ZdCBfSxxbgdA_RJlCRPEUtLy6SdJ5E95ClsIoOiHmcvorwKYW9NNpJ2Viotrg1YYHnisBlz-WeNL39gArKHi5zdT74_tYXmjljReEJ0ogsMoKcvKdbAfxbyrB82-F-Ugjos-6isqomvl4M3yY1R30MpvIovcYgilKqGAnXcrbod-4M2X145NYtT32zXdNYQ69uMFoTvDMU-0wbr0LgzxF290xlos9z9FYwCWnKWVpjPCbQPrzafLjXpdt8ra375WuGzEkRVzB1QD_DuauyZzsUMVjgZVaSXN1h_TBfqcPGzAnvkH13TJPYUu47JPNgpTZ9UCzR2xOxHQNBRkzluovsNGjk2FTZS4ChycVlRbiCC7zVIzMlw_LyhVMOT5u5HJZXgojtjU905CdbCR5EKZbByIk8Bf16KXsqdtQTWtAYbV29AxmCluvvTocBmJkKUBd2b2V0RYPmUube4E0OqLaNOpP4I_A4paJ-EjgUi3O_tQ5e-G_50x_ylZfj7nWUh8ndN9jujNPG5jfP-oUieXfusHB6O1NAVTmJqB5Q3CFL5SunCRKxvca8xU6SZgOt-z6Av99WBmJtJd22jabuKYZb17dqwHZGZboe06MSQfX3PbFZLo86ZTTNju9UqYmdhnGXvgZlzzxHSaadNQDUndtF1cFa02bMB9DkhRk5Vq1I9kQ4xOXD99TMPbFZ9dyAqqzfH0019mSrQ-F-SFS2OTi1avIMAtGg2FbGt7sf_T-oIub9lKLu2hS_ss6KExtDjxdN895oT-oKFHhYp_ZXyAM_hJVNKriC8l0-bU04mJzG519EZtVj3AvlBrfzfFunDGpK3Tzii1_cjDZ8j3SrPWSd3TAL5ouzwxlB6xN7F1GU-3Q-mXiiYpzVpe5MeKtyiYJAaLBCudCMto_yWvxuQo4Q-0wx1zfLwSAX6jkLp9yod2J5ay1xMUYSz-W4x211rAnrsLZxHe8AGYAeMELKjbeXzK77yDFlKotAv1yY3ssmOOPB1pA-BmKLVdgHEaPsEXtBJKJHpo7gEWfvE4x0a6ALB8wVkYDYuaJAIZ1VZ-7LhZ5ow9qqYGL1NxIcn8OzfrGO7_7V0eW91BfMyiEKQROoUZTrYAu1FDX6gZ9wPUeX1z7NyVGnVgstOZGwj_aZpdJ3PiNtRwzkIEVo78H0I2LKTVUKl2L164uC9VVkv4KM4ZiFQVPDb66opKO1cGjhUO_CfggmeMUxIs77HYtTjU6dL9jvx27zmtUtygTTDetCkR4qRO5pCvqjIqcRC2UzfA-_PKe2QIiXOA42nm2UaycdpNVU6nGe7VXLvz-ezLG42k0a-w42AhTl_mgWnnvWVzc4kelcPRp8swRdeQXbOPGCRfF0rJ9jkRdlm5yEnRGyB2fCiXb_eny0y_9M6OphvolGiVDKxnstNDEuS1uTl5XFxXSuv2V30X-UQL0s92qGhm2FD1foYNxuTuEZjYpjaRfa7wfJ2CUgN0iSv1gIiP42B6URR7WtT45NEGxwQb__Gu1ZRccvDGRRrjLaU-q2gfap2O2sOpPc8yWKkTrcr3y-ZdjfwxPSoqwU8jM5Q4sITBlkrpK-oeiU6yqQTjcpSQ4lLavGNEGKsT5PUKbZ2r7RFHWp_FRsJeoEs6f02kWdt_sjP4PigzJgL-ZSAWDieXmXs2KMfE722KZamQiCdKyQCSZXVNi8OaBU-_aFvVjDtO119kXVrbfTF6Dn23_c5-Lcjux2SKLlI-IoWUuI4iNW_FTnPJL0hcqk3yEo1qEO3CezupG7fZRtRabfIXcR9fV_rWe_JdK7ZWUhXvqeC6lqGn0sg_B7CFUEIRa5eOllPY23TdSuKjbrPlaVe2Y24Sg2A-GnYQUkm9Nu2-rMiOqeGPbFeNiEH07hBAdSn1v0m9-nhEMYN8TSyBlKZCakrVHhxGlImoxBf_IGtih8H6W08Asb9ey2dQMbYaLEjyJWvWxpGJNj12tRoPNc-TwRukqihjXfANgZRKpvorOV7JD1H5jw68XZY0yjvsZAg_TNSEFq_eJVDGqHJaKW3cJJ7lWyc4hlFYvY0aEl-FpZ7cxtiX60S8aoQrAYiqry9yQhPe8iKQmaGVq8lR0gKIOlz3usDTHWB-GegK7hSDc-pIQzVeOQc2n_rEqXMQBkzk9CNptrk8SsWouTTVzCRBbbez9fAggm-GbJ8Hn1Lq5xKwpFF3zw4snqR7X1yE1mYgPwYbXiG_zOy8AmdakH0_pcWIP4Z63TAINjfkzCuBfviTaup4ojaXaeR9emhxxYpMGnz7saXayCr4vbvy9sWpZYzAGHSo6CQXZ3yvig7kQ5i_q9bA9qTN00HBNgZ7Ndy7AeIAorAeqac9ryzUfOzI1JmqrJad9SDtHDAKl1RM65ekqkjQ6DbY2zPCkKwW48_l56JAC6Y7q370LvkgpAjhmtZUZWwNtj3Imgi55fjiR3zIli79MxNWHf0U6ndUwN6uEu94hsn1WyqmVB_1kwmtfahNGWGRShDN7g35ccI7Y8zmRjSZ_0k3YX1xbgXsSmk1bZ6GnmTm5513StF9OaoITqecRgWUTNyJA3dzcVA-Ae5MAHAWucOoEsU8ZAfh0dpa2_nAv4GpC7buRS9kGZNKMxgoRgGzuhobyIFVzvsAgKTqD2fqLKo2zKpSg0UKMmkf35Uk1ZSMao906ZxtaulA0uIXH8WzdWSziWaWuyrcKkRIuBq6ORVEAGUrZGqoLYlcbLlfIma20OiloHxYm34tfHfERLo_PqP5Jta438TAQxlyW2UrVCCTsB5azIakKmk67g7TfcJZF1EiYT6gBbvPs&cid=CAQSOwBygQiDclgWEoe5wV9s1l7PQSa_67z-IHHNyrtgoqKaWVo8q95g0IPDTfoDiUTj-e2tXg8kixRyiyhGGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ds=l&xdt=1&iif=1&cor=733682005530488300&adk=1033480531&idt=92&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 17:02:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
65770
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4123
x-xss-protection
0
server
cafe
etag
4541610132340792384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 May 2023 17:02:55 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame CA95 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ckp1xxJPwrApD785NfHGts0lhH51H-LBwUk1234XbnMjB9oCsoFeRey59wed9dGdPqdVztVrE7M_eRDWKgjk6ASyz9iA&cry=1&dbm_d=AKAmf-CxR9nCVVG1OM5MchmLWXOVxXRztncx2YgVWxob32IfeH_oK9Q4xwnB91Ps-nLZKGNMcSgYdsBVvVO14vB746pHWMVVunxC-vKevXyKUWqnkX6z-_KxCBgsXODRJ6oNTo0lQADHIwg4e-GfvF-wnJ956cLpB2OhEQa9SmZ4lXLhR4ExooN2-gUlejfwUz0-WOYc564UFJX9exJenCRbZC3myRaSoXMtmCZK5_9gyJOwg-hPHVc58QgjgVQEzJUnokBGnoY9o6dngeFQid24mHzGYYH30Hao_81rLxqjSoWZQwbzybW57s70zjBT_0k5nubvUqo96GKXKBBukkrjiCh0mIBhR59Kow6XtDkf4ujTOMCgBTYc1stNxI8tdtu-zcw3wlTpTVTy0K-FmDiVK6VLdr6iByRdMzAXeXMbGCC0byuLqKVLze5_3aSbjKGMPy47SeAdQaCZLmtIE7K2OAkzA-5fcY2jKylUzxKEp4D7F6lnJPAxXTUuYLiGqYmZaN_lOYYMuXUXbAP-kEXg6CsA3_bd0mmeZFrIoZPlvhZKJlUqx9E8_qylZOHHojlfyXLp5BbuBct_RUHxKqryy7djK17JdqgTcEFo00UpbbuGa6DqIyJv9HxU545D5E88WcA_FDQQIIyOxCGkbWfj0Osva9kioKWrWaaDajuvPIxPCBCXNe3St4ZdCBfSxxbgdA_RJlCRPEUtLy6SdJ5E95ClsIoOiHmcvorwKYW9NNpJ2Viotrg1YYHnisBlz-WeNL39gArKHi5zdT74_tYXmjljReEJ0ogsMoKcvKdbAfxbyrB82-F-Ugjos-6isqomvl4M3yY1R30MpvIovcYgilKqGAnXcrbod-4M2X145NYtT32zXdNYQ69uMFoTvDMU-0wbr0LgzxF290xlos9z9FYwCWnKWVpjPCbQPrzafLjXpdt8ra375WuGzEkRVzB1QD_DuauyZzsUMVjgZVaSXN1h_TBfqcPGzAnvkH13TJPYUu47JPNgpTZ9UCzR2xOxHQNBRkzluovsNGjk2FTZS4ChycVlRbiCC7zVIzMlw_LyhVMOT5u5HJZXgojtjU905CdbCR5EKZbByIk8Bf16KXsqdtQTWtAYbV29AxmCluvvTocBmJkKUBd2b2V0RYPmUube4E0OqLaNOpP4I_A4paJ-EjgUi3O_tQ5e-G_50x_ylZfj7nWUh8ndN9jujNPG5jfP-oUieXfusHB6O1NAVTmJqB5Q3CFL5SunCRKxvca8xU6SZgOt-z6Av99WBmJtJd22jabuKYZb17dqwHZGZboe06MSQfX3PbFZLo86ZTTNju9UqYmdhnGXvgZlzzxHSaadNQDUndtF1cFa02bMB9DkhRk5Vq1I9kQ4xOXD99TMPbFZ9dyAqqzfH0019mSrQ-F-SFS2OTi1avIMAtGg2FbGt7sf_T-oIub9lKLu2hS_ss6KExtDjxdN895oT-oKFHhYp_ZXyAM_hJVNKriC8l0-bU04mJzG519EZtVj3AvlBrfzfFunDGpK3Tzii1_cjDZ8j3SrPWSd3TAL5ouzwxlB6xN7F1GU-3Q-mXiiYpzVpe5MeKtyiYJAaLBCudCMto_yWvxuQo4Q-0wx1zfLwSAX6jkLp9yod2J5ay1xMUYSz-W4x211rAnrsLZxHe8AGYAeMELKjbeXzK77yDFlKotAv1yY3ssmOOPB1pA-BmKLVdgHEaPsEXtBJKJHpo7gEWfvE4x0a6ALB8wVkYDYuaJAIZ1VZ-7LhZ5ow9qqYGL1NxIcn8OzfrGO7_7V0eW91BfMyiEKQROoUZTrYAu1FDX6gZ9wPUeX1z7NyVGnVgstOZGwj_aZpdJ3PiNtRwzkIEVo78H0I2LKTVUKl2L164uC9VVkv4KM4ZiFQVPDb66opKO1cGjhUO_CfggmeMUxIs77HYtTjU6dL9jvx27zmtUtygTTDetCkR4qRO5pCvqjIqcRC2UzfA-_PKe2QIiXOA42nm2UaycdpNVU6nGe7VXLvz-ezLG42k0a-w42AhTl_mgWnnvWVzc4kelcPRp8swRdeQXbOPGCRfF0rJ9jkRdlm5yEnRGyB2fCiXb_eny0y_9M6OphvolGiVDKxnstNDEuS1uTl5XFxXSuv2V30X-UQL0s92qGhm2FD1foYNxuTuEZjYpjaRfa7wfJ2CUgN0iSv1gIiP42B6URR7WtT45NEGxwQb__Gu1ZRccvDGRRrjLaU-q2gfap2O2sOpPc8yWKkTrcr3y-ZdjfwxPSoqwU8jM5Q4sITBlkrpK-oeiU6yqQTjcpSQ4lLavGNEGKsT5PUKbZ2r7RFHWp_FRsJeoEs6f02kWdt_sjP4PigzJgL-ZSAWDieXmXs2KMfE722KZamQiCdKyQCSZXVNi8OaBU-_aFvVjDtO119kXVrbfTF6Dn23_c5-Lcjux2SKLlI-IoWUuI4iNW_FTnPJL0hcqk3yEo1qEO3CezupG7fZRtRabfIXcR9fV_rWe_JdK7ZWUhXvqeC6lqGn0sg_B7CFUEIRa5eOllPY23TdSuKjbrPlaVe2Y24Sg2A-GnYQUkm9Nu2-rMiOqeGPbFeNiEH07hBAdSn1v0m9-nhEMYN8TSyBlKZCakrVHhxGlImoxBf_IGtih8H6W08Asb9ey2dQMbYaLEjyJWvWxpGJNj12tRoPNc-TwRukqihjXfANgZRKpvorOV7JD1H5jw68XZY0yjvsZAg_TNSEFq_eJVDGqHJaKW3cJJ7lWyc4hlFYvY0aEl-FpZ7cxtiX60S8aoQrAYiqry9yQhPe8iKQmaGVq8lR0gKIOlz3usDTHWB-GegK7hSDc-pIQzVeOQc2n_rEqXMQBkzk9CNptrk8SsWouTTVzCRBbbez9fAggm-GbJ8Hn1Lq5xKwpFF3zw4snqR7X1yE1mYgPwYbXiG_zOy8AmdakH0_pcWIP4Z63TAINjfkzCuBfviTaup4ojaXaeR9emhxxYpMGnz7saXayCr4vbvy9sWpZYzAGHSo6CQXZ3yvig7kQ5i_q9bA9qTN00HBNgZ7Ndy7AeIAorAeqac9ryzUfOzI1JmqrJad9SDtHDAKl1RM65ekqkjQ6DbY2zPCkKwW48_l56JAC6Y7q370LvkgpAjhmtZUZWwNtj3Imgi55fjiR3zIli79MxNWHf0U6ndUwN6uEu94hsn1WyqmVB_1kwmtfahNGWGRShDN7g35ccI7Y8zmRjSZ_0k3YX1xbgXsSmk1bZ6GnmTm5513StF9OaoITqecRgWUTNyJA3dzcVA-Ae5MAHAWucOoEsU8ZAfh0dpa2_nAv4GpC7buRS9kGZNKMxgoRgGzuhobyIFVzvsAgKTqD2fqLKo2zKpSg0UKMmkf35Uk1ZSMao906ZxtaulA0uIXH8WzdWSziWaWuyrcKkRIuBq6ORVEAGUrZGqoLYlcbLlfIma20OiloHxYm34tfHfERLo_PqP5Jta438TAQxlyW2UrVCCTsB5azIakKmk67g7TfcJZF1EiYT6gBbvPs&cid=CAQSOwBygQiDclgWEoe5wV9s1l7PQSa_67z-IHHNyrtgoqKaWVo8q95g0IPDTfoDiUTj-e2tXg8kixRyiyhGGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ds=l&xdt=1&iif=1&cor=733682005530488300&adk=1033480531&idt=92&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 17:53:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
62758
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10768
x-xss-protection
0
server
cafe
etag
11141491900784070631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 May 2023 17:53:07 GMT
cookiesyncendpoint
servs.modoro360.com/ Frame 82F1 		0
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=133&auid=1682248743295-963002330228-001183-003-001401&key=a6f37f0123013099a595be2217fc435a
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1682248743295-963002330228-001183-003-001401%26key%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.212.211.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-212-211-193.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-length
0
date
Sun, 23 Apr 2023 11:19:06 GMT
728x90.html
s0.2mdn.net/sadbundle/16246292034538192363/728x90/ Frame 8E1E 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16246292034538192363/728x90/728x90.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a79e170025bc60f0f8190e8baa0ffa6b368f07cf618348fc68cd29a02f831b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
104065
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2320
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 06:24:41 GMT
expires
Sun, 21 Apr 2024 06:24:41 GMT
last-modified
Wed, 22 Mar 2023 17:21:36 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame CA95 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvI-03j4ScTrZL369cIagVtqi8CHgnAPM3gGmtudsaUP3-VmrEO5oNTtk4DRxL4RkyRCCJ3f2f7E8IxWVIetUJJn3A1dFB069KyiQGHV_3fj504r8wlfQ0DoAHlGe1yq9guDt74ZK5AovQY-xaNqhgkeaRjx6LX-Wfa3jpR9MmDEQVggDu1SGEiOfS0a20qgV-wikEyQT8-Y2nUrL3R-bIprBpXY4oWt7mAizkUiF_cCYaZ6ogjOFpOJ_HleE3oX_qAm4l1cz2SyQ0xTPW-ZiWWq-UX-_ham6lVS9wTOyQpgeE_41b8ZSykMPcPOo1S4vmqsYB5E4m9RYmXb0j6fWpHIKQmEzE6si1ykXbQ-ZljfrGYo3_VEPDpSi99BosqEhKj1tK6B6Hiye-Qi74gVboewmEXU3LX45031WC4ileAhcT_mTSdOWzCQAb19kByp-VrQ-eRfTpU3RPxkW6uXp_prNg63J6CDuoVDO1Afb1nROTxr2aBwgXaYAlO0R7C8KAMy70ttCA74_BwZbB4TIB1lSfl4hULvyWWvAUrJMX_5DUub83wbEGJ9eeC438-8yRVIBO_GaP1UWZiK6zdH8gC6RXdSUgxJYUrtlj6lj5UGvcIRegTMYWb9nS55uQc79F_hdLuS_7LOuFFvioHeqjkoxPYSXnLXFzg1nx8JFLcCCbe46LYk9Tyx9G0tq8GJrfw2zS9kTez1unb0t8hONbrsDiT3GMS0xNbEennDAft_k1qc-YgfmhN24KKmEIHKeopXw1t3NBxnYsnkJN74gGAf-ieFo_gtY-4nyBTUzajfLqkaCIanlTm_VyZCX_LmlkHVNLc6istgB7W4VNl8bVGMY6Isl2SVXS1rcKqyk8b4M5Bn_d3esdFaTPSEZDFU-PvIFeR_gEc7FCSc5gL-IjcizjkpSuv6RZTQy1ZyX3Ftv4ZZ-6XA8ZJks7TqdrnA0UzKcvR_IvDH1NzlfuKyTuhltVqcHVXm3RkGfor-IZg2EpIesRHcSjFnsmKGdis8S-gk_wf2z41JDgJ4LvGkeGdM2AOLQ_kYrnswkaPINaBymdiaKj0Nt92VZvvWcYmbYUpS549tWhSe8Vf8Gwsla23sttuY1TLbngfuV72vXm3t_SbvykpWmgaOmngOe5ReAOIzznyLbU7hu_xKhWmMmr_oxXPZW2eNNw3eAYZjAAEuF0RTmfGvcUAni9Du0giYmW2tDJuGCxAPfyHys2x3vkAO4J1iZs9TW6w97pNoFtW23KMbOkfSpFCNbf4ViG9Eu2R3lhFJSpd_EIpqm9JZL6_Hwl65vzh710&sai=AMfl-YRRnC7Pj4TbpIsJn4_WgtpxmQHzqQC-Ry2wbGta0694tZHpTYSpr8KSRktG7BX6bbfgPlE7VbFBHXnW7a4MhBfV5tc0_k49ujKEX0C7KEy-Kle7bu0VqhU_uG35oTC8KjEnGNHMnmG_-OsJqaP7y4Uozz8Rsnr4Iw3L7bcCSSql5F2dCeSsWGz5HXzYFzDtX6CJ5MWEB__RHjrP3Z2vXzokweapEjZ4RIaIQmyphHCzIEz0EMtt7zZzwRzv2mgBHfEP&sig=Cg0ArKJSzEMS9A2AySeTEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=150&cbvp=1&cstd=149&cisv=r20230418.30992&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 23 Apr 2023 11:19:06 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 23 Apr 2023 11:19:06 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CA95 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 19:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56024
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 19:45:22 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DF56 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
81209
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 12:45:37 GMT
etag
48472445140208031
expires
Sun, 23 Apr 2023 12:45:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame CA95 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
040673a0881d966dfa7bb03b0888a9849f16b53a64e20a9c8e85cc7402a08fc0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
createjs.min.js
code.createjs.com/1.0.0/ Frame 8E1E 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16246292034538192363/728x90/728x90.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:e::210:f105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:06 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Sun, 23 Apr 2023 11:34:06 GMT
728x90.js
s0.2mdn.net/sadbundle/16246292034538192363/728x90/ Frame 8E1E 		38 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16246292034538192363/728x90/728x90.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16246292034538192363/728x90/728x90.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
237c34a74aa8af6faa636c031ad3420ac4845b6ed3bc32206634ecf23ad4a73c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16246292034538192363/728x90/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 21:31:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49654
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8420
x-xss-protection
0
last-modified
Wed, 22 Mar 2023 17:21:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 21:31:32 GMT
publishertag.prebid.134.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 24 Apr 2023 11:19:06 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 10B2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssIsU7vDbYQnWfQaMIK3413RP0Fvga6qRCbKeKIfLuURMfxsR5rOBWxLUmgKWInBxfxttDT84BVaYwx01btX3D2k8uJ6Ysmzagi6ip1-sQCbxZmV90RspgklvdmmZ15mA_MWlbIWQ&sai=AMfl-YTyecFgBATO2tGDALJwqLsOCPSyQAeD_4ciLVa98Kh-ugLI65gRSVFOws7PzaDQz-vbSeKHTGI7C5Bz-RoI_jFMRlHDDb6MM7feyD_N9Yauvn5aDV9Wc6D7cEim-aXFfL7EsqC42t6u4I7t&sig=Cg0ArKJSzHQcM-S308dEEAE&cid=CAQSSwBygQiDHFBpb_EYhqfpmCVW0sgTys8cS_btL3ut_CuiWNO3fev9Vlmz5fzROjCo6KSFyBApLSWxCXU9Zu1BkKuS7qFyX5POjCJlExgB&id=lidar2&mcvt=1066&p=1103,436,1193,1164&mtos=1066,1066,1066,1066,1066&tos=1066,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=135192340&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682248744853&rpt=387&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
multitracking
ghb.aplhb.adipolo.com/adunit/ 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/x467291/hbw_master_736354_16735.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www1.ihdstreams.xyz
Date
Sun, 23 Apr 2023 11:19:06 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
activeview
pagead2.googlesyndication.com/pcs/ Frame 2F71 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2a4Ia0o7AZB5alSt2NGUHfy8jpGUut-rv5jnwuuWKLHVD4Fh_5Nf51MjEWy6a3wde2JPcfjq1KtpTWv92P0yrKSeR37nFFSqnGbgpXGABvvtO1hRXGx_FLjaAocfn-f5yPWYVIu9OUlUCPfIBWlUkYsQBRJHVEIutUsn9ELdI-4YOybw4ZeszhrW0G8ctd7jsN1afTEeGUBVLDbsU-fMWBXgo-7EOLKMyv2-TgraZUZxURsgePbS9jqCDn8mn3grGGX1_n39-bgr8VY6BIKTunhporJ1fGDyN85hkt0TnyPT7eUWrGpTY5dqTu_zJYyy81UUgpV4rBmyScgu7B4TieEnmeTZL4z8exZ_QCraAuanKtC7fFNIc5O_tgTlkUSHYE1Vi35HQJOEY2RdkiF6mSkLCiC1xAeI21XiS__GNWp8p6cva9wRx55InpbPVm5p1VWhL6V0eti1EpAS5lm5GZJ0gIAQfKu63USxb3pKGTOqYp3hTDMssA7TXvPIvLxaDj4tYl8H-B1CA2mwF1WqvInus8qCGyD3zdb16Vrhx4F_sUJyYYj5rXHki8BufxC4ObpVAIRQk7a_xJL127MABAuzn1Zf0bNsABTcEMb5Mphw-FvScBVrJxzkuEqbPL4DfrNSdigS-h2spHonvfcHoBd0RABPQ-TMY-lD-0rxyo8RfMMTdLhv0abPQowdJ0enMWaIEPGak3Z4t4BzQgOstEV4MKnoV24CKjcICIpXfgIr9CpdSdkuZRNDU2cHzlsQGQNu0iFrNQO73FjNXsbTW90HHm85iWKvg033uHRYSwInOoA50CvEypsKt2mPwKQkSuazn0M8HHBsCM54QHCaj3AvMn85dRIZMoy4ydqKYKyrTN9s4CH3ZzWMS9PSsifDd8cxYjis4hOTb_GyBbxB-eaxbsaNxM1ygZOwCsuCjqPVHBWqv2OvGsBxK5Mi_eZjZruZ8qJVvCwGPXyBkLzvBN-KJxnZdRbaiHNfUEuEVCf8RxuRNFmVKIT-N8XOFAGywup907-kI6JtvedXsCvGmd_hczY6VytKmZLwCZB5HtA&sai=AMfl-YR5Lpu-kHYiPJNssXGPYHaCqQwsMaECooQBNWxgrpwwaKI26rT_3xQMNWIIjohsP90bVnz_QCIZNzph7UnDZIsAgyGT6cBKAAOD353DO85zw5ValKQmVoPrzD8DlLiNB5DfQjORAniTov341OU-CMHxpkE38bbkUg&sig=Cg0ArKJSzKaZ8_LEDeFDEAE&cid=CAQSSwBygQiDJ3dty0yPN6k74B6IGAeta03hS_ydtCU39juby3Ft2iUEVJWbEq9CbZ73fVQ-JMIN73mWdicrktbg0Lk7skHA8hPonr-hXBgB&id=ampim&o=1152,337&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1066&mtos=0,0,1066,1066,1066&tos=0,0,1066,0,0&tfs=320&tls=1386&g=100&h=100&tt=1386&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BFAD 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
68060
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 16:24:46 GMT
expires
Sun, 21 Apr 2024 16:24:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame DF56 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENC9VWF2gGNAFCnfgsLl2HE&google_cver=1&google_push=Aer7DvI7DzHPZwQg28W7Kb1jWXDA3C3vhB7xwz8Zwo9Fci4xgl0v1NPDBnm_A-pGrqAhPi6HQWgUWHcXQgJoiSmGZaBzLsECGLE9
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:06 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DF56
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEO8gDWfEO8xg-nRApdxupM0&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEO8gDWfEO8xg-nRApdxupM0&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OTkyTXJDR0UxUFF4S2k1&google_gid=CAESEO8gDWfEO8xg-nRApdxupM0&google_cver=1&google_push=Aer7DvKOJBqeyDpExZxZ3zW-eHNqz6PlfgTFTkvDwmNxjLj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OTkyTXJDR0UxUFF4S2k1&google_gid=CAESEO8gDWfEO8xg-nRApdxupM0&google_cver=1&google_push=Aer7DvKOJBqeyDpExZxZ3zW-eHNqz6PlfgTFTkvDwmNxjLjz-0ws5nTJxpSYTkh3HM3Y11T96_pSWJ-Q4phZ-fBS0iTKOuJjxlF0
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 23 Apr 2023 11:19:06 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-0a06c616171ab44f5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OTkyTXJDR0UxUFF4S2k1&google_gid=CAESEO8gDWfEO8xg-nRApdxupM0&google_cver=1&google_push=Aer7DvKOJBqeyDpExZxZ3zW-eHNqz6PlfgTFTkvDwmNxjLjz-0ws5nTJxpSYTkh3HM3Y11T96_pSWJ-Q4phZ-fBS0iTKOuJjxlF0
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DF56
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJYKTVEaPadDaiw6Orpmlww&google_push=Aer7DvKtoIUwLX2Kwjl_rBM1m-Jk8IPf4Vk7MIsImDM9L1L7mQYgbezGFL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJYKTVEaPadDaiw6Orpmlww&google_push=Aer7DvKtoIUwLX2Kwjl_rBM1m-Jk8IPf4Vk7MIsImDM9L1L7mQYgbezGFLJIVt-p_gyttIKz6inS05cB0CFsbuU8B9VQ0UCnwH-W
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-ams21030-AMS
pragma
no-cache
date
Sun, 23 Apr 2023 11:19:06 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1682248746.398112,VS0,VE87
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJYKTVEaPadDaiw6Orpmlww&google_push=Aer7DvKtoIUwLX2Kwjl_rBM1m-Jk8IPf4Vk7MIsImDM9L1L7mQYgbezGFLJIVt-p_gyttIKz6inS05cB0CFsbuU8B9VQ0UCnwH-W
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame DF56 		0
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEK3c7NdM3jWnyLyWxB6rS-s&google_cver=1&google_push=Aer7DvJ4VrmsH3xOXQCDoFJjWrdWdbSjOt2OxJ9nhLPAFlV2LA2Vs-VPEzqy11DRkn-b9I7X1XGfOr86N-HC9tzlN8rf2gkcf28
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:06 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame DF56
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHl2tV3nOOMHWGaG4d2ihw4&google_cver=1&google_push=Aer7DvKMUIsRONVpRue7x9kSM1_xWhLjn8v-czImAICmlUo82nBMzUmsdO69UYZNKpfXuXKr7sohfDaVlUm3-neoXI98U3A...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKMUIsRONVpRue7x9kSM1_xWhLjn8v-czImAICmlUo82nBMzUmsdO69UYZNKpfXuXKr7sohfDaVlUm3-neoXI98U3A8NflD&google_hm=eS04QVJsYW50RTJwRkVzTW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKMUIsRONVpRue7x9kSM1_xWhLjn8v-czImAICmlUo82nBMzUmsdO69UYZNKpfXuXKr7sohfDaVlUm3-neoXI98U3A8NflD&google_hm=eS04QVJsYW50RTJwRkVzTW5sR2lyNzlmOVpVd1B5cnVpSH5B
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 23 Apr 2023 11:19:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKMUIsRONVpRue7x9kSM1_xWhLjn8v-czImAICmlUo82nBMzUmsdO69UYZNKpfXuXKr7sohfDaVlUm3-neoXI98U3A8NflD&google_hm=eS04QVJsYW50RTJwRkVzTW5sR2lyNzlmOVpVd1B5cnVpSH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame DF56
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEFUwIJprPwd7dQdWdJM4fbY&google_cver=1&google_push=Aer7DvKQKuHkmKqWwYwbDFjb5g5gT6D70ZcCxTo2qd0r1Q5BdktCV_uI45XxO2E5fCW9BVqBlOvArGi4NOZ7P94VFuzanuy...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFUwIJprPwd7dQdWdJM4fbY&google_cver=1&google_push=Aer7DvKQKuHkmKqWwYwbDFjb5g5gT6D70ZcCxTo2qd0r1Q5BdktCV_uI45XxO2E5fCW9BVqBlOvArGi4NOZ7P94VFuzan...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKQKuHkmKqWwYwbDFjb5g5gT6D70ZcCxTo2qd0r1Q5BdktCV_uI45XxO2E5fCW9BVqBlOvArGi4NOZ7P94VFuzanuygLNs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKQKuHkmKqWwYwbDFjb5g5gT6D70ZcCxTo2qd0r1Q5BdktCV_uI45XxO2E5fCW9BVqBlOvArGi4NOZ7P94VFuzanuygLNs
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKQKuHkmKqWwYwbDFjb5g5gT6D70ZcCxTo2qd0r1Q5BdktCV_uI45XxO2E5fCW9BVqBlOvArGi4NOZ7P94VFuzanuygLNs
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame DF56
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIZn3mUCLRsQstkBBkPSAC0&google_cver=1&google_push=Aer7DvIpkQtOAO7l1eXK857KF8u7mW_yeft9La-8mTLGVyD-XnntvtFgWhmDV6NzmNpslyWe85dWFEXhjXdH...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvIpkQtOAO7l1eXK857KF8u7mW_yeft9La-8mTLGVyD-XnntvtFgWhmDV6NzmNpslyWe85dWFEXhjXdHEEsF1W2RkKTMT8M
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvIpkQtOAO7l1eXK857KF8u7mW_yeft9La-8mTLGVyD-XnntvtFgWhmDV6NzmNpslyWe85dWFEXhjXdHEEsF1W2RkKTMT8M
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvIpkQtOAO7l1eXK857KF8u7mW_yeft9La-8mTLGVyD-XnntvtFgWhmDV6NzmNpslyWe85dWFEXhjXdHEEsF1W2RkKTMT8M
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame DF56 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LYKOkxtQX_jYDqUiw9Rrxck1YZtz7n3Lte3nxZg1d2KF62FSR-Mq-Ng6CXHtZ8hVt6mRYL
Requested by
Host: a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
URL: https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:06 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
h_lifestyle_adobestock_255232577_half.jpg
s0.2mdn.net/sadbundle/16246292034538192363/728x90/images/ Frame 8E1E 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16246292034538192363/728x90/images/h_lifestyle_adobestock_255232577_half.jpg
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63baffa868a9c730c0643da094da30ee551e8718c1e3d4728042a54e49868d0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16246292034538192363/728x90/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 21:12:32 GMT
x-content-type-options
nosniff
age
50794
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138330
x-xss-protection
0
last-modified
Wed, 22 Mar 2023 17:21:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 21:12:32 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame CA95 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvI-03j4ScTrZL369cIagVtqi8CHgnAPM3gGmtudsaUP3-VmrEO5oNTtk4DRxL4RkyRCCJ3f2f7E8IxWVIetUJJn3A1dFB069KyiQGHV_3fj504r8wlfQ0DoAHlGe1yq9guDt74ZK5AovQY-xaNqhgkeaRjx6LX-Wfa3jpR9MmDEQVggDu1SGEiOfS0a20qgV-wikEyQT8-Y2nUrL3R-bIprBpXY4oWt7mAizkUiF_cCYaZ6ogjOFpOJ_HleE3oX_qAm4l1cz2SyQ0xTPW-ZiWWq-UX-_ham6lVS9wTOyQpgeE_41b8ZSykMPcPOo1S4vmqsYB5E4m9RYmXb0j6fWpHIKQmEzE6si1ykXbQ-ZljfrGYo3_VEPDpSi99BosqEhKj1tK6B6Hiye-Qi74gVboewmEXU3LX45031WC4ileAhcT_mTSdOWzCQAb19kByp-VrQ-eRfTpU3RPxkW6uXp_prNg63J6CDuoVDO1Afb1nROTxr2aBwgXaYAlO0R7C8KAMy70ttCA74_BwZbB4TIB1lSfl4hULvyWWvAUrJMX_5DUub83wbEGJ9eeC438-8yRVIBO_GaP1UWZiK6zdH8gC6RXdSUgxJYUrtlj6lj5UGvcIRegTMYWb9nS55uQc79F_hdLuS_7LOuFFvioHeqjkoxPYSXnLXFzg1nx8JFLcCCbe46LYk9Tyx9G0tq8GJrfw2zS9kTez1unb0t8hONbrsDiT3GMS0xNbEennDAft_k1qc-YgfmhN24KKmEIHKeopXw1t3NBxnYsnkJN74gGAf-ieFo_gtY-4nyBTUzajfLqkaCIanlTm_VyZCX_LmlkHVNLc6istgB7W4VNl8bVGMY6Isl2SVXS1rcKqyk8b4M5Bn_d3esdFaTPSEZDFU-PvIFeR_gEc7FCSc5gL-IjcizjkpSuv6RZTQy1ZyX3Ftv4ZZ-6XA8ZJks7TqdrnA0UzKcvR_IvDH1NzlfuKyTuhltVqcHVXm3RkGfor-IZg2EpIesRHcSjFnsmKGdis8S-gk_wf2z41JDgJ4LvGkeGdM2AOLQ_kYrnswkaPINaBymdiaKj0Nt92VZvvWcYmbYUpS549tWhSe8Vf8Gwsla23sttuY1TLbngfuV72vXm3t_SbvykpWmgaOmngOe5ReAOIzznyLbU7hu_xKhWmMmr_oxXPZW2eNNw3eAYZjAAEuF0RTmfGvcUAni9Du0giYmW2tDJuGCxAPfyHys2x3vkAO4J1iZs9TW6w97pNoFtW23KMbOkfSpFCNbf4ViG9Eu2R3lhFJSpd_EIpqm9JZL6_Hwl65vzh710&sai=AMfl-YRRnC7Pj4TbpIsJn4_WgtpxmQHzqQC-Ry2wbGta0694tZHpTYSpr8KSRktG7BX6bbfgPlE7VbFBHXnW7a4MhBfV5tc0_k49ujKEX0C7KEy-Kle7bu0VqhU_uG35oTC8KjEnGNHMnmG_-OsJqaP7y4Uozz8Rsnr4Iw3L7bcCSSql5F2dCeSsWGz5HXzYFzDtX6CJ5MWEB__RHjrP3Z2vXzokweapEjZ4RIaIQmyphHCzIEz0EMtt7zZzwRzv2mgBHfEP&sig=Cg0ArKJSzEMS9A2AySeTEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=393&vt=11&dtpt=243&dett=3&cstd=149&cisv=r20230418.30992&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 23 Apr 2023 11:19:06 GMT
syncframe
gum.criteo.com/ Frame 11D8 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www1.ihdstreams.xyz
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
386d466b8bdd0cda283c79718d2aec07f38b9f9ed81eebe6d5266bb20cd42c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 23 Apr 2023 11:19:06 GMT
server
Kestrel
server-processing-duration-in-ticks
489275
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.134.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 11:19:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 24 Apr 2023 11:19:06 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4587 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTxlkzXAm31LBZTK0FBX7MDG6OLSdjD25j4HTUAA9-IC2jq8eQ3tu6172kXaYcL-MYtcxU5X_M5yK7gonNOj-2gs2Jsjvw_c_92_CN1xnpI_anZyVlL_VNYDpMuNEDWghgaFzQnw&sai=AMfl-YQhpSmUoERnJgXsIne7A1-vpnSWqWNFvW81P24ZxGDeZ7BImL5G1qnVRt9Z8ABRgOEb0fqLTkzA8PhGvb0BWE9N710Zh-7qXdSe-Amcdz0C6cHzDbF-_VD8KifNbhNNE-PVvUHA_Fl6VC1Jrg&sig=Cg0ArKJSzDDIG30o947KEAE&cid=CAQSTABygQiD8L2pAVD5b05Z4r5fHMn8kiaYtnBOyYufRil3-CL9V9KLswNaHz_ffOYhjI4UxhjDBKHX5nizjjbsUXzDh4HG8SRtFRbeeHgYAQ&id=lidar2&mcvt=1026&p=163,166,253,894&mtos=1026,1026,1026,1026,1026&tos=1026,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3228686164&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682248744910&rpt=487&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
pagead2.googlesyndication.com/bg/ Frame BFAD 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 16:28:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
154231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14264
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Apr 2024 16:28:35 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4324 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsso-Th2FaMtLpB_MM3wyRWs3-vegW3xXAx8OPdNvBwVJPka51hWyynHSjoC0vVIi8FWHdUPN-UFCoKNuzd1TFpdFmH03Zq19YwE1BOmj45P3ytlRy2e5fk5VjS06GX6wRCiHJ_EgAg&sai=AMfl-YRG-abNos2btpI54MD12CTZ7nAEdCmuN-Tm1H1qkV8W0mdaanh98GvCQzppY5Abr5Oh1gu_RPhzB04ujfYQRyAFC3exBukNc_Ggzgux-qDVWi7dL5FsLL0KWRCER9ojzglgfjAO5Y71OObF&sig=Cg0ArKJSzLrjmJ8K85UREAE&cid=CAQSSwBygQiDTDOuz-mzJC6oAXrChVHiSs2CZAjefeFMkGCoN6WSIrLl4fcXiwnYFi7ZwianKPXlunfyW0gba8sJWkgLJH8MqVK-vbB21xgB&id=lidar2&mcvt=1013&p=657,1429,697,1470&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2270408103&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682248744900&rpt=522&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BFAD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHrSuKRRFZJeMN9SCgQf36rzIDAAAAAA4AeAEAg&bg=!jo2ljdnNAAYfNdXmPzU7ADkAdvg8WsGx0J7d3Qp9rgg6KPFXamHa121h7FEtd4yxqh_dQNTVt6adlgd_eroQkayG1fbNVhNhgTMCAAAAq1IAAAACaAEHmQNEQeCTKfvGDmGv2TCvyeXeVaiMbEAZdjCEO6EAFCzmBfgc8AW8oSZIS35tKto86OFPg4qqi3dy27e4rw5VEEVqAfJ-Nfeq1-paBqUwhFFtU2ye2B6kXHwfL_DnR7_cTfPcGy_nS6aeidA45KkQDirybhim8zoLIqbxFRPKmFCMR4mYfFqSBr0jJF7Rx07eUG5h9pmGCXtZrsNxO9B0aeHjN3fNSAXoJd2f3E-k9PHZ_4iVzx-PkHa7PqsxRD3Lpm6gY8aILvFaeLRD7J1Wc2jZZvjlUoA2csovVSiApktj_0EZkDY3QJ7df_aPRKchTttLlp6Ev6ibwnBAQNbTcyUZcqdyWlZKfeQkJxjWd2AdsvHX1p2rsyRgTNfiI0KyyC3fM3XJ9g4s5vsppyahAeHlNJqOMB8AbQ2eC5gfUlKLuy1Ae7QTSMwBi3257I4-c9F0WfoWcAjvj6UNBZywUUjxLshXnXTrmEhZWslh7Rd7ZvOgt0Cxd0F47z9vHtm0vxEjfJZiP5O5Lqp23Y5shYpLkn9phdOUAdcCpJvLkvK9wBaHpA6qV-PzFssjU_GkNgwsf3mSo0_lFSp5SaXfb6ucwW4oSYsFAJ-awlw8TWcT7PCq8M1J1jcsP2Dgg9T_nl3iEx93L0joC9SmiIEhJozcoxhb8iGjQNCbaYSozfZzeXmoD4ZPsgfhqzuTVwQZn7yXMds_h-lsWBfzCzZOnfsc1bWH62-at5Hu2OBoRH5pgISJY9I_DJVUjkML3m6NJPcvm4qWyEubOonCkugYWebNSRMifHduC8nDKkHMtMP3ciSTBhuYO71wrY5Znijepg8UYXG-bADb9RwE7JQY9vVbcWvKEB05ajse4v_SGHDC8ZadbWKDZJlRXb6BHjLsUgAZqOBbJeBwRvp0FKD_5UVShnWSNdIhrrlPYnCJ2QtKcnlHonMe1-eWZK-8iWKL0NyfZuAc5szK_4sKhAZb2SGoUIFR_aV-B8EHtEwxtKkXqcdrZXh2Z_SWyyrZwR4MIyowC4XRKHuYPsJ3lOFkMye_oQQeaBn9VX3lhXq23B68czD1g-CJapbXRxH20BYxkFzHqivpVltdFcC0mVRBkiAemVSTjVE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 11D8
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ihdstreams.xyz&sn=ChromeSyncframe&so=0&topUrl=www1.ihdstreams.xyz&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=jGpxPnxDUlliRU1hc1NBMUFwZGhyb2xST3BtOWowNjFaaUJvVnl0c2ltQkVTYUtBeWV1QTBIVzdqODhWcVc0clNpWVdyUDlzKzQwamtpQnpRNVFRVEM0WFMrS1NsUmh4cHFYYWF4dmlCcFE2cXhOYXRINTJaOVpRRjdmcT...
425 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=jGpxPnxDUlliRU1hc1NBMUFwZGhyb2xST3BtOWowNjFaaUJvVnl0c2ltQkVTYUtBeWV1QTBIVzdqODhWcVc0clNpWVdyUDlzKzQwamtpQnpRNVFRVEM0WFMrS1NsUmh4cHFYYWF4dmlCcFE2cXhOYXRINTJaOVpRRjdmcTJ6Q3BtWjA1Q1Bpclk5dk1XTHJPRGVNYk1iOTE4U055VVpyY3hyWllDak1UVEdRWm52RkVxMkxYdVVYM0w4VU04MEM3MEhtdVN0RUdtdG1jdE5qVWVTRjlwVzlPS0MvQ1pPcU9abU5GTlRwSjR1MjFLamdKaTlydEtjQnNFVVBNOVpYT1dYRGM2bE9PWHM3eXNOVmxSNWdKaXJlVnBNZ0FSY3g1TE90M1RaUmdubFh6TGpTOD18&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d2e99a650326801512516c4ed5c1bbefb9209d988822a1f7ca6e1f5247af2070
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:06 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1362224
expires
0

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=jGpxPnxDUlliRU1hc1NBMUFwZGhyb2xST3BtOWowNjFaaUJvVnl0c2ltQkVTYUtBeWV1QTBIVzdqODhWcVc0clNpWVdyUDlzKzQwamtpQnpRNVFRVEM0WFMrS1NsUmh4cHFYYWF4dmlCcFE2cXhOYXRINTJaOVpRRjdmcTJ6Q3BtWjA1Q1Bpclk5dk1XTHJPRGVNYk1iOTE4U055VVpyY3hyWllDak1UVEdRWm52RkVxMkxYdVVYM0w4VU04MEM3MEhtdVN0RUdtdG1jdE5qVWVTRjlwVzlPS0MvQ1pPcU9abU5GTlRwSjR1MjFLamdKaTlydEtjQnNFVVBNOVpYT1dYRGM2bE9PWHM3eXNOVmxSNWdKaXJlVnBNZ0FSY3g1TE90M1RaUmdubFh6TGpTOD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
351180
content-length
0
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 10B2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5213217910053&version=m202301230201&ct=76&x=1&cor=2628428239467123000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4587 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7422846029450&version=m202301230201&ct=76&x=1&cor=16437734455238386000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4324 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=253570196544&version=m202301230201&ct=132&x=1&cor=3861195155816789500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&domain=www1.ihdstreams.xyz&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www1.ihdstreams.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www1.ihdstreams.xyz
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 23 Apr 2023 11:19:06 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
380439
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&domain=www1.ihdstreams.xyz&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=CgZOBnxhS1l2NGZBSU1wNi90dkJsVU5TVDVsVFJDUXJjRWxQbnFCWEdDZ3BSRGtqQm12RmlmNm1rOFBpK0JxaHF3bFRXL3FaMVB0WFF4dTFZZURpVkc3cWQ3aWd2dWZKYmt5SlM1dzE3SVAzMVNNOWg4SWZ5ZkxaWG5sUE...
492 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=CgZOBnxhS1l2NGZBSU1wNi90dkJsVU5TVDVsVFJDUXJjRWxQbnFCWEdDZ3BSRGtqQm12RmlmNm1rOFBpK0JxaHF3bFRXL3FaMVB0WFF4dTFZZURpVkc3cWQ3aWd2dWZKYmt5SlM1dzE3SVAzMVNNOWg4SWZ5ZkxaWG5sUE5hSlJZbndvZFR5Vlg1bVJNeVVhSkZhdGJoTWNIaXpyb09rSjFVZFg3cnBiZjBmOXFDYThnYk15eXkvb2NuWlNKYTdXSXgyNlhtbkJ3MmRuZ3dtN3ZtVndpcXNXemlZSGdYM3BLOEpodG9YNnVyNG9PcytFZGZ0bVByN2hWRG1tbnVsL0l3ZFBESXJqQlZsY0hEMk5RYW9vSUhKN3dGTlg3ejRZWnZSTnlrdHlYSGtxZGtLVT18&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
475f627cb38b9edef85fa386ef13318d0bcda05a4518969266aba0b5eaf7585b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.ihdstreams.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:07 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1084121
expires
0

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:07 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=CgZOBnxhS1l2NGZBSU1wNi90dkJsVU5TVDVsVFJDUXJjRWxQbnFCWEdDZ3BSRGtqQm12RmlmNm1rOFBpK0JxaHF3bFRXL3FaMVB0WFF4dTFZZURpVkc3cWQ3aWd2dWZKYmt5SlM1dzE3SVAzMVNNOWg4SWZ5ZkxaWG5sUE5hSlJZbndvZFR5Vlg1bVJNeVVhSkZhdGJoTWNIaXpyb09rSjFVZFg3cnBiZjBmOXFDYThnYk15eXkvb2NuWlNKYTdXSXgyNlhtbkJ3MmRuZ3dtN3ZtVndpcXNXemlZSGdYM3BLOEpodG9YNnVyNG9PcytFZGZ0bVByN2hWRG1tbnVsL0l3ZFBESXJqQlZsY0hEMk5RYW9vSUhKN3dGTlg3ejRZWnZSTnlrdHlYSGtxZGtLVT18&cppv=2
access-control-allow-origin
https://www1.ihdstreams.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
577992
content-length
0
expires
0
prebid
id5-sync.com/api/config/ 		135 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www1.ihdstreams.xyz
date
Sun, 23 Apr 2023 11:19:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
/
onetag-sys.com/usync/ Frame CEFD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1682248744211
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame C8D0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1682248744470
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pd
u.openx.net/w/1.0/ Frame 917C 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 23 Apr 2023 11:19:07 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pd
u.openx.net/w/1.0/ Frame CDA5 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 23 Apr 2023 11:19:07 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-sys.com/usync/ Frame B6A3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1682248744440
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame 32EB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1682248744222
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pd
u.openx.net/w/1.0/ Frame B7F2 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 23 Apr 2023 11:19:07 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pd
u.openx.net/w/1.0/ Frame 67C6 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 23 Apr 2023 11:19:07 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
gen_204
pagead2.googlesyndication.com/pagead/ Frame CA95 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3788460234056&version=m202301230201&ct=76&x=1&cor=733682005530488300
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
14458984eeaf80fbc8299c4bb381223da72da792f39f736f15afb6ce2aa05410
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www1.ihdstreams.xyz
date
Sun, 23 Apr 2023 11:19:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
692.json
id5-sync.com/g/v2/ 		216 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467291/hbp_master_736354_16735.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
66ab182f4e8019504e09801f49b57d10a3d3812b998421ef51d58d6878c6490b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www1.ihdstreams.xyz
date
Sun, 23 Apr 2023 11:19:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame CA95 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthnf_heAZ-pf6EggfkPsIjm8qJHMkoUoToxCbFW-AAIqcDk--8AJu3NZoWx-qA5bCKHoxpC143C0F7l32s3GjGCKQYBALAGhIgnBKH1m9a7U4OJM40oP6BNxW39EF4-HP7dwNoLg&sai=AMfl-YQIoSZZ3otvd6uiONiP8cH9qGXbbTVXP9EfUFiwwMjXFNRxvvQbjxlrSZfvY3rHKMhzRY0LgmtMeoGVfqclvDgBe3JgHaw76bNIVcFjyvmpqIZAPWp72abicbE&sig=Cg0ArKJSzK2kS5fmgRSCEAE&cid=CAQSOwBygQiDclgWEoe5wV9s1l7PQSa_67z-IHHNyrtgoqKaWVo8q95g0IPDTfoDiUTj-e2tXg8kixRyiyhGGAE&id=lidar2&mcvt=1001&p=1219,436,1309,1164&mtos=0,935,1001,1038,1122&tos=0,935,66,37,84&v=20230419&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&vu=1&app=0&itpl=20&adk=2382128833&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682248745654&rpt=501&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 11:19:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=CgZOBnxhS1l2NGZBSU1wNi90dkJsVU5TVDVsVFJDUXJjRWxQbnFCWEdDZ3BSRGtqQm12RmlmNm1rOFBpK0JxaHF3bFRXL3FaMVB0WFF4dTFZZURpVkc3cWQ3aWd2dWZKYmt5SlM1dzE3SVAzMVNNOWg4SWZ5ZkxaWG5sUE5hSlJZbndvZFR5Vlg1bVJNeVVhSkZhdGJoTWNIaXpyb09rSjFVZFg3cnBiZjBmOXFDYThnYk15eXkvb2NuWlNKYTdXSXgyNlhtbkJ3MmRuZ3dtN3ZtVndpcXNXemlZSGdYM3BLOEpodG9YNnVyNG9PcytFZGZ0bVByN2hWRG1tbnVsL0l3ZFBESXJqQlZsY0hEMk5RYW9vSUhKN3dGTlg3ejRZWnZSTnlrdHlYSGtxZGtLVT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 23 Apr 2023 11:19:07 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
291879
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
track
track1.aniview.com/ Frame 2E7C 		0
121 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=NL&cos=Windows&r=www1.ihdstreams.xyz&rs=www1.ihdstreams.xyz&sid=62722&t=1682248743&cip=37.48.94.48&sn=&tgt=0&osv=10&bv=112.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=632c3dff8e62a32fb323cd86&test=&d64=92ef675b7f07ccd30338e758d13d9ea9&d63=92ef675b7f07ccd30338e758d13d9ea9&aafaid=&proto=https&uid=1682248743295-963002330228-001183-003-001401&cha=0.1&stagid=632c400f6736d736c5787e64&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.92&cb=96386812228&d39=&d65=Test1&d66=8.3.3&d73=&apppkg=&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=600&AV_HEIGHT=338
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.209.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-209-45.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www1.ihdstreams.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 23 Apr 2023 11:19:08 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif
URL
https://us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif/?gdpr=1&gdpr_consent=&us_privacy=1---&coppa=0&puid=1682248743295-963002330228-001183-003-001401&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D57%26auid%3D1682248743295-963002330228-001183-003-001401%26key%3D%24%7BUID%7D
Domain
adipololtd-d.openx.net
URL
https://adipololtd-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6eb568eb-2ad3-432a-a8e5-8f7216d1432d&nocache=1682248744178&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&pubcid=2eaf54b9-6bef-4554-9adc-e8b20fa3e6e7&schain=1.0%2C1!adipolo.com%2C22821132256%2C1%2C%2C%2C&aus=970x90%2C728x90&divids=stick&aucs=%252F7047%252C22821132256%252Fapl%252Faplmcm7047%252Fsticky%2523stick&auid=556544515
Domain
adipololtd-d.openx.net
URL
https://adipololtd-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=53fc8825-0fc0-4c0b-9356-9ac0e2ba5991&nocache=1682248744197&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&pubcid=2eaf54b9-6bef-4554-9adc-e8b20fa3e6e7&schain=1.0%2C1!adipolo.com%2C22821132256%2C1%2C%2C%2C&aus=300x250%2C336x280&divids=div-gpt-ad-8176806-2&aucs=%252F7047%252C22821132256%252Fapl%252Faplmcm7047%252Fsticky%2523stick&auid=556544515
Domain
adipololtd-d.openx.net
URL
https://adipololtd-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b7de0be5-9d11-4658-bb18-fc132f0d44cb&nocache=1682248744392&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&pubcid=2eaf54b9-6bef-4554-9adc-e8b20fa3e6e7&schain=1.0%2C1!adipolo.com%2C22821132256%2C1%2C%2C%2C&aus=728x90&divids=div-gpt-ad-8176806-4&aucs=%252F7047%252C22821132256%252Fapl%252Faplmcm7047%252Fsticky%2523stick&auid=556544515
Domain
adipololtd-d.openx.net
URL
https://adipololtd-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=12ccd448-e09f-4113-b882-b107461a0d5a&nocache=1682248744430&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&pubcid=2eaf54b9-6bef-4554-9adc-e8b20fa3e6e7&schain=1.0%2C1!adipolo.com%2C22821132256%2C1%2C%2C%2C&aus=120x600%2C160x600%2C300x600&divids=div-gpt-ad-8176806-6&aucs=%252F7047%252C22821132256%252Fapl%252Faplmcm7047%252Fsticky%2523stick&auid=556544515

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 boolean| credentialless object| __cfQR function| removeCustomBanner undefined| customBannerCountdownInterval string| str object| atOptions object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields object| aniplayerPos object| webpackChunk_aniview_player object| avContentPlayer object| storageAni object| _Hasync boolean| __cfRLUnblockHandlers object| googletag object| gptAdSlots object| interstitialSlot undefined| staticSlot object| anchorSlot object| vmpbjs object| vpb object| adipolo function| chfh function| chfh2 string| _HST_cntval object| Histats boolean| _value_RETURN_BUILDER function| _HistatsCounterGraphics_514 function| histats_canvascounters_base.js object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| _HistatsCounterGraphics_514_setValues object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| vmpbjsChunk object| ADAGIO object| GoogleGcLKhOms object| Criteo object| google_image_requests object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_134 object| Criteo_prebid_134

56 Cookies

Domain/Path Name / Value
www1.ihdstreams.xyz/ Name: HstCfa2633223
Value: 1682248743291
www1.ihdstreams.xyz/ Name: HstCla2633223
Value: 1682248743291
www1.ihdstreams.xyz/ Name: HstCmu2633223
Value: 1682248743291
www1.ihdstreams.xyz/ Name: HstPn2633223
Value: 1
www1.ihdstreams.xyz/ Name: HstPt2633223
Value: 1
www1.ihdstreams.xyz/ Name: HstCnv2633223
Value: 1
www1.ihdstreams.xyz/ Name: HstCns2633223
Value: 1
.modoro360.com/ Name: aniC
Value:
www1.ihdstreams.xyz/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.csync.loopme.me/ Name: viewer_token
Value: e5c5ebec-706e-40d4-ba2d-0066735349c4
.360yield.com/ Name: tuuid
Value: cf206123-2ffa-4f3b-afe0-824c20f93945
.360yield.com/ Name: tuuid_lu
Value: 1682248743
.ads.stickyadstv.com/ Name: pxId
Value: 1953
.ads.stickyadstv.com/ Name: UID
Value: 852a61ab40caa432e3e9162a8a235ef2
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 82a1786ce96f40d7
.modoro360.com/ Name: 1_C_200
Value: OPTOUT
servs.modoro360.com/ Name: 1_C_200
Value: OPTOUT
.modoro360.com/ Name: 1_C_22
Value: cf206123-2ffa-4f3b-afe0-824c20f93945
servs.modoro360.com/ Name: 1_C_22
Value: cf206123-2ffa-4f3b-afe0-824c20f93945
.modoro360.com/ Name: 1_C_56
Value: e5c5ebec-706e-40d4-ba2d-0066735349c4
servs.modoro360.com/ Name: 1_C_56
Value: e5c5ebec-706e-40d4-ba2d-0066735349c4
.modoro360.com/ Name: 1_C_10
Value: NMjYR4QJlX9b
servs.modoro360.com/ Name: 1_C_10
Value: NMjYR4QJlX9b
.aniview.com/ Name: 1_C_9
Value: 852a61ab40caa432e3e9162a8a235ef2
sync.aniview.com/ Name: 1_C_9
Value: 852a61ab40caa432e3e9162a8a235ef2
.adnxs.com/ Name: uuid2
Value: 8152611914254286615
www1.ihdstreams.xyz/ Name: _lr_retry_request
Value: true
www1.ihdstreams.xyz/ Name: _lr_env_src_ats
Value: false
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: pid
Value: 4676649340550096817
.ihdstreams.xyz/ Name: _pubcid
Value: 2eaf54b9-6bef-4554-9adc-e8b20fa3e6e7
.eqads.com/ Name: EQUser
Value: UID=b4acf0b1-f372-4df6-919b-829870ce3ac7
.tribalfusion.com/ Name: ANON_ID
Value: a1nr6iMwTkE6Xlypr9MFjZa9EFZaq6cGJFdXZbcfCpp2MkZcshdLiT6Jc1ZdenC0QEiQybk3Q0MFx
.amazon-adsystem.com/ Name: ad-id
Value: A3KuwlwwtEoWpFn8BZbndRU
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.ihdstreams.xyz/ Name: __gads
Value: ID=3b02cb78a26e84e2:T=1682248744:S=ALNI_MYvOJIZnqdrVhdPScw6pMm4ddFkJQ
.ihdstreams.xyz/ Name: __gpi
Value: UID=00000c08a1a7f47b:T=1682248744:RT=1682248744:S=ALNI_MYtTOaDQAoKkKmuLdIgsqKVHG5DQA
.doubleclick.net/ Name: IDE
Value: AHWqTUlbDiCjYgyMr_WPhlI6FAK4yJpl04TZsDgF_Pe8P9cKBZCq94KoEKCu2A-X
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?fdQXV$!]tbPl1M>e)ZlrFUfJ+tGXxoH<zAsGTC7!aX9nyREoR1nEa-w8OyymK?aq[33If)y3KL9D3I?+C^shl3
.casalemedia.com/ Name: CMPS
Value: 3300
.casalemedia.com/ Name: CMPRO
Value: 3300
.casalemedia.com/ Name: CMID
Value: ZEUUKWXHLtp6YRwKpkoKqQAA
.modoro360.com/ Name: 1_C_133
Value: a6f37f0123013099a595be2217fc435a
servs.modoro360.com/ Name: 1_C_133
Value: a6f37f0123013099a595be2217fc435a
.blismedia.com/ Name: b
Value: 6445142AF15057B7153FD710BLIS
.quantserve.com/ Name: d
Value: EFkBCQHpKIEA
.quantserve.com/ Name: mc
Value: 6445142a-657e5-560f1-d9b8a
.w55c.net/ Name: wfivefivec
Value: 992MrCGE1PQxKi5
.yahoo.com/ Name: A3
Value: d=AQABBCoURWQCEGZMWhEcLVlE146GJJ4vDhYFEgEBAQFlRmROZAAAAAAA_eMAAA&S=AQAAAmy0L68a97qrXIynZBZ_o2Y
.de17a.com/ Name: guid
Value: 1.8064997658940087546
.w55c.net/ Name: matchgoogle
Value: 5
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZEUUKgAE3L4_-gAn
.criteo.com/ Name: uid
Value: c57f6504-7849-4522-a9df-35228afe1900
.ihdstreams.xyz/ Name: cto_bundle
Value: bICBcl9OcFRUdyUyQmZZMldFbEVZTkhhY09XVTM5YjI5ekJCTlplY2NXQUl1N2IlMkZNTmFHZk5OMklYWmJFOFV3OEM3bzRaSVpIdkNyRWNMZVMzSmIwOEdvOU1tTCUyRnpibElpdUlFR1glMkZOaE9lRnVSYUZjQktydGZ6UVhLNFM4Tktnb1lOc3EwTUhBQU42U1JIayUyQkZpYm9ZS2xUV3dRJTNEJTNE
.ihdstreams.xyz/ Name: cto_bidid
Value: bICBcl9OcFRUdyUyQmZZMldFbEVZTkhhY09XVTM5YjI5ekJCTlplY2NXQUl1N2IlMkZNTmFHZk5OMklYWmJFOFV3OEM3bzRaSVpIdkNyRWNMZVMzSmIwOEdvOU1tTCUyRnpibElpdUlFR1glMkZOaE9lRnVSYUZjQktydGZ6UVhLNFM4Tktnb1lOc3EwTUhBQU42U1JIayUyQkZpYm9ZS2xUV3dRJTNEJTNE

7 Console Messages

Source Level URL
Text
network error URL: https://www.profitabledisplaynetwork.com/3ca0f619c604ae8a19b9799a144e8ee5/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://www.effectivecreativeformat.com/0154b07ef3e758a91da6b0cd107ed2d2/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=105
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://adipololtd-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6eb568eb-2ad3-432a-a8e5-8f7216d1432d&nocache=1682248744178&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&pubcid=2eaf54b9-6bef-4554-9adc-e8b20fa3e6e7&schain=1.0%2C1!adipolo.com%2C22821132256%2C1%2C%2C%2C&aus=970x90%2C728x90&divids=stick&aucs=%252F7047%252C22821132256%252Fapl%252Faplmcm7047%252Fsticky%2523stick&auid=556544515
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://adipololtd-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=53fc8825-0fc0-4c0b-9356-9ac0e2ba5991&nocache=1682248744197&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&pubcid=2eaf54b9-6bef-4554-9adc-e8b20fa3e6e7&schain=1.0%2C1!adipolo.com%2C22821132256%2C1%2C%2C%2C&aus=300x250%2C336x280&divids=div-gpt-ad-8176806-2&aucs=%252F7047%252C22821132256%252Fapl%252Faplmcm7047%252Fsticky%2523stick&auid=556544515
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://adipololtd-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b7de0be5-9d11-4658-bb18-fc132f0d44cb&nocache=1682248744392&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&pubcid=2eaf54b9-6bef-4554-9adc-e8b20fa3e6e7&schain=1.0%2C1!adipolo.com%2C22821132256%2C1%2C%2C%2C&aus=728x90&divids=div-gpt-ad-8176806-4&aucs=%252F7047%252C22821132256%252Fapl%252Faplmcm7047%252Fsticky%2523stick&auid=556544515
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://adipololtd-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=12ccd448-e09f-4113-b882-b107461a0d5a&nocache=1682248744430&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&pubcid=2eaf54b9-6bef-4554-9adc-e8b20fa3e6e7&schain=1.0%2C1!adipolo.com%2C22821132256%2C1%2C%2C%2C&aus=120x600%2C160x600%2C300x600&divids=div-gpt-ad-8176806-6&aucs=%252F7047%252C22821132256%252Fapl%252Faplmcm7047%252Fsticky%2523stick&auid=556544515
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
a4a1d4695c9eb6e1dd50849f478da31e.safeframe.googlesyndication.com
ad.360yield.com
adipolo.com
adipololtd-d.openx.net
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.nl
ap.lijit.com
api.rlcdn.com
bh.contextweb.com
bidder.criteo.com
buttons-config.sharethis.com
cdn.ampproject.org
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
content1.avplayer.com
count-server.sharethis.com
csync.loopme.me
d5p.de17a.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
feed.avplayer.com
fonts.googleapis.com
fonts.gstatic.com
ghb.aplhb.adipolo.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
image6.pubmatic.com
jscdn.greeter.me
l.sharethis.com
lb.eu-1-id5-sync.com
mp.4dex.io
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
platform-api.sharethis.com
platform-cdn.sharethis.com
player.adtelligent.com
player.aniview.com
player.aplhb.adipolo.com
player.avplayer.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
rtb.openx.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s10.histats.com
s4.histats.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
serv.modoro360.com
servs.modoro360.com
servt.modoro360.com
static.criteo.net
storage.de.cloud.ovh.net
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.smartadserver.com
tag.1rx.io
tg1.modoro360.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
track1.aniview.com
u.openx.net
um2.eqads.com
ups.analytics.yahoo.com
us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif
vid.vidoomy.com
vpaid.vidoomy.com
www.effectivecreativeformat.com
www.google.com
www.googletagservices.com
www.profitabledisplaynetwork.com
www1.ihdstreams.xyz
x.bidswitch.net
adipololtd-d.openx.net
us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif
13.32.99.34
142.250.186.66
145.239.139.16
147.75.84.158
149.56.240.31
151.101.194.49
162.19.138.117
162.19.138.82
173.233.137.44
178.250.7.13
18.197.251.255
18.198.72.223
18.65.39.103
185.64.189.115
185.80.39.216
185.86.139.101
185.89.211.12
192.243.61.227
198.148.27.139
2.16.238.158
205.185.216.42
209.54.182.161
213.155.156.168
213.19.147.42
213.19.147.45
216.52.2.16
23.201.255.110
23.212.211.47
23.35.236.201
2600:9000:206f:5e00:c:abe:f440:93a1
2600:9000:2394:800:1d:85c3:6640:93a1
2606:4700:10::6816:445
2606:4700::6812:19ad
2606:4700::6812:372
2620:100:a001::c
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:800::2001
2a00:1450:4001:800::200a
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:828::2006
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a02:2638:3::3
2a02:2638:d::a
2a02:26f0:3500:595::2c79
2a02:26f0:480:25::1726:6216
2a02:26f0:480:e::210:f105
2a02:6ea0:c700::11
2a02:6ea0:c700::17
2a05:d018:d29:3601:81ad:26ba:9b4f:af59
2a06:8640:764::2
2a06:98c1:3120::3
2a06:98c1:3121::3
3.224.209.45
3.224.224.100
3.224.47.164
3.75.62.37
3.77.118.156
34.120.133.55
34.200.84.78
34.240.98.76
34.96.105.8
34.98.64.218
35.214.153.92
35.227.252.103
44.212.211.193
45.133.44.4
46.105.201.240
51.89.9.254
54.221.136.210
69.16.175.10
69.16.175.42
69.173.144.139
8.43.72.97
98.98.134.241
0232264ad27dfd7cf41c4f313ff1fb7fad9329297dfd66424bed2a20710398ff
033b141c2dc9c1673f5eb46b75a5edba77dfb989f32af242c662c37da3628615
035a1ebcc1f734237ebc8ff4fd2083b1f8bef5d4098fef47eb780b427b1f4f78
040673a0881d966dfa7bb03b0888a9849f16b53a64e20a9c8e85cc7402a08fc0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ddc7573b965670564828330e8fd30a9169de349fafaad61cc6c22cb69c4c4d4
0de44804ca9fa2cb2ee9e4068b8cf9940da01fcd3d8a2f780c0c2ad8193a9753
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13369c42454445014ed09e0a17f5415129fad4db2cb31784ace3b8661746df6c
14458984eeaf80fbc8299c4bb381223da72da792f39f736f15afb6ce2aa05410
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
162f2f94d1001f4f063672e22f30338e40370a029b8f318d54283f365b00b1f7
17417d5dda996d8465b56fedf52908cc2ba8271f5891073353258ac58b5b5865
19d96e062d7e164a34e2a7773fab8c722f36ea442d2b944ce5cb359c8b78fa01
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
1e01e1af40dad2c10855f57cc2ce9dc75cd9e67aef45c66352d935cf7eab54cb
21c5a17916d69030c744cb42c6c2d1ea9aa36c4abbc36c7631e81368a81652f5
22ecddde71bfef2cd9670aea448224043def0675f08d20fb8355840555b4d35c
2319dbc0d652282694fa0847f099ecb17e4dca70baadde117a227a22e188860f
237c34a74aa8af6faa636c031ad3420ac4845b6ed3bc32206634ecf23ad4a73c
24206ab4713756ffb34eea1118c49184ece7d15687774987e9c71dc22b15c195
253d9f01f2be6922225d0c297a49d5538d8590bb6e93fa8660b8ba1ac38f20e1
27545268e07601849a17147b9abcc57fd8938acd2ffd9ad30787f387b1836cb0
291f3994773299e55d68a325cba52cabf111a4ea9563fc844ec3679635d9ff5d
292634a3f80a0a9ab204416cf35bd92e1aaf45823f8fe683df759f9467512bca
29828638d01d73bfd6bd1ff7c87772facd6910124912ebae7e0ac6429f347196
2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c
2c470984efff845d5290f15d3a01552b4bff15c1e40a48c944233a5bc5f69539
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfd3e50696a0ff9d8ba64c1b9d64171dadfa107bbed4cf26b3044532f809b96
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eba8e102a0cffb41a9348626acda896d2f3d7edd17798b0c2afdb8292f494d7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3415d1f3f46175bc47b0e1055fc044b0ca4743150abbdfb8ff2029b80029f36c
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
386d466b8bdd0cda283c79718d2aec07f38b9f9ed81eebe6d5266bb20cd42c10
3a06445086f0c4b8c4c1e75f247d2b8e50f3e7e9c3e9caf20d86532cf1873b30
3a7522d02dbbc03101dfe3d8cfb3b0ff1c974af884931a79477056345c306648
3c49942d851969cee2ed7c9d24370dfa247d7507c35af5218f2b47464eb14b2c
3c7089f98721eecdbbb450c9e2b45a1af7f93b3a7b72b7d28ca2cfd3db468eed
3cc3335f2ae3d8cfa56d710e5dbedee8d479dc5fa41ad5c390d807a85b9976e2
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4694e2402e7cec19ae2b3e28d7bb0a408f1d3478deb47684ac7bea3d36b23e10
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
475f627cb38b9edef85fa386ef13318d0bcda05a4518969266aba0b5eaf7585b
48270858f29e78f21515fc6d4558e0c24d8a69a1a60c12dfc75b67ab1f055a4f
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eeddb7276d7cfbccf3959f45339e8cc5e5a44c4d38a81cf52ee143e9edec3e5
501b65ee1b5dacca10ad1efdc68d3fb16aa58c6f825900bba277591cc6017352
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52593588f9518ae8a52ca878d4209fbb9f428b279cbd977759da1d08593b88a5
52b98041f17799a618553f84ae31612d094059682c2383b912f8591bc853ae81
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
59848ac7fa952227246d55a015096752802cb43ca29d530e1309f770ee54ab7b
5a767e3a4a89fd5d5747f2e60656de81560b8d24575c7be5df0d541906cb86ce
5a78816663e23e77747cdd94c956b1e5457b570fe5c1a3b006c133b968bde57d
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
60840c41a1567ff9974fedf13d208e77bfca3ef67e68bb3301a52469fabad13f
60d19fcc26403308bd021dd6ce6588cca81c6a42a34472277186bad9a4155022
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63baffa868a9c730c0643da094da30ee551e8718c1e3d4728042a54e49868d0a
644c38e9c9a29d85ba01ca4d12b86809889d7a09a4857b7c0110d7e5b7b8a543
65359004a97acaa73ad573bb100db1687b29252374263d5363440d9937b910df
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66ab182f4e8019504e09801f49b57d10a3d3812b998421ef51d58d6878c6490b
69757a999e346299ac9206d3c973eee6950b05596ded42e08c52abac0f8b56c7
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
70d4c7dc4e27349b8e8c174e19980d08a7ec29cede9d0c7027538da3b2c28a24
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72bdb44ead8397c5e6563d6f539923b9eb1ccd9036efe959fe7a8823c7e22041
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
7ab1732c6b4cd13a734584e8e6b30076852bdf62474f1cb667bf9ee7278084eb
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
7d4dd42fcb5a07fce2ae586794613b90bceba1f479891571ca14d511568e3249
7f09f9111eff260d1136b12ee8d69dbf2a9186df8245088c3cc0f2aa310edd8c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81a4bd27e957576653d3059ac699bf25e16698b98a98e26a6a84cf1d6d9660b5
82b08e0322f123b86837b48ebcc6f3ca7e439d277074195233a766e3bbe427e6
8460aaf36b73e229c6b0fcaf7bac791e23c3145e87de6a04d0d91541e39289b6
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
8511af2c0e0f877701ecceabdb9833984f9e4539d05196c05dfd78251dc55a1b
85e158b0f79a0475711959ff492b2ca896f518600eef53ed8bfae9e625871349
868096dc68c7385e06c28965f9d3fce4fbc7ae1595d2cb51b00ceb40e8da59c4
88dccd1fedf97146e18e3e6e300ccb5f9259da1e036f2d99a30bbb4801799d76
8ba897afaf4fe5ed3b038c92bb94098e52809e1225529c42c6fb5b3a22fa45e0
8bc5d45152d8be4a6a9485560823b2c98d1dc3eb5f824d44851572cf8316e7c5
8c82515f1fb7417eeb8c89cad47175238c494269573ab34ce32d698766ab9848
8d24e5776a749da40d6683ed49a1b40dc44f6c5a2b1b5b74aed65a756ffc6c5d
8f5ba267e4a28eeeeb5f692e2f89a08cb2d87be40ca4aca4a622c375939578fb
8f7f38f88200cd7d03cfee177d7115bd9c2362f3b5e6e555537d2a0fe4d2c8d2
91a92d130107c9ebc01d0ed64eb597aba094680cd9500f3f09459db1d5caf4f7
91d9858a3fbbbbb194b1de253ee64efccf4524e1f7289276deb4be8607995973
94250774030be67093bb2b17844ecb5c73f9fd12afcdaca0fee1f279f709d32a
95f9f8b04e6e9e009e521195ccf754ce16fdc9831bcf37864c49b082a73c8595
95fe8ca52a16ffdf66b7c7189d53db21f10a4ffa8ca9490dd9ce0f0a51d52931
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9757415edc6793a3544240a995b7f19f49c96bacf8d6ae41b2657d9f7bac1be7
9953f046235e5dff6ad5d40a6ee2927f53de1ab7c0a6e061e0551e69e9acddc4
9972b3148db4640e3162a1507c85a894468325f13e3ce6e24703eff7b7906f95
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bce0180a3a98168d3f8b1c49366ba3ac4937dac908e746d40d4a039157732ea
9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8
9f66145fbaf681859fb04fc4cdedf358806d85dd27355199545b97db90d48829
9fe070cefb33bdefefa4452d5c67edf332820b4e7d14ed0789e48f01c98067a3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cf5a31ceb90763b23bc028dc514fc14792f49667d60f2e0154b851d0486159
a79e170025bc60f0f8190e8baa0ffa6b368f07cf618348fc68cd29a02f831b1c
a80bc624f7ab3177dcab36c63396d6b7b3f18c41fd09c7a3e5b54792d566904a
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b06950cc60568dc5dc229e17b6ef1b1ae07180c35d89a0340ee8fafc37c8f519
b09e2680ab247bb7bbd4442627a5de37eef914ef38505470712d707cdff68293
b1250ec614f67f4dc0741b768511652eb3c7bab80d11728db06c17e320fe1279
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b216aecc7f40ee5f571dd6d372ecfae63366c5c93ea6034d6c10dd37d1d556d8
b4ca7381dbde69a6d23904a88fc46b887855d0ae5085b3b12c348a19156afbf2
b4e980c3fbbbe26dceaf863bfde4520bcc15e129758977b15717b759bfe93166
b59f9e7e5e04f01ea36f95ac5f5ad7df0d6427c527cb863d9b38e858ac6013b8
babfdd8d96853154749421058a8b281d3fa13dc64df98d8e57c477c7c56e41a4
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
bde74e092f728a245a93112d79690cf7817c71894bde7f46b77d0e78ab9e672a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4055685254f3344eedcade727197d24412c3614db15accc6ac61e8e32400906
c542012c84c6c9b8b31b62c0919d8c76fe2ceb18c8721646cb57f382f38d3020
c764d829f9a7d09d25b8be8ae983d80fd57a667633c3ea18c72deb5999067c80
c86ff4873e9a42ddb7901292db530723ac9276fc23244f60618606d5357f3781
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
cce1aee65b9f2093ba86119d6ef979fd5183c77b513a1f6c735e0cd56f951070
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce33815b4c0f7c15686c773ff8b0e5092b36696a6c758ef499dc32e5a8f01e9a
cecdb772902480238ed72f56e63233f74af64e5db96706a47d8d40363e6f6332
d2c81a30c76b5bb6524fa67e4b5c37bbb11108066b565dd4093e028fc416c02b
d2e99a650326801512516c4ed5c1bbefb9209d988822a1f7ca6e1f5247af2070
d4da9b0edef16e67866fd44fb4cfcbe53d5d44972dfb8bc11104ab651623b043
d58c8b785197b3325d8c4c6b7e78015d4124110c7ef045a3c23702e24c81e6be
d5e0ab924e442cf4360cb468f24812a3dc679c88c76d92f0ecf106f3c5f029f5
d7453cba618e16cce55d7e9e19fcc415070c86d3e4716274f190a73a06e38481
d7a1bdec6b5209de5be156a573409f2f9e30488cca22fb380d2234057c7973f1
d83f5af5af3cff4660a38b3ddf7db32151cee7558df222690e1b9c73339143ab
d856a9d8cb4553f58312d142670209fa537463a4530ca563a1625e24cbd7cc8f
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
daa899c75bad708ce043380a98297b232741bd4a4fa9f8a15504c486249f9496
dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba
daf93e9515d3dd837147e5b141deaba8ab0b6bf9cadf5c90cde1281790c321ad
e1cbae1c8cc7d330811eae70eb3cb7a53a15c95a0e0a6bb3f182e50d66ba256c
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4558415f627880263b408b58c30f1c9ae4765038c86beaf568d9c067b79c936
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8766f490acac9657a4f3f6cb95b75026efad318be323ddba4bb2d5c4df3cf5c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4e851bde18d7fc0111215f4d6a622bc9f648b0b96700b2e98a67c2cd633799
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
f00ca0c5e2e0ed94cdb593c8a5e00eeaf4123255ba9172041f8881657cfe1821
f29a35ed33fa48d501f06b8ee0b29270df19b1c927d0aa9ae82d98583cf5ecbe
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f349bdf1da0e51f20074d227417692c78c799bb5d4b95380ca6f471cc6aab75c
f49ed272e6a24d221826b41d2f62cade037e0ff951e628e368792c4a02a2ef09
f5392d68d5af09f4d329c68a6726b584393747b01003ea7c79bc06d22286853b
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8
fca03541a50907237eb1c1872eed044c5a98c6049e9f6064419e08e9cc82af6c
fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3
fe56b62bae82f4de230860f5784d46bee9f28e8afd36f19198c0b0fd88293faf