urlscan.io logo urlscan.io
SecurityTrails logo

layardesa21.cfd Open in urlscan Pro
2001:df0:27b:2::20cb  Public Scan

Go To Rescan Add Verdict Report
URL: https://layardesa21.cfd/
Submission: On December 26 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 93 IPs in 7 countries across 97 domains to perform 491 HTTP transactions. The main IP is 2001:df0:27b:2::20cb, located in Indonesia and belongs to CRI-AS-AP CV. Rumahweb Indonesia, ID. The main domain is layardesa21.cfd.
TLS certificate: Issued by R3 on December 26th 2023. Valid for: 3 months.
This is the only time layardesa21.cfd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 72 2001:df0:27b:... 58487 (CRI-AS-AP...)
8 2607:f8b0:400... 15169 (GOOGLE)
2 52.77.187.112 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 2607:f8b0:400... 15169 (GOOGLE)
2 2a02:6ea0:c45... 60068 (CDN77 ^_^)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2a02:6ea0:c40... 60068 (CDN77 ^_^)
1 2600:9000:251... 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2600:141b:1c0... 20940 (AKAMAI-ASN1)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 7 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a03:2880:f11... 32934 (FACEBOOK)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
4 162.252.214.5 53334 (TUT-AS)
1 185.200.118.51 9009 (M247)
1 38.132.109.115 9009 (M247)
1 185.200.116.51 9009 (M247)
23 2a03:2880:f01... 32934 (FACEBOOK)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 151.101.1.26 54113 (FASTLY)
3 13.225.214.67 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 173.239.53.36 27257 (WEBAIR-IN...)
1 158.69.254.144 16276 (OVH)
3 4 2620:116:800b... 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
1 18.173.137.123 16509 (AMAZON-02)
1 23.56.212.28 16625 (AKAMAI-AS)
4 2607:f8b0:400... 15169 (GOOGLE)
3 2606:4700:21:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 18.238.55.87 16509 (AMAZON-02)
3 18.218.108.54 16509 (AMAZON-02)
1 104.18.34.83 13335 (CLOUDFLAR...)
1 162.252.213.208 53334 (TUT-AS)
3 108.138.128.28 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 141.94.170.64 16276 (OVH)
3 8 23.216.137.114 16625 (AKAMAI-AS)
1 18.173.132.7 16509 (AMAZON-02)
4 23.196.3.202 20940 (AKAMAI-ASN1)
1 67.202.105.33 32748 (STEADFAST)
1 67.202.105.31 32748 (STEADFAST)
1 108.139.29.50 16509 (AMAZON-02)
10 10 3.33.220.150 16509 (AMAZON-02)
3 18.116.146.56 16509 (AMAZON-02)
3 4 35.244.154.8 15169 (GOOGLE)
1 1 107.178.254.65 15169 (GOOGLE)
1 4 2620:1ec:21::14 8068 (MICROSOFT...)
4 11 3.233.22.19 14618 (AMAZON-AES)
1 3 34.117.77.79 396982 (GOOGLE-CL...)
3 3 67.202.105.22 32748 (STEADFAST)
2 3 3.230.251.91 14618 (AMAZON-AES)
8 9 68.67.179.155 29990 (ASN-APPNEX)
8 9 34.111.113.62 396982 (GOOGLE-CL...)
1 1 34.192.249.162 14618 (AMAZON-AES)
1 34.197.227.33 14618 (AMAZON-AES)
1 104.91.104.69 16625 (AKAMAI-AS)
3 23 63.251.86.51 10913 (INTERNAP-BLK)
7 11 142.250.80.66 15169 (GOOGLE)
1 107.21.239.57 14618 (AMAZON-AES)
3 2607:f8b0:400... 15169 (GOOGLE)
1 13.226.34.99 16509 (AMAZON-02)
1 3 54.209.94.68 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 2606:4700:1::... 13335 (CLOUDFLAR...)
1 15.235.42.103 16276 (OVH)
1 2 23.105.12.120 30633 (LEASEWEB-...)
2 3 8.28.7.81 62713 (AS-PUBMATIC)
11 44.211.9.18 14618 (AMAZON-AES)
5 5 3.223.88.167 14618 (AMAZON-AES)
2 2600:1f18:ed:... 14618 (AMAZON-AES)
1 1 104.17.215.204 13335 (CLOUDFLAR...)
1 50.16.197.56 14618 (AMAZON-AES)
3 3 52.6.38.206 14618 (AMAZON-AES)
2 2 54.160.62.46 14618 (AMAZON-AES)
5 5 3.225.218.10 14618 (AMAZON-AES)
4 4 207.198.113.87 13768 (COGECO-PEER1)
1 69.173.151.100 26667 (RUBICONPR...)
3 4 151.101.66.49 54113 (FASTLY)
1 13.225.214.50 16509 (AMAZON-02)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
2 74.119.119.150 19750 (AS-CRITEO)
2 2 35.194.66.159 396982 (GOOGLE-CL...)
2 2 54.156.62.74 ()
2 3.223.16.170 ()
2 2 82.145.213.8 ()
2 2 8.2.110.134 ()
1 1 23.205.72.21 ()
1 3.213.97.139 ()
2 2 69.90.254.78 ()
3 3 35.211.178.172 ()
1 1 35.211.118.13 ()
1 1 35.169.93.15 ()
1 1 198.148.27.131 ()
1 1 213.19.162.80 ()
2 2 185.184.8.90 ()
1 3 52.46.155.104 ()
1 2607:f8b0:400... ()
2 2 52.73.206.246 ()
1 34.96.105.8 ()
2 2 35.207.24.140 ()
3 23.62.11.11 ()
1 5 34.98.64.218 ()
1 8.18.47.7 ()
2 11 8.28.7.83 ()
7 162.248.18.37 ()
1 1 199.38.167.130 ()
1 2 3.232.179.229 ()
2 2 54.166.148.14 ()
1 40.76.134.238 ()
1 2 35.71.139.29 ()
1 2600:1f18:4e9... ()
1 8.28.7.84 ()
1 1 52.45.111.235 ()
2 2 2606:ae80:147... ()
1 2 38.68.201.140 ()
1 1 2620:112:f002... ()
2 2 185.167.164.49 ()
491 93
72    2001:df0:27b:2::20cb (Indonesia)

ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID)
layardesa21.cfd
layardesa21.online
8    2607:f8b0:4006:820::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    52.77.187.112 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-187-112.ap-southeast-1.compute.amazonaws.com
xhr.invl.co
2    2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2606:4700:20::ac43:44fb (United States)

ASN13335 (CLOUDFLARENET, US)
img.involve.asia
3    2607:f8b0:4006:821::2001 (United States)

ASN15169 (GOOGLE, US)
1.bp.blogspot.com
yt3.ggpht.com
2    2606:4700::6812:cc0 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.trakteer.id
5    2607:f8b0:4006:820::200e (United States)

ASN15169 (GOOGLE, US)
apis.google.com
2    2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
images.dmca.com
2    2607:f8b0:4006:80a::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a02:6ea0:c400::11 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
www.betteradsystem.com
1    2600:9000:2514:7800:c:69b9:6340:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.hyperpromote.com
4    2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:141b:1c00:31::1739:5a4b (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
data.bvsrv.com
6    2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)
c.adsco.re
6.adsco.re
7    2606:4700:20::681a:4cb (United States)

ASN13335 (CLOUDFLARENET, US)
stream.trakteer.id
api.trakteer.id
4    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2606:4700:10::6814:5063 (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
4    162.252.214.5 (United States)

ASN53334 (TUT-AS, US)
4.adsco.re
adsco.re
1    185.200.118.51 (Poplar, United Kingdom)

ASN9009 (M247, RO)
PTR: adscore.com
8drescq1tgaf.l4.adsco.re
1    38.132.109.115 (Secaucus, United States)

ASN9009 (M247, RO)
8drescq1tgaf.n4.adsco.re
1    185.200.116.51 (Singapore, Singapore)

ASN9009 (M247, RO)
PTR: no-mans-land.m247.com
8drescq1tgaf.s4.adsco.re
23    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
2    2a03:2880:f082:108:face:b00c:0:3 (Chicago, United States)

ASN32934 (FACEBOOK, US)
scontent-ord5-2.xx.fbcdn.net
1    151.101.1.26 (United States)

ASN54113 (FASTLY, US)
polyfill.io
3    13.225.214.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-67.ewr50.r.cloudfront.net
assets.trakteer.id
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    173.239.53.36 (United States)

ASN27257 (WEBAIR-INTERNET, US)
push.bvsrv.com
1    158.69.254.144 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns548341.ip-158-69-254.net
s4.histats.com
4    2620:116:800b:21:f059:4f7e:28a9:1588 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
cms.quantserve.com
1    2607:f8b0:4006:823::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.173.137.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-137-123.jfk52.r.cloudfront.net
z-na.amazon-adsystem.com
1    23.56.212.28 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-212-28.deploy.static.akamaitechnologies.com
contextual.media.net
4    2607:f8b0:4006:81c::200e (United States)

ASN15169 (GOOGLE, US)
www.youtube.com
3    2606:4700:21::8d65:780a (United States)

ASN13335 (CLOUDFLARENET, US)
e.dtscout.com
t.dtscout.com
2    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
cloudflareinsights.com
3    18.238.55.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-87.jfk52.r.cloudfront.net
get.s-onetag.com
3    18.218.108.54 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-218-108-54.us-east-2.compute.amazonaws.com
pd.sharethis.com
1    104.18.34.83 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
1    162.252.213.208 (United States)

ASN53334 (TUT-AS, US)
betteradsystem.com
3    108.138.128.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-28.jfk50.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:20::ac43:4aba (United States)

ASN13335 (CLOUDFLARENET, US)
t.dtscdn.com
2    141.94.170.64 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh
pixel.onaudience.com
8    23.216.137.114 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-216-137-114.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
1    18.173.132.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-7.jfk52.r.cloudfront.net
onetag-geo.s-onetag.com
4    23.196.3.202 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-196-3-202.deploy.static.akamaitechnologies.com
t.sharethis.com
1    67.202.105.33 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
ic.tynt.com
1    67.202.105.31 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
de.tynt.com
1    108.139.29.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-50.jfk50.r.cloudfront.net
data-beacons.s-onetag.com
10    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
3    18.116.146.56 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-116-146-56.us-east-2.compute.amazonaws.com
sync.sharethis.com
4    35.244.154.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
11    3.233.22.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-22-19.compute-1.amazonaws.com
ps.eyeota.net
3    34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com
ml314.com
3    67.202.105.22 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
dp2.33across.com
dp1.33across.com
3    3.230.251.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-251-91.compute-1.amazonaws.com
map.go.affec.tv
9    68.67.179.155 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
ib.adnxs.com
9    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    34.192.249.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-249-162.compute-1.amazonaws.com
usermatch.krxd.net
1    34.197.227.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-227-33.compute-1.amazonaws.com
beacon.krxd.net
1    104.91.104.69 (Boston, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-91-104-69.deploy.static.akamaitechnologies.com
tags.bkrtx.com
23    63.251.86.51 (United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
ce.lijit.com
11    142.250.80.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net
cm.g.doubleclick.net
1    107.21.239.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-239-57.compute-1.amazonaws.com
track2.securedvisit.com
3    2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    13.226.34.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-99.ewr53.r.cloudfront.net
api.intentiq.com
3    54.209.94.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-94-68.compute-1.amazonaws.com
bcp.crwdcntrl.net
1    2607:f8b0:4006:80f::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2606:4700:1::6813:854c (United States)

ASN13335 (CLOUDFLARENET, US)
cm.mgid.com
1    15.235.42.103 (Terrebonne, Canada)

ASN16276 (OVH, FR)
PTR: haproxy-ca-002.roqad.pl
wt.rqtrk.eu
2    23.105.12.120 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.smartadserver.com
3    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
11    44.211.9.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-211-9-18.compute-1.amazonaws.com
sync.crwdcntrl.net
5    3.223.88.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-88-167.compute-1.amazonaws.com
i.liadm.com
2    2600:1f18:ed:550a:e949:4781:8199:98a6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
1    104.17.215.204 (None, )

ASN13335 (CLOUDFLARENET, US)
dmp.truoptik.com
1    50.16.197.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com
loadus.exelator.com
3    52.6.38.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-38-206.compute-1.amazonaws.com
dpm.demdex.net
2    54.160.62.46 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-62-46.compute-1.amazonaws.com
sync.srv.stackadapt.com
5    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
4    207.198.113.87 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    13.225.214.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-50.ewr50.r.cloudfront.net
aa.agkn.com
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
2    35.194.66.159 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com
um.simpli.fi
2    54.156.62.74 (None, )

ASN- ()
thrtle.com
2    3.223.16.170 (None, )

ASN- ()
rtb.adentifi.com
2    82.145.213.8 (None, )

ASN- ()
t.adx.opera.com
2    8.2.110.134 (None, )

ASN- ()
cs.krushmedia.com
1    23.205.72.21 (None, )

ASN- ()
hbx.media.net
1    3.213.97.139 (None, )

ASN- ()
sync.springserve.com
2    69.90.254.78 (None, )

ASN- ()
ums.acuityplatform.com
3    35.211.178.172 (None, )

ASN- ()
x.bidswitch.net
1    35.211.118.13 (None, )

ASN- ()
r.bidswitch.net
1    35.169.93.15 (None, )

ASN- ()
aorta.clickagy.com
1    198.148.27.131 (None, )

ASN- ()
bh.contextweb.com
1    213.19.162.80 (None, )

ASN- ()
pixel-eu.rubiconproject.com
2    185.184.8.90 (None, )

ASN- ()
creativecdn.com
3    52.46.155.104 (None, )

ASN- ()
s.amazon-adsystem.com
1    2607:f8b0:4006:81c::2006 (None, )

ASN- ()
s0.2mdn.net
2    52.73.206.246 (None, )

ASN- ()
match.prod.bidr.io
1    34.96.105.8 (None, )

ASN- ()
tr.blismedia.com
2    35.207.24.140 (None, )

ASN- ()
rtb.mfadsrvr.com
3    23.62.11.11 (None, )

ASN- ()
ads.pubmatic.com
5    34.98.64.218 (None, )

ASN- ()
us-u.openx.net
1    8.18.47.7 (None, )

ASN- ()
match.deepintent.com
11    8.28.7.83 (None, )

ASN- ()
simage2.pubmatic.com
7    162.248.18.37 (None, )

ASN- ()
image2.pubmatic.com
1    199.38.167.130 (None, )

ASN- ()
p.rfihub.com
2    3.232.179.229 (None, )

ASN- ()
beacon.lynx.cognitivlabs.com
2    54.166.148.14 (None, )

ASN- ()
pm.w55c.net
1    40.76.134.238 (None, )

ASN- ()
us01.z.antigena.com
2    35.71.139.29 (None, )

ASN- ()
eb2.3lift.com
1    2600:1f18:4e9:5a02:d4c8:9f2:5a1a:543f (None, )

ASN- ()
pr-bh.ybp.yahoo.com
1    8.28.7.84 (None, )

ASN- ()
image4.pubmatic.com
1    52.45.111.235 (None, )

ASN- ()
sync.ipredictive.com
2    2606:ae80:1471:19::1050 (None, )

ASN- ()
pubmatic-match.dotomi.com
2    38.68.201.140 (None, )

ASN- ()
pmp.mxptint.net
1    2620:112:f002:bbbb::21 (None, )

ASN- ()
ad.turn.com
2    185.167.164.49 (None, )

ASN- ()
c1.adform.net
Apex Domain
Subdomains		 Transfer
70 layardesa21.cfd
layardesa21.cfd
683 KB
25 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 793
ads.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
40 KB
25 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 953
scontent-ord5-2.xx.fbcdn.net — Cisco Umbrella Rank: 3512
581 KB
23 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
ce.lijit.com — Cisco Umbrella Rank: 835
45 KB
17 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
sync.crwdcntrl.net — Cisco Umbrella Rank: 799
30 KB
13 adsco.re
c.adsco.re — Cisco Umbrella Rank: 34114
6.adsco.re — Cisco Umbrella Rank: 34994
4.adsco.re — Cisco Umbrella Rank: 37372
8drescq1tgaf.l4.adsco.re
8drescq1tgaf.n4.adsco.re
8drescq1tgaf.s4.adsco.re
adsco.re — Cisco Umbrella Rank: 23422
59 KB
13 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
6 KB
12 trakteer.id
cdn.trakteer.id — Cisco Umbrella Rank: 244910
stream.trakteer.id
assets.trakteer.id — Cisco Umbrella Rank: 618153
api.trakteer.id — Cisco Umbrella Rank: 776456
51 KB
11 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 981
6 KB
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
274 KB
10 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
data.adsrvr.org
4 KB
10 sharethis.com
pd.sharethis.com — Cisco Umbrella Rank: 11669
t.sharethis.com — Cisco Umbrella Rank: 5617
sync.sharethis.com — Cisco Umbrella Rank: 2848
17 KB
9 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
1 KB
9 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 478
ib.adnxs.com
7 KB
8 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 638
stags.bluekai.com — Cisco Umbrella Rank: 848
3 KB
7 liadm.com
i.liadm.com — Cisco Umbrella Rank: 517
i6.liadm.com — Cisco Umbrella Rank: 2358
4 KB
6 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1240
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
pr-bh.ybp.yahoo.com
2 KB
6 google.com
apis.google.com — Cisco Umbrella Rank: 116
www.google.com — Cisco Umbrella Rank: 2
168 KB
5 openx.net
us-u.openx.net
eu-u.openx.net Failed
1 KB
5 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4856
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6028
data-beacons.s-onetag.com — Cisco Umbrella Rank: 14842
15 KB
5 involve.asia
img.involve.asia
345 KB
4 bidswitch.net
x.bidswitch.net
r.bidswitch.net
2 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
1 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 681
2 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
1 KB
4 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 408
1 KB
4 youtube.com
www.youtube.com — Cisco Umbrella Rank: 71
80 KB
4 amazon-adsystem.com
z-na.amazon-adsystem.com — Cisco Umbrella Rank: 9295
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com Failed
10 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1276
cms.quantserve.com
11 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
27 KB
4 gstatic.com
fonts.gstatic.com
77 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
2 KB
3 affec.tv
map.go.affec.tv — Cisco Umbrella Rank: 7853
2 KB
3 33across.com
dp2.33across.com — Cisco Umbrella Rank: 11078
dp1.33across.com — Cisco Umbrella Rank: 7877
1 KB
3 ml314.com
ml314.com — Cisco Umbrella Rank: 1824
616 B
3 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 13327
ic.tynt.com — Cisco Umbrella Rank: 11417
de.tynt.com — Cisco Umbrella Rank: 1577
9 KB
3 dtscout.com
e.dtscout.com — Cisco Umbrella Rank: 17386
t.dtscout.com — Cisco Umbrella Rank: 14358
5 KB
3 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 864
cloudflareinsights.com — Cisco Umbrella Rank: 842
7 KB
3 histats.com
s10.histats.com — Cisco Umbrella Rank: 15174
s4.histats.com — Cisco Umbrella Rank: 14862
11 KB
2 adform.net
c1.adform.net
1 KB
2 mxptint.net
pmp.mxptint.net
967 B
2 dotomi.com
pubmatic-match.dotomi.com
743 B
2 3lift.com
eb2.3lift.com
735 B
2 w55c.net
pm.w55c.net
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com
831 B
2 mfadsrvr.com
rtb.mfadsrvr.com
805 B
2 bidr.io
match.prod.bidr.io
1 KB
2 creativecdn.com
creativecdn.com
917 B
2 acuityplatform.com
ums.acuityplatform.com
1 KB
2 krushmedia.com
cs.krushmedia.com
1 KB
2 opera.com
t.adx.opera.com
1 KB
2 adentifi.com
rtb.adentifi.com
69 B
2 thrtle.com
thrtle.com
953 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
1 KB
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 550
725 B
2 turn.com
d.turn.com — Cisco Umbrella Rank: 1349
ad.turn.com
936 B
2 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 461
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com Failed
2 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
2 KB
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1285
1 KB
2 mgid.com
cm.mgid.com — Cisco Umbrella Rank: 1303
741 B
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1751
beacon.krxd.net — Cisco Umbrella Rank: 699
499 B
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2916
726 B
2 media.net
contextual.media.net — Cisco Umbrella Rank: 665
hbx.media.net
36 KB
2 bvsrv.com
data.bvsrv.com
push.bvsrv.com
23 KB
2 betteradsystem.com
www.betteradsystem.com — Cisco Umbrella Rank: 265628
betteradsystem.com — Cisco Umbrella Rank: 212209
11 KB
2 dmca.com
images.dmca.com — Cisco Umbrella Rank: 14517
3 KB
2 blogspot.com
1.bp.blogspot.com — Cisco Umbrella Rank: 11479
75 KB
2 layardesa21.online
layardesa21.online
198 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
2 invl.co
xhr.invl.co — Cisco Umbrella Rank: 141450
5 KB
1 ipredictive.com
sync.ipredictive.com
554 B
1 antigena.com
us01.z.antigena.com
1 rfihub.com
p.rfihub.com
792 B
1 deepintent.com
match.deepintent.com
340 B
1 blismedia.com
tr.blismedia.com
173 B
1 2mdn.net
s0.2mdn.net
489 B
1 contextweb.com
bh.contextweb.com
831 B
1 clickagy.com
aorta.clickagy.com
646 B
1 springserve.com
sync.springserve.com
206 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 499
730 B
1 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1408
324 B
1 truoptik.com
dmp.truoptik.com — Cisco Umbrella Rank: 2193
551 B
1 rqtrk.eu
wt.rqtrk.eu — Cisco Umbrella Rank: 1499
350 B
1 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1419
1 securedvisit.com
track2.securedvisit.com — Cisco Umbrella Rank: 4338
178 B
1 bkrtx.com
tags.bkrtx.com — Cisco Umbrella Rank: 5121
16 KB
1 pippio.com
pippio.com — Cisco Umbrella Rank: 777
634 B
1 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 15253
603 B
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 226
3 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1345
619 B
1 hyperpromote.com
cdn.hyperpromote.com
3 KB
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 tribalfusion.com Failed
s.tribalfusion.com Failed
0 adgrx.com Failed
cm.adgrx.com Failed
0 admedo.com Failed
pool.admedo.com Failed
0 technoratimedia.com Failed
sync.technoratimedia.com Failed
491 97
Domain Requested by
70 layardesa21.cfd layardesa21.cfd
23 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
18 ce.lijit.com ap.lijit.com
ce.lijit.com
ads.pubmatic.com
us-u.openx.net
11 simage2.pubmatic.com 2 redirects ads.pubmatic.com
11 sync.crwdcntrl.net bcp.crwdcntrl.net
11 cm.g.doubleclick.net 7 redirects bcp.crwdcntrl.net
ce.lijit.com
us-u.openx.net
11 ps.eyeota.net 4 redirects layardesa21.cfd
bcp.crwdcntrl.net
data-beacons.s-onetag.com
9 pixel.tapad.com 8 redirects ads.pubmatic.com
9 match.adsrvr.org 9 redirects
8 pagead2.googlesyndication.com layardesa21.cfd
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 image2.pubmatic.com ads.pubmatic.com
7 tags.bluekai.com 2 redirects layardesa21.cfd
de.tynt.com
tags.bkrtx.com
bcp.crwdcntrl.net
6 secure.adnxs.com 5 redirects layardesa21.cfd
6 stream.trakteer.id 2 redirects layardesa21.cfd
stream.trakteer.id
5 us-u.openx.net 1 redirects ce.lijit.com
us-u.openx.net
5 i.liadm.com 5 redirects
5 ap.lijit.com 3 redirects layardesa21.cfd
data-beacons.s-onetag.com
5 apis.google.com layardesa21.cfd
apis.google.com
www.youtube.com
5 img.involve.asia layardesa21.cfd
4 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
4 pixel-sync.sitescout.com 4 redirects
4 px.ads.linkedin.com 1 redirects layardesa21.cfd
4 idsync.rlcdn.com 3 redirects layardesa21.cfd
4 t.sharethis.com pd.sharethis.com
t.sharethis.com
4 www.youtube.com apis.google.com
www.youtube.com
4 www.facebook.com layardesa21.cfd
static.xx.fbcdn.net
4 fonts.gstatic.com fonts.googleapis.com
3 ads.pubmatic.com ce.lijit.com
ads.pubmatic.com
3 cms.quantserve.com 3 redirects
3 s.amazon-adsystem.com 1 redirects ce.lijit.com
ads.pubmatic.com
3 x.bidswitch.net 3 redirects
3 ib.adnxs.com 3 redirects
3 ups.analytics.yahoo.com 3 redirects
3 dpm.demdex.net 3 redirects
3 image6.pubmatic.com 2 redirects ads.pubmatic.com
3 bcp.crwdcntrl.net 1 redirects tags.crwdcntrl.net
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 map.go.affec.tv 2 redirects layardesa21.cfd
3 ml314.com 1 redirects layardesa21.cfd
bcp.crwdcntrl.net
3 sync.sharethis.com layardesa21.cfd
3 tags.crwdcntrl.net e.dtscout.com
tags.crwdcntrl.net
3 pd.sharethis.com e.dtscout.com
layardesa21.cfd
t.sharethis.com
3 get.s-onetag.com e.dtscout.com
get.s-onetag.com
3 assets.trakteer.id stream.trakteer.id
3 4.adsco.re layardesa21.cfd
c.adsco.re
3 6.adsco.re layardesa21.cfd
c.adsco.re
3 c.adsco.re www.betteradsystem.com
c.adsco.re
2 c1.adform.net 2 redirects
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 pubmatic-match.dotomi.com 2 redirects
2 eb2.3lift.com 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 rtb.mfadsrvr.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 creativecdn.com 2 redirects
2 ums.acuityplatform.com 2 redirects
2 cs.krushmedia.com 2 redirects
2 t.adx.opera.com 2 redirects
2 rtb.adentifi.com ads.pubmatic.com
2 thrtle.com 2 redirects
2 um.simpli.fi 2 redirects
2 dis.criteo.com ads.pubmatic.com
2 cms.analytics.yahoo.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 i6.liadm.com bcp.crwdcntrl.net
2 sync.smartadserver.com 1 redirects bcp.crwdcntrl.net
2 cm.mgid.com 1 redirects bcp.crwdcntrl.net
2 dp2.33across.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 t.dtscout.com e.dtscout.com
2 cloudflareinsights.com static.cloudflareinsights.com
2 scontent-ord5-2.xx.fbcdn.net www.facebook.com
2 s10.histats.com layardesa21.cfd
s10.histats.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 images.dmca.com layardesa21.cfd
2 cdn.trakteer.id layardesa21.cfd
cdn.trakteer.id
2 1.bp.blogspot.com layardesa21.cfd
2 layardesa21.online 2 redirects
2 fonts.googleapis.com layardesa21.cfd
cdn.trakteer.id
2 xhr.invl.co layardesa21.cfd
1 ad.turn.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 us01.z.antigena.com ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 tr.blismedia.com ce.lijit.com
1 s0.2mdn.net ce.lijit.com
1 data.adsrvr.org 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 bh.contextweb.com 1 redirects
1 aorta.clickagy.com 1 redirects
1 r.bidswitch.net 1 redirects
1 sync.springserve.com ce.lijit.com
1 hbx.media.net 1 redirects
1 d.turn.com 1 redirects
1 aa.agkn.com bcp.crwdcntrl.net
1 token.rubiconproject.com bcp.crwdcntrl.net
1 loadus.exelator.com bcp.crwdcntrl.net
1 dmp.truoptik.com 1 redirects
1 wt.rqtrk.eu bcp.crwdcntrl.net
1 www.google.com tpc.googlesyndication.com
1 api.intentiq.com data-beacons.s-onetag.com
1 track2.securedvisit.com data-beacons.s-onetag.com
1 stags.bluekai.com 1 redirects
1 tags.bkrtx.com pd.sharethis.com
1 dp1.33across.com 1 redirects
1 beacon.krxd.net layardesa21.cfd
1 usermatch.krxd.net 1 redirects
1 pippio.com 1 redirects
1 data-beacons.s-onetag.com get.s-onetag.com
1 de.tynt.com cdn.tynt.com
1 ic.tynt.com layardesa21.cfd
1 onetag-geo.s-onetag.com get.s-onetag.com
1 t.dtscdn.com e.dtscout.com
1 betteradsystem.com www.betteradsystem.com
1 cdn.tynt.com e.dtscout.com
1 yt3.ggpht.com www.youtube.com
1 api.trakteer.id assets.trakteer.id
1 e.dtscout.com s4.histats.com
1 adsco.re c.adsco.re
1 contextual.media.net layardesa21.cfd
1 z-na.amazon-adsystem.com layardesa21.cfd
1 www.google-analytics.com layardesa21.cfd
1 secure.quantserve.com layardesa21.cfd
1 s4.histats.com s10.histats.com
1 push.bvsrv.com data.bvsrv.com
1 static.cloudflareinsights.com stream.trakteer.id
1 polyfill.io stream.trakteer.id
1 8drescq1tgaf.s4.adsco.re c.adsco.re
1 8drescq1tgaf.n4.adsco.re c.adsco.re
1 8drescq1tgaf.l4.adsco.re c.adsco.re
1 data.bvsrv.com cdn.hyperpromote.com
1 cdn.hyperpromote.com layardesa21.cfd
1 www.betteradsystem.com layardesa21.cfd
0 aax-eu.amazon-adsystem.com Failed us-u.openx.net
0 eu-u.openx.net Failed us-u.openx.net
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 s.tribalfusion.com Failed ads.pubmatic.com
0 cm.adgrx.com Failed ads.pubmatic.com
0 pool.admedo.com Failed ads.pubmatic.com
0 sync.technoratimedia.com Failed ads.pubmatic.com
0 pixel-us-east.rubiconproject.com Failed ce.lijit.com
491 145
Subject Issuer Validity Valid
layardesa21.cfd
R3		 2023-12-26 -
2024-03-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.invl.co
Amazon RSA 2048 M01		 2023-04-01 -
2024-04-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
involve.asia
E1		 2023-11-25 -
2024-02-23		 3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
cdn.trakteer.id
R3		 2023-11-14 -
2024-02-12		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
images.dmca.com
R3		 2023-12-09 -
2024-03-08		 3 months crt.sh
1285643437.rsc.cdn77.org
R3		 2023-12-12 -
2024-03-11		 3 months crt.sh
cdn.hyperpromote.com
Amazon RSA 2048 M02		 2023-10-16 -
2024-11-12		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
data.bvsrv.com
R3		 2023-11-16 -
2024-02-14		 3 months crt.sh
*.adsco.re
Sectigo RSA Organization Validation Secure Server CA		 2023-09-23 -
2024-09-29		 a year crt.sh
stream.trakteer.id
E1		 2023-11-28 -
2024-02-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-05 -
2024-01-03		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-13 -
2024-05-11		 a year crt.sh
*.l4.adsco.re
R3		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.n4.adsco.re
R3		 2023-09-29 -
2023-12-28		 3 months crt.sh
*.s4.adsco.re
R3		 2023-10-03 -
2024-01-01		 3 months crt.sh
polyfill.io
Certainly Intermediate R1		 2023-12-22 -
2024-01-21		 a month crt.sh
assets.trakteer.id
Amazon RSA 2048 M01		 2023-08-24 -
2024-09-22		 a year crt.sh
bvsrv.com
R3		 2023-11-11 -
2024-02-09		 3 months crt.sh
histats.com
R3		 2023-11-23 -
2024-02-21		 3 months crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
z-na.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-18 -
2024-02-17		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
dtscout.com
GTS CA 1P5		 2023-11-20 -
2024-02-18		 3 months crt.sh
trakteer.id
GTS CA 1P5		 2023-11-18 -
2024-02-16		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
sharethis.com
Amazon RSA 2048 M02		 2023-05-22 -
2024-06-19		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
betteradsystem.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-14 -
2024-09-13		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
dtscdn.com
GTS CA 1P5		 2023-11-15 -
2024-02-13		 3 months crt.sh
cert1-prod.aut.a24365.net
R3		 2023-12-22 -
2024-03-21		 3 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh
*.bkrtx.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-06 -
2024-12-05		 a year crt.sh
securedvisit.com
Amazon RSA 2048 M03		 2023-08-16 -
2024-09-13		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.intentiq.com
Amazon RSA 2048 M02		 2023-04-11 -
2024-05-08		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.rqtrk.eu
RapidSSL TLS RSA CA G1		 2023-06-01 -
2024-05-31		 a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
event-horizon.gcp.bomm.in
GTS CA 1D4		 2023-11-03 -
2024-02-01		 3 months crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2023-03-08 -
2024-04-07		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh

This page contains 46 frames:

Primary Page: https://layardesa21.cfd/
Frame ID: A0344091B8C85DFF00B7A66153974BCC
Requests: 319 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: B29C25F05DE317052930B9E3E38EDDF1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6138101579182938&output=html&adk=1812271804&adf=3025194257&lmt=1703634797&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x675_l%7C236x675_r&format=0x0&url=https%3A%2F%2Flayardesa21.cfd%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703634796763&bpp=874&bdt=187&idt=1095&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1647552926132&frm=20&pv=2&ga_vid=185124931.1703634798&ga_sid=1703634798&ga_hid=1938453711&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=4374870627996756&tmod=1186320321&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=1140
Frame ID: 0022D2B869C1577C58EF6CCE920CFF41
Requests: 1 HTTP requests in this frame

Frame: https://stream.trakteer.id/top-supporter-default?ts_font=default&ts_count=3&ts_theme=default&ts_sortby=unit&ts_interval=7&ts_customtitle=LAYARDESA21&key=trstream-jd51bcAeLOErjYdNkmCR&timestamp=1701614702
Frame ID: 95CD92C5B7C5DAB50653A6FE970AF9E7
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmovie.ezyro%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId%3D388972031480695
Frame ID: 2D74F2CFD1D7F32657DBD1498021960D
Requests: 34 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: 74D9468B27E78F9EF1819F141EE0E8D7
Requests: 5 HTTP requests in this frame

Frame: https://secure.quantserve.com/quant.js
Frame ID: 3C0B003A0F396C449B0544E6668C32C3
Requests: 1 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: 0A3388AF2ADC83436A4423DF0D9F23C7
Requests: 1 HTTP requests in this frame

Frame: https://z-na.amazon-adsystem.com/widgets/onejs
Frame ID: E66E3F53C13B0F2AD93D5D4F163EE8AE
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/dmedianet.js
Frame ID: 86EAA01499967F37DBB685EF4C4387E3
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCLjrkq105aVFM4YJrNADBSQ&layout=full&count=default&origin=https%3A%2F%2Flayardesa21.cfd&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
Frame ID: 953F6628BD6923588DCDDBEE70068549
Requests: 6 HTTP requests in this frame

Frame: https://stream.trakteer.id/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: 7D0ACC2200E328E5397E0A726150B6F4
Requests: 2 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=4C301703634801762C11436DF18C5D3F
Frame ID: 8D23BE17EC91EB49F363EB6493941CA5
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: 42DC31F7217AE0ADF0CF9AB837AD0096
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: 73FE76C9B72125CB2DD59A9776FB8EE3
Requests: 7 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: 5681FC9C4DA19D829EF6E1593F54C522
Requests: 2 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/27519?id=212396702173106&ret=html&random=1703634802
Frame ID: DB986CABD7E7358037A8E09DF4C1F166
Requests: 1 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEPtCGSc_ulT8ZHjlP9j5XsQ&google_cver=1
Frame ID: 5D28C6EB05FDC3013E8EA96891B8BCF7
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=67990
Frame ID: F6DA4DF491DA4AF903F5F691136FAD73
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B1B540CBA50154A55788CF713674BC5D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7E0F6B1E1A3A808CEC677E17D003AE52
Requests: 2 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 3405811E220394001EDC4517F5A7B876
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C150%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C94%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: C7AA323F581D797628C6DB9A26826545
Requests: 24 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: C36EB26202F1AB1148A338A6DD92E7D9
Requests: 2 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Frame ID: F8E0CBC28DB1D2C969B391C62D6E4B5C
Requests: 21 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: CCD2E6593BF755315D830F94B7EAD446
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: F844E0A4E685A25BE8D1B0AB5B66069F
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: D3C79D316304F7AC9077F934274D37B4
Requests: 19 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=EF705E82-834E-4498-B549-A528228E689F&redir=true&gdpr=0&gdpr_consent=
Frame ID: 42A2666F445D38C1561D0F7649455427
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?uid=AAFcRU7LFs8AABYGRvEIRQ&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0
Frame ID: E8FE7129638A66E20D4E501301BE626D
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: D03978EAA6768F598C7D2CCE8F0C834D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5501317867227186810&gdpr=0&gdpr_consent=
Frame ID: 8DF91283FD67D86FB7AD3D2A5CEB6D06
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: D81EDBCEEE93D57708137AFC67B8B9B1
Requests: 1 HTTP requests in this frame

Frame: https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=564804b4-4203-49ac-93ae-bf3d3b294638
Frame ID: C27E9AABE9A7D467CA43907F793E90C0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=RUyDLkVOjHReS459F02WeUsfjyheH4h5ERpLxZDT
Frame ID: C3863F36A708E2314F54386C9B9E7315
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
Frame ID: D8E036EB5DF2162E3F699F5C22138AB8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=979321840894200633
Frame ID: B53DDC5CCA4231B933ACD87F5E1B751A
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: B28D74926E0E214DED7C817A9DD3F58D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ZSfz20w6V599SbOcGzQRzmAJ-SQ&gdpr=0&gdpr_consent=
Frame ID: E40374A2B51CB354696D019757D59C64
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=EF705E82-834E-4498-B549-A528228E689F
Frame ID: B75509C3D0615DBE1D8492ED2F3DEF87
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:CLkEKQIZ1RiheM5&gdpr=0&gdpr_consent=
Frame ID: 6321F2D232CBA9A0B4FA49BA4BFA9D7C
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: AB8170D2571E2FF89D0A195C17203379
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 9E30F9BA31454E10C0F7C5694C4D9634
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1c3ecebc9b364d8b9dd2d1047972181a
Frame ID: E1CF434E44E79E6E80E892E5472078DF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=869593281786
Frame ID: B072A259AD1AF8485F9E8864D14D498F
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=EF705E82-834E-4498-B549-A528228E689F
Frame ID: CDD4DD8B09E768E2BEB7892B692C5BFA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

LAYARDESA21 - Tempat Streaming dan Download Film Terbaru

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

491
Requests

49 %
HTTPS

29 %
IPv6

97
Domains

145
Subdomains

93
IPs

7
Countries

2759 kB
Transfer

6389 kB
Size

107
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://layardesa21.online/wp-content/uploads/2022/07/LAYARDESA21N-1.png HTTP 301
  • https://layardesa21.cfd/wp-content/uploads/2022/07/LAYARDESA21N-1.png
Request Chain 94
  • https://stream.trakteer.id/top-supporter-default.html?ts_font=default&ts_count=3&ts_theme=default&ts_sortby=unit&ts_interval=7&ts_customtitle=LAYARDESA21&key=trstream-jd51bcAeLOErjYdNkmCR&timestamp=1701614702 HTTP 308
  • https://stream.trakteer.id/top-supporter-default?ts_font=default&ts_count=3&ts_theme=default&ts_sortby=unit&ts_interval=7&ts_customtitle=LAYARDESA21&key=trstream-jd51bcAeLOErjYdNkmCR&timestamp=1701614702
Request Chain 156
  • https://layardesa21.online/wp-content/uploads/2022/07/LAYARDESA21N-1.png HTTP 301
  • https://layardesa21.cfd/wp-content/uploads/2022/07/LAYARDESA21N-1.png
Request Chain 321
  • https://stream.trakteer.id/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://stream.trakteer.id/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Request Chain 343
  • https://pixel.onaudience.com/?partner=137085098&mapped=4C301703634801762C11436DF18C5D3F HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=36425cb59abf4f4a
Request Chain 358
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/ttd?uid=ec751bcd-abcc-4c3e-b966-af69f83765e9&gdpr=0&gdpr_consent=
Request Chain 359
  • https://idsync.rlcdn.com/386076.gif?partner_uid=ZGUACGWLZ3EAAAAIA3PFAw%3D%3D&gdpr=0&gdpr_consent= HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkdVQUNHV0xaM0VBQUFBSUEzUEZBdz09EAAaDQjyzq2sBhIFCOgHEABCAEoA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ea4cb9602f3f6bf8e1b7643784b2559b9d5319beddb46efbcb9d81025f4be106791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ea4cb9602f3f6bf8e1b7643784b2559b9d5319beddb46efbcb9d81025f4be106791426b5417dce21&rand=08702024
Request Chain 360
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/eyeota?uid=2buXnQblztz-glV8xBfjAy7dnjeNpLofem2uWfC_RyOE&gdpr=0&gdpr_consent=
Request Chain 361
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGUACGWLZ3EAAAAIA3PFAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3640915825560911887 HTTP 307
  • https://ml314.com/csync.ashx?fp=&person_id=3640915825560911887&eid=50082
Request Chain 362
  • https://tags.bluekai.com/site/59574?id=ZGUACGWLZ3EAAAAIA3PFAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
  • https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
Request Chain 363
  • https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1703634802039.6 HTTP 302
  • https://tags.bluekai.com/site/27519?id=212396702173106&ret=html&random=1703634802
Request Chain 364
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1703634802039.1 HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=&us_privacy=&random=1703634802039.1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?uid=ec751bcd-abcc-4c3e-b966-af69f83765e9&bid=1e2n4ou
Request Chain 365
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSGWLZ3EY9imPNLMMAg%3D%3D&us_privacy=&_rand=1703634802039.2 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSGWLZ3EY9imPNLMMAg%3D%3D&us_privacy=&_rand=1703634802039.2&expected_cookie=c090a1c0-edba-4b90-a545-9200ceba603b
Request Chain 366
  • https://map.go.affec.tv/map/3a/?pid=CoIKSGWLZ3EY9imPNLMMAg%3D%3D&us_privacy=&ts=1703634802039.3 HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D658b677268ac570001db57a1%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent= HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D658b677268ac570001db57a1%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%2526gdpr_consent%253D%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://map.go.affec.tv/map/an/5501317867227186810?ch=658b677268ac570001db57a1&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent= HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://map.go.affec.tv/map/ttd/ec751bcd-abcc-4c3e-b966-af69f83765e9?ttd_puid=&gdpr=0&gdpr_consent=
Request Chain 367
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKSGWLZ3EY9imPNLMMAg%3D%3D&us_privacy=&random=1703634802039.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKSGWLZ3EY9imPNLMMAg%3D%3D&us_privacy=&random=1703634802039.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ef3a364c-95a5-4eee-93f9-149bbf33d78f%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ec751bcd-abcc-4c3e-b966-af69f83765e9&ttd_puid=ef3a364c-95a5-4eee-93f9-149bbf33d78f%2Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad%2C HTTP 302
  • https://usermatch.krxd.net/um/v2?partner=tapad HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Request Chain 368
  • https://dp2.33across.com/ps/?pid=1205&rand=1703634802039.5 HTTP 302
  • https://idsync.rlcdn.com/405716.gif?partner_uid=212396384215807
Request Chain 369
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKSGWLZ3EY9imPNLMMAg%3D%3D&us_privacy=&random=1703634802039.7&pu=https%3A%2F%2Flayardesa21.cfd%2F HTTP 302
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212302246824230&seg_code=33x&random=1703634802 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212302246824230%26seg_code%3D33x%26random%3D1703634802
Request Chain 371
  • https://ap.lijit.com/readerinfo/v2 HTTP 307
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Request Chain 372
  • https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGUACGWLZ3EAAAAIA3PFAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23366%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23366%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=62958182 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=ZkZoKzE1WXY5OWVVcS8raw%3D%3D HTTP 302
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEPtCGSc_ulT8ZHjlP9j5XsQ&google_cver=1
Request Chain 386
  • https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=895a99800f371706e65029416dd04c00 HTTP 307
  • https://cm.mgid.com/m?c=895a99800f371706e65029416dd04c00&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
Request Chain 388
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0 HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
Request Chain 389
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=EF705E82-834E-4498-B549-A528228E689F&gdpr=0
Request Chain 390
  • https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=895a99800f371706e65029416dd04c00 HTTP 303
  • https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=895a99800f371706e65029416dd04c00&_li_chk=true&previous_uuid=4f062ad89c26474ab24f40a16fc8480c HTTP 303
  • https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=895a99800f371706e65029416dd04c00
Request Chain 391
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=ec751bcd-abcc-4c3e-b966-af69f83765e9/gdpr=0/gdpr_consent=
Request Chain 392
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=895a99800f371706e65029416dd04c00&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D&ch=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Def3a364c-95a5-4eee-93f9-149bbf33d78f%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252Ftp%25253DTPAD%25252Ftpid%25253Def3a364c-95a5-4eee-93f9-149bbf33d78f%252C%25257B%252522fullVersionList%252522%25253A%25255B%25255D%25252C%252522mobile%252522%25253Afalse%25252C%252522model%252522%25253A%252522%252522%25252C%252522platform%252522%25253A%252522%252522%25252C%252522platformVersion%252522%25253A%252522%252522%25257D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5501317867227186810&pt=ef3a364c-95a5-4eee-93f9-149bbf33d78f%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253Def3a364c-95a5-4eee-93f9-149bbf33d78f%2C%257B%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=ef3a364c-95a5-4eee-93f9-149bbf33d78f
Request Chain 393
  • https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP HTTP 302
  • https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=9dcdd05454823c36c440bf94c990f978
Request Chain 395
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=895a99800f371706e65029416dd04c00&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=895a99800f371706e65029416dd04c00&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=42538027664982217971916778039638224646/gdpr=0
Request Chain 397
  • https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-6527f3db-4c3a-579f-7d49-b39c1b3411ce$ip$96.9.249.36&gdpr=0&gdpr_consent=
Request Chain 399
  • https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-8ccuL9NE2pwvh_P6JFDYZOiIldfn3i_ZgeU-~A&gdpr=0
Request Chain 400
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=21d7bfed-aad2-42c1-a38e-8733aa1f1edd-658b6773-5553/gdpr=0
Request Chain 402
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=ZYtndAAJ0smXVQAM HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZYtndAAJ0smXVQAM/gdpr=0&_test=ZYtndAAJ0smXVQAM
Request Chain 407
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/895a99800f371706e65029416dd04c00/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8502203748285965579/gdpr=0
Request Chain 408
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=547915985 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=5501317867227186810/gdpr=0/rand=547915985
Request Chain 410
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H415jSZHJIZaxf55RVWaZjk0&rnd=73315 HTTP 303
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H415jSZHJIZaxf55RVWaZjk0&rnd=73315&_li_chk=true&previous_uuid=fc40eaffc1884d1480c4364e150fe4e1 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 413
  • https://um.simpli.fi/lj_match?r=15398 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=CC3E0FF596F344A6A824B36AB53A5030
Request Chain 415
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H415jSZHJIZaxf55RVWaZjk0&rnd=85441 HTTP 303
  • https://i6.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H415jSZHJIZaxf55RVWaZjk0&rnd=85441
Request Chain 418
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=H415jSZHJIZaxf55RVWaZjk0/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
  • https://ce.lijit.com/merge?pid=5001&3pid=895a99800f371706e65029416dd04c00
Request Chain 420
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mld4bWF1UlJmVUs3ajdYZ3BNVVRSY2wwVUlPUWN6aXdmeWVPdmxyOHctWHM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESED9sJx8n5jZpHJOv73V1Bog&google_cver=1
Request Chain 421
  • https://cms.analytics.yahoo.com/cms?partner_id=Eyeot HTTP 302
  • https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot HTTP 302
  • https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-ATuzZ0hE2pXqR3wQX6TnOszI955o.GG10wY-~A
Request Chain 422
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u HTTP 302
  • https://ps.eyeota.net/match?uid=ZYtndAAJ0smXVQAM&bid=0rijhbu&referrer_pid=51md42u
Request Chain 423
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u HTTP 302
  • https://ps.eyeota.net/match?uid=5501317867227186810&bid=2cr76e1&referrer_pid=51md42u
Request Chain 424
  • https://tags.bluekai.com/site/29537?limit=1&id=2JN8K7xUNk4jjxc6VKaOR_KMTqghyDZWfBNncfiso-aM HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
  • https://tags.bluekai.com/site/5386?id=ec751bcd-abcc-4c3e-b966-af69f83765e9&gdpr=0&gdpr_consent=
Request Chain 425
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H415jSZHJIZaxf55RVWaZjk0 HTTP 302
  • https://thrtle.com/sync?_reach=1&vxii_pdid=H415jSZHJIZaxf55RVWaZjk0&vxii_pid=12&vxii_pid1=7002&vxii_rcid=440c0423-7920-437c-85dd-51c1fa02d880&vxii_rmax=1 HTTP 302
  • https://rtb.adentifi.com/CookieSyncThrotle
Request Chain 428
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?3pid=OPU300c10bfca4e4768b99e9a898d5cad8e&gdpr=0&gdpr_consent=&pid=103
Request Chain 429
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent= HTTP 302
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=[GDPR_CONSENT]&us_privacy=[CCPA]&redirect=https%3A%2F%2Fcs.krushmedia.com%2F69da6122611580d07d521cb63b7edc81.gif%3Fpuid%3D%3Cvsid%3E HTTP 302
  • https://cs.krushmedia.com/69da6122611580d07d521cb63b7edc81.gif?puid=3466364086634050000V10 HTTP 302
  • https://sync.springserve.com/usersync?aid=1917&uuid=bac4105c-aa7e-55f9-b7e5-51dd67f5b068
Request Chain 430
  • https://ums.acuityplatform.com/tum?umid=27&uid=H415jSZHJIZaxf55RVWaZjk0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=66&3pid=869593281786
Request Chain 431
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=fmx&bsw_custom_parameter=564804b4-4203-49ac-93ae-bf3d3b294638 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=564804b4-4203-49ac-93ae-bf3d3b294638&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dfmx%26bsw_param%3D564804b4-4203-49ac-93ae-bf3d3b294638 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=fmx&bsw_param=564804b4-4203-49ac-93ae-bf3d3b294638 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=564804b4-4203-49ac-93ae-bf3d3b294638&gdpr=&gdpr_consent=&us_privacy=
Request Chain 432
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=H415jSZHJIZaxf55RVWaZjk0&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=ZYtneO55gF0OQXeAPrJzFa-a
Request Chain 433
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SDQxNWpTWkhKSVpheGY1NVJWV2Faamsw&gdpr=0
Request Chain 434
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=6weuRV3PhtPg&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 435
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=LQN06C0J-24-DBGS&gdpr=0
Request Chain 436
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=59FpBnFGOjgM89EVybvpKtdEF7GFD-Z0Wt_ao5mNfP4&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Request Chain 437
  • https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Request Chain 438
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=ec751bcd-abcc-4c3e-b966-af69f83765e9&gdpr=0&gdpr_consent=
Request Chain 439
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=SDQxNWpTWkhKSVpheGY1NVJWV2Faamsw&gdpr=0 HTTP 302
  • https://s0.2mdn.net/dot.gif?gdpr=0
Request Chain 440
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?3pid=AAFcRU7LFs8AABYGRvEIRQ&pid=85&gdpr=0
Request Chain 441
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=VOansFTkqOpP4f6xU-ay5APjqOFP66bmBuKfN6CD
Request Chain 443
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1703634808254 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8333128805 HTTP 302
  • https://sync.1rx.io/usersync/turn/8502203748285965579?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-bb9b811b-8b63-4d30-b278-d823679b95ec-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-bb9b811b-8b63-4d30-b278-d823679b95ec-005 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-bb9b811b-8b63-4d30-b278-d823679b95ec-005
Request Chain 444
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=166d5561-eb26-4d81-85cf-e3c1750eb49d
Request Chain 445
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=5501317867227186810&gdpr=0&gdpr_consent=
Request Chain 447
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=21d7bfed-aad2-42c1-a38e-8733aa1f1edd-658b6773-5553&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D21d7bfed-aad2-42c1-a38e-8733aa1f1edd-658b6773-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=21d7bfed-aad2-42c1-a38e-8733aa1f1edd-658b6773-5553&gdpr=0&gdpr_consent=
Request Chain 449
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Request Chain 453
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIem1rN0xGczhBQUJPdE1JWENFdw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?uid=AAFcRU7LFs8AABYGRvEIRQ&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0
Request Chain 455
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5501317867227186810&gdpr=0&gdpr_consent=
Request Chain 457
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=564804b4-4203-49ac-93ae-bf3d3b294638
Request Chain 458
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=RUyDLkVOjHReS459F02WeUsfjyheH4h5ERpLxZDT
Request Chain 459
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
Request Chain 460
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=979321840894200633
Request Chain 461
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 462
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ZSfz20w6V599SbOcGzQRzmAJ-SQ&gdpr=0&gdpr_consent=
Request Chain 463
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=32efe58e-fc2d-4e10-88d6-6d386fc646f0&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=EF705E82-834E-4498-B549-A528228E689F
Request Chain 464
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:CLkEKQIZ1RiheM5&gdpr=0&gdpr_consent=
Request Chain 467
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1c3ecebc9b364d8b9dd2d1047972181a
Request Chain 468
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=869593281786
Request Chain 470
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=73BegoNORJi1SaUoIo5onw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 471
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=EF705E82-834E-4498-B549-A528228E689F HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=ef3a364c-95a5-4eee-93f9-149bbf33d78f&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3Def3a364c-95a5-4eee-93f9-149bbf33d78f%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=42538027664982217971916778039638224646&pt=ef3a364c-95a5-4eee-93f9-149bbf33d78f%2C%2C
Request Chain 473
  • https://eb2.3lift.com/xuid?mid=7976&xuid=EF705E82-834E-4498-B549-A528228E689F&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=EF705E82-834E-4498-B549-A528228E689F&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Request Chain 474
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUY3MDVFODItODM0RS00NDk4LUI1NDktQTUyODIyOEU2ODlG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 475
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENs126HPgDNAt7jhjnh1rlE&google_cver=1
Request Chain 476
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CC3E0FF596F344A6A824B36AB53A5030
Request Chain 477
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ec751bcd-abcc-4c3e-b966-af69f83765e9&gdpr=0&gdpr_consent=
Request Chain 479
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=EF705E82-834E-4498-B549-A528228E689F&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-sxo1CEZE2uWEdMAvfi6hQM0VnKmijEg-~A&gdpr=0
Request Chain 480
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=227d26b2-4aba-4dba-8c70-06ea32be3d8d&gdpr=0&gdpr_consent=
Request Chain 481
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=EF705E82-834E-4498-B549-A528228E689F&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3749b26d2c6023ce&is_secure=true&networkId=17100&version=1&nuid=EF705E82-834E-4498-B549-A528228E689F&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMuHGL0RFl8QNccs4LAAAAAAA&expiration=1703721208&nuid=EF705E82-834E-4498-B549-A528228E689F&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 482
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA5_10E52500B_8A74035C&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 484
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8502203748285965579&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 485
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=21d7bfed-aad2-42c1-a38e-8733aa1f1edd-658b6773-5553&gdpr=0&gdpr_consent=
Request Chain 486
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4606462767633070590
Request Chain 488
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=nyEOCZ8jAVOEJlcImCEbXcgkAViELA9fzSVuaOWa
Request Chain 489
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1938618450987309207
Request Chain 491
  • https://match.adsrvr.org/track/cmf/openx?oxid=7f42e5a0-f934-32c5-6874-976f24957db0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=ec751bcd-abcc-4c3e-b966-af69f83765e9&ttd_puid=7f42e5a0-f934-32c5-6874-976f24957db0&gdpr=0&gdpr_consent=
Request Chain 493
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELkBtrUwzCtL8T4bBHt7vlg&google_cver=1

491 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
layardesa21.cfd/ 		384 KB
61 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache / PHP/7.4.33
Resource Hash
f7e9b2cbafcb62022a813afaca27672d7abb1db60268626b7c47e19928e9c263
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
br
content-length
62002
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Tue, 26 Dec 2023 23:53:15 GMT
link
<https://layardesa21.cfd/wp-json/>; rel="https://api.w.org/"
server
Apache
vary
Accept-Encoding
x-litespeed-tag
7a3_HTTP.200
x-powered-by
PHP/7.4.33
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6138101579182938
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50901786732c055272b040accb61f5b1414225d7d99952f7be520277ea6b1655
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://layardesa21.cfd/
Origin
https://layardesa21.cfd
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51280
x-xss-protection
0
server
cafe
etag
11633317689706396918
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 23:53:16 GMT
auto.js
xhr.invl.co/magic/832996/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xhr.invl.co/magic/832996/auto.js
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.187.112 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-187-112.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c4d9d0bdf2e780834ff0a1e89eb9931254a2d671f5ad2a0210daec34ab0eb208
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=300, public
x-xss-protection
1; mode=block
idmuvi-core.css
layardesa21.cfd/wp-content/plugins/idmuvi-core/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://layardesa21.cfd/wp-content/plugins/idmuvi-core/css/idmuvi-core.css?ver=2.1.6
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
7aa7a39fa6ec967abe729994991271bbaf3b04f9ce929a888f240bb8c2447b97
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
date
Tue, 26 Dec 2023 23:53:16 GMT
last-modified
Fri, 22 Dec 2023 14:30:45 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3388
dashicons.min.css
layardesa21.cfd/wp-includes/css/ 		58 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://layardesa21.cfd/wp-includes/css/dashicons.min.css?ver=6.4.2
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
date
Tue, 26 Dec 2023 23:53:16 GMT
last-modified
Wed, 03 Mar 2021 19:46:22 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
35109
frontend.min.css
layardesa21.cfd/wp-content/plugins/post-views-counter/css/ 		217 B
194 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://layardesa21.cfd/wp-content/plugins/post-views-counter/css/frontend.min.css?ver=1.4.3
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
cc2a604a1e6f73444e8db5d749a64c62899943e68ad07feeee39050b4fdb32cb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
date
Tue, 26 Dec 2023 23:53:16 GMT
last-modified
Tue, 21 Nov 2023 07:17:56 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
104
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C300%26subset%3Dlatin%2C&ver=2.1.8
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2004da08c3292d624ecf047b2abea5e34c7d9d723e28629e5e61c73ac383e1f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 26 Dec 2023 23:53:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Dec 2023 23:53:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 Dec 2023 23:53:16 GMT
style.css
layardesa21.cfd/wp-content/themes/muvipro/ 		75 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://layardesa21.cfd/wp-content/themes/muvipro/style.css?ver=2.1.8
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
6b9d9a7466336a2c9447aa8f1a5e265e56ed83cefaad3a5d965deb249bbf5302
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
date
Tue, 26 Dec 2023 23:53:16 GMT
last-modified
Thu, 03 Nov 2022 15:48:00 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
15718
74100-TOcUPqFVTbGqtc6J610Fgbkai8N8zBNl.jpg
img.involve.asia/rpss/campaigns_banners/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.involve.asia/rpss/campaigns_banners/74100-TOcUPqFVTbGqtc6J610Fgbkai8N8zBNl.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d061422ea894052fca477e2c5c713b8fdd2528372debaa53b6aad5baf21404ed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
MKH2SJDE4NDTNCC3
cf-polished
degrade=85, origSize=479667
alt-svc
h3=":443"; ma=86400
content-length
125964
x-amz-id-2
Eoa5GHn07dKp7ujgQsXRERipKh//lxR7Vh58RwGQFCsSSB6S1M7cKr8q1nNirgZuFCCediHG/gA=
cf-bgj
imgq:85,h2pri
last-modified
Fri, 16 Jun 2023 07:36:15 GMT
server
cloudflare
etag
"0175cfb1346e26fd935233e6d9be1b62"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6eTG%2Bm3wsrC%2BzSrxZUlLmPstSa6OH7dMxy8l%2F69qXXpC61nDXqS0MEkNW1TdL2C5tNuoLfHQuUSpf5EKsteSipnNmnp%2FKxmI0qDU29lMJgP4W3gUUSBRcDqWM1lVF3XNLr%2F7yrrCy1tDXM7ST8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83bd3e074adc4bc3-BUF
LAYARDESA21N-1.png
layardesa21.cfd/wp-content/uploads/2022/07/
Redirect Chain
  • https://layardesa21.online/wp-content/uploads/2022/07/LAYARDESA21N-1.png
  • https://layardesa21.cfd/wp-content/uploads/2022/07/LAYARDESA21N-1.png
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2022/07/LAYARDESA21N-1.png
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
14cfbfe7efa045c8c4258889581e400abd534ee1be047d87d73e96188a61560e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Fri, 29 Jul 2022 07:03:54 GMT
server
Apache
accept-ranges
bytes
content-length
15775
content-type
image/png

Redirect headers

location
http://layardesa21.cfd/wp-content/uploads/2022/07/LAYARDESA21N-1.png
content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:16 GMT
server
Apache
content-length
276
content-type
text/html; charset=iso-8859-1
ui4DrH1cKk2vkHshcUcGt2lKxCm-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/ui4DrH1cKk2vkHshcUcGt2lKxCm-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
ae49ff502948781cbcd774ff08e1cbeed552da68f9ede7e1e6a71d1a7c29ab18
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Mon, 25 Dec 2023 13:02:47 GMT
server
Apache
accept-ranges
bytes
content-length
10169
content-type
image/jpeg
tVNiy0GE4QgNlTh5XS6owEwnYEK-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/tVNiy0GE4QgNlTh5XS6owEwnYEK-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
017bb276226c4ee345ff2c4f63b33356555fbae14db2e22939417b5565331f40
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Mon, 25 Dec 2023 12:53:49 GMT
server
Apache
accept-ranges
bytes
content-length
11814
content-type
image/jpeg
jtKAARhtxOyAwqibPxfNexWkIWO-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/jtKAARhtxOyAwqibPxfNexWkIWO-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
acf572749c371d3e162cecca1f157cad1a5a1f6dad27b68e013132b5e7eb1a8c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Mon, 25 Dec 2023 12:47:49 GMT
server
Apache
accept-ranges
bytes
content-length
11968
content-type
image/jpeg
1mwTqJ8gV1woONpmO2fMSsWV0rC-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/1mwTqJ8gV1woONpmO2fMSsWV0rC-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
0ccca952743fdf3a508513e1c80b6bd84d1eb45a39918b5862ed826fe037d3b0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Sat, 23 Dec 2023 10:24:49 GMT
server
Apache
accept-ranges
bytes
content-length
12888
content-type
image/jpeg
tlcuhdNMKNGEVpGqBZrAaOOf1A6-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/tlcuhdNMKNGEVpGqBZrAaOOf1A6-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
e8e59600aef82a86c1a49715c6393db5989f9dfe9729dba7fdbc2e2accd02d77
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Fri, 22 Dec 2023 09:47:09 GMT
server
Apache
accept-ranges
bytes
content-length
10945
content-type
image/jpeg
hkxxMIGaiCTmrEArK7J56JTKUlB-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/hkxxMIGaiCTmrEArK7J56JTKUlB-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
049648cfcd7a6cea6c07b3a23759fb76b3cd7862664a862ee2797040c138e5fa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Fri, 22 Dec 2023 09:41:48 GMT
server
Apache
accept-ranges
bytes
content-length
7252
content-type
image/jpeg
3KeaT99qgLFclO36mM8jLSCSIlc-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/3KeaT99qgLFclO36mM8jLSCSIlc-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
7f74247f7e2a1d06f3d5a67a91d5132ddd29b64d1dffb805e5dbdc5b32965f2b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Thu, 21 Dec 2023 12:31:51 GMT
server
Apache
accept-ranges
bytes
content-length
11729
content-type
image/jpeg
i52ZSFfs0PBpy75TLy8KbBLfWgp-1-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/i52ZSFfs0PBpy75TLy8KbBLfWgp-1-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
db0b8fb718e6b7211877ada7715bc9826de57e2755cb67dcdce2f996d8961e5c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Thu, 21 Dec 2023 13:55:20 GMT
server
Apache
accept-ranges
bytes
content-length
10898
content-type
image/jpeg
yS0FPDYLRIrqF2lSX2NG2qLezgO-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/yS0FPDYLRIrqF2lSX2NG2qLezgO-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
93a22d9bb7c49049f5e79cad146e04ada7b3f7e340cf50c8904439e447e6f00d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Mon, 25 Dec 2023 14:06:47 GMT
server
Apache
accept-ranges
bytes
content-length
7149
content-type
image/jpeg
koV70b1IMNlQTIuXL3FgGERdXtj-1-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/koV70b1IMNlQTIuXL3FgGERdXtj-1-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
ebd9a65d07f9010f987583d3f3e0e6c79febdb5c3515f1cef38290575b59c2c2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Mon, 25 Dec 2023 14:17:20 GMT
server
Apache
accept-ranges
bytes
content-length
7992
content-type
image/jpeg
lQV6CY7PJ2rCslIIWHEBOypY8tk-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/lQV6CY7PJ2rCslIIWHEBOypY8tk-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
1810f4ca5d97f062265af1880a6aa1b0e4a95f68aaa4b09c879b0797132635d7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Sat, 23 Dec 2023 10:21:47 GMT
server
Apache
accept-ranges
bytes
content-length
6305
content-type
image/jpeg
yAvhSlj1aciZALwtXNvaSoSwJL4-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/yAvhSlj1aciZALwtXNvaSoSwJL4-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
f9d3016b78add130c49024877c1b3b5b302ed4cb68f48a0650d241396b3b6654
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Fri, 22 Dec 2023 13:43:14 GMT
server
Apache
accept-ranges
bytes
content-length
8263
content-type
image/jpeg
zMOGjKYnbI04NZUTSM0r1g11aVm-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/zMOGjKYnbI04NZUTSM0r1g11aVm-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
81a68c5bace896b3fe9b8552491c255bc890aacd1026249a9639a89a5a8a1bf3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Tue, 19 Dec 2023 14:27:37 GMT
server
Apache
accept-ranges
bytes
content-length
7628
content-type
image/jpeg
up58iAlCAzylAOthgHoOwlXkr5N-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/up58iAlCAzylAOthgHoOwlXkr5N-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
4bbcbdee2c7be1d28bd25523b111d6d6ec384edf6a54c1736d4e8affaef7e2b2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Mon, 18 Dec 2023 13:02:46 GMT
server
Apache
accept-ranges
bytes
content-length
9181
content-type
image/jpeg
eIj5HFaVjFnv89wShLe2hsSPugR-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/eIj5HFaVjFnv89wShLe2hsSPugR-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
053614d2054f37d32f01759162c923280ec122f195aa7513c829c32c65444a87
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Thu, 14 Dec 2023 03:14:16 GMT
server
Apache
accept-ranges
bytes
content-length
7994
content-type
image/jpeg
ac1t1G20JX3uDIWHvjFg8pJJQLq-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/ac1t1G20JX3uDIWHvjFg8pJJQLq-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
5cebcfb1c7eeab58e2ce0f354fcdf8e3fc2e6547fc800ad358395460406c9a0a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Fri, 08 Dec 2023 09:16:58 GMT
server
Apache
accept-ranges
bytes
content-length
8994
content-type
image/jpeg
qcv7BI6kaWSwZQbdhlZucS1JHwB-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/qcv7BI6kaWSwZQbdhlZucS1JHwB-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
d585eb4e1ac5a351822e140f6ac323e7bd4d50bcaf1e1866aff1bda5dfb5f44a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Mon, 04 Dec 2023 12:41:25 GMT
server
Apache
accept-ranges
bytes
content-length
12419
content-type
image/jpeg
a8PC2CQESbrwhTGImI3atw7kMx4-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/11/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/11/a8PC2CQESbrwhTGImI3atw7kMx4-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
fcb77f65f1cff04bdccea6ef81fa0b38e22b393a9a6d280339923c559faad8ab
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Thu, 30 Nov 2023 09:31:59 GMT
server
Apache
accept-ranges
bytes
content-length
12019
content-type
image/jpeg
vieLJtqGxA8loaPwmGi3xBVFJsz-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/11/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/11/vieLJtqGxA8loaPwmGi3xBVFJsz-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
5cd3c323eba2b8ccac16d42f1fb809e0005a425672c01a4a4f76f185f82d0fe4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Tue, 28 Nov 2023 05:45:30 GMT
server
Apache
accept-ranges
bytes
content-length
8584
content-type
image/jpeg
sNYXvPMt2t6RdDtjgVOOqwxf7sJ-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/11/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/11/sNYXvPMt2t6RdDtjgVOOqwxf7sJ-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
06458d915eb807957a569d949a84bf6ebce2f4c17df92d3789324e71429ba4bf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Thu, 23 Nov 2023 03:18:01 GMT
server
Apache
accept-ranges
bytes
content-length
10032
content-type
image/jpeg
vy9fGUiI64v9QViMH3pAu0nIlFz-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/11/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/11/vy9fGUiI64v9QViMH3pAu0nIlFz-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
4fb6e4a8baba9fa64227844083c42f56b477a03431bd80f20fe58a662c181295
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Mon, 20 Nov 2023 10:44:03 GMT
server
Apache
accept-ranges
bytes
content-length
10783
content-type
image/jpeg
dvsZbWC4T4zmeEZHEvz2XgBxDQ8-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/11/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/11/dvsZbWC4T4zmeEZHEvz2XgBxDQ8-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
a125b323b7ae63416255527e3cd7b8a9414d38fd014d14716e6b8ffe9f160eac
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Thu, 09 Nov 2023 14:06:33 GMT
server
Apache
accept-ranges
bytes
content-length
10327
content-type
image/jpeg
445eQrW7AMcphgd32twDNI5U58y-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/11/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/11/445eQrW7AMcphgd32twDNI5U58y-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
e5087f2fe725886f06c0b83cedba19cde1f087df9d2643c6dcd0adc82c9d72c0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Fri, 03 Nov 2023 09:07:56 GMT
server
Apache
accept-ranges
bytes
content-length
13437
content-type
image/jpeg
bnFiGyF6HALiseeQ8TctDKc0eqj-2-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/11/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/11/bnFiGyF6HALiseeQ8TctDKc0eqj-2-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
b20ecf3754eb1151d020e52fb4dd14afeeb0fb0d3b482253f06b3ab37eb10acc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Thu, 02 Nov 2023 08:42:50 GMT
server
Apache
accept-ranges
bytes
content-length
15579
content-type
image/jpeg
iklan.gif
1.bp.blogspot.com/-yYNent22JVY/YPq-NFE2qiI/AAAAAAAAASw/DqgGzQK1X7ImVps1octmhO7gxstQ3oB_QCLcBGAsYHQ/s16000/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-yYNent22JVY/YPq-NFE2qiI/AAAAAAAAASw/DqgGzQK1X7ImVps1octmhO7gxstQ3oB_QCLcBGAsYHQ/s16000/iklan.gif
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3513dde70c831e9d0646b72596b0fff140742da0831f132a3752de92a2ab8a3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:17 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="iklan.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74876
x-xss-protection
0
server
fife
etag
"v12d"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 27 Dec 2023 23:53:17 GMT
Tututp.JPG
1.bp.blogspot.com/-BujTJGISQgs/YUSDvnSUxsI/AAAAAAAAASY/OnsEdmr0tOI_6Jbe4EarLpi3wj3TRHuWwCLcBGAsYHQ/s16000/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-BujTJGISQgs/YUSDvnSUxsI/AAAAAAAAASY/OnsEdmr0tOI_6Jbe4EarLpi3wj3TRHuWwCLcBGAsYHQ/s16000/Tututp.JPG
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4f6c6a70792a5c5e2295098b9111c23b79ad69aa1c24a8d472daad1351ae8c0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 21:29:56 GMT
x-content-type-options
nosniff
age
8601
content-disposition
inline;filename="Tututp.JPG"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1055
x-xss-protection
0
server
fife
etag
"v127"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 27 Dec 2023 21:29:56 GMT
trbtn.min.js
cdn.trakteer.id/js/embed/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trakteer.id/js/embed/trbtn.min.js?date=18-11-2023
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ce8e7653090a3d8365b63889ace7c30861712383896e198495fba66277fcf27
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 29 Jun 2021 11:33:18 GMT
server
cloudflare
x-amz-request-id
tx00000000000002bda7428-006572c1bf-3af3a8b8-sgp1a
etag
W/"a5b8b8cfaa0367cd74416838f08b3733"
x-envoy-upstream-healthchecked-cluster
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
text/javascript
x-do-cdn-uuid
5d540913-6c23-474e-9d2a-c6bd9ed19c1a
x-rgw-object-type
Normal
cache-control
max-age=3600
cf-ray
83bd3e0dec1e4bc1-BUF
platform.js
apis.google.com/js/ 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcb6531cb0967359e17b655d4142b55d1eac2aed3fe5340f8ce930a7000e5d3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 26 Dec 2023 23:53:17 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21929
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"619578e938ea6244"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Dec 2023 23:53:17 GMT
dmca_protected_sml_120n.png
images.dmca.com/Badges/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/dmca_protected_sml_120n.png?ID=00c45281-c9a4-4af2-8469-ba04ef775021
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 / ASP.NET
Resource Hash
45ec09974d948120c9f97cbedd141f4fa8df876bd2206f0c41133ae3a13fdf13

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:17 GMT
cdn-edgestorageid
885
x-powered-by
ASP.NET
cdn-cachedat
09/12/2023 22:47:45
cdn-pullzone
1574055
content-length
2060
last-modified
Tue, 04 May 2010 23:19:10 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"a7af7333e0ebca1:0"
content-type
image/png
cdn-cache
HIT
cdn-uid
c136c664-112d-4533-8247-f90f6849ab39
cache-control
public, max-age=31536000
cdn-requestid
cbb024cc130aef7232b932c440e80bad
accept-ranges
bytes
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
DMCABadgeHelper.min.js
images.dmca.com/Badges/ 		465 B
772 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 / ASP.NET
Resource Hash
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:17 GMT
content-encoding
br
cdn-edgestorageid
885
x-powered-by
ASP.NET
cdn-cachedat
09/12/2023 22:47:45
cdn-pullzone
1574055
last-modified
Fri, 21 Jun 2019 20:14:34 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"26b181f16d28d51:0"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
c136c664-112d-4533-8247-f90f6849ab39
cache-control
public, max-age=31536000
cdn-requestid
fdf1c1f6632720b8da245b16c8ef5fd8
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
74000-9L5BWwgWbep3FHPjkH4FMlxi5gbh5piu.jpg
img.involve.asia/rpss/campaigns_banners/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.involve.asia/rpss/campaigns_banners/74000-9L5BWwgWbep3FHPjkH4FMlxi5gbh5piu.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dc9299663315ebe805d7d609e43b8ea7fa4204a364384b82d923fe9cd9d4f9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VZWEXQC37DDXKR00
cf-polished
degrade=85, origSize=166689
alt-svc
h3=":443"; ma=86400
content-length
39190
x-amz-id-2
ZDs09aSt2bj+FPPPvKuHrvkJqXkKi++m24sm7Y4RJe6XXOFWsZ5Wl5Clq2G6UD8r649dHjifBJI=
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Jun 2023 08:04:56 GMT
server
cloudflare
etag
"7fa47643ba1abf7e402f6967fe3c73a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cM%2F8qHKuptnxqEjDOzYjFqFqJx7rBVQ4Kkt1boLIKiqbMc369yoop%2FPxJPfkpR4VcDQ6Vkoos7cSUJTiv9qZMqo9YtmKYI1XqF66TMjj2IQpi17jUnFKib307lYrNL8Py1Gw4HiMRtgNxW4MzI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83bd3e0d5f7a4bc3-BUF
74057-ymjQPqo6ayRMb2gm5ijJJ9tU8VKgqTJl.jpg
img.involve.asia/rpss/campaigns_banners/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.involve.asia/rpss/campaigns_banners/74057-ymjQPqo6ayRMb2gm5ijJJ9tU8VKgqTJl.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
402c7c7d36d4274554890a7a059b13ccc9e67660e2bde1f0cd03608adb9fb398

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
BWJANZHSRYJ45MG2
cf-polished
degrade=85, origSize=340262
alt-svc
h3=":443"; ma=86400
content-length
93627
x-amz-id-2
WbffRW41SPVsI4SYnHsngMdKkDqdlR+FYw5C9FyfFpSu8WoNsK4iz2hpMCNF0Aet8fpa4QWMvnE=
cf-bgj
imgq:85,h2pri
last-modified
Tue, 13 Jun 2023 16:10:38 GMT
server
cloudflare
etag
"6d003b4a3ea62ab13b361b0cf507b5fa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HaUyUV%2BEkVAn%2BbV81dT4YynMAv8H3pOuHWtZAUq2AyHZNpTBf0kaebQidsmLdu%2BXwWEgMNeO26AU%2FdwjuGlkT6LJpVGLY5jqBLbZq1tYQmPOPP%2BXXYY%2Fal%2B33NFMI4l%2FBEjqmdQ9zwhoJRTV%2FnM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83bd3e0d5f7b4bc3-BUF
74002-XDY3lNp3YromG8Qyu3FFl1VuYTeHuqKm.jpg
img.involve.asia/rpss/campaigns_banners/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.involve.asia/rpss/campaigns_banners/74002-XDY3lNp3YromG8Qyu3FFl1VuYTeHuqKm.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c941e217219e30fca0f0186a01d9b34941f231db82e055d9c53180a2b7d4695

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Q33BXW0BPMPA82ET
cf-polished
degrade=85, origSize=258881
alt-svc
h3=":443"; ma=86400
content-length
68179
x-amz-id-2
HWUFEMXCxDHFxdkYb38FbWWxRocLYpMp2qO7UBSbSHT4DcGypgwHCr1KQpXwAAhEwOirgPFRsLU=
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Jun 2023 08:07:20 GMT
server
cloudflare
etag
"703610d516ec35b685d2990bf9613405"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rIewwW0mYOUaeF9IB6VtumHsvtyTQga3vpL8pc5A4YHZqubBoyFkUX5jlmS%2BehCU3nroubNJC6AbSyOJH3VKKZKdyvFIUJLWIIZFFXreFTYf%2Blc2x4RVWJHJu0iZy2yxEukV%2FXplpCiw2orFCT8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83bd3e0d5f7c4bc3-BUF
74000-eqvM75OrZwBXJT3mGwcdpviA7bSTpnWx.jpg
img.involve.asia/rpss/campaigns_banners/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.involve.asia/rpss/campaigns_banners/74000-eqvM75OrZwBXJT3mGwcdpviA7bSTpnWx.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2db92e1371bd654c9f9a613a18f7a7dc5cf63e1ebd559a4a4ce9929feb779241

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
BNS9JMF99ZDMFA6N
cf-polished
degrade=85, origSize=56583
alt-svc
h3=":443"; ma=86400
content-length
22988
x-amz-id-2
PuXdIjc0gdoHze0WJlCwTseAOs3yxSfVqB43ivOZLijP5JLISx16BKYaYCux7jSa4b7qYtznQNY=
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Jun 2023 08:04:56 GMT
server
cloudflare
etag
"9cd36d319654988b08169fdbfd8a6964"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zls%2Fd6MKJOl%2BCtBMw3cHj%2B3rBfIviRXJQaFdaJDKFSXYTliH7q5wX3sH6byodWKsfvJJAqHVGlwqmdPdJJKPgzTkaKaiNObAkVrxgjRKXHeBdRf1N7bTYCM%2B%2FC18nFExTNEA1C1Q%2FDIEEqIr2Qw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83bd3e0d5f7d4bc3-BUF
autocomplate.min.js
layardesa21.cfd/wp-content/plugins/idmuvi-core/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://layardesa21.cfd/wp-content/plugins/idmuvi-core/js/autocomplate.min.js?ver=2.1.6
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
8849ed1158e9a7dff29735dfc6addf6bb4131455ea7102f3a1a4bd40a481a0ce
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Fri, 22 Dec 2023 14:30:45 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3023
js-plugin-min.js
layardesa21.cfd/wp-content/themes/muvipro/js/ 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://layardesa21.cfd/wp-content/themes/muvipro/js/js-plugin-min.js?ver=2.1.8
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
0812f1ec045cff5fcc841c5ae347cb299f3dbeed4141c9d21bc6a37f63623eae
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Thu, 03 Nov 2022 15:48:00 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
16003
tiny-custom.js
layardesa21.cfd/wp-content/themes/muvipro/js/ 		490 B
273 B 		Script
General
Check archive.org
Download Go to
Full URL
https://layardesa21.cfd/wp-content/themes/muvipro/js/tiny-custom.js?ver=2.1.8
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
61382678bbc61b67488e3c0aaeb232e3191f8afd00d50c9ea7e81eb0e66cc2de
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Thu, 03 Nov 2022 15:48:00 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
224
customscript.js
layardesa21.cfd/wp-content/themes/muvipro/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://layardesa21.cfd/wp-content/themes/muvipro/js/customscript.js?ver=2.1.8
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
1c6f518eeb52ac428e414991cc7536284312c34763cb9e385271e63c48cddaab
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Thu, 03 Nov 2022 15:48:00 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1735
ads.png
layardesa21.cfd/wp-content/plugins/ad-inserter/images/ 		95 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/plugins/ad-inserter/images/ads.png
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Wed, 01 Nov 2023 07:31:43 GMT
server
Apache
accept-ranges
bytes
content-length
95
content-type
image/png
ads.js
layardesa21.cfd/wp-content/plugins/ad-inserter/js/ 		112 B
104 B 		Script
General
Check archive.org
Download Go to
Full URL
https://layardesa21.cfd/wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.32
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
471eb448db387c12cd6fc0598c12f3c4410056426df3b43ada8dd0fad5fa6a74
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Wed, 01 Nov 2023 07:31:43 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
72
sponsors.js
layardesa21.cfd/wp-content/plugins/ad-inserter/js/ 		21 B
79 B 		Script
General
Check archive.org
Download Go to
Full URL
https://layardesa21.cfd/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.32
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
875f6b288f6896cf229d348b2159d6cafe8d9869ce53278fa497f7416aa89dd8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Wed, 01 Nov 2023 07:31:50 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
24
banner.js
layardesa21.cfd/wp-content/plugins/ad-inserter/js/ 		24 B
60 B 		Script
General
Check archive.org
Download Go to
Full URL
https://layardesa21.cfd/wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.32
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
9a737aee22dcfd3be2498d406cd05c854b2922041c49ae8baebfd0cffdbb2c1f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Wed, 01 Nov 2023 07:31:43 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
28
300x250.js
layardesa21.cfd/wp-content/plugins/ad-inserter/js/ 		25 B
61 B 		Script
General
Check archive.org
Download Go to
Full URL
https://layardesa21.cfd/wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.32
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
5094ccbebe88be6b459174d1cca74c7a024fcada1f077756ffa80878347d967b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Wed, 01 Nov 2023 07:31:43 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
29
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6138101579182938
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f53a375130a9dcc33b79b95d8e58d5ec02d92e70aac3ef70e17083dda50a7d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137920
x-xss-protection
0
server
cafe
etag
5399571436788735572
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 23:53:17 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame B29C 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6138101579182938
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://layardesa21.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
13513
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 26 Dec 2023 20:08:03 GMT
etag
5585625838579639069
expires
Tue, 09 Jan 2024 20:08:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
datepair.min.js
www.betteradsystem.com/api/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.betteradsystem.com/api/datepair.min.js
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7ab54fad3ce182c2be3b80a578c7304bc17a21d45f7fcd78051a96e6ee65f444

Request headers

Referer
https://layardesa21.cfd/
Origin
https://layardesa21.cfd
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Tue, 26 Dec 2023 23:53:17 GMT
content-encoding
gzip
x-77-cache
HIT
x-accel-date
1703326973
x-77-nzt
EggBnJIkFgFBDAGckjvfAfdwsgQA
x-accel-expires
@1703931773
x-77-age
307824
x-cache-lb
MISS
server
CDN77-Turbo
x-77-nzt-ray
1e192d08cf5867636d678b652d10c62b
vary
Accept-Encoding, Origin
content-type
application/x-javascript
access-control-allow-origin
https://layardesa21.cfd
cache-control
public, max-age=604800
link
<https://betteradsystem.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
expires
Sat, 30 Dec 2023 10:22:53 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6138101579182938
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc55cfd04a2d1751807edb58724eb748b3427746807f90cdd71b591e9c15bae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://layardesa21.cfd/
Origin
https://layardesa21.cfd
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51276
x-xss-protection
0
server
cafe
etag
7041172992162743714
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 23:53:17 GMT
23fb8a00-9bb9-420d-a536-6ea32275696e
https://layardesa21.cfd/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/23fb8a00-9bb9-420d-a536-6ea32275696e
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
bdpush.js
cdn.hyperpromote.com/bidvertiser/tags/activejs/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hyperpromote.com/bidvertiser/tags/activejs/bdpush.js?bvpushsubid=2088479&cb=1703634797638
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2514:7800:c:69b9:6340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e6769c4a2decdc92d2e2ac0ae95f6dacd4957e016ebbd5d74929f6412232c3fa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 15:14:19 GMT
via
1.1 3ffc96c97d8be4bd38d62dce94cb1db0.cloudfront.net (CloudFront)
last-modified
Mon, 28 Oct 2019 11:03:09 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
JFK50-P8
age
31165
etag
"6e7ac7487f8dd51:0"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2381
x-amz-cf-id
Q6Y9_dSeUhZUfC3N2L2d9Xm6iRJkPeb8U-gHxgrlr7VUlkvdUGiSLQ==
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
37ecffeaecf1acf6c800c01c87aac56322e108292adea354cdc943a1cea9bc41

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
yS0FPDYLRIrqF2lSX2NG2qLezgO-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/yS0FPDYLRIrqF2lSX2NG2qLezgO-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
93a22d9bb7c49049f5e79cad146e04ada7b3f7e340cf50c8904439e447e6f00d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Mon, 25 Dec 2023 14:06:47 GMT
server
Apache
accept-ranges
bytes
content-length
7149
content-type
image/jpeg
koV70b1IMNlQTIuXL3FgGERdXtj-1-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/koV70b1IMNlQTIuXL3FgGERdXtj-1-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
ebd9a65d07f9010f987583d3f3e0e6c79febdb5c3515f1cef38290575b59c2c2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Mon, 25 Dec 2023 14:17:20 GMT
server
Apache
accept-ranges
bytes
content-length
7992
content-type
image/jpeg
yAvhSlj1aciZALwtXNvaSoSwJL4-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/yAvhSlj1aciZALwtXNvaSoSwJL4-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
f9d3016b78add130c49024877c1b3b5b302ed4cb68f48a0650d241396b3b6654
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:17 GMT
last-modified
Fri, 22 Dec 2023 13:43:14 GMT
server
Apache
accept-ranges
bytes
content-length
8263
content-type
image/jpeg
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C300%26subset%3Dlatin%2C&ver=2.1.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://layardesa21.cfd
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 16:08:30 GMT
x-content-type-options
nosniff
age
27887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 16:08:30 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C300%26subset%3Dlatin%2C&ver=2.1.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://layardesa21.cfd
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 16:08:35 GMT
x-content-type-options
nosniff
age
27882
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 16:08:35 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C300%26subset%3Dlatin%2C&ver=2.1.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39cf9abce51786437c69ac45ac5f39aa19af7f859d87e347478b6bd96abe52c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://layardesa21.cfd
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:31:31 GMT
x-content-type-options
nosniff
age
40906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20616
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 12:31:31 GMT
hkxxMIGaiCTmrEArK7J56JTKUlB-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/hkxxMIGaiCTmrEArK7J56JTKUlB-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
049648cfcd7a6cea6c07b3a23759fb76b3cd7862664a862ee2797040c138e5fa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:18 GMT
last-modified
Fri, 22 Dec 2023 09:41:48 GMT
server
Apache
accept-ranges
bytes
content-length
7252
content-type
image/jpeg
zMOGjKYnbI04NZUTSM0r1g11aVm-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/zMOGjKYnbI04NZUTSM0r1g11aVm-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
81a68c5bace896b3fe9b8552491c255bc890aacd1026249a9639a89a5a8a1bf3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:18 GMT
last-modified
Tue, 19 Dec 2023 14:27:37 GMT
server
Apache
accept-ranges
bytes
content-length
7628
content-type
image/jpeg
jLLtx3nTRSLGPAKl4RoIv1FbEBr-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/jLLtx3nTRSLGPAKl4RoIv1FbEBr-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
fac6b6bde3598a918af4f50ffd01d9613b00ba883b7f580c9425b2ba8994cf86
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:18 GMT
last-modified
Tue, 19 Dec 2023 11:52:27 GMT
server
Apache
accept-ranges
bytes
content-length
10949
content-type
image/jpeg
ePquoeNxJ6vg8U7iSjRAZ2KdztX-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/ePquoeNxJ6vg8U7iSjRAZ2KdztX-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
d25bdd96ccfdca4751deb550101d8b70816a963eb2dcff7461a9e64d1367b65f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:18 GMT
last-modified
Tue, 19 Dec 2023 09:58:49 GMT
server
Apache
accept-ranges
bytes
content-length
14229
content-type
image/jpeg
3y72ffwYRUPOj4yOQbiTaN897Tm-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/3y72ffwYRUPOj4yOQbiTaN897Tm-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
33c1d3f870a69b4e60a2ce5eeebf0aacc96506aad48eb6e44a2478bc271bbb7a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:18 GMT
last-modified
Tue, 12 Dec 2023 06:30:36 GMT
server
Apache
accept-ranges
bytes
content-length
8847
content-type
image/jpeg
ac1t1G20JX3uDIWHvjFg8pJJQLq-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/ac1t1G20JX3uDIWHvjFg8pJJQLq-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
5cebcfb1c7eeab58e2ce0f354fcdf8e3fc2e6547fc800ad358395460406c9a0a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:18 GMT
last-modified
Fri, 08 Dec 2023 09:16:58 GMT
server
Apache
accept-ranges
bytes
content-length
8994
content-type
image/jpeg
7Bd4EUOqQDKZXA6Od5gkfzRNb0-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/11/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/11/7Bd4EUOqQDKZXA6Od5gkfzRNb0-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
df005db28afc7b4cb2fad5d87be9d05750e4c2e16dd49cb3e368a9dbf4040fc4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:18 GMT
last-modified
Thu, 30 Nov 2023 08:58:00 GMT
server
Apache
accept-ranges
bytes
content-length
11285
content-type
image/jpeg
3sXv15ymVkaV7E18m4TlTgwNkAN-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/3sXv15ymVkaV7E18m4TlTgwNkAN-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
0c843180691cd9e7ee0e009084aa616fa501f8eb1a65dab21640f8326228d676
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:18 GMT
last-modified
Mon, 11 Dec 2023 08:47:33 GMT
server
Apache
accept-ranges
bytes
content-length
11396
content-type
image/jpeg
vy9fGUiI64v9QViMH3pAu0nIlFz-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/11/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/11/vy9fGUiI64v9QViMH3pAu0nIlFz-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
4fb6e4a8baba9fa64227844083c42f56b477a03431bd80f20fe58a662c181295
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:18 GMT
last-modified
Mon, 20 Nov 2023 10:44:03 GMT
server
Apache
accept-ranges
bytes
content-length
10783
content-type
image/jpeg
dKEOoh66hKXPUirgL5FGmAIpxiY-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/10/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/10/dKEOoh66hKXPUirgL5FGmAIpxiY-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
7f0675fa333e230406da0574400335044b5b5ae885ffde9d8b7398bf5fb14f30
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:18 GMT
last-modified
Mon, 02 Oct 2023 07:28:19 GMT
server
Apache
accept-ranges
bytes
content-length
8996
content-type
image/jpeg
d45rHJsby26TSakc5ahkdmE72YH-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/d45rHJsby26TSakc5ahkdmE72YH-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
554b03faf217ca316961f1f58705cb58b14d71dcc49bf962a04f84e9c2e7fd48
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:18 GMT
last-modified
Mon, 25 Dec 2023 13:47:31 GMT
server
Apache
accept-ranges
bytes
content-length
10448
content-type
image/jpeg
tVNiy0GE4QgNlTh5XS6owEwnYEK-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/tVNiy0GE4QgNlTh5XS6owEwnYEK-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
017bb276226c4ee345ff2c4f63b33356555fbae14db2e22939417b5565331f40
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:18 GMT
last-modified
Mon, 25 Dec 2023 12:53:49 GMT
server
Apache
accept-ranges
bytes
content-length
11814
content-type
image/jpeg
ui4DrH1cKk2vkHshcUcGt2lKxCm-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/ui4DrH1cKk2vkHshcUcGt2lKxCm-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
ae49ff502948781cbcd774ff08e1cbeed552da68f9ede7e1e6a71d1a7c29ab18
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:18 GMT
last-modified
Mon, 25 Dec 2023 13:02:47 GMT
server
Apache
accept-ranges
bytes
content-length
10169
content-type
image/jpeg
qcv7BI6kaWSwZQbdhlZucS1JHwB-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/qcv7BI6kaWSwZQbdhlZucS1JHwB-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
d585eb4e1ac5a351822e140f6ac323e7bd4d50bcaf1e1866aff1bda5dfb5f44a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:18 GMT
last-modified
Mon, 04 Dec 2023 12:41:25 GMT
server
Apache
accept-ranges
bytes
content-length
12419
content-type
image/jpeg
lSznOaTtQTA4qZyzClNlxOQOaND-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/lSznOaTtQTA4qZyzClNlxOQOaND-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
6523e175615853852859dd9b6add4e8733f33422057291dd3b801d0e0928e628
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:18 GMT
last-modified
Mon, 25 Dec 2023 12:45:46 GMT
server
Apache
accept-ranges
bytes
content-length
11587
content-type
image/jpeg
txUOo64P7YhUKLLTE2thGZA81H6-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/txUOo64P7YhUKLLTE2thGZA81H6-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
b972f247ee87eff1f79efdbb33bb73cac96871458d0c83c9f413f9cfc1dbf2a6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:18 GMT
last-modified
Mon, 25 Dec 2023 12:46:46 GMT
server
Apache
accept-ranges
bytes
content-length
6662
content-type
image/jpeg
qjhahNLSZ705B5JP92YMEYPocPz-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/qjhahNLSZ705B5JP92YMEYPocPz-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
eec62b9d9d842598020aefa120be6ff12be3fd501b3752996461e42a4fcf58b1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:18 GMT
last-modified
Mon, 25 Dec 2023 12:56:56 GMT
server
Apache
accept-ranges
bytes
content-length
10691
content-type
image/jpeg
xkDtXIlQBtkaHSjL6NyUsZREZTe-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/xkDtXIlQBtkaHSjL6NyUsZREZTe-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
b181dada1a6ffd7196238a0bb70c5eb951e9c2dd0519399de4cc7c9cb35f7d9f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:18 GMT
last-modified
Mon, 25 Dec 2023 12:50:50 GMT
server
Apache
accept-ranges
bytes
content-length
9605
content-type
image/jpeg
jtKAARhtxOyAwqibPxfNexWkIWO-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/jtKAARhtxOyAwqibPxfNexWkIWO-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
acf572749c371d3e162cecca1f157cad1a5a1f6dad27b68e013132b5e7eb1a8c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:18 GMT
last-modified
Mon, 25 Dec 2023 12:47:49 GMT
server
Apache
accept-ranges
bytes
content-length
11968
content-type
image/jpeg
lQV6CY7PJ2rCslIIWHEBOypY8tk-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/lQV6CY7PJ2rCslIIWHEBOypY8tk-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
1810f4ca5d97f062265af1880a6aa1b0e4a95f68aaa4b09c879b0797132635d7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:18 GMT
last-modified
Sat, 23 Dec 2023 10:21:47 GMT
server
Apache
accept-ranges
bytes
content-length
6305
content-type
image/jpeg
gXHYWMaxG0Gs5PJMKX6M8AZnZ5L-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/gXHYWMaxG0Gs5PJMKX6M8AZnZ5L-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
811abc0acbe0bf9431243fa4d192b35b1a44a371315d029ca22b62fc1f57eafa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:18 GMT
last-modified
Sat, 23 Dec 2023 10:51:53 GMT
server
Apache
accept-ranges
bytes
content-length
10888
content-type
image/jpeg
fIwLD6e0BsoVFMS8aKoPYTlwEEp-1-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/fIwLD6e0BsoVFMS8aKoPYTlwEEp-1-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
a6724ca5c82cc4d731b4934c492dfec4a3f832628f48e72edad7015b476dbf5c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:18 GMT
last-modified
Sat, 23 Dec 2023 11:02:49 GMT
server
Apache
accept-ranges
bytes
content-length
11306
content-type
image/jpeg
nTxhj8dY8VRACGD3i8stYUjkNQC-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/nTxhj8dY8VRACGD3i8stYUjkNQC-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
321dee306f2d975900f4e3e276c86e3fd9b9b4618077f7df0ef81d44b4f55fe8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:18 GMT
last-modified
Sat, 23 Dec 2023 10:40:51 GMT
server
Apache
accept-ranges
bytes
content-length
8473
content-type
image/jpeg
adkwebpush.js
data.bvsrv.com/webpush/scripts/v1.1/ 		22 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data.bvsrv.com/webpush/scripts/v1.1/adkwebpush.js
Requested by
Host: cdn.hyperpromote.com
URL: https://cdn.hyperpromote.com/bidvertiser/tags/activejs/bdpush.js?bvpushsubid=2088479&cb=1703634797638
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a4b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8036423ce1d06a64fa7fd569d7a426f6c188c0a7354fa34609f79f5f6daf2264

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 23:53:17 GMT
Last-Modified
Thu, 08 Oct 2020 11:49:42 GMT
Server
nginx
ETag
"5f7efcd6-589f"
CDN-Origin-Protocol
HTTP
Content-Type
application/javascript
Cache-Control
max-age=68616
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
22687
Expires
Wed, 27 Dec 2023 18:56:53 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0022 		603 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6138101579182938&output=html&adk=1812271804&adf=3025194257&lmt=1703634797&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x675_l%7C236x675_r&format=0x0&url=https%3A%2F%2Flayardesa21.cfd%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703634796763&bpp=874&bdt=187&idt=1095&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1647552926132&frm=20&pv=2&ga_vid=185124931.1703634798&ga_sid=1703634798&ga_hid=1938453711&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=4374870627996756&tmod=1186320321&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=1140
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://layardesa21.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 26 Dec 2023 23:53:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=floating_banner_top1&ign=false&pw=1600&ph=1200&x=0&y=69.6
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		2 KB
576 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Quicksand:400,700
Requested by
Host: cdn.trakteer.id
URL: https://cdn.trakteer.id/js/embed/trbtn.min.js?date=18-11-2023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83ef0e9bf00ac7014e3f83fdc9e9e5aec1760ab5495f086e95ea0b0f8f4467c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 26 Dec 2023 23:53:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Dec 2023 21:57:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 Dec 2023 23:53:17 GMT
trbtn-icon.png
cdn.trakteer.id/images/embed/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.trakteer.id/images/embed/trbtn-icon.png?date=18-11-2023
Requested by
Host: cdn.trakteer.id
URL: https://cdn.trakteer.id/js/embed/trbtn.min.js?date=18-11-2023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e22b76918702ad8ccf06cb3614812c679e719bd6e8b98266273df5c882bdb7b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx000000000000027e57a67-00656a23d0-3af17279-sgp1a
x-envoy-upstream-healthchecked-cluster
content-length
2121
last-modified
Sat, 19 Jun 2021 08:21:20 GMT
server
cloudflare
etag
"2f7fa6c43157fdb9e7c791f04f047b42"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/png
x-do-cdn-uuid
5d540913-6c23-474e-9d2a-c6bd9ed19c1a
x-rgw-object-type
Normal
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
83bd3e0f0cc14bc1-BUF
/
c.adsco.re/ 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: www.betteradsystem.com
URL: https://www.betteradsystem.com/api/datepair.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65802711d89571b28699f3399d58f642a270d1e2bc5e155a8a0c73c94c66ec3a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:18 GMT
content-encoding
br
cf-cache-status
HIT
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
server
cloudflare
age
2275835
etag
W/"QbONdm6N+fFtme5WVlUGEw=="
vary
Accept-Encoding
content-type
text/html
cache-control
public, max-age=2678400
permissions-policy
ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
cf-ray
83bd3e0f9edf4bc9-BUF
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
alt-svc
h3=":443"; ma=86400
expires
Fri, 26 Jan 2024 23:53:18 GMT
top-supporter-default
stream.trakteer.id/ Frame 95CD
Redirect Chain
  • https://stream.trakteer.id/top-supporter-default.html?ts_font=default&ts_count=3&ts_theme=default&ts_sortby=unit&ts_interval=7&ts_customtitle=LAYARDESA21&key=trstream-jd51bcAeLOErjYdNkmCR&timestamp...
  • https://stream.trakteer.id/top-supporter-default?ts_font=default&ts_count=3&ts_theme=default&ts_sortby=unit&ts_interval=7&ts_customtitle=LAYARDESA21&key=trstream-jd51bcAeLOErjYdNkmCR&timestamp=1701...
35 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stream.trakteer.id/top-supporter-default?ts_font=default&ts_count=3&ts_theme=default&ts_sortby=unit&ts_interval=7&ts_customtitle=LAYARDESA21&key=trstream-jd51bcAeLOErjYdNkmCR&timestamp=1701614702
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79673954d83bfaf5561bcd06f96da904e6978f6627d2a0f464ba064c3612018d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://layardesa21.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
83bd3e109b756aee-BUF
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 26 Dec 2023 23:53:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZm5kuUgx3BpsWqVcWcTuzT5KnMfbZZeynpl5u07YgMdjyEUH7JbfKtuftDNuKCnlf73mUrVjk2wEHkDsHwCF0hhPCqqr%2FItyDNnb5r5sf7kl8tvtMNsfzom54n2w9%2FsRyqG8mIYM%2BkiL4u13wXYqzQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83bd3e0ffb366aee-BUF
content-length
0
date
Tue, 26 Dec 2023 23:53:18 GMT
location
/top-supporter-default?ts_font=default&ts_count=3&ts_theme=default&ts_sortby=unit&ts_interval=7&ts_customtitle=LAYARDESA21&key=trstream-jd51bcAeLOErjYdNkmCR&timestamp=1701614702
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIRBXXIjBjxy8u%2Bhzd%2F%2Fuf3o7uB8EdYtje5OLBMt6tIyi5DusthszVmVhS5LXouXvTmdvbWUBj0pGgSif4iB6UoXHjiLvHlvtfafObN51RVQyyRt6cnZpetZaK9BBUNOjj4bOH76G%2B2i2IguWPqIVqY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
page.php
www.facebook.com/plugins/ Frame 2D74 		91 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmovie.ezyro&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=388972031480695
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
828996ae7cae734b785788d4f77ecf46721ef727c71d9babac69dea7c582fe1e
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://layardesa21.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 26 Dec 2023 23:53:18 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), keyboard-map=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
sq7/zv+gCPxNsK35e9RoclM0IhN4ReJRH+he3JFRGpxL1RoFyGzQ1DZ3K0qHhvEhh93SteLEKBThd73fUGRmuQ==
x-xss-protection
0
6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v31/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://layardesa21.cfd
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 13:40:29 GMT
x-content-type-options
nosniff
age
36768
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28064
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 13:40:29 GMT
3KeaT99qgLFclO36mM8jLSCSIlc-60x90.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/3KeaT99qgLFclO36mM8jLSCSIlc-60x90.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
6f462726f9cdc2a6590f7c7964a29865d55a19711fbb0dc7665daeae92b1e436
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:18 GMT
last-modified
Thu, 21 Dec 2023 12:31:51 GMT
server
Apache
accept-ranges
bytes
content-length
3062
content-type
image/jpeg
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
55266
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83bd3e104ae64bcd-BUF
content-length
4547
/
6.adsco.re/ 		0
101 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://layardesa21.cfd/
Origin
https://layardesa21.cfd
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:18 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-max-age
2592000
access-control-allow-methods
GET, HEAD, OPTIONS
access-control-allow-origin
https://layardesa21.cfd
content-type
text/plain;charset=UTF-8
cache-control
private, max-age=10
cf-ray
83bd3e108e446aed-BUF
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400
/
4.adsco.re/ 		0
460 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://layardesa21.cfd/
Origin
https://layardesa21.cfd
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 23:53:18 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Origin
https://layardesa21.cfd
Content-Type
text/html; charset=UTF-8
Cache-Control
private, max-age=5
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
/
4.adsco.re/ 		44 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
917c2c696ccbef57717122aa931c09ea50815e2ca3ad8a6f138f1bc88894c4dc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 23:53:18 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Origin
https://layardesa21.cfd
Content-Type
text/html; charset=UTF-8
Cache-Control
private, max-age=5
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
/
6.adsco.re/ 		51 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05200ae0f5c22e00627170adc25629bbf89397956054a23284f9d983b33c3545

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:18 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-max-age
2592000
access-control-allow-methods
GET, HEAD, OPTIONS
access-control-allow-origin
https://layardesa21.cfd
content-type
text/plain;charset=UTF-8
cache-control
private, max-age=10
cf-ray
83bd3e108e436aed-BUF
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400
/
8drescq1tgaf.l4.adsco.re/ 		0
294 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://8drescq1tgaf.l4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.118.51 Poplar, United Kingdom, ASN9009 (M247, RO),
Reverse DNS
adscore.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://layardesa21.cfd/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 26 Dec 2023 23:53:21 GMT
last-modified
Fri, 02 Jun 2023 14:03:32 GMT
etag
"6479f6b4-0"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
/
8drescq1tgaf.n4.adsco.re/ 		0
294 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://8drescq1tgaf.n4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
38.132.109.115 Secaucus, United States, ASN9009 (M247, RO),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://layardesa21.cfd/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 26 Dec 2023 23:53:18 GMT
last-modified
Fri, 16 Jun 2023 08:37:42 GMT
etag
"648c1f56-0"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
/
8drescq1tgaf.s4.adsco.re/ 		0
294 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://8drescq1tgaf.s4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.116.51 Singapore, Singapore, ASN9009 (M247, RO),
Reverse DNS
no-mans-land.m247.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://layardesa21.cfd/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 26 Dec 2023 23:53:23 GMT
last-modified
Tue, 03 Oct 2023 13:29:59 GMT
etag
"651c1757-0"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
/
c.adsco.re/ Frame 74D9 		78 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65802711d89571b28699f3399d58f642a270d1e2bc5e155a8a0c73c94c66ec3a

Request headers

Referer
https://layardesa21.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
age
2275835
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=2678400
cf-cache-status
HIT
cf-ray
83bd3e103f084bc9-BUF
content-encoding
br
content-type
text/html
date
Tue, 26 Dec 2023 23:53:18 GMT
etag
W/"QbONdm6N+fFtme5WVlUGEw=="
expires
Fri, 26 Jan 2024 23:53:18 GMT
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
permissions-policy
ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
server
cloudflare
vary
Accept-Encoding
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
GSwcapvLrEq.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/ Frame 2D74 		20 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmovie.ezyro&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=388972031480695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 26 Dec 2023 23:53:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
xXCq6/qryia0kWXvm23HIA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5237
reporting-endpoints
x-fb-debug
cXghJzSRsDGmZAmsOaYnecHLuwF0wMqGuBd/kaYshrRX0eTBs5GvpmsGQXixGqm4XamGxUt466Viz2QzViKt7g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 12 Dec 2024 18:05:59 GMT
V-GL57iHfEB.css
static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/ Frame 2D74 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmovie.ezyro&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=388972031480695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d1ea19a19ec8d6220550ff2184b4c0b90caae3b46865454cc42f803d52d2562e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 26 Dec 2023 23:53:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
wItLblWsAEMAkZNj3Qggsw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6438
reporting-endpoints
x-fb-debug
p7FnuACDXuvdY3q8HNFxxNM0EPxpUrspHJUzSlak9fpNSlVZM/cMXh1+goGMur3LN9T4M/F0XqGNUorHnYmqhw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 13 Dec 2024 00:17:53 GMT
atEdO08Ontm.css
static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/ Frame 2D74 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/atEdO08Ontm.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmovie.ezyro&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=388972031480695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2d9cc15e91cc9e0c00b43b367a157c107bb21f9b4d1951dd1dd614cd5281b05b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 26 Dec 2023 23:53:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QYVBZwBJk2JlyMrr/hopaw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4758
reporting-endpoints
x-fb-debug
7zvu6Ms/VwD6pw11DWZSqsdEMeHamVbDUu1egUXNqNJ9hhAua+SEUueGWD1kljVDQF3pazk6SVgzl9mmUg1vHQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Mon, 23 Dec 2024 16:37:35 GMT
iZpNYL8JfUb.js
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 2D74 		355 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/iZpNYL8JfUb.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmovie.ezyro&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=388972031480695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ca15ac1540010cea7015b4e4ec35c33cd999430f4bd5221b94e66d319456b2b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 26 Dec 2023 23:53:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
xsO4Q3RmuC1PPAMeNJW+pw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
93994
reporting-endpoints
x-fb-debug
Ziw8tc/sDF6qV2697wqdyP1G7RuuzS7TsTx5Wod5zpMfM62A2xY879MxoWwVxRktLn0M84U7iJqoGzn2+OxFmQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 20 Dec 2024 00:24:00 GMT
414NUtwuGAO.js
static.xx.fbcdn.net/rsrc.php/v3/ym/r/ Frame 2D74 		94 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/414NUtwuGAO.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmovie.ezyro&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=388972031480695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b7a8490d7353f4d29b7a7c0e0da1a610d1067d0bfdbb8d88df5764651b9d25fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 26 Dec 2023 23:53:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
hmfTcKzH8YSfKfUldK7oUw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27400
reporting-endpoints
x-fb-debug
/OFqwq1eaHzK3LPPvTN974bCLicFHBGg+CCEmcjeZcrZpOofsCi0fibq1kjySJYjNoBxeLkmFuvpOpZtniPQOQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Mon, 23 Dec 2024 16:37:35 GMT
teTZ2tZqwkq.js
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame 2D74 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/teTZ2tZqwkq.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmovie.ezyro&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=388972031480695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5bcb3ba5be62072a5be691a6cb4625b83ab20458f7543e78575c665ce64743c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 26 Dec 2023 23:53:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qO1vcfOdsbovoV9UmybnhA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2250
reporting-endpoints
x-fb-debug
6O0UKzpM0PxDFtM8jtQanCZVT+Tzp2GifX41WCWyrqntzAre5Y4lgIbtkFCAarpUxwK+ZgD0rPC6WN6xorNcsg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Mon, 23 Dec 2024 16:37:35 GMT
t_SlUrtqj3p.js
static.xx.fbcdn.net/rsrc.php/v3/yu/r/ Frame 2D74 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yu/r/t_SlUrtqj3p.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmovie.ezyro&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=388972031480695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
369570af203fe832b39be7ff64f94f07b6c97c928b733a9b9e6c8bcf1a98652c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 26 Dec 2023 23:53:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
bjNrzrx9as9CpDFfF+BSww==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16795
reporting-endpoints
x-fb-debug
KPjDBZy0Jw8bluO+Nqdby4xcW95QEtmam45FiSRUjsXmCNSIJUmn4adLWgmklxPBdAmsqHci+wfaktcsYcgZYw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Mon, 23 Dec 2024 16:37:35 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 2D74 		507 B
492 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmovie.ezyro&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=388972031480695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 26 Dec 2023 23:53:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
reporting-endpoints
x-fb-debug
tpzK/SjL+N/lzpCYZy1cjDHSpnz+k6UybvxZYHqIPEK/WFvpCH+BqewUFlKmvqMgHHJm3pC5YkPpN1ZlvBWhew==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 17 Dec 2024 00:20:33 GMT
JMOqY9JKrro.js
static.xx.fbcdn.net/rsrc.php/v3iLl54/y1/l/en_GB/ Frame 2D74 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLl54/y1/l/en_GB/JMOqY9JKrro.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmovie.ezyro&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=388972031480695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
00fd6601121fa4380ad28e159b3a2586711087cd44163ec14cfb19f8eb0d6db6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 26 Dec 2023 23:53:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
jPNVSxjGpLuydkE7xIGrcg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7911
reporting-endpoints
x-fb-debug
pWQOh45yqvR1QO0EOAaBM2PWfyLPmNbyFOSPTj3s2EAqP4/L6hvqAg4sw3tKJAnbCq1r1ltBwCTtXgJpQeBV3w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 19 Dec 2024 21:10:53 GMT
y1wKntgIB6R.js
static.xx.fbcdn.net/rsrc.php/v3i7244/yV/l/en_GB/ Frame 2D74 		70 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i7244/yV/l/en_GB/y1wKntgIB6R.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmovie.ezyro&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=388972031480695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
230c606098a56269e556cfdb000c7097f75403003a3282447dc17ecf4094c3f5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 26 Dec 2023 23:53:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
hn7BldaKbU4aK2oO7OaGZw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20025
reporting-endpoints
x-fb-debug
73BFQqvA6EGor1GBMqbLTkhMimXOeHZKm5/ZcdKfWsBUHO2/JeTn65KYbiD09DJhuZUOg5oWODix/sYy1/5K+A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 18 Dec 2024 22:58:56 GMT
4glWsWDgVZL.js
static.xx.fbcdn.net/rsrc.php/v3idUK4/yG/l/en_GB/ Frame 2D74 		341 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3idUK4/yG/l/en_GB/4glWsWDgVZL.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmovie.ezyro&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=388972031480695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
36104b593215c6cfe76d2c49a2d1f9f39627411556a8962f2805df76adfb9533
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 26 Dec 2023 23:53:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ymAHZr2wd/AF3pYiH8qgEw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
82587
reporting-endpoints
x-fb-debug
JiHnDRPFU87PLC+XJpJ+5Re0r8oIBTbqls1M8C6G8EDWerpligbT8Qdw6D1I7ZnAVPXPUY7gsaLZ5bBxcFmKsQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Mon, 23 Dec 2024 17:06:54 GMT
oPnj6gnnvJ7.js
static.xx.fbcdn.net/rsrc.php/v3iac54/ys/l/en_GB/ Frame 2D74 		404 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iac54/ys/l/en_GB/oPnj6gnnvJ7.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmovie.ezyro&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=388972031480695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d5e37a250a02f524e4f268172100aca0795c80f3936cc54857bdb161ca7f5ef1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 26 Dec 2023 23:53:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Ocm2VLk1YIylqXZDFXskfQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
97646
reporting-endpoints
x-fb-debug
U4q6rdwKddiJEre5qfMNFickGluZcq3mlQFTMo0/O4jeh09DAwKFZFUwIdKSPwxJ5B76Oa9m4AU3Q7u88B9gdg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Mon, 23 Dec 2024 16:56:30 GMT
6kMuedo_G2j.js
static.xx.fbcdn.net/rsrc.php/v3ibcU4/yd/l/en_GB/ Frame 2D74 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ibcU4/yd/l/en_GB/6kMuedo_G2j.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmovie.ezyro&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=388972031480695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d9816e6ca326b0ebe0935bc008cf9f2e2eddb7c79d5ebe38078700110d91c67d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 26 Dec 2023 23:53:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
bU4bE1GtLu2XuWr7fN+2bQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12043
reporting-endpoints
x-fb-debug
h6k+0wG0y/eIL0Jg4UAofvutOk3I88VT1KdpO+IIf/EwI5cFI0bais7zkzL3aY2Q0nslTRvyoBL5jTHV4bufFg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Mon, 23 Dec 2024 16:56:15 GMT
EdDnr5nQu36.js
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ Frame 2D74 		210 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/EdDnr5nQu36.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmovie.ezyro&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=388972031480695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
06786d595906d3edb8b6754cee7c372b421341cf5da74cdf92ed511e281bf310
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 26 Dec 2023 23:53:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
d1keuLLQ3ZFbiCJWFNp7cw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
61285
reporting-endpoints
x-fb-debug
CuorNGqRU3w/osacMGmzqqTz23Hxw/1gWQGqrWfMpHe4+DE39+Fyi//NstRH9DLkFb6r3Yzmweluai2WsfZjZg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Mon, 23 Dec 2024 16:37:35 GMT
xg5NEKS2wWK.js
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ Frame 2D74 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/xg5NEKS2wWK.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmovie.ezyro&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=388972031480695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a75a5c50db4d5628dad52eb05139bf0677fb4d19d6915f18d267806dbdd810ea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 26 Dec 2023 23:53:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
RD8pDGr4EOhfQQPRrH9Iow==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7385
reporting-endpoints
x-fb-debug
u7Qd1eq9gpZ4WgdtEsJz2xlHbzkEcepCxez97RwbRvXgOk4KuL3ABzBqPi7dut4tplQEdX/Nvx5K+evqts2pTw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 20 Dec 2024 01:21:15 GMT
JQK3in7fqTh.js
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame 2D74 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/JQK3in7fqTh.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmovie.ezyro&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=388972031480695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a67da2b5a4b65e8507a0b252cd09c795c1c24755e9db22806fae08c6fd3a955
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 26 Dec 2023 23:53:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
U7f4TbY3qR/oMKbYqHcPMg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10884
reporting-endpoints
x-fb-debug
Vh4FN6s6RxYq6YiSaI2rNRar8eNJ/uSqm87ofOkLAG+f1+BZv0JmdKW9NRYehctJwI2vtqYLS2JHEkoUc1SBFw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Mon, 23 Dec 2024 16:37:35 GMT
HzxD9aAXSyD.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 2D74 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/HzxD9aAXSyD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmovie.ezyro&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=388972031480695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 26 Dec 2023 23:53:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
oRcNmPqvdkv3ysBSBC5rSQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15157
reporting-endpoints
x-fb-debug
fGKSbHgiNQiwiF6rBZmY4GEDKka/8C7L29ZGDaeaoJ+VXSNguZWlf45qj3CHMYnz+mwrj0UxNxZVLfxlGhbXjg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 19 Dec 2024 21:08:16 GMT
307702527_438695071697211_1236781543522575807_n.jpg
scontent-ord5-2.xx.fbcdn.net/v/t39.30808-6/ Frame 2D74 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-ord5-2.xx.fbcdn.net/v/t39.30808-6/307702527_438695071697211_1236781543522575807_n.jpg?stp=dst-jpg_p173x172&_nc_cat=107&ccb=1-7&_nc_sid=081abc&_nc_ohc=F-y_a2m-XdYAX8xzLNB&_nc_ht=scontent-ord5-2.xx&edm=ADwHzz8EAAAA&oh=00_AfB43nSC3ybimyxgMId7h1-6RgyVZg_n4BIp8WEN3g55RA&oe=6590FD86
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmovie.ezyro&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=388972031480695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f082:108:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63868faab6f4cedce0185c143414f81e6ac19d6506c621cbcd0b4ffec974f18c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:21 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Wed, 28 Sep 2022 21:25:25 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2465624099
thrift_fmhk
GBDUPu03Jf9FqzmukzIfUQ8zFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2592106089
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
16957
309378205_438695075030544_7506834347984689374_n.png
scontent-ord5-2.xx.fbcdn.net/v/t39.30808-1/ Frame 2D74 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-ord5-2.xx.fbcdn.net/v/t39.30808-1/309378205_438695075030544_7506834347984689374_n.png?stp=cp0_dst-png_p50x50&_nc_cat=102&ccb=1-7&_nc_sid=4da83f&_nc_ohc=iKlkcl5lWlAAX8JBQxf&_nc_ht=scontent-ord5-2.xx&edm=ADwHzz8EAAAA&oh=00_AfBjGFQ1s7TFqwSIZT4Q0BIe4Ts6RrAkM2jZq90jT-gxKw&oe=6590CC9F
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmovie.ezyro&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=388972031480695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f082:108:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f07af3ceaf59fb9f62571cbd7a6ddb2886f90d4ce5cad8de1303beaab7b655c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:21 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Wed, 28 Sep 2022 21:25:25 GMT
content-type
image/png
access-control-allow-origin
*
content-digest
adler32=3932533655
thrift_fmhk
GBBSXj3e7afc1Uw8FDhpgbcDFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1459780503
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
6998
polyfill.min.js
polyfill.io/v3/ Frame 95CD 		104 B
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=Array.from,Promise,Symbol,Object.setPrototypeOf,Object.getOwnPropertySymbols,Set,Math.trunc
Requested by
Host: stream.trakteer.id
URL: https://stream.trakteer.id/top-supporter-default?ts_font=default&ts_count=3&ts_theme=default&ts_sortby=unit&ts_interval=7&ts_customtitle=LAYARDESA21&key=trstream-jd51bcAeLOErjYdNkmCR&timestamp=1701614702
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.26 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://stream.trakteer.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 26 Dec 2023 23:53:21 GMT
age
597122
detected-user-agent
Chrome/120.0.0
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=2
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
121
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/120.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
superagent.min.js
assets.trakteer.id/js/ Frame 95CD 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.trakteer.id/js/superagent.min.js
Requested by
Host: stream.trakteer.id
URL: https://stream.trakteer.id/top-supporter-default?ts_font=default&ts_count=3&ts_theme=default&ts_sortby=unit&ts_interval=7&ts_customtitle=LAYARDESA21&key=trstream-jd51bcAeLOErjYdNkmCR&timestamp=1701614702
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-67.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6c395e77c4c49661e53c0b9b0f072b5dfd8a2021c6089ae035dccb5fe07a6ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://stream.trakteer.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 13:53:08 GMT
content-encoding
br
via
1.1 75e95d402c844985152ed9360801af06.cloudfront.net (CloudFront)
last-modified
Thu, 12 Aug 2021 04:44:37 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
age
36014
etag
W/"37a19b047b7584febfcf43b2b223ce52"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
AR8yPoYO5mCjgY3U6brXZHcE9P14tFG9ZGI89ucUcBSFjO9GCuzlnw==
obs.js
stream.trakteer.id/utility/ Frame 95CD 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stream.trakteer.id/utility/obs.js?6558e656ced83bb1a184240b8f1cc362
Requested by
Host: stream.trakteer.id
URL: https://stream.trakteer.id/top-supporter-default?ts_font=default&ts_count=3&ts_theme=default&ts_sortby=unit&ts_interval=7&ts_customtitle=LAYARDESA21&key=trstream-jd51bcAeLOErjYdNkmCR&timestamp=1701614702
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:4cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0542677cefad5d64dc432bffc75e4b701cb6a015e073953dd9de3bbf924e36ee
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://stream.trakteer.id/top-supporter-default?ts_font=default&ts_count=3&ts_theme=default&ts_sortby=unit&ts_interval=7&ts_customtitle=LAYARDESA21&key=trstream-jd51bcAeLOErjYdNkmCR&timestamp=1701614702
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"e770c4e79106ca15321549aa47ec086a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZfWAWx7YJo6Jl9IMaupHeNP8B%2BVszDArjs4RZKjtEayXlb68%2FWFlyL%2FVrvk1PjNA191mBLVGSBWb3FNBihT2HNHI4XyJnOgn97ugKvsOPSnTpiGQIoMhkvy21Bp3x6%2FUhceoOTzOzcqb6BQD%2F1GDoEU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200, must-revalidate
cf-ray
83bd3e23793a4bc1-BUF
webfont.js
assets.trakteer.id/js/ Frame 95CD 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.trakteer.id/js/webfont.js
Requested by
Host: stream.trakteer.id
URL: https://stream.trakteer.id/top-supporter-default?ts_font=default&ts_count=3&ts_theme=default&ts_sortby=unit&ts_interval=7&ts_customtitle=LAYARDESA21&key=trstream-jd51bcAeLOErjYdNkmCR&timestamp=1701614702
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-67.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://stream.trakteer.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 20:06:10 GMT
content-encoding
gzip
via
1.1 75e95d402c844985152ed9360801af06.cloudfront.net (CloudFront)
last-modified
Thu, 30 Sep 2021 06:01:13 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
age
81252
etag
W/"7c96a5f11d9741541d5e3c42ff6380d7"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
WJdA5IBdvPJ_XqMxGSNlNe6LO-wDjp5gdtSytJYf_kY0t8ir6-DXbw==
beacon.min.js
static.cloudflareinsights.com/ Frame 95CD 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: stream.trakteer.id
URL: https://stream.trakteer.id/top-supporter-default?ts_font=default&ts_count=3&ts_theme=default&ts_sortby=unit&ts_interval=7&ts_customtitle=LAYARDESA21&key=trstream-jd51bcAeLOErjYdNkmCR&timestamp=1701614702
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

accept-language
en-US,en;q=0.9
Referer
https://stream.trakteer.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:21 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
83bd3e24bc934bbb-BUF
/
6.adsco.re/ Frame 74D9 		0
138 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c.adsco.re/
Origin
https://c.adsco.re
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:21 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-max-age
2592000
access-control-allow-methods
GET, HEAD, OPTIONS
access-control-allow-origin
https://c.adsco.re
content-type
text/plain;charset=UTF-8
cache-control
private, max-age=10
cf-ray
83bd3e23793c6aed-BUF
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400
/
4.adsco.re/ Frame 74D9 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://c.adsco.re/
Origin
https://c.adsco.re
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 23:53:21 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Origin
https://c.adsco.re
Content-Type
text/html; charset=UTF-8
Cache-Control
private, max-age=5
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
telemetry2
push.bvsrv.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://push.bvsrv.com/telemetry2?v=1.1.9&dm=layardesa21.cfd&chid=128&sbid=2088479
Requested by
Host: data.bvsrv.com
URL: https://data.bvsrv.com/webpush/scripts/v1.1/adkwebpush.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.53.36 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://layardesa21.cfd/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://layardesa21.cfd
Date
Tue, 26 Dec 2023 23:53:21 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
close
Content-Length
0
/
c.adsco.re/ Frame 74D9 		30 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c.adsco.re/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:21 GMT
content-encoding
br
cf-cache-status
HIT
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
server
cloudflare
age
2275838
etag
W/"QbONdm6N+fFtme5WVlUGEw=="
vary
Accept-Encoding
content-type
text/html
cache-control
public, max-age=2678400
permissions-policy
ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
cf-ray
83bd3e237b674bc3-BUF
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
alt-svc
h3=":443"; ma=86400
expires
Fri, 26 Jan 2024 23:53:21 GMT
up58iAlCAzylAOthgHoOwlXkr5N-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/up58iAlCAzylAOthgHoOwlXkr5N-152x228.jpg
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
4bbcbdee2c7be1d28bd25523b111d6d6ec384edf6a54c1736d4e8affaef7e2b2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:21 GMT
last-modified
Mon, 18 Dec 2023 13:02:46 GMT
server
Apache
accept-ranges
bytes
content-length
9181
content-type
image/jpeg
0.php
s4.histats.com/stats/ 		378 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4687520&@f16&@g1&@h1&@i1&@j1703634798718&@k0&@l1&@mLAYARDESA21%20-%20Tempat%20Streaming%20dan%20Download%20Film%20Terbaru&@n0&@o1000&@q0&@r0&@s502&@ten-US&@u1600&@b1:-88543358&@b3:1703634799&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Flayardesa21.cfd%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
433d481c0196c03ff6692b2da53e23b6421302b2616ecac061a934487cb9eb64

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 23:53:21 GMT
Connection
close
Content-Length
378
Content-Type
text/html;charset=UTF-8
cc_502.js
s10.histats.com/counters/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/counters/cc_502.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9cdb633be0027f2fc2814a11a1c93e8f14732e99ec6e47b72f49e8c76904999

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:21 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
server
cloudflare
etag
"1049184989"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83bd3e237aae4bcd-BUF
content-length
5928
truncated
/ 		225 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4c0685328018e58d72238dfc506439992d800d33aedb5ced7878066920b649b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		205 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0bd7abf5a1a60c7924f4c91c63f3a3ab94d063046728df0cfa36947ecff50b7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
LAYARDESA21N-1.png
layardesa21.cfd/wp-content/uploads/2022/07/
Redirect Chain
  • https://layardesa21.online/wp-content/uploads/2022/07/LAYARDESA21N-1.png
  • https://layardesa21.cfd/wp-content/uploads/2022/07/LAYARDESA21N-1.png
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2022/07/LAYARDESA21N-1.png
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
14cfbfe7efa045c8c4258889581e400abd534ee1be047d87d73e96188a61560e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:21 GMT
last-modified
Fri, 29 Jul 2022 07:03:54 GMT
server
Apache
accept-ranges
bytes
content-length
15775
content-type
image/png

Redirect headers

location
http://layardesa21.cfd/wp-content/uploads/2022/07/LAYARDESA21N-1.png
content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:21 GMT
server
Apache
content-length
276
content-type
text/html; charset=iso-8859-1
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
quant.js
secure.quantserve.com/ Frame 3C0B 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

Referer
https://layardesa21.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
private, max-age=604800
content-encoding
gzip
content-type
application/javascript
date
Tue, 26 Dec 2023 23:53:21 GMT
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
expires
Tue, 02 Jan 2024 23:53:21 GMT
vary
Accept-Encoding
analytics.js
www.google-analytics.com/ Frame 0A33 		52 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://layardesa21.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
1227
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=7200
content-encoding
gzip
content-length
20994
content-type
text/javascript
cross-origin-resource-policy
cross-origin
date
Tue, 26 Dec 2023 23:32:54 GMT
expires
Wed, 27 Dec 2023 01:32:54 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
strict-transport-security
max-age=10886400; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
onejs
z-na.amazon-adsystem.com/widgets/ Frame E66E 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.137.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-137-123.jfk52.r.cloudfront.net
Software
Server /
Resource Hash
2e23379e757d5ab4ac8aeaf54661dc2714d4438d8eece66a0d5fe73e75279953

Request headers

Referer
https://layardesa21.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
age
41514
cache-control
public,max-age=86400,s-maxage=86400,no-transform
charset
UTF-8
content-encoding
gzip
content-length
7987
content-type
application/javascript;charset=UTF-8
date
Tue, 26 Dec 2023 12:21:27 GMT
expires
Wed, 27 Dec 2023 12:21:27 GMT
pragma
Public
server
Server
via
1.1 be85287d15abd3cfecdfa319493ba256.cloudfront.net (CloudFront)
x-amz-cf-id
fg9mUbLMF1tQ5W-SKTqF1GBb8C__CQ7P9Sam10buAslZFv5xgRxh1w==
x-amz-cf-pop
JFK52-P2
x-cache
Hit from cloudfront
dmedianet.js
contextual.media.net/ Frame 86EA 		94 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/dmedianet.js
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.212.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-212-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
59f1d8faa32f92bdac718ebb6ff280a35b06159a601319a97452470dca2afd74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://layardesa21.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=300
content-encoding
gzip
content-length
35947
content-type
text/javascript; charset=utf-8
date
Tue, 26 Dec 2023 23:53:21 GMT
etag
"c916a1c8524bf349506182857ea04fad"
expires
Tue, 26 Dec 2023 23:58:21 GMT
server
Apache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-mnt-h
22-s1v0
x-mnt-w
22-5h9m
visits
xhr.invl.co/ 		43 B
903 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xhr.invl.co/visits?aff_id=832996&referrer=&href=https%3A%2F%2Flayardesa21.cfd%2F
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.187.112 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-187-112.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:21 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, private
x-xss-protection
1; mode=block
wp-emoji-release.min.js
layardesa21.cfd/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://layardesa21.cfd/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
date
Tue, 26 Dec 2023 23:53:21 GMT
last-modified
Thu, 30 Mar 2023 03:28:12 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4647
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/ 		135 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0bb0f6e27c39319a984893ac841db75b33d8b1c63c21ca269ab3e657ad4fa9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 03:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
591105
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48239
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 19:05:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Dec 2024 03:41:36 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/ 		119 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155e6885d8e0c61afd8c8dd624d4bdd03409905e798c65940d28aaf8ae4bea77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 03:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
591105
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41532
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 19:05:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Dec 2024 03:41:36 GMT
subscribe_embed
www.youtube.com/ Frame 953F 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCLjrkq105aVFM4YJrNADBSQ&layout=full&count=default&origin=https%3A%2F%2Flayardesa21.cfd&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4d7bef142c84bf1eb5f614a160f6655811e71e4bdda8a5df8b6f4292607eee95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://layardesa21.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin; report-to="youtube_main"
date
Tue, 26 Dec 2023 23:53:21 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
p
adsco.re/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
14a9c86493b46589b82730003ed23b68888f6e2d73c92f279658aa6342312f2b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 23:53:21 GMT
Content-Encoding
gzip
Accept-CH
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Access-Control-Max-Age
2592000
Transfer-Encoding
chunked
AS-P-1
OK nyc223
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://layardesa21.cfd
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Critical-CH
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Permissions-Policy
ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
Connection
keep-alive
AS-P-2
OK
AS-P-3
OK
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
1da0b497-3828-4d83-8a60-bdf73ff39d22
https://layardesa21.cfd/ 		134 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://layardesa21.cfd/1da0b497-3828-4d83-8a60-bdf73ff39d22
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
134
Content-Type
application/javascript
/
6.adsco.re/ Frame 74D9 		0
0
cb=gapi.loaded_2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=debug_error/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=debug_error/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_2?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19469f733a882e909d675822102e3486a53d7dec8d072a9b9692e6a543e07065
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 21:03:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
442188
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12638
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 19:05:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 21:03:33 GMT
/
e.dtscout.com/e/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Flayardesa21.cfd%2F&j=
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4687520&@f16&@g1&@h1&@i1&@j1703634798718&@k0&@l1&@mLAYARDESA21%20-%20Tempat%20Streaming%20dan%20Download%20Film%20Terbaru&@n0&@o1000&@q0&@r0&@s502&@ten-US&@u1600&@b1:-88543358&@b3:1703634799&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Flayardesa21.cfd%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46c8312538b525fd6069f095eddcb95d1580a03e8f16d2aa3bb8ccf0a742bdc2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:21 GMT
x-t
0.218
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OiCs3yOfcg5fM56MLzwLnNI3drw3MPsxRHUyO5peIVpPtcZ%2FNSfgbK1SYhjIGjJvcCRIhxMHRmmIa25%2BpQiCkpeDV6yzFhijb1SMjpD9uZ2ZyHZCNO1KVqWkBoNiV1TLjB%2FDjw0o2G6SAjk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl3
cf-ray
83bd3e24ac674bc3-BUF
expires
Tue, 26 Dec 2023 23:53:20 GMT
top-supporters
api.trakteer.id/v2/stream/trstream-jd51bcAeLOErjYdNkmCR/ Frame 95CD 		185 B
936 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trakteer.id/v2/stream/trstream-jd51bcAeLOErjYdNkmCR/top-supporters?interval=7&count=3&sortby=unit
Requested by
Host: assets.trakteer.id
URL: https://assets.trakteer.id/js/superagent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2929158a1a9ba9f1d1b246e033d0c5b4118036033656327f4b4cc888aaf54ed2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://stream.trakteer.id/top-supporter-default?ts_font=default&ts_count=3&ts_theme=default&ts_sortby=unit&ts_interval=7&ts_customtitle=LAYARDESA21&key=trstream-jd51bcAeLOErjYdNkmCR&timestamp=1701614702
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-language
id
access-control-allow-origin
https://stream.trakteer.id
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2Bwn8y9vZqNTyoxCydKjRaQsXdHYKWHKh4h5SFqfCFRIrIsmguGLvcR4F4CmdOgXEqe8P2nlxtTOakapHqyV9E4s0ONOd3WMZ2W4WfEUJv40hygV3wK71ZhbL1Y%2FGl0%2FdZAvF%2FRhtT7XgDZyvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
private, must-revalidate
access-control-allow-credentials
true
access-control-expose-headers
Authorization
cf-ray
83bd3e258d314bcc-BUF
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-XSRF-Token
kingthings_clarity1.1-webfont.woff2
assets.trakteer.id/fonts/ Frame 95CD 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.trakteer.id/fonts/kingthings_clarity1.1-webfont.woff2
Requested by
Host: stream.trakteer.id
URL: https://stream.trakteer.id/top-supporter-default?ts_font=default&ts_count=3&ts_theme=default&ts_sortby=unit&ts_interval=7&ts_customtitle=LAYARDESA21&key=trstream-jd51bcAeLOErjYdNkmCR&timestamp=1701614702
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.225.214.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-67.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4bd67e5286f792020d15ee78e1b770733f34297b7326249170002996b6b9e082

Request headers

Referer
https://stream.trakteer.id/
Origin
https://stream.trakteer.id
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:37:05 GMT
via
1.1 90a990c5327e86ade86681120dc4a236.cloudfront.net (CloudFront)
age
22576
x-amz-cf-pop
EWR50-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
13684
last-modified
Thu, 12 Aug 2021 04:22:52 GMT
server
AmazonS3
etag
"e154bf064e0403656a2370d0a6e4f4f2"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
_aFNwbg0gz9-ZqjMISoHSEdL3r-7-Oraf2EfbjhdVI6uRM1ogT5VYg==
www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 953F 		38 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCLjrkq105aVFM4YJrNADBSQ&layout=full&count=default&origin=https%3A%2F%2Flayardesa21.cfd&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCLjrkq105aVFM4YJrNADBSQ&layout=full&count=default&origin=https%3A%2F%2Flayardesa21.cfd&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 19:47:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
14736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5155
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 25 Dec 2024 19:47:45 GMT
Jq-I6kiE6hPKL0b7QbOsfW_2fBOK6NuuNKyjGGbYKYJqGAd6RKyIDSn7e6szfeW9BKIFBtLhEw=s48-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 953F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/Jq-I6kiE6hPKL0b7QbOsfW_2fBOK6NuuNKyjGGbYKYJqGAd6RKyIDSn7e6szfeW9BKIFBtLhEw=s48-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCLjrkq105aVFM4YJrNADBSQ&layout=full&count=default&origin=https%3A%2F%2Flayardesa21.cfd&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6e0c1ee9509aa0dbd37ae64bc63c12ddc361a71ef6fa9340c7389b78b64dd4a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:21 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2809
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 27 Dec 2023 23:53:21 GMT
www-subscribe-embed_v0.js
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 953F 		252 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCLjrkq105aVFM4YJrNADBSQ&layout=full&count=default&origin=https%3A%2F%2Flayardesa21.cfd&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCLjrkq105aVFM4YJrNADBSQ&layout=full&count=default&origin=https%3A%2F%2Flayardesa21.cfd&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 20:19:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12816
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73785
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 21:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 25 Dec 2024 20:19:45 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b1e245421d2f65824fa94a0fc62393774b1e64c1b28a0dab787b0fd035eba77

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/ Frame 953F 		134 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2f33dc18eae27d4e878bf837dd97f1bde5151e44b0271408535bb93265b8c52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 08:15:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
574688
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45646
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 19:05:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Dec 2024 08:15:13 GMT
main.js
stream.trakteer.id/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame 7D0A
Redirect Chain
  • https://stream.trakteer.id/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://stream.trakteer.id/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stream.trakteer.id/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H3
Server
2606:4700:20::681a:4cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8744992f96b1d402ae1524f9fd416c0e213fff3065cf25b0478775630c9f10bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMhv0pHHElcj2%2B4JVTvSIpUoBcekfBdNK2hHXDafRTc%2FjFnDfbO5fm1C83KucUFktVUmzcEErZ8b1jcsFrp%2BD%2BwBQoqqnyHAZ8RO2jRiou5hq0UyucwlRmqdHgBmgFfk6XzjmenqKIAH3ms65Aj1eA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
83bd3e25cca84bc1-BUF
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 26 Dec 2023 23:53:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AsVMe72MIG1FRw2hYv%2BjuXrjZVUIiomWAWHi%2FiW78e7kW043sBiwwScFyAbBxYOhWwEOBUnDstSK8AYHKdVGG8oJvMNLetg3wfgy%2Fj67kiymlFX%2F%2FvQWrLJj8WgvLTD1dHKoDc%2FF1Y5xgd8mUO8OvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
cache-control
max-age=300, public
cf-ray
83bd3e256c1c4bc1-BUF
alt-svc
h3=":443"; ma=86400
subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 953F 		156 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 13:58:40 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Sep 2020 20:15:00 GMT
server
sffe
age
35681
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
156
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 25 Dec 2024 13:58:40 GMT
rum
cloudflareinsights.com/cdn-cgi/ Frame 95CD 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://stream.trakteer.id/top-supporter-default?ts_font=default&ts_count=3&ts_theme=default&ts_sortby=unit&ts_interval=7&ts_customtitle=LAYARDESA21&key=trstream-jd51bcAeLOErjYdNkmCR&timestamp=1701614702
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Tue, 26 Dec 2023 23:53:21 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://stream.trakteer.id
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
83bd3e264da84bcc-BUF
rum
cloudflareinsights.com/cdn-cgi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://stream.trakteer.id
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://stream.trakteer.id
access-control-max-age
86400
cf-ray
83bd3e261d984bcc-BUF
content-encoding
gzip
content-type
text/plain
date
Tue, 26 Dec 2023 23:53:21 GMT
server
cloudflare
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY
/
t.dtscout.com/idg/ Frame 8D23 		1 KB
756 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=4C301703634801762C11436DF18C5D3F
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Flayardesa21.cfd%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
118072def42444292f1278d1d0348680fb0a72a9f49d41e49db04925e82217f1

Request headers

Referer
https://layardesa21.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83bd3e25acf14bc3-BUF
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 26 Dec 2023 23:53:21 GMT
expires
Tue, 26 Dec 2023 23:53:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMJXp4ssPyuoS%2F2p6ZG8JJIRwrs5iXx%2BKxupRJx40cu%2BA%2Bs4R1Ri3EB6LO8oSSkij42mfWO7DcUrlVc9TQBLaQRDyQ0a0Gu3yETK8oEuAe4lIfUwncLufuuaVJsynY4ACMKI5iTG0qzBSqg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Flayardesa21.cfd%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-87.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 30dd3884a4b369c2dc7ffa8271e1b512.cloudfront.net (CloudFront)
date
Tue, 26 Dec 2023 10:54:31 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
46731
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
8ZvaGWJ5oSjLr3A1c4T3WIptYnQTe_zmEGnzEUHOiT04W9cMlHqWJQ==
dtscout
pd.sharethis.com/pd/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Flayardesa21.cfd%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.218.108.54 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-218-108-54.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
9801c81127e18817b3d12447e86156dddf12f13689f87cdfeb1205082a80d5a2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 23:53:21 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
afwu.js
cdn.tynt.com/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/afwu.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Flayardesa21.cfd%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 15:09:06 GMT
server
cloudflare
age
40435
etag
W/"651ed192-4c00"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83bd3e25f9e4a1f3-YYZ
expires
Fri, 29 Dec 2023 23:53:21 GMT
/
t.dtscout.com/pv/ 		51 B
341 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=layardesa21.cfd&_ss=5ajz9yzb6s&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=49hv&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Flayardesa21.cfd%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63f70a227f2b9e30d939d9598f375b15f55e20646455be80dc39192ccb72b463

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:21 GMT
x-t
0.146
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ruDEofjizjYNFU2wK94tZx6ZKvuJXQTc%2BwxjBfudv92MoN20n1f30AUennmAAWy%2FX6LBO8ozwgqP6RQY%2FoFo6d9mQAiPz45Wczs6Ui8PgU4S7UcoMP43cp8nI%2Fdj0koetlnUsMDZj6wjo84%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
83bd3e25acf34bc3-BUF
expires
Tue, 26 Dec 2023 23:53:20 GMT
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 2D74 		573 B
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 26 Dec 2023 23:53:21 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
reporting-endpoints
x-fb-debug
jprS7DaQ3gzqFZ1RBBbl8Oz0bTmd8kocCSHUCJC6BjlAkDVnAjBhi9tt7wckK0TSix/AMyZ7zdF4yg+w0dEvvg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1,i
expires
Mon, 23 Dec 2024 06:45:39 GMT
/
www.facebook.com/platform/plugin/tab/renderer/ Frame 2D74 		0
0
/
www.facebook.com/platform/plugin/page/logging/ Frame 2D74 		961 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/page/logging/
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/yV/l/en_GB/y1wKntgIB6R.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0066f3bf2c19d60ee4000e7a688867b9a45118df898b9be6fca1e5d651772db5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
GzU5CdPDVgDZZBJ2JJnyT1
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmovie.ezyro&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=388972031480695
X-ASBD-ID
129477
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), keyboard-map=()
strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 26 Dec 2023 23:53:21 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
4C5vY8IG9iyZtgO5ih8J3cqQAWVqWDNCk2y0I9000p4f3HZXRFPtoDKSPUEgmqw/B1F0PtLJ4I54Z7mr+WJ3yQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 2D74 		961 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=3335588140062871&surface=pagePlugin&unit_type=VIEWER
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/yV/l/en_GB/y1wKntgIB6R.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
93426f95ebcca74f67836f03c93ec7823ff0468ad56508d64d33eb1d3fd881ab
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
GzU5CdPDVgDZZBJ2JJnyT1
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmovie.ezyro&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=388972031480695
X-ASBD-ID
129477
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), keyboard-map=()
strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 26 Dec 2023 23:53:21 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
0mNH2W48qPA5ehCgGtoWBq28IoKh8CmpINPyOs8oupzGk1C6FE/3mGKOf4Vj1lBaeXXwdUMbaM9YSNsZmzpYeg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
expires
Sat, 01 Jan 2000 00:00:00 GMT
cxezxfesthrg
betteradsystem.com/ 		44 B
140 B 		Script
General
Check archive.org
Download Go to
Full URL
https://betteradsystem.com/cxezxfesthrg?IUiKerCj=BQOCAAAAAAAACZUAAr3FE_u3NFalHE7Vo25qcbVxorUzK456yRNxhfV-y4h0zIG-i1ydAWWl2iUMrn7M6avacCMCLxRQXES6vSmXEduMHBQCfa7BUA-IgXHIs7k7YPNtWhMRJEwI8dVbU4e5CkpOkFz9ty8ga9IH4vaD93yRlYOXB99jV4TSnk5nEcwQJ-Xyn2Ki0ooXsksViz6nrEWeL-GuGKUEmFWeYGvX0ZQWgHt-Zq14kJiKQ9vBJ6_UivZCs0bOtUWabkpXfhmoK9sqBI-iT3biKZI6BakpNeNI-nZXeXBZG6DzvbMP3qBgO3NRtQFNQIw_bsQANgnxEorhSh7LUwVW9CIHL_x5jzCgmig835fFxPE6glt19QWCJJBg0rlQ5aflmMCFDp6hLCthL0OIrIj0LQpfnrkw2Vk9RFfgd5AuuAkPL7NEElry5tyySsCApNEWEkks_Uf-Upawbbp2F8X3atIhgOUw3IkhJHR5t39ghBTodQJ7Nk_O8VAsuizWakStxZzlCliqM4v2a3XFbnLgLb-gXcfsO7lYzNyZjRO4_VOWO3vcqKbmaWLvB2c8aKeT3QVZxj_j6GMeano7p5YBgaPNV6NbGaIhvTvyidFSiHUdx8Hg8eS5FVPP3r_BWjm1C-Bl2AMtn5BzzHut5M5_6dFgivyTKroh9vqKkm3QGk5JGk559nbbKqmMQIvGVt7eVuwp7wZnskMqQQhnmvORxMFApJ_SbCghfL3ol6WHj1ts48x3OVEp3NtHPtbkk-vznQJw8BPkhrLU3tP6q5NMKbV6Duh1Noh6rfgpVt4YExWkSka-eix_bu7Xh3NI44ee77uAtrJg9RgHbvvY5Jfr52fGJVlea1-ah2qk0opfSC1cuYXW6nkGljVP6-vFRyNNZahIJCwwY08D5aTxjeMKkQqq5xUKe1Yf2rQaJlE0YVfxxKHUdVVQUUwMQMxt7rOasu6FFuGl6rFfLQhHFDjhR6yFiMdVagG1XrRVxNLprbdSnv3sFSEZ3pOsCfnaeHBKGzZ91ZQIK1cKyGnUBGpKZIDmZH3jgb5HYebTk7BovsJJNrj0s-yyAsWR_dxGjyqRLe_GassqsPA4Vb53M2z5SGoVodNftkfCC7rfVyJRkcZLwm5uGmBQQ3we1hGivlv6N63MxBzOq74a35gj9q_kh_3xDLbx9EKVKIMa0LUAICVz5r8WuXnX&gKIYznFv=4&sbKxAnza=5035190&BKygRJEr=&aPVFGYIf=0,0&LOfpxdGs=&KnHgRpJf=&pwsWESAv=1600,1200,1,1600,1200,0
Requested by
Host: www.betteradsystem.com
URL: https://www.betteradsystem.com/api/datepair.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.252.213.208 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
popads-ec
ASB
date
Tue, 26 Dec 2023 23:53:21 GMT
asf
9
content-length
44
content-type
text/javascript;charset=UTF-8
kCwDvxe1QsQ.js
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ Frame 2D74 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/kCwDvxe1QsQ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/iZpNYL8JfUb.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
264a0a28c23da253d460c72e9b7ff9e297a4e02ea590c5d20a1f0fa77bc9aadd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 26 Dec 2023 23:53:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
8PPs50PtkMAX5E1OU2ogzA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3451
reporting-endpoints
x-fb-debug
Aomo7cWq+PKD01jYuGeSYACceNj7NbtvkkV3H6nupT9+ZSUoPtmRGcvnRCz7P6V6MhqA4qxOJtZNTSk5RPz1aw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 15 Dec 2024 00:02:37 GMT
VMMGrWYM7Te.js
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ Frame 2D74 		341 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/VMMGrWYM7Te.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/iZpNYL8JfUb.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d0260a942842dfe2e8de7d78be4aecaa450e9ee0be021d76e6ba13d9f5c92b08
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 26 Dec 2023 23:53:21 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
WmWr4XDoSnANsz1Uo5Z2tg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
75279
reporting-endpoints
x-fb-debug
/bHDR+ciy8PcTsQ4o8G0VA+hiochiiSLdZslDaOVn/RxDYwNJc/pBsX8xHVXG+qyz8tj7fPbzIIzPu3oEwxOkw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Mon, 23 Dec 2024 16:38:52 GMT
1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame 2D74 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 26 Dec 2023 23:53:21 GMT
x-content-type-options
nosniff
content-md5
Bsv/k/2TeJemYEeLUt4www==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12027
reporting-endpoints
x-fb-debug
mZkvNMNgtFgSs+dO2VTopvKzrZB33fUCZUqOCee+KiyZ8fLGFxnXqtJ41zqdItEIztK559Dgf0fEI4OrQl6dUg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 18 Dec 2024 08:30:43 GMT
xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 2D74 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 26 Dec 2023 23:53:21 GMT
x-content-type-options
nosniff
content-md5
rB4cTW8WNZcBsFntToJGtA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1315
reporting-endpoints
x-fb-debug
rC7x/8QjrYO52Jpv9PhzzaXNtrfDbe5PUASyV6vAbQ5ITfwuzPilkv7yrTN82JNEkrNx+I5N5covoM6DOPlUjw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 13 Dec 2024 19:40:03 GMT
83bd3e109b756aee
stream.trakteer.id/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 7D0A 		0
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.trakteer.id/cdn-cgi/challenge-platform/h/g/jsd/r/83bd3e109b756aee
Requested by
Host: stream.trakteer.id
URL: https://stream.trakteer.id/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:4cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 26 Dec 2023 23:53:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13aT7wPeSQeOCBNzpWSROcF8mDwaF1pw9Sgbpv9vSqyrUaf7tttMOFl%2FesuCX%2BSXS00meQIf6N%2F3wzUY%2FFIFTp7zkemp%2FwWcq4A0A2MQ4JDamcvBCaV2OQl2q41skuYLBDuouM2WJFhAvnLDx6XuXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
83bd3e26fea24bc1-BUF
alt-svc
h3=":443"; ma=86400
ieeHDjcGsIR.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 2D74 		213 B
353 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/ieeHDjcGsIR.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/iZpNYL8JfUb.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 26 Dec 2023 23:53:21 GMT
x-content-type-options
nosniff
content-md5
oSUZEsOZh+qyGbXjvLFs7Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
213
reporting-endpoints
x-fb-debug
RKVBquxuQ61O+/xtZKctrIQ6BTkDOcnreU/lFadEHNeS80229VWcUjdQkuWaELdGOHUJRmtTfjb0WXZYaYP98g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Fri, 13 Dec 2024 20:11:40 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Flayardesa21.cfd%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-28.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 01:20:34 GMT
content-encoding
gzip
via
1.1 b4bbc10bb9b68293dc88560c2ddfcc2c.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 14:23:53 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
81168
x-amz-server-side-encryption
AES256
etag
W/"eb52f900499b46d1088df97dad487c73"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
Gb7aJykjFGsk5YIXn9U3-Kg6WCwSHOm86LkaM7FUkPxvLFgNdJul7A==
/
t.dtscdn.com/widget/ 		0
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=4C301703634801762C11436DF18C5D3F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Flayardesa21.cfd%2F&r=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Flayardesa21.cfd%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:21 GMT
x-t
0.9
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hNOPuw%2BQ3juM85SK674nmgvJ3%2BbnNOx1KZwVv7l8ARK1hctt4cxklHZwjln0S%2FtQ5xnv%2BIp62OeEbcpdTB%2FvDAss45o8fLcaXhRBJoZPVeBQQu287F%2FpBc3hsMjUli7aC85EALBeXZ25A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web13.ny1.dtscdn.com
cf-ray
83bd3e27c9564bc6-BUF
expires
Tue, 26 Dec 2023 23:32:38 GMT
33141
tags.bluekai.com/site/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=4C301703634801762C11436DF18C5D3F
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=36425cb59abf4f4a
62 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33141?&id=36425cb59abf4f4a
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Server
23.216.137.114 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-216-137-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 26 Dec 2023 23:53:22 GMT
content-length
62
content-type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=36425cb59abf4f4a
content-length
0
/
onetag-geo.s-onetag.com/ 		50 B
456 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-7.jfk52.r.cloudfront.net
Software
/
Resource Hash
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:21 GMT
via
1.1 268f65a0b054ce4bd2ab49c3b30f4bae.cloudfront.net (CloudFront), 1.1 c3084b8da81c3551ffa5c6179e9f6140.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, JFK52-P2
x-amzn-requestid
ee5f970e-099c-4705-bfac-c67e2db82f97
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
Qk0Z2GtyiYcEQvw=
content-length
50
x-amz-cf-id
p_JVMYbRBKb1N2uA5wGq0wyPc8JpMQJXNFiUfMXtonqGL8uYep2v8w==
t.dhj
t.sharethis.com/1/d/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.8051411663321442&stid=ZGUACGWLZ3EAAAAIA3PFAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.202 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 23:53:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Wed, 27 Dec 2023 00:53:21 GMT
dtscout
pd.sharethis.com/pd/ 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Flayardesa21.cfd%2F&event_source=dtscout&rnd=0.8051411663321442&exptid=ZGUACGWLZ3EAAAAIA3PFAw%3D%3D&fcmp=false
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.218.108.54 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-218-108-54.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 23:53:21 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
/
www.facebook.com/login/ Frame 2D74 		0
0
/
www.facebook.com/login/ Frame 2D74 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmovie.ezyro%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId%3D388972031480695
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/iZpNYL8JfUb.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fmovie.ezyro&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=388972031480695
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 26 Dec 2023 23:53:21 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
MNUxRu9jIxzRLZBtOwDNGcdN0WctsiQfpx7yzwBD9GaTtwykJD68PPLXZHxKIGXTwvqE9PSMt4P2GNIV/I7Mbg==
x-frame-options
DENY
x-xss-protection
0
p
ic.tynt.com/b/ 		35 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1703634801813&dn=AFWU&iso=0&pu=https%3A%2F%2Flayardesa21.cfd%2F&ct=LAYARDESA21&t=LAYARDESA21%20-%20Tempat%20Streaming%20dan%20Download%20Film%20Terbaru&chmob=0
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:21 GMT
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag
"4bc8846c-23"
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges
bytes
content-length
35
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
bz
www.facebook.com/ajax/ Frame 2D74 		0
0
bz
www.facebook.com/ajax/ Frame 2D74 		0
0
bz
www.facebook.com/ajax/ Frame 2D74 		0
0
t_.htm
t.sharethis.com/a/ Frame 42DC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.8051411663321442&stid=ZGUACGWLZ3EAAAAIA3PFAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.202 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://layardesa21.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 26 Dec 2023 23:53:21 GMT
Expires
Tue, 02 Jan 2024 23:53:21 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
v2
de.tynt.com/deb/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Flayardesa21.cfd%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
8d29043207026c03654e14cb1a9ef665312a884a32bc84358245ccd82ed1a57f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Tue, 26 Dec 2023 23:53:21 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
1348
expires
Sat, 26 Jul 1997 05:00:00 GMT
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame 73FE 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.202 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 23:53:22 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 02 Jan 2024 23:53:22 GMT
dataBeacons.min.js
data-beacons.s-onetag.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding
gzip
via
1.1 45c692e896f6d5351f0f0a998ed4f588.cloudfront.net (CloudFront)
date
Tue, 26 Dec 2023 23:01:11 GMT
last-modified
Wed, 04 Oct 2023 13:49:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
3132
etag
W/"934c7ce138a53a973baa02a2dbd8c23a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
-DKJQsPthua_p_p1BJjg831zuQ1Bm7l9kbHbAj4xNIpXxplFRniLzA==
test_oracle
pd.sharethis.com/pd/ Frame 5681 		438 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/test_oracle
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.218.108.54 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-218-108-54.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
66c86faf35e66860b2506130133a0338aa77da22aa62149c1e2c155a8cce59aa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 23:53:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
438
Content-Type
application/javascript
ttd
sync.sharethis.com/ Frame 73FE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/ttd?uid=ec751bcd-abcc-4c3e-b966-af69f83765e9&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/ttd?uid=ec751bcd-abcc-4c3e-b966-af69f83765e9&gdpr=0&gdpr_consent=
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
HTTP/1.1
Server
18.116.146.56 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-146-56.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 23:53:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZGUACGWLZ3EAAAAIA3PFAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

location
https://sync.sharethis.com/ttd?uid=ec751bcd-abcc-4c3e-b966-af69f83765e9&gdpr=0&gdpr_consent=
date
Tue, 26 Dec 2023 23:53:22 GMT
server
Kestrel
content-length
215
db_sync
px.ads.linkedin.com/ Frame 73FE
Redirect Chain
  • https://idsync.rlcdn.com/386076.gif?partner_uid=ZGUACGWLZ3EAAAAIA3PFAw%3D%3D&gdpr=0&gdpr_consent=
  • https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkdVQUNHV0xaM0VBQUFBSUEzUEZBdz09EAAaDQjyzq2sBhIFCOgHEABCAEoA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ea4cb9602f3f6bf8e1b7643784b2559b9d5319beddb46efbcb9d81025f4be106791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ea4cb9602f3f6bf8e1b7643784b2559b9d5319beddb46efbcb9d81025f4be106791426b5417dce21&rand=08702024
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ea4cb9602f3f6bf8e1b7643784b2559b9d5319beddb46efbcb9d81025f4be106791426b5417dce21&rand=08702024
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:21 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 2FCCE86165614255A4CD8501AD2796F7 Ref B: NYCEDGE1717 Ref C: 2023-12-26T23:53:22Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYNcmM50oxyk0gMUUTMhw==

Redirect headers

date
Tue, 26 Dec 2023 23:53:22 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ea4cb9602f3f6bf8e1b7643784b2559b9d5319beddb46efbcb9d81025f4be106791426b5417dce21&rand=08702024
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
eyeota
sync.sharethis.com/ Frame 73FE
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/eyeota?uid=2buXnQblztz-glV8xBfjAy7dnjeNpLofem2uWfC_RyOE&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/eyeota?uid=2buXnQblztz-glV8xBfjAy7dnjeNpLofem2uWfC_RyOE&gdpr=0&gdpr_consent=
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
HTTP/1.1
Server
18.116.146.56 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-146-56.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 23:53:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZGUACGWLZ3EAAAAIA3PFAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

Location
https://sync.sharethis.com/eyeota?uid=2buXnQblztz-glV8xBfjAy7dnjeNpLofem2uWfC_RyOE&gdpr=0&gdpr_consent=
Date
Tue, 26 Dec 2023 23:53:22 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
csync.ashx
ml314.com/ Frame 73FE
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGUACGWLZ3EAAAAIA3PFAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3640915825560911887
  • https://ml314.com/csync.ashx?fp=&person_id=3640915825560911887&eid=50082
43 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=&person_id=3640915825560911887&eid=50082
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Wed, 27 Dec 2023 23:53:22 GMT
date
Tue, 26 Dec 2023 23:53:22 GMT
via
1.1 google, 1.1 google
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif

Redirect headers

date
Tue, 26 Dec 2023 23:53:22 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=&person_id=3640915825560911887&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
oracle
sync.sharethis.com/ Frame 73FE
Redirect Chain
  • https://tags.bluekai.com/site/59574?id=ZGUACGWLZ3EAAAAIA3PFAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
  • https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
HTTP/1.1
Server
18.116.146.56 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-146-56.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 23:53:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZGUACGWLZ3EAAAAIA3PFAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

location
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
date
Tue, 26 Dec 2023 23:53:22 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
27519
tags.bluekai.com/site/ Frame DB98
Redirect Chain
  • https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1703634802039.6
  • https://tags.bluekai.com/site/27519?id=212396702173106&ret=html&random=1703634802
71 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.bluekai.com/site/27519?id=212396702173106&ret=html&random=1703634802
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Flayardesa21.cfd%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.137.114 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-216-137-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer
https://layardesa21.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

bk-server
48d5
content-length
71
content-type
text/html
date
Tue, 26 Dec 2023 23:53:22 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Tue, 26 Dec 2023 23:53:22 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://tags.bluekai.com/site/27519?id=212396702173106&ret=html&random=1703634802
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP001
x-33x-status
400000000040080C
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1703634802039.1
  • https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=&us_privacy=&random=1703634802039.1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?uid=ec751bcd-abcc-4c3e-b966-af69f83765e9&bid=1e2n4ou
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=ec751bcd-abcc-4c3e-b966-af69f83765e9&bid=1e2n4ou
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
HTTP/1.1
Server
3.233.22.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-22-19.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 26 Dec 2023 23:53:22 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location
https://ps.eyeota.net/match?uid=ec751bcd-abcc-4c3e-b966-af69f83765e9&bid=1e2n4ou
date
Tue, 26 Dec 2023 23:53:22 GMT
server
Kestrel
content-length
191
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSGWLZ3EY9imPNLMMAg%3D%3D&us_privacy=&_rand=1703634802039.2
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSGWLZ3EY9imPNLMMAg%3D%3D&us_privacy=&_rand=1703634802039.2&expected_cookie=c090a1c0-edba-4b90-a545-9200ceba603b
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSGWLZ3EY9imPNLMMAg%3D%3D&us_privacy=&_rand=1703634802039.2&expected_cookie=c090a1c0-edba-4b90-a545-9200ceba603b
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:21 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 6BB2E88EA82441989BD7B0109DC9C1B7 Ref B: NYCEDGE1717 Ref C: 2023-12-26T23:53:22Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYNcmM4imvTuuyDaTyWyQ==

Redirect headers

date
Tue, 26 Dec 2023 23:53:21 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: BD5222BF711045DC8FF8F64BA92AEBF6 Ref B: NYCEDGE1717 Ref C: 2023-12-26T23:53:22Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
/db_sync?pid=15927&puuid=CoIKSGWLZ3EY9imPNLMMAg%3D%3D&us_privacy=&_rand=1703634802039.2&expected_cookie=c090a1c0-edba-4b90-a545-9200ceba603b
x-li-proto
http/2
content-length
0
x-li-uuid
AAYNcmM2jmvv/xNx4oWlsg==
ec751bcd-abcc-4c3e-b966-af69f83765e9
map.go.affec.tv/map/ttd/
Redirect Chain
  • https://map.go.affec.tv/map/3a/?pid=CoIKSGWLZ3EY9imPNLMMAg%3D%3D&us_privacy=&ts=1703634802039.3
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D658b677268ac570001db57a1%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D658b677268ac570001db57a1%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%25...
  • https://map.go.affec.tv/map/an/5501317867227186810?ch=658b677268ac570001db57a1&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://map.go.affec.tv/map/ttd/ec751bcd-abcc-4c3e-b966-af69f83765e9?ttd_puid=&gdpr=0&gdpr_consent=
0
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://map.go.affec.tv/map/ttd/ec751bcd-abcc-4c3e-b966-af69f83765e9?ttd_puid=&gdpr=0&gdpr_consent=
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Server
3.230.251.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-251-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:22 GMT
content-encoding
gzip
vary
Accept-Encoding

Redirect headers

location
https://map.go.affec.tv/map/ttd/ec751bcd-abcc-4c3e-b966-af69f83765e9?ttd_puid=&gdpr=0&gdpr_consent=
date
Tue, 26 Dec 2023 23:53:22 GMT
server
Kestrel
content-length
229
usermatch.gif
beacon.krxd.net/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKSGWLZ3EY9imPNLMMAg%3D%3D&us_privacy=&random=1703634802039.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKSGWLZ3EY9imPNLMMAg%3D%3D&us_privacy=&random=1703634802039.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ef3a364c-95a5-4eee-93f9-149bbf33d78f%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ec751bcd-abcc-4c3e-b966-af69f83765e9&ttd_puid=ef3a364c-95a5-4eee-93f9-149bbf33d78f%2Chttps%253A%252F%252Fusermatch.krxd.n...
  • https://usermatch.krxd.net/um/v2?partner=tapad
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Server
34.197.227.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-227-33.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by
beacon-n035-ash-prod.krxd.net
date
Tue, 26 Dec 2023 23:53:22 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1703634802
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
date
Tue, 26 Dec 2023 23:53:22 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a010-ash-prod.krxd.net
405716.gif
idsync.rlcdn.com/
Redirect Chain
  • https://dp2.33across.com/ps/?pid=1205&rand=1703634802039.5
  • https://idsync.rlcdn.com/405716.gif?partner_uid=212396384215807
42 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/405716.gif?partner_uid=212396384215807
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:22 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:22 GMT
referrer-policy
unsafe-url
server
33XP009
x-33x-status
4000000000004000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://idsync.rlcdn.com/405716.gif?partner_uid=212396384215807
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKSGWLZ3EY9imPNLMMAg%3D%3D&us_privacy=&random=1703634802039.7&pu=https%3A%2F%2Flayardesa21.cfd%2F
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212302246824230&seg_code=33x&random=1703634802
  • https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212302246824230%26seg_code%3D33x%26random%3D1703634802
43 B
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212302246824230%26seg_code%3D33x%26random%3D1703634802
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
H2
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:22 GMT
an-x-request-uuid
2c14cb15-9ee9-4ca9-a63f-67259a5cf29c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.36; 96.9.249.36; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:22 GMT
an-x-request-uuid
9f212b4b-3081-4599-8a4b-331428151894
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212302246824230%26seg_code%3D33x%26random%3D1703634802
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.36; 96.9.249.36; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bk-coretag.js
tags.bkrtx.com/js/ Frame 5681 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.91.104.69 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-91-104-69.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Tue, 26 Dec 2023 23:53:22 GMT
last-modified
Fri, 21 May 2021 19:14:21 GMT
server
nginx/1.15.8
etag
W/"60a8068d-cbc2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
content-length
16078
expires
Tue, 02 Jan 2024 23:53:22 GMT
v2
ap.lijit.com/readerinfo/
Redirect Chain
  • https://ap.lijit.com/readerinfo/v2
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
41 B
463 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by
Host: layardesa21.cfd
URL: https://layardesa21.cfd/
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
badbda0bbbe362ae9b7d35b11a2ab03be6e6a69ad312b352e942899e59fd019a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 23:53:22 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://layardesa21.cfd
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61

Redirect headers

Date
Tue, 26 Dec 2023 23:53:22 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin
https://layardesa21.cfd
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
2981
tags.bluekai.com/site/ Frame 5D28
Redirect Chain
  • https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGUACGWLZ3EAAAAIA3PFAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23366%26cid%3Dc010%26...
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=ZkZoKzE1WXY5OWVVcS8raw%3D%3D
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEPtCGSc_ulT8ZHjlP9j5XsQ&google_cver=1
62 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEPtCGSc_ulT8ZHjlP9j5XsQ&google_cver=1
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.137.114 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-216-137-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://t.sharethis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
62
content-type
image/gif
date
Tue, 26 Dec 2023 23:53:22 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
296
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 26 Dec 2023 23:53:22 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEPtCGSc_ulT8ZHjlP9j5XsQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
1540_03681
track2.securedvisit.com/sync/ 		43 B
178 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track2.securedvisit.com/sync/1540_03681?id=H415jSZHJIZaxf55RVWaZjk0
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.239.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-239-57.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:23 GMT
cache-control
private, no-cache, proxy-revalidate
server
nginx/1.24.0
content-length
43
content-type
image/gif
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e5cf4a0e494486a94b8badc74fa0fff38aa8bcfb479a183fbc119e2a02bfe392
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12141
x-xss-protection
0
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-28.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

Referer
https://layardesa21.cfd/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 26 Dec 2023 23:53:24 GMT
content-encoding
gzip
via
1.1 2041b05ebafba84de0e785871a4269bc.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 14:23:53 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
etag
W/"f16e89fd08a708a6bd2e69be50fd30ab"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
public, max-age=86400
x-amz-cf-id
egc0uSKEyXXE4K63H9VVvbmS90kKSayIiFR-wkxQkpWtjeqtz1ZiEA==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Dec 2023 23:53:23 GMT
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame F6DA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=67990
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-99.ewr53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://layardesa21.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
date
Tue, 26 Dec 2023 23:53:23 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via
1.1 78cc4d359edf91a401bf5898aa1dacc6.cloudfront.net (CloudFront)
x-amz-cf-id
OpqgspibkiXpf2WbsE8KO4rS3Bc-0tQiBLfZx7oLxruykCYr4OGMew==
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
data
bcp.crwdcntrl.net/6/ 		553 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.94.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-94-68.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
da5db44956d9f6c55630074629deb758e0653a3c6b2d881f99bdb95cc23a17bd

Request headers

Referer
https://layardesa21.cfd/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:23 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://layardesa21.cfd
cache-control
no-cache
x-server
10.40.15.50
access-control-allow-credentials
true
content-length
553
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B1B5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://layardesa21.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
13516
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 26 Dec 2023 20:08:07 GMT
expires
Wed, 25 Dec 2024 20:08:07 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7E0F 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
392334f7f1f5b0f12946bfc99d700813af5441ff50716e5f4c1546245e180926
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-A7rkDDUAGPod4a6SR7XkyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://layardesa21.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-A7rkDDUAGPod4a6SR7XkyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 26 Dec 2023 23:53:23 GMT
expires
Tue, 26 Dec 2023 23:53:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame B1B5 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 20:09:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
99849
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Dec 2024 20:09:14 GMT
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 3405 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-28.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer
https://layardesa21.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
59780
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Tue, 26 Dec 2023 07:17:04 GMT
etag
W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified
Tue, 05 Sep 2023 17:36:56 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 b4bbc10bb9b68293dc88560c2ddfcc2c.cloudfront.net (CloudFront)
x-amz-cf-id
Ofj5oYASNuHo_ca5-RhkSZWkfjuZint5kY_FM-_21qA3E1t8wVeh2Q==
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
sodar
pagead2.googlesyndication.com/pagead/ Frame 7E0F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=4374870627996756&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame B1B5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?GJjIEg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixels
bcp.crwdcntrl.net/ Frame C7AA 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C150%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C94%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.94.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-94-68.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
078126c279125aedba7f05200b1d0c0e17549f22868ae18907da57b2fafb3ec5

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-length
4202
content-type
text/html
date
Tue, 26 Dec 2023 23:53:23 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.40.59.42
m
cm.mgid.com/ Frame C7AA
Redirect Chain
  • https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=895a99800f371706e65029416dd04c00
  • https://cm.mgid.com/m?c=895a99800f371706e65029416dd04c00&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
43 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?c=895a99800f371706e65029416dd04c00&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C150%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C94%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
83bd3e33ddb64bd3-BUF
alt-svc
h3=":443"; ma=86400
content-length
43

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
location
https://cm.mgid.com/m?c=895a99800f371706e65029416dd04c00&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
83bd3e336d294bd3-BUF
alt-svc
h3=":443"; ma=86400
content-length
43
/
wt.rqtrk.eu/ Frame C7AA 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wt.rqtrk.eu/?pid=e34a6063-e846-4ccb-98d8-0eba4dd66b75&src=www&type=100&sid=0&cb=153340171&gdpr=0&gdpr_consent=&gdpr_pd=0&uid=895a99800f371706e65029416dd04c00
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C150%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C94%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.235.42.103 Terrebonne, Canada, ASN16276 (OVH, FR),
Reverse DNS
haproxy-ca-002.roqad.pl
Software
istio-envoy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:23 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type
image/gif
cache-control
no-cache,private
x-envoy-upstream-service-time
0
content-length
43
expires
Tue, 26 Dec 2023 23:53:22 GMT
getuid
sync.smartadserver.com/ Frame C7AA
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
0
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C150%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C94%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Server
23.105.12.120 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:23 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
pragma
no-cache
date
Tue, 26 Dec 2023 23:53:22 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
qmap
sync.crwdcntrl.net/ Frame C7AA
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=EF705E82-834E-4498-B549-A528228E689F&gdpr=0
49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=EF705E82-834E-4498-B549-A528228E689F&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C150%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C94%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
44.211.9.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-211-9-18.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:24 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.4.2
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=EF705E82-834E-4498-B549-A528228E689F&gdpr=0
date
Tue, 26 Dec 2023 23:53:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
41715
i6.liadm.com/s/ Frame C7AA
Redirect Chain
  • https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=895a99800f371706e65029416dd04c00
  • https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=895a99800f371706e65029416dd04c00&_li_chk=true&previous_uuid=4f062ad89c26474ab24f40a16fc8480c
  • https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=895a99800f371706e65029416dd04c00
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=895a99800f371706e65029416dd04c00
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C150%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C94%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:e949:4781:8199:98a6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 23:53:24 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=895a99800f371706e65029416dd04c00
Date
Tue, 26 Dec 2023 23:53:23 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=ec751bcd-abcc-4c3e-b966-af69f83765e9/gdpr=0/ Frame C7AA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=ec751bcd-abcc-4c3e-b966-af69f83765e9/gdpr=0/gdpr_consent=
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=ec751bcd-abcc-4c3e-b966-af69f83765e9/gdpr=0/gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C150%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C94%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
44.211.9.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-211-9-18.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:23 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.53.30
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=ec751bcd-abcc-4c3e-b966-af69f83765e9/gdpr=0/gdpr_consent=
date
Tue, 26 Dec 2023 23:53:23 GMT
server
Kestrel
content-length
249
tpid=ef3a364c-95a5-4eee-93f9-149bbf33d78f
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame C7AA
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=895a99800f371706e65029416dd04c00&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Def3a364c-95a5-4eee-93f9-149bbf33d78f%252Chttps%2525...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5501317867227186810&pt=ef3a364c-95a5-4eee-93f9-149bbf33d78f%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%25...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=ef3a364c-95a5-4eee-93f9-149bbf33d78f
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=ef3a364c-95a5-4eee-93f9-149bbf33d78f
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C150%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C94%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
44.211.9.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-211-9-18.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:23 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.12.222
content-length
49
expires
0

Redirect headers

date
Tue, 26 Dec 2023 23:53:23 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=ef3a364c-95a5-4eee-93f9-149bbf33d78f
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tpid=9dcdd05454823c36c440bf94c990f978
sync.crwdcntrl.net/map/c=10832/tp=TRUP/ Frame C7AA
Redirect Chain
  • https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
  • https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=9dcdd05454823c36c440bf94c990f978
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=9dcdd05454823c36c440bf94c990f978
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C150%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C94%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
44.211.9.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-211-9-18.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:23 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.56.15
content-length
49
expires
0

Redirect headers

date
Tue, 26 Dec 2023 23:53:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-length
142
x-xss-protection
1; mode=block
pragma
no-cache
to-dmp-sync
s3b-dmp-use1-aws.truoptik.com
server
cloudflare
user-agent
Tru Optik DMP 1.3.1
x-frame-options
SAMEORIGIN
content-type
text/html
location
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=9dcdd05454823c36c440bf94c990f978
access-control-allow-origin
*
cache-control
no-store
cf-ray
83bd3e33695536b4-YYZ
expires
0
/
loadus.exelator.com/load/ Frame C7AA 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadus.exelator.com/load/?p=204&g=260&buid=895a99800f371706e65029416dd04c00&j=0&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C150%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C94%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.197.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-197-56.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
gdpr=0
sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=42538027664982217971916778039638224646/ Frame C7AA
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=895a99800f371706e65029416dd04c00&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=895a99800f371706e65029416dd04c00&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUI...
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=42538027664982217971916778039638224646/gdpr=0
49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=42538027664982217971916778039638224646/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C150%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C94%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
44.211.9.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-211-9-18.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:24 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.2.49
content-length
49
expires
0

Redirect headers

dcs
dcs-prod-va6-2-v053-0584fcf5b.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Tue, 26 Dec 2023 23:53:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
E/MJEXYjTlE=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=42538027664982217971916778039638224646/gdpr=0
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
utsync.ashx
ml314.com/ Frame C7AA 		43 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/utsync.ashx?eid=50146&et=0&fp=895a99800f371706e65029416dd04c00&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C150%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C94%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:23 GMT
via
1.1 google, 1.1 google
server
Google Frontend
content-type
image/gif
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0,Wed, 27 Dec 2023 23:53:23 GMT
qmap
sync.crwdcntrl.net/ Frame C7AA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-6527f3db-4c3a-579f-7d49-b39c1b3411ce$ip$96.9.249.36&gdpr=0&gdpr_consent=
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-6527f3db-4c3a-579f-7d49-b39c1b3411ce$ip$96.9.249.36&gdpr=0&gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C150%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C94%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
44.211.9.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-211-9-18.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:24 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.50.175
content-length
49
expires
0

Redirect headers

Location
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-6527f3db-4c3a-579f-7d49-b39c1b3411ce$ip$96.9.249.36&gdpr=0&gdpr_consent=
Date
Tue, 26 Dec 2023 23:53:23 GMT
Connection
keep-alive
Content-Length
165
Content-Type
text/html; charset=utf-8
match
ps.eyeota.net/ Frame C7AA 		70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=51mdg9u&uid=895a99800f371706e65029416dd04c00&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C150%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C94%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.233.22.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-22-19.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 26 Dec 2023 23:53:23 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
qmap
sync.crwdcntrl.net/ Frame C7AA
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-8ccuL9NE2pwvh_P6JFDYZOiIldfn3i_ZgeU-~A&gdpr=0
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-8ccuL9NE2pwvh_P6JFDYZOiIldfn3i_ZgeU-~A&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C150%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C94%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
44.211.9.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-211-9-18.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:24 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.1.218
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-8ccuL9NE2pwvh_P6JFDYZOiIldfn3i_ZgeU-~A&gdpr=0
date
Tue, 26 Dec 2023 23:53:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
gdpr=0
sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=21d7bfed-aad2-42c1-a38e-8733aa1f1edd-658b6773-5553/ Frame C7AA
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=21d7bfed-aad2-42c1-a38e-8733aa1f1edd-658b6773-5553/gdpr=0
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=21d7bfed-aad2-42c1-a38e-8733aa1f1edd-658b6773-5553/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C150%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C94%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
44.211.9.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-211-9-18.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:24 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.57.170
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:23 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=21d7bfed-aad2-42c1-a38e-8733aa1f1edd-658b6773-5553/gdpr=0
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
token
token.rubiconproject.com/ Frame C7AA 		0
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=7&puid=895a99800f371706e65029416dd04c00&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C150%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C94%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5e07703167439847c6c49a939083c0fd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
gdpr=0&_test=ZYtndAAJ0smXVQAM
sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZYtndAAJ0smXVQAM/ Frame C7AA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=ZYtndAAJ0smXVQAM
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZYtndAAJ0smXVQAM/gdpr=0&_test=ZYtndAAJ0smXVQAM
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZYtndAAJ0smXVQAM/gdpr=0&_test=ZYtndAAJ0smXVQAM
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C150%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C94%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
44.211.9.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-211-9-18.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:24 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.2.199
content-length
49
expires
0

Redirect headers

x-served-by
cache-yyz4553-YYZ
pragma
no-cache
date
Tue, 26 Dec 2023 23:53:24 GMT
via
1.1 varnish
server
Varnish
x-timer
S1703634804.396169,VS0,VE0
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZYtndAAJ0smXVQAM/gdpr=0&_test=ZYtndAAJ0smXVQAM
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame C7AA 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ODk1YTk5ODAwZjM3MTcwNmU2NTAyOTQxNmRkMDRjMDA&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C150%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C94%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5907
tags.bluekai.com/site/ Frame C7AA 		62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=dd8fdeeddcef40052434c418b560ac51
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C150%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C94%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.137.114 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-216-137-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 26 Dec 2023 23:53:24 GMT
content-length
62
content-type
image/gif
g.json
aa.agkn.com/adscores/ Frame C7AA 		108 B
730 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C150%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C94%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-50.ewr50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
ce5adf26f76fcbd66c6b956b01ab9448516e12aabc21b6934222c8a332cc83fa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:23 GMT
via
1.1 78151a5252ddc63300143dbe81b1f0c4.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
108
x-amz-cf-id
wY-U5y8gc5eLayJ6OPKVwrk2yBo4NT6pS_Pv87nj_34L4d2cblIbFw==
expires
0
pixel
cm.g.doubleclick.net/ Frame C7AA 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_hm=ODk1YTk5ODAwZjM3MTcwNmU2NTAyOTQxNmRkMDRjMDA&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C150%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C94%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr=0
sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8502203748285965579/ Frame C7AA
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/895a99800f371706e65029416dd04c00/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8502203748285965579/gdpr=0
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8502203748285965579/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C150%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C94%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
44.211.9.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-211-9-18.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:24 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.49.185
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8502203748285965579/gdpr=0
pragma
no-cache
date
Tue, 26 Dec 2023 23:53:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rand=547915985
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=5501317867227186810/gdpr=0/ Frame C7AA
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=547915985
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=5501317867227186810/gdpr=0/rand=547915985
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=5501317867227186810/gdpr=0/rand=547915985
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C150%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C94%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
44.211.9.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-211-9-18.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:23 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.12.34
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:23 GMT
an-x-request-uuid
6c3134f0-b13c-44e8-8e36-ab7c4f52f880
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=5501317867227186810/gdpr=0/rand=547915985
x-proxy-origin
96.9.249.36; 96.9.249.36; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
xkDtXIlQBtkaHSjL6NyUsZREZTe-152x228.jpg
layardesa21.cfd/wp-content/uploads/2023/12/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://layardesa21.cfd/wp-content/uploads/2023/12/xkDtXIlQBtkaHSjL6NyUsZREZTe-152x228.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:27b:2::20cb , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS
Software
Apache /
Resource Hash
b181dada1a6ffd7196238a0bb70c5eb951e9c2dd0519399de4cc7c9cb35f7d9f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 26 Dec 2023 23:53:23 GMT
last-modified
Mon, 25 Dec 2023 12:50:50 GMT
server
Apache
accept-ranges
bytes
content-length
9605
content-type
image/jpeg
usersync.aspx
dis.criteo.com/dis/
Redirect Chain
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H415jSZHJIZaxf55RVWaZjk0&rnd=73315
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H415jSZHJIZaxf55RVWaZjk0&rnd=73315&_li_chk=true&previous_uuid=fc40eaffc1884d1480c4364e150fe4e1
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:23 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
247023
expires
Tue, 26 Dec 2023 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Tue, 26 Dec 2023 23:53:23 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=4374870627996756&bg=!CgmlCUbNAAY3kmNgF5I7ADQBe5WfOChGU5ItkxFHGFOEaEHx1V-5XcoxrLcJOoTdP-667zTdb0uoVJ1h8CCBo3xLFUyjAgAAAJdSAAAABWgBB5kDBimdONwATzNjWclrfrQ-wvCXYjIrYC6mewy4Ox4_FzbYrIYH8D_4sTz5kmiobPl30px7xlBghOsrd1TKNldPOoeareAxSznvzeI0aQUrK3jsLmPsgpETzkvpranqXmNCu7HnyqoiISGNVD-CtlRHiaBMydDWbHDdnyobPMOU0sfC4wdWCHRIIQUVcedp8JWys0r9mIaVmhkRERJ-OQbjeCGuICik9oNxoo72vqUIynQLD0BRNgh0O-_AnBqFpfPY70ePDihsqV6KbGMaQ1XU7Fcr0itTx0p3f14TM0VU1oyNH0SnrKLeNgfDLVGkzEayXr2fO-aspkaW1_vdQAcNzmCkXFSP1bBZqcVr1s_M97MjsZX3INHPZ32ThxRteS7b11uveXddUfYpq0CBaQi6DDhE11eY6-gjLd_8o0GgLijMTw1CbGsYUd5zignoNkeRIDOQb6AlAClbvYPNIqtBkE7WsZTtd0aYnxOE_MufF3xG9vRz37J4AJ0vrY5QyYnSj8TgfFT_PLUHSqqfjWwLFQJoHB27MA-3Coo8t0neoRBaUCjWb9cFjPXfRkjdHAuiCrpNO4XRHim3NMOWbM1BeNgYb2GeZlqOrGzLp3V5cFl2xlW1We2mA7APt5Key4gIjNFtCemZ6iS_ZJ3sQW2N8yj1bgZuCbfZXK2pX7z2GjUq-l5EKf_3v0SmmnP3mZMuPOUDvEctvSAJVXxdBjB9-d6CHEhOyxupox0gKAPvbycO2KEkMBvyxOUbFPJMpIO6SxcV1JcSNUR6ZeAaYS6P1Id5KUHMLR1nMGTJvQXCOnHlP50J7glkDCpKu_HGcJZIn2grj1bw4yiyi0C5B0plrWfoUCQJhSh3My-OA6y-4djrnJeneLfms6bXCTfRbTKMEL8_r_SO08Ps-2T4aFn5ncgRFb_fHu2A20LvlOPdIPDYujQYuDQDCNO_NJ2u86Mhrkx7RdbX5Qcjp1MdhrLib0K7WB8cXW9zW5CZtC3OVb-_8AdVjgqXaBljp_6QGcFeLvn88IEaHg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
db_sync
px.ads.linkedin.com/ 		0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=H415jSZHJIZaxf55RVWaZjk0&rand=43375&pu=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:23 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 6921F9B00F794135B6F7C427BC26F7F3 Ref B: NYCEDGE1717 Ref C: 2023-12-26T23:53:24Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYNcmNXZarhdvvcZOKzuA==
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match?r=15398
  • https://ce.lijit.com/merge?pid=2&3pid=CC3E0FF596F344A6A824B36AB53A5030
43 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=CC3E0FF596F344A6A824B36AB53A5030
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 23:53:25 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 26 Dec 2023 23:53:24 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=CC3E0FF596F344A6A824B36AB53A5030
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 25 Dec 2023 23:53:24 GMT
a.gif
t.sharethis.com/d/ Frame 73FE 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGUACGWLZ3EAAAAIA3PFAw%253D%253D&tt=t.dhj&dhjLcy=1703634801952&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=layardesa21.cfd&pn=%2F&qs=na&rdn=layardesa21.cfd&rpn=%2F&rqs=na&cc=US&cont=NA&evid=6VBjoyYA0Gz6qTrhSl56&urls=!1!413!b-13j,!0!453!b-13l,!1!413!b-14s,!1!0!b-14t,!1!230!b-150,!1!685!b-16f&rnd=1703634805060&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=34
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.202 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 23:53:25 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 26 Dec 2023 23:53:25 GMT
57333
i6.liadm.com/s/
Redirect Chain
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H415jSZHJIZaxf55RVWaZjk0&rnd=85441
  • https://i6.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H415jSZHJIZaxf55RVWaZjk0&rnd=85441
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H415jSZHJIZaxf55RVWaZjk0&rnd=85441
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:e949:4781:8199:98a6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 23:53:25 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H415jSZHJIZaxf55RVWaZjk0&rnd=85441
Date
Tue, 26 Dec 2023 23:53:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame C36E 		85 B
481 B 		Document
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-87.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer
https://layardesa21.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
312705
cache-control
max-age=864000
content-length
85
content-type
text/html
date
Sat, 23 Dec 2023 09:01:41 GMT
etag
"131a68f1a3ad405d816af56e04b93481"
last-modified
Mon, 24 Aug 2020 10:07:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 30dd3884a4b369c2dc7ffa8271e1b512.cloudfront.net (CloudFront)
x-amz-cf-id
70GF1A-RGMvozi05Ravu75il0QXllKy7VivoQdfgdMVcWNXqolg2OA==
x-amz-cf-pop
JFK52-P4
x-amz-version-id
DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache
Hit from cloudfront
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame C36E 		766 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-87.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date
Sun, 24 Dec 2023 08:06:20 GMT
via
1.1 30dd3884a4b369c2dc7ffa8271e1b512.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 10:07:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
229626
etag
"145e495d0d92a3c8fd975bfe5485b72c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
766
x-amz-cf-id
myR8GeTNObMoY-j232B0-_jhtqK1I0_lBludQUp8aODRmmOFJz9NEg==
merge
ce.lijit.com/
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=H415jSZHJIZaxf55RVWaZjk0/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
  • https://ce.lijit.com/merge?pid=5001&3pid=895a99800f371706e65029416dd04c00
43 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=5001&3pid=895a99800f371706e65029416dd04c00
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 23:53:25 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:25 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ce.lijit.com/merge?pid=5001&3pid=895a99800f371706e65029416dd04c00
cache-control
no-cache
x-server
10.40.49.185
content-length
0
expires
0
pixel
ps.eyeota.net/ 		763 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.233.22.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-22-19.compute-1.amazonaws.com
Software
/
Resource Hash
8132a9689d485de19643a740b8481c111dfcc255a7955c5f31498de2fcf160cc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
application/javascript
Date
Tue, 26 Dec 2023 23:53:26 GMT
Content-Length
763
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
match
ps.eyeota.net/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mld4bWF1UlJmVUs3ajdYZ3BNVVRSY2wwVUlPUWN6aXdmeWVPdmxyOHctWHM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESED9sJx8n5jZpHJOv73V1Bog&google_cver=1
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESED9sJx8n5jZpHJOv73V1Bog&google_cver=1
Protocol
HTTP/1.1
Server
3.233.22.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-22-19.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 26 Dec 2023 23:53:26 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESED9sJx8n5jZpHJOv73V1Bog&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
375
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ps.eyeota.net/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=Eyeot
  • https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot
  • https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-ATuzZ0hE2pXqR3wQX6TnOszI955o.GG10wY-~A
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-ATuzZ0hE2pXqR3wQX6TnOszI955o.GG10wY-~A
Protocol
HTTP/1.1
Server
3.233.22.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-22-19.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 26 Dec 2023 23:53:26 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-ATuzZ0hE2pXqR3wQX6TnOszI955o.GG10wY-~A
date
Tue, 26 Dec 2023 23:53:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
match
ps.eyeota.net/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u
  • https://ps.eyeota.net/match?uid=ZYtndAAJ0smXVQAM&bid=0rijhbu&referrer_pid=51md42u
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=ZYtndAAJ0smXVQAM&bid=0rijhbu&referrer_pid=51md42u
Protocol
HTTP/1.1
Server
3.233.22.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-22-19.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 26 Dec 2023 23:53:26 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

x-served-by
cache-yyz4553-YYZ
pragma
no-cache
date
Tue, 26 Dec 2023 23:53:26 GMT
via
1.1 varnish
server
Varnish
x-timer
S1703634807.701301,VS0,VE0
x-cache
HIT
location
https://ps.eyeota.net/match?uid=ZYtndAAJ0smXVQAM&bid=0rijhbu&referrer_pid=51md42u
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
match
ps.eyeota.net/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u
  • https://ps.eyeota.net/match?uid=5501317867227186810&bid=2cr76e1&referrer_pid=51md42u
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=5501317867227186810&bid=2cr76e1&referrer_pid=51md42u
Protocol
HTTP/1.1
Server
3.233.22.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-22-19.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 26 Dec 2023 23:53:26 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:26 GMT
an-x-request-uuid
62cb4065-6fad-4d1c-8160-72ecd2d9d681
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ps.eyeota.net/match?uid=5501317867227186810&bid=2cr76e1&referrer_pid=51md42u
x-proxy-origin
96.9.249.36; 96.9.249.36; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
5386
tags.bluekai.com/site/
Redirect Chain
  • https://tags.bluekai.com/site/29537?limit=1&id=2JN8K7xUNk4jjxc6VKaOR_KMTqghyDZWfBNncfiso-aM
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
  • https://tags.bluekai.com/site/5386?id=ec751bcd-abcc-4c3e-b966-af69f83765e9&gdpr=0&gdpr_consent=
62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5386?id=ec751bcd-abcc-4c3e-b966-af69f83765e9&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.216.137.114 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-216-137-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 26 Dec 2023 23:53:27 GMT
content-length
62
content-type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/5386?id=ec751bcd-abcc-4c3e-b966-af69f83765e9&gdpr=0&gdpr_consent=
date
Tue, 26 Dec 2023 23:53:26 GMT
server
Kestrel
content-length
221
CookieSyncThrotle
rtb.adentifi.com/
Redirect Chain
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H415jSZHJIZaxf55RVWaZjk0
  • https://thrtle.com/sync?_reach=1&vxii_pdid=H415jSZHJIZaxf55RVWaZjk0&vxii_pid=12&vxii_pid1=7002&vxii_rcid=440c0423-7920-437c-85dd-51c1fa02d880&vxii_rmax=1
  • https://rtb.adentifi.com/CookieSyncThrotle?
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncThrotle?
Protocol
H2
Server
3.223.16.170 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:27 GMT

Redirect headers

location
https://rtb.adentifi.com/CookieSyncThrotle?
date
Tue, 26 Dec 2023 23:53:27 GMT
content-type
text/html; charset=utf-8
content-length
66
p3p
CP="NOI OUR BUS UNI COM NAV"
sovrn_standalone_beacon.js
ap.lijit.com/www/sovrn_beacon_standalone/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
nginx /
Resource Hash
b4208c430fb204fc4903653c1c36f9832e2c3bfb742a6828e96878e328d8e26e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://layardesa21.cfd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 26 Dec 2023 23:53:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Jul 2023 16:20:24 GMT
Server
nginx
ETag
W/"64c7df48-22bf"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Wed, 27 Dec 2023 00:53:27 GMT
beacon
ce.lijit.com/ Frame F8E0 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
adb6e72318ad52360a4f331ff525ae1c9991ce5ffc2087534545f67020fb1d33

Request headers

Referer
https://layardesa21.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
1094
Content-Type
text/html
Date
Tue, 26 Dec 2023 23:53:27 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap3dca1
merge
ce.lijit.com/ Frame F8E0
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?3pid=OPU300c10bfca4e4768b99e9a898d5cad8e&gdpr=0&gdpr_consent=&pid=103
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?3pid=OPU300c10bfca4e4768b99e9a898d5cad8e&gdpr=0&gdpr_consent=&pid=103
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 23:53:28 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:28 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://ce.lijit.com/merge?3pid=OPU300c10bfca4e4768b99e9a898d5cad8e&gdpr=0&gdpr_consent=&pid=103
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
131
expires
Mon, 01 Jan 1990 00:00:00 GMT
usersync
sync.springserve.com/ Frame F8E0
Redirect Chain
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent=
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=[GDPR_CONSENT]&us_privacy=[CCPA]&redirect=https%3A%2F%2Fcs.krushmedia.com%2F69da6122611580d07d...
  • https://cs.krushmedia.com/69da6122611580d07d521cb63b7edc81.gif?puid=3466364086634050000V10
  • https://sync.springserve.com/usersync?aid=1917&uuid=bac4105c-aa7e-55f9-b7e5-51dd67f5b068
43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1917&uuid=bac4105c-aa7e-55f9-b7e5-51dd67f5b068
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
H2
Server
3.213.97.139 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 26 Dec 2023 23:53:28 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 23:53:28 GMT
Server
nginx
Location
https://sync.springserve.com/usersync?aid=1917&uuid=bac4105c-aa7e-55f9-b7e5-51dd67f5b068
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
merge
ce.lijit.com/ Frame F8E0
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=27&uid=H415jSZHJIZaxf55RVWaZjk0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=66&3pid=869593281786
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=66&3pid=869593281786
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 23:53:28 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=66&3pid=869593281786
Content-Length
0
merge
ce.lijit.com/ Frame F8E0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent=
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=fmx&bsw_custom_parameter=564804b4-4203-49ac-93ae-bf3d3b294638
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=564804b4-4203-49ac-93ae-bf3d3b294638&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=fmx&bsw_param=564804b4-4203-49ac-93ae-bf3d3b294638
  • https://ce.lijit.com/merge?pid=26&3pid=564804b4-4203-49ac-93ae-bf3d3b294638&gdpr=&gdpr_consent=&us_privacy=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=564804b4-4203-49ac-93ae-bf3d3b294638&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 23:53:28 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=564804b4-4203-49ac-93ae-bf3d3b294638&gdpr=&gdpr_consent=&us_privacy=
Date
Tue, 26 Dec 2023 23:53:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame F8E0
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=H415jSZHJIZaxf55RVWaZjk0&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=ZYtneO55gF0OQXeAPrJzFa-a
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=ZYtneO55gF0OQXeAPrJzFa-a
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 23:53:28 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 26 Dec 2023 23:53:28 GMT
server
Aorta/20231219.0f0182a99
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=ZYtneO55gF0OQXeAPrJzFa-a
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
c71a6e46d04c
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
pixel
cm.g.doubleclick.net/ Frame F8E0
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SDQxNWpTWkhKSVpheGY1NVJWV2Faamsw&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SDQxNWpTWkhKSVpheGY1NVJWV2Faamsw&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
H3
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 26 Dec 2023 23:53:27 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SDQxNWpTWkhKSVpheGY1NVJWV2Faamsw&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame F8E0
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=6weuRV3PhtPg&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=6weuRV3PhtPg&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 23:53:28 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://ce.lijit.com/merge?pid=49&3pid=6weuRV3PhtPg&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-db744d8c7-br8sj
expires
-1
merge
ce.lijit.com/ Frame F8E0
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=LQN06C0J-24-DBGS&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=LQN06C0J-24-DBGS&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 23:53:28 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=83&3pid=LQN06C0J-24-DBGS&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
17c962550296893d145ef1b8078fc6d6
Expires
0
merge
ce.lijit.com/ Frame F8E0
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=59FpBnFGOjgM89EVybvpKtdEF7GFD-Z0Wt_ao5mNfP4&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=59FpBnFGOjgM89EVybvpKtdEF7GFD-Z0Wt_ao5mNfP4&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 23:53:28 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=59FpBnFGOjgM89EVybvpKtdEF7GFD-Z0Wt_ao5mNfP4&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Tue, 26 Dec 2023 23:53:28 GMT, Tue, 26 Dec 2023 23:53:28 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame F8E0
Redirect Chain
  • https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 23:53:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KWKFK86QQJR1B0F0078Q
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame F8E0
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=ec751bcd-abcc-4c3e-b966-af69f83765e9&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=ec751bcd-abcc-4c3e-b966-af69f83765e9&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 23:53:28 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=27&3pid=ec751bcd-abcc-4c3e-b966-af69f83765e9&gdpr=0&gdpr_consent=
date
Tue, 26 Dec 2023 23:53:28 GMT
server
Kestrel
content-length
223
dot.gif
s0.2mdn.net/ Frame F8E0
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=SDQxNWpTWkhKSVpheGY1NVJWV2Faamsw&gdpr=0
  • https://s0.2mdn.net/dot.gif?gdpr=0
43 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
H2
Server
2607:f8b0:4006:81c::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 22:46:21 GMT
x-content-type-options
nosniff
age
4027
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 27 Dec 2023 22:46:21 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s0.2mdn.net/dot.gif?gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
231
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame F8E0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?3pid=AAFcRU7LFs8AABYGRvEIRQ&pid=85&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?3pid=AAFcRU7LFs8AABYGRvEIRQ&pid=85&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 23:53:28 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?3pid=AAFcRU7LFs8AABYGRvEIRQ&pid=85&gdpr=0
Date
Tue, 26 Dec 2023 23:53:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame F8E0
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=VOansFTkqOpP4f6xU-ay5APjqOFP66bmBuKfN6CD
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=VOansFTkqOpP4f6xU-ay5APjqOFP66bmBuKfN6CD
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 23:53:28 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=VOansFTkqOpP4f6xU-ay5APjqOFP66bmBuKfN6CD
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sovrn
tr.blismedia.com/v1/api/sync/ Frame F8E0 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:28 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
merge
ce.lijit.com/ Frame F8E0
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1703634808254
  • https://ad.turn.com/r/cs?pid=45&rndcb=8333128805
  • https://sync.1rx.io/usersync/turn/8502203748285965579?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-bb9b811b-8b63-4d30-b278-d823679b95ec-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-bb9b811b-8b63-4d30-b278-d823679b95ec-005
  • https://ce.lijit.com/merge?pid=97&3pid=RX-bb9b811b-8b63-4d30-b278-d823679b95ec-005
0
0
merge
ce.lijit.com/ Frame F8E0
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=166d5561-eb26-4d81-85cf-e3c1750eb49d
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=166d5561-eb26-4d81-85cf-e3c1750eb49d
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 23:53:28 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=87&3pid=166d5561-eb26-4d81-85cf-e3c1750eb49d
date
Tue, 26 Dec 2023 23:53:28 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame F8E0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=5501317867227186810&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=5501317867227186810&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 23:53:28 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:28 GMT
an-x-request-uuid
35cb0cbc-b457-4ea4-9e7d-1b74fdd41765
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ce.lijit.com/merge?pid=92&3pid=5501317867227186810&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.36; 96.9.249.36; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame F8E0 		0
0
merge
ce.lijit.com/ Frame F8E0
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=21d7bfed-aad2-42c1-a38e-8733aa1f1edd-658b6773-5553&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D21d7bf...
  • https://ce.lijit.com/merge?pid=16&3pid=21d7bfed-aad2-42c1-a38e-8733aa1f1edd-658b6773-5553&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=21d7bfed-aad2-42c1-a38e-8733aa1f1edd-658b6773-5553&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 23:53:28 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 26 Dec 2023 23:53:27 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ce.lijit.com/merge?pid=16&3pid=21d7bfed-aad2-42c1-a38e-8733aa1f1edd-658b6773-5553&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CCD2 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.11.11 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=76033
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 26 Dec 2023 23:53:28 GMT
expires
Wed, 27 Dec 2023 21:00:41 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame F844
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_c...
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&g...
892 B
859 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
1bc1770da2d72e2c5775d3157ce01cecd2c76067eaa5f6ea66a059ac4c99d91d

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
534
content-type
text/html
date
Tue, 26 Dec 2023 23:53:28 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 26 Dec 2023 23:53:28 GMT
location
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D3C7 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.11.11 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=76033
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 26 Dec 2023 23:53:28 GMT
expires
Wed, 27 Dec 2023 21:00:41 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame D3C7 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=84003872&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c6860f851148483c95a4050e2bd1facb7dc38566fb05327135fec1c3dafa1795

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 26 Dec 2023 23:53:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dcm
s.amazon-adsystem.com/ Frame 42A2 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=EF705E82-834E-4498-B549-A528228E689F&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 26 Dec 2023 23:53:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
YSN4XDHDKXZFF5B1X7H7
services
sync.technoratimedia.com/ Frame E8FE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIem1rN0xGczhBQUJPdE1JWENFdw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?uid=AAFcRU7LFs8AABYGRvEIRQ&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_cu...
0
0
141
match.deepintent.com/usersync/ Frame D039 		0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 -, , ASN (),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Tue, 26 Dec 2023 23:53:28 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame 8DF9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5501317867227186810&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5501317867227186810&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 26 Dec 2023 13:39:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
d017e1fe-3991-4a9b-a661-6e61097a0ff8
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 26 Dec 2023 23:53:28 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5501317867227186810&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
96.9.249.36; 96.9.249.36; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame D81E 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 26 Dec 2023 23:53:28 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4553-YYZ
x-timer
S1703634808.138993,VS0,VE21
sync
pool.admedo.com/ Frame C27E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=564804b4-4203-49ac-93ae-bf3d3b294638
0
0
Pug
image2.pubmatic.com/AdServer/ Frame C386
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=RUyDLkVOjHReS459F02WeUsfjyheH4h5ERpLxZDT
42 B
444 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=RUyDLkVOjHReS459F02WeUsfjyheH4h5ERpLxZDT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 26 Dec 2023 23:53:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 26 Dec 2023 23:53:28 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=RUyDLkVOjHReS459F02WeUsfjyheH4h5ERpLxZDT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
bridge.gif
cm.adgrx.com/ Frame D8E0
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
0
0
Pug
image2.pubmatic.com/AdServer/ Frame B53D
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=979321840894200633
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=979321840894200633
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 26 Dec 2023 23:53:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 26 Dec 2023 23:53:28 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=979321840894200633
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
i.match
s.tribalfusion.com/z/ Frame B28D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame E403
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ZSfz20w6V599SbOcGzQRzmAJ-SQ&gdpr=0&gdpr_consent=
42 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ZSfz20w6V599SbOcGzQRzmAJ-SQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 26 Dec 2023 13:41:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 26 Dec 2023 23:53:28 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ZSfz20w6V599SbOcGzQRzmAJ-SQ&gdpr=0&gdpr_consent=
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame B755
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=32efe58e-fc2d-4e10-88d6-6d386fc646f0&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=EF705E82-834E-4498-B549-A528228E689F
42 B
489 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=EF705E82-834E-4498-B549-A528228E689F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.179.229 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Tue, 26 Dec 2023 23:53:28 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 26 Dec 2023 23:53:28 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=EF705E82-834E-4498-B549-A528228E689F
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 6321
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:CLkEKQIZ1RiheM5&gdpr=0&gdpr_consent=
42 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:CLkEKQIZ1RiheM5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 26 Dec 2023 13:41:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 26 Dec 2023 23:53:28 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:CLkEKQIZ1RiheM5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-09e35cdbb89806d4f@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
usersync.aspx
dis.criteo.com/dis/ Frame AB81 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Tue, 26 Dec 2023 23:53:27 GMT
expires
Tue, 26 Dec 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
463974
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
pubmatic
ad.mrtnsvr.com/sync/ Frame 9E30 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame E1CF
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1c3ecebc9b364d8b9dd2d1047972181a
42 B
461 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1c3ecebc9b364d8b9dd2d1047972181a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 26 Dec 2023 23:53:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Tue, 26 Dec 2023 23:53:28 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1c3ecebc9b364d8b9dd2d1047972181a
pragma
no-cache
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame B072
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=869593281786
42 B
439 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=869593281786
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 26 Dec 2023 13:43:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=869593281786
merge
ce.lijit.com/ Frame CDD4 		43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=EF705E82-834E-4498-B549-A528228E689F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Tue, 26 Dec 2023 23:53:28 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3dca1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D3C7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=73BegoNORJi1SaUoIo5onw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.62.11.11 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:28 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=76033
accept-ranges
bytes
content-length
5622
expires
Wed, 27 Dec 2023 21:00:41 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame D3C7
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=EF705E82-834E-4498-B549-A528228E689F
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=ef3a364c-95a5-4eee-93f9-149bbf33d78f&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=42538027664982217971916778039638224646&pt=ef3a364c-95a5-4eee-93f9-149bbf33d78f%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=42538027664982217971916778039638224646&pt=ef3a364c-95a5-4eee-93f9-149bbf33d78f%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:28 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

dcs
dcs-prod-va6-2-v053-00949e323.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Tue, 26 Dec 2023 23:53:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
xLFZGAKZSy4=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=42538027664982217971916778039638224646&pt=ef3a364c-95a5-4eee-93f9-149bbf33d78f%2C%2C
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame D3C7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20EF705E82-834E-4498-B549-A528228E689F&rnd=RND
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame D3C7
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7976&xuid=EF705E82-834E-4498-B549-A528228E689F&dongle=u6nf&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=EF705E82-834E-4498-B549-A528228E689F&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=EF705E82-834E-4498-B549-A528228E689F&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
35.71.139.29 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 26 Dec 2023 23:53:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7976&xuid=EF705E82-834E-4498-B549-A528228E689F&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
date
Tue, 26 Dec 2023 23:53:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame D3C7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUY3MDVFODItODM0RS00NDk4LUI1NDktQTUyODIyOEU2ODlG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.248.18.37 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 26 Dec 2023 23:53:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D3C7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENs126HPgDNAt7jhjnh1rlE&google_cver=1
42 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENs126HPgDNAt7jhjnh1rlE&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.248.18.37 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 26 Dec 2023 23:53:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENs126HPgDNAt7jhjnh1rlE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D3C7
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CC3E0FF596F344A6A824B36AB53A5030
42 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CC3E0FF596F344A6A824B36AB53A5030
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.248.18.37 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 26 Dec 2023 23:53:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Tue, 26 Dec 2023 23:53:28 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CC3E0FF596F344A6A824B36AB53A5030
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 25 Dec 2023 23:53:28 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D3C7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ec751bcd-abcc-4c3e-b966-af69f83765e9&gdpr=0&gdpr_consent=
42 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ec751bcd-abcc-4c3e-b966-af69f83765e9&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 26 Dec 2023 23:53:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ec751bcd-abcc-4c3e-b966-af69f83765e9&gdpr=0&gdpr_consent=
date
Tue, 26 Dec 2023 23:53:28 GMT
server
Kestrel
content-length
355
EF705E82-834E-4498-B549-A528228E689F
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D3C7 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/EF705E82-834E-4498-B549-A528228E689F?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:d4c8:9f2:5a1a:543f -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame D3C7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=EF705E82-834E-4498-B549-A528228E689F&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-sxo1CEZE2uWEdMAvfi6hQM0VnKmijEg-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-sxo1CEZE2uWEdMAvfi6hQM0VnKmijEg-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.84 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-sxo1CEZE2uWEdMAvfi6hQM0VnKmijEg-~A&gdpr=0
date
Tue, 26 Dec 2023 23:53:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame D3C7
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=227d26b2-4aba-4dba-8c70-06ea32be3d8d&gdpr=0&gdpr_consent=
1 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=227d26b2-4aba-4dba-8c70-06ea32be3d8d&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 26 Dec 2023 13:29:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=227d26b2-4aba-4dba-8c70-06ea32be3d8d&gdpr=0&gdpr_consent=
Date
Tue, 26 Dec 2023 23:53:28 GMT
Connection
keep-alive
X-CI-RTID
1ac9a0aa-19ca-43fb-b49b-a64e1a9a1449
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame D3C7
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=EF705E82-834E-4498-B549-A528228E689F&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3749b26d2c6023ce&is_secure=true&networkId=17100&version=1&nuid=EF705E82-834E-4498-B549-A528228E689F&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMuHGL0RFl8QNccs4LAAAAAAA&expiration=1703721208&nuid=EF705E82-834E-4498-B549-A528228E689F&...
42 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMuHGL0RFl8QNccs4LAAAAAAA&expiration=1703721208&nuid=EF705E82-834E-4498-B549-A528228E689F&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 26 Dec 2023 23:53:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:28 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMuHGL0RFl8QNccs4LAAAAAAA&expiration=1703721208&nuid=EF705E82-834E-4498-B549-A528228E689F&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sn.ashx
pmp.mxptint.net/ Frame D3C7
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA5_10E52500B_8A74035C&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
38.68.201.140 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-386639608; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Tue, 26 Dec 2023 23:53:28 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-386639608; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Tue, 26 Dec 2023 23:53:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame D3C7 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.16.170 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:53:28 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D3C7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8502203748285965579&gdpr=0&gdpr_consent=&us_privacy=
1 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8502203748285965579&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 26 Dec 2023 23:53:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8502203748285965579&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 26 Dec 2023 23:53:27 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame D3C7
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=21d7bfed-aad2-42c1-a38e-8733aa1f1edd-658b6773-5553&gdpr=0&gdpr_consent=
42 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=21d7bfed-aad2-42c1-a38e-8733aa1f1edd-658b6773-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.248.18.37 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 26 Dec 2023 23:53:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:27 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=21d7bfed-aad2-42c1-a38e-8733aa1f1edd-658b6773-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D3C7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4606462767633070590
42 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4606462767633070590
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 26 Dec 2023 13:42:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4606462767633070590
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
merge
ce.lijit.com/ Frame F844 		43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=13ac3b60-1380-08c8-2fc8-21c95c2442e2&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Dec 2023 23:53:28 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F844
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=nyEOCZ8jAVOEJlcImCEbXcgkAViELA9fzSVuaOWa
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=nyEOCZ8jAVOEJlcImCEbXcgkAViELA9fzSVuaOWa
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=nyEOCZ8jAVOEJlcImCEbXcgkAViELA9fzSVuaOWa
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame F844
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1938618450987309207
0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame F844 		0
0
sd
us-u.openx.net/w/1.0/ Frame F844
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=7f42e5a0-f934-32c5-6874-976f24957db0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=ec751bcd-abcc-4c3e-b966-af69f83765e9&ttd_puid=7f42e5a0-f934-32c5-6874-976f24957db0&gdpr=0&gdpr_consent=
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ec751bcd-abcc-4c3e-b966-af69f83765e9&ttd_puid=7f42e5a0-f934-32c5-6874-976f24957db0&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ec751bcd-abcc-4c3e-b966-af69f83765e9&ttd_puid=7f42e5a0-f934-32c5-6874-976f24957db0&gdpr=0&gdpr_consent=
date
Tue, 26 Dec 2023 23:53:28 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame F844 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTMyZDM2NmEtMzA0My02YzYxLTdkOTQtY2RkNmVlNzdiM2Qw
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F844
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELkBtrUwzCtL8T4bBHt7vlg&google_cver=1
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELkBtrUwzCtL8T4bBHt7vlg&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Dec 2023 23:53:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELkBtrUwzCtL8T4bBHt7vlg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
6.adsco.re
URL
https://6.adsco.re/
Domain
www.facebook.com
URL
https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22388972031480695%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fmovie.ezyro%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Flayardesa21.cfd%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19717.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1010590423&__s=%3A%3Aui2r7b&__hsi=7317055742287510745&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__csr=&__sp=1
Domain
www.facebook.com
URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmovie.ezyro%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId%3D388972031480695
Domain
www.facebook.com
URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__hs=19717.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7317055742287510745&__req=4&__rev=1010590423&__s=%3A%3Aui2r7b&__sp=1&__user=0&dpr=1&jazoest=21785&lsd=GzU5CdPDVgDZZBJ2JJnyT1
Domain
www.facebook.com
URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__hs=19717.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7317055742287510745&__req=5&__rev=1010590423&__s=%3A%3Aui2r7b&__sp=1&__user=0&dpr=1&jazoest=21785&lsd=GzU5CdPDVgDZZBJ2JJnyT1
Domain
www.facebook.com
URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__hs=19717.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7317055742287510745&__req=6&__rev=1010590423&__s=%3A%3Aui2r7b&__sp=1&__user=0&dpr=1&jazoest=21785&lsd=GzU5CdPDVgDZZBJ2JJnyT1
Domain
ce.lijit.com
URL
https://ce.lijit.com/merge?pid=97&3pid=RX-bb9b811b-8b63-4d30-b278-d823679b95ec-005
Domain
pixel-us-east.rubiconproject.com
URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
Domain
sync.technoratimedia.com
URL
https://sync.technoratimedia.com/services?uid=AAFcRU7LFs8AABYGRvEIRQ&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0
Domain
pool.admedo.com
URL
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=564804b4-4203-49ac-93ae-bf3d3b294638
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
Domain
s.tribalfusion.com
URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
eu-u.openx.net
URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1938618450987309207
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=279499dd-e59e-893f-a87a-15f84ca6b650

Verdicts & Comments Add Verdict or Comment

422 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| documentPictureInPicture object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter string| google_user_agent_client_hint function| docReady number| b81e67f7e662f5fe7e6e22b48250a077 object| _pop object| _wpemojiSettings function| google_spfd number| google_unique_id object| google_sv_map object| detectZoom object| _pao object| cxezxfesthrg boolean| punderminipop object| bdvscripts object| myScript string| myScriptSrc number| bdvfound number| docscripts_index string| tmpScriptSrc number| pid number| bid string| queryString1 string| search object| params object| pairs string| bvlinksownid1 function| adkpush object| trbtn function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| gapi object| ___jsl object| _Hasync object| mvpro_ajaxsearch_params function| Autocomplete object| $jscomp function| $jscomp$lookupPolyfilledValue function| AdscoreInit object| pako object| Base64 string| txt object| a string| keyCodec string| keyArr string| keyRob string| forItemIdx function| ed number| t string| property number| r number| g number| b string| bt number| count function| tns object| sidr function| MediaBox object| slider number| tnsId function| chfh function| chfh2 string| _HST_cntval object| Histats function| b2a function| a2b undefined| ai_adb undefined| ai_check object| ai_adb_overlay function| ai_check_block undefined| n3113180 undefined| i6175886 boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive object| ai_rotation_triggers boolean| ai_lists object| host_regexp boolean| ai_adb_active number| ai_adb_counter string| ai_adb_act_cookie_name string| ai_adb_pgv_cookie_name string| ai_adb_page_redirection_cookie_name object| ai_adb_message_window number| ai_adb_message_undismissible number| ai_adb_message_cookie_lifetime number| ai_adb_devices number| ai_adb_action string| ai_adb_page_views string| ai_adb_selectors string| ai_adb_redirection_url string| ai_block_class string| ai_adb_content_css_begin_class string| ai_adb_content_css_end_class string| ai_adb_content_delete_begin_class string| ai_adb_content_delete_end_class string| ai_adb_content_replace_begin_class string| ai_adb_content_replace_end_class string| ai_adb_cookie_value string| ai_adb_name_1 string| ai_adb_name_2 string| ai_adb_attribute function| ai_adb_message_code_1 function| ai_adb_message_code_2 function| ai_adb_message_code_3 function| ai_adb_message_code_4 function| ai_adb_message_code_5 function| ai_adb_message_code_6 function| ai_adb_detected function| ai_disable_processing function| ai_adb_detected_actions function| ai_adb_undetected function| ai_adb_undetected_actions function| z function| B function| D function| X function| fa function| ha function| Q function| Y function| Z function| ea function| ma function| m function| da function| ia function| q function| n function| k function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| MobileDetect function| ai_process_lists function| ai_adb_detection_type_log function| ai_adb_detection_type boolean| ai_js_code object| e boolean| baecadfd boolean| ad_banner boolean| ad_300x250 boolean| ai_debugging_active object| _F_toggles object| osapi object| gadgets object| shindig function| ToolbarApi object| _HistatsCounterGraphics_502_setValues boolean| _value_RETURN_BUILDER function| _HistatsCounterGraphics_502 function| histats_canvascounters_base.js object| cv object| Tynt object| _dtspv object| twemoji object| wp object| _33Across function| __uspapi object| lotame_3825 number| char object| __connect function| lotameIsCompatible function| lt3825_ba function| lt3825_b undefined| lt3825_c undefined| lt3825_ca undefined| lt3825_da function| lt3825_ea object| lt3825_e function| lt3825_fa function| lt3825_g function| lt3825_ha object| lt3825_ object| lt3825_na object| lt3825_oa object| lt3825_Oa object| lt3825_Ya object| lt3825_Za object| lt3825_7 function| lt3825_aa function| lt3825_a function| lt3825_d function| lt3825_f function| lt3825_h function| lt3825_ga function| lt3825_ia function| lt3825_i function| lt3825_ja function| lt3825_j function| lt3825_k function| lt3825_l function| lt3825_m function| lt3825_n function| lt3825_la function| lt3825_ka function| lt3825_o function| lt3825_p function| lt3825_ma function| lt3825_q function| lt3825_r function| lt3825_s function| lt3825_t function| lt3825_u function| lt3825_sa function| lt3825_pa function| lt3825_qa function| lt3825_w function| lt3825_ra function| lt3825_x function| lt3825_y function| lt3825_z function| lt3825_A function| lt3825_v function| lt3825_B function| lt3825_C function| lt3825_ta function| lt3825_D function| lt3825_E function| lt3825_ua function| lt3825_F function| lt3825_G function| lt3825_va function| lt3825_H function| lt3825_I function| lt3825_J function| lt3825_wa function| lt3825_L function| lt3825_M function| lt3825_K function| lt3825_xa function| lt3825_ya function| lt3825_N function| lt3825_za function| lt3825_Aa function| lt3825_Ba function| lt3825_Ca function| lt3825_Da function| lt3825_Ea function| lt3825_Fa function| lt3825_Ja function| lt3825_Ga function| lt3825_Ha function| lt3825_Ia function| lt3825_Ka function| lt3825_Ma function| lt3825_La function| lt3825_Na function| lt3825_O function| lt3825_Pa function| lt3825_Qa function| lt3825_Ra function| lt3825_Sa function| lt3825_Ta function| lt3825_Ua function| lt3825_Va function| lt3825_Wa function| lt3825_Xa function| lt3825_P function| lt3825__a function| lt3825_0a function| lt3825_1a function| lt3825_Q function| lt3825_R function| lt3825_2a function| lt3825_S function| lt3825_T function| lt3825_3a function| lt3825_4a function| lt3825_5a function| lt3825_U function| lt3825_V function| lt3825_W function| lt3825_X function| lt3825_Y function| lt3825_6a function| lt3825_9a function| lt3825_8a function| lt3825_7a function| lt3825_Z function| lt3825__ function| lt3825_0 function| lt3825_1 function| lt3825_4 function| lt3825_ab function| lt3825_cb function| lt3825_bb function| lt3825_eb function| lt3825_db function| lt3825_2 function| lt3825_gb function| lt3825_ib function| lt3825_hb function| lt3825_3 function| lt3825_$a function| lt3825_fb function| lt3825_jb function| lt3825_kb function| lt3825_lb function| lt3825_mb function| lt3825_5 function| lt3825_6 function| lt3825_nb function| lt3825_ob function| lt3825_pb function| lt3825_qb function| lt3825_rb function| lt3825_sb function| lt3825_tb function| lt3825_ub function| lt3825_vb function| lt3825_wb function| lt3825_8 function| lt3825_zb function| lt3825_Ab function| lt3825_yb function| lt3825_xb function| lt3825_Cb function| lt3825_Bb function| lt3825_Eb function| lt3825_Db function| lt3825_Fb function| lt3825_Gb function| lt3825_Hb function| lt3825_Ib function| lt3825_Jb function| lt3825_Kb function| lt3825_Mb function| lt3825_Pb function| lt3825_Ob function| lt3825_Lb function| lt3825_Sb function| lt3825_Nb function| lt3825_Qb function| lt3825_Ub function| lt3825_Tb function| lt3825_Vb function| lt3825_Rb function| lt3825_Wb function| lt3825_Xb function| lt3825_Yb function| lt3825_9 function| lt3825_Zb function| lt3825__b function| lt3825_0b function| lt3825_1b function| lt3825_2b function| lt3825_$ function| lt3825_3b function| lt3825_4b function| lt3825_5b function| lt3825_6b function| lt3825_7b function| lt3825_8b function| lt3825_9b function| lt3825_$b function| lt3825_bc function| lt3825_cc function| lt3825_dc function| lt3825_ac object| __underground object| s object| GoogleGcLKhOms number| ai_dummy function| arrive function| unbindArrive function| leave function| unbindLeave

107 Cookies

Domain/Path Name / Value
map.go.affec.tv/map/ttd Name: oo
Value: 1
map.go.affec.tv/map/an Name: oo
Value: 1
i6.liadm.com/s Name: _li_ss
Value: CgA
i.liadm.com/s Name: _li_ss
Value: ChMKBgjdARDpFgoJCP____8HEPMW
.google.com/ Name: NID
Value: 511=ow-SBE-IR17IxTwAMqsrvcyv2U2ubkzxsuJoFGFlF80d_J9Nmsz6VTxqnqmnrfYOZ6td43775FzLhZIu2UT5ND7ySjJASybaFRUh75d_fjVZ9qSA4gBjkc0y5DquGX_edCJvucIkF1YtGlgZa9Wacy-HwWYpJF4k9rBAO-5mEFo
.cdn.trakteer.id/ Name: __cf_bm
Value: ux_o32r6G9TwgCB4o5QSO9Pt6uXz4pD0O1dBHFoCpik-1703634797-1-AaFGYlccwsfkn74hBWNb1UN7OFdz1lVnJIs/P8sXzPFCqueKJ7ubIlYeupRHskGzkv7ZPtWgzfMfRB1jHGz3xuA=
layardesa21.cfd/ Name: adk_sw_mark
Value: 1
layardesa21.cfd/ Name: a
Value: BhUF2XeCWfuBJEBT6lUDt300iWL4AAWF
layardesa21.cfd/ Name: adk_push_postponed
Value: 1
layardesa21.cfd/ Name: HstCfa4687520
Value: 1703634798718
layardesa21.cfd/ Name: HstCla4687520
Value: 1703634798718
layardesa21.cfd/ Name: HstCmu4687520
Value: 1703634798718
layardesa21.cfd/ Name: HstPn4687520
Value: 1
layardesa21.cfd/ Name: HstPt4687520
Value: 1
layardesa21.cfd/ Name: HstCnv4687520
Value: 1
layardesa21.cfd/ Name: HstCns4687520
Value: 1
.youtube.com/ Name: YSC
Value: _HcV2XYWaJI
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: b1VfWFcJIGc
layardesa21.cfd/ Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c
Value: BQOCAAAAAAAACZUAAr3FE_u3NFalHE7Vo25qcbVxorUzK456yRNxhfV-y4h0zIG-i1ydAWWl2iUMrn7M6avacCMCLxRQXES6vSmXEduMHBQCfa7BUA-IgXHIs7k7YPNtWhMRJEwI8dVbU4e5CkpOkFz9ty8ga9IH4vaD93yRlYOXB99jV4TSnk5nEcwQJ-Xyn2Ki0ooXsksViz6nrEWeL-GuGKUEmFWeYGvX0ZQWgHt-Zq14kJiKQ9vBJ6_UivZCs0bOtUWabkpXfhmoK9sqBI-iT3biKZI6BakpNeNI-nZXeXBZG6DzvbMP3qBgO3NRtQFNQIw_bsQANgnxEorhSh7LUwVW9CIHL_x5jzCgmig835fFxPE6glt19QWCJJBg0rlQ5aflmMCFDp6hLCthL0OIrIj0LQpfnrkw2Vk9RFfgd5AuuAkPL7NEElry5tyySsCApNEWEkks_Uf-Upawbbp2F8X3atIhgOUw3IkhJHR5t39ghBTodQJ7Nk_O8VAsuizWakStxZzlCliqM4v2a3XFbnLgLb-gXcfsO7lYzNyZjRO4_VOWO3vcqKbmaWLvB2c8aKeT3QVZxj_j6GMeano7p5YBgaPNV6NbGaIhvTvyidFSiHUdx8Hg8eS5FVPP3r_BWjm1C-Bl2AMtn5BzzHut5M5_6dFgivyTKroh9vqKkm3QGk5JGk559nbbKqmMQIvGVt7eVuwp7wZnskMqQQhnmvORxMFApJ_SbCghfL3ol6WHj1ts48x3OVEp3NtHPtbkk-vznQJw8BPkhrLU3tP6q5NMKbV6Duh1Noh6rfgpVt4YExWkSka-eix_bu7Xh3NI44ee77uAtrJg9RgHbvvY5Jfr52fGJVlea1-ah2qk0opfSC1cuYXW6nkGljVP6-vFRyNNZahIJCwwY08D5aTxjeMKkQqq5xUKe1Yf2rQaJlE0YVfxxKHUdVVQUUwMQMxt7rOasu6FFuGl6rFfLQhHFDjhR6yFiMdVagG1XrRVxNLprbdSnv3sFSEZ3pOsCfnaeHBKGzZ91ZQIK1cKyGnUBGpKZIDmZH3jgb5HYebTk7BovsJJNrj0s-yyAsWR_dxGjyqRLe_GassqsPA4Vb53M2z5SGoVodNftkfCC7rfVyJRkcZLwm5uGmBQQ3we1hGivlv6N63MxBzOq74a35gj9q_kh_3xDLbx9EKVKIMa0LUAICVz5r8WuXnX
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: st
Value: 1
.dtscout.com/ Name: oa
Value: 1
.dtscout.com/ Name: df
Value: 1703634801
.dtscout.com/ Name: l
Value: 4C301703634801762C11436DF18C5D3F
xhr.invl.co/ Name: AWSALBCORS
Value: 2DIyWhPqlmA3e4TmPu0MADGKTsFQg/b3PsUjWiOtIQqiEtujcJx0exyjqMCos5lQCekNqrm3dPngRvcEQosylfb+2Dfs44XYErcBnPClm9DbvM5X1uz8XLPzWEYn
.sharethis.com/ Name: __stid
Value: ZGUACGWLZ3EAAAAIA3PFAw==
.sharethis.com/ Name: __stidv
Value: 2
.layardesa21.cfd/ Name: __dtsu
Value: 4C301703634801762C11436DF18C5D3F
layardesa21.cfd/ Name: _popprepop
Value: 1
.trakteer.id/ Name: cf_clearance
Value: fXBEak_JBLNKPgCPBCEP_2FmJS9c0WLLgTGlQQFlvys-1703634801-0-2-7b7192c0.80117c29.a1267523-0.2.1703634801
.tynt.com/ Name: uid
Value: CoIKSGWLZ3EY9imPNLMMAg==
.dtscdn.com/ Name: uid
Value: 4C301703634801762C11436DF18C5D3F
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1703634802039%7D%2C%7B%22p%22%3A%22607295b4a4%22%2C%22f%22%3A1%2C%22ts%22%3A1703634802039%7D%2C%7B%22p%22%3A%22b32ef6f991%22%2C%22f%22%3A1%2C%22ts%22%3A1703634802039%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1703634802039%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1703634802039%7D%2C%7B%22p%22%3A%22e32a9fc66e%22%2C%22f%22%3A1%2C%22ts%22%3A1703634802039%7D%2C%7B%22p%22%3A%227361b0e8e4%22%2C%22f%22%3A1%2C%22ts%22%3A1703634802039%7D%5D
.t.sharethis.com/ Name: pxcelPage_default_c010_C
Value: 1_0_1703634802060
.onaudience.com/ Name: cookie
Value: f7c36b76e1321536
.onaudience.com/ Name: done_redirects109
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1703634802142
.tapad.com/ Name: TapAd_DID
Value: ef3a364c-95a5-4eee-93f9-149bbf33d78f
.33across.com/ Name: 33x_ps
Value: u%3D212396702173106%3As1%3D1703634802153%3Ats%3D1703634802153
.ml314.com/ Name: pi
Value: 3640915825560911887
.go.affec.tv/ Name: ck
Value: 658b677268ac570001db57a0
.go.affec.tv/ Name: oo
Value: 1
.adsrvr.org/ Name: TDID
Value: ec751bcd-abcc-4c3e-b966-af69f83765e9
.eyeota.net/ Name: mako_uid
Value: 18ca88c162a-55f10000010a55f5
.lijit.com/ Name: ljt_reader
Value: H415jSZHJIZaxf55RVWaZjk0
.rlcdn.com/ Name: rlas3
Value: zXikPmJXrE3EXU1GD3lqGdEP9+y4Z/auqrHgjPdN1rI=
.rlcdn.com/ Name: pxrc
Value: CPLOrawGEgUI6AcQABIFCOhHEAA=
.eyeota.net/ Name: SERVERID
Value: 22005~DM
.adnxs.com/ Name: uuid2
Value: 5501317867227186810
.linkedin.com/ Name: li_sugr
Value: c090a1c0-edba-4b90-a545-9200ceba603b
.linkedin.com/ Name: bcookie
Value: "v=2&57e97b2c-9975-4258-8da0-083801811a6e"
.linkedin.com/ Name: lidc
Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2921:u=1:x=1:i=1703634802:t=1703721202:v=2:sig=AQGSAtNkobx9MhGu2-YYdDJvd3gdX9r1"
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2Ilari4wY!]tbP6j2F-XstGt!@Ds=$vzB_
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bku
Value: 5RW99cJ7itPn2t6h
.pippio.com/ Name: did
Value: fG1JLo9uDkqCasy6
.pippio.com/ Name: didts
Value: 1703634802
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CPLOrawGEgYIgr0rEAA=
.go.affec.tv/ Name: pt
Value: eyJhbiI6eyJkdCI6MTcwMzYzNDgwMiwiaWQiOiI1NTAxMzE3ODY3MjI3MTg2ODEwIiwibHMiOjE3MDM2MzQ4MDJ9LCJ0dCI6eyJkdCI6MTcwMzYzNDgwMiwiaWQiOiJDb0lLU0dXTFozRVk5aW1QTkxNTUFnPT0iLCJscyI6MTcwMzYzNDgwMn0sInRkIjp7ImR0IjoxNzAzNjM0ODAyLCJpZCI6ImVjNzUxYmNkLWFiY2MtNGMzZS1iOTY2LWFmNjlmODM3NjVlOSIsImxzIjoxNzAzNjM0ODAyfSwidiI6MH0=|1703634802|6ea46258456dea3c15327c11e03d58d04fe3e964
.krxd.net/ Name: _kuid_
Value: P_7GPvlB
.doubleclick.net/ Name: IDE
Value: AHWqTUl5OszaYG5916_Xm7iKXiNxM7_elZAWMF3Nts3lk7g6nO0YVurVPX8BiyXcsPo
.intentiq.com/ Name: IQver
Value: 1.9
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 895a99800f371706e65029416dd04c00
.layardesa21.cfd/ Name: _cc_id
Value: 895a99800f371706e65029416dd04c00
.layardesa21.cfd/ Name: _cc_cc
Value: ACZ4XmNQsLA0TbS0tDAwSDM2NzQ3MEs1MzUwsjQxNEtJMTBJNjBgAILU7vRiEA0BvNcPtxoxfpRl%2BM%2FIyHDvgyWM2b7uKTeMfe7oIWYY%2B%2BfGKSww9qVTj9hg7N37LgvA2B8a7sPZhxfPgav%2FPfMAE0zN9m4tGPPdEoSShv%2BaMGEABOFAZA%3D%3D
.layardesa21.cfd/ Name: _cc_aud
Value: ABR4XmNgYGBI7U4vBlIQwMzAwDUDzFzUCiIZH9YDSQBbeQT4
.layardesa21.cfd/ Name: panoramaId_expiry
Value: 1703721203444
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwjM-Za9kp7DPBAFOAFaBmxvdGFtZWAC
.rqtrk.eu/ Name: browser_id
Value: 1:27010ad2-1c39-4709-a722-b53042cadb15
.truoptik.com/ Name: to_master_s
Value: 9dcdd05454823c36c440bf94c990f978
.truoptik.com/ Name: to_version_s
Value: b2
.agkn.com/ Name: ab
Value: 0001%3AYCSHjnZmwUbzoKwJ%2B8sn0%2Fxzt%2FOYuxUv
.mgid.com/ Name: muidn
Value: nbqnH_niSSRf
.mgid.com/ Name: __cf_bm
Value: TpwdirnQVqI.UoxAvmyTHm2v1mL.xN3FMyMrnD97Q9A-1703634803-1-ATs72mYbyuhdb82SjulPAD4QeGcOMwR64qvdw9/XSNL3gZDPDZ/ZBYQsCISGJBw+B9aM+2fC+ywcrm/QjAIGJaA=
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.demdex.net/ Name: demdex
Value: 42538027664982217971916778039638224646
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6527f3db-4c3a-579f-7d49-b39c1b3411ce.T0FkHuJtQ3qDhOj0oGiLDGfVaxpjgHkDVx08%2FRi0TUE
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6527f3db-4c3a-579f-7d49-b39c1b3411ce.T0FkHuJtQ3qDhOj0oGiLDGfVaxpjgHkDVx08%2FRi0TUE
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AZSfz20w6V599SbOcGzQRzmAJ-SQ.aY710%2FsN2gW93pdY1YL%2Faq%2B55fawOaTb2NGFykBYw1k
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AZSfz20w6V599SbOcGzQRzmAJ-SQ.aY710%2FsN2gW93pdY1YL%2Faq%2B55fawOaTb2NGFykBYw1k
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIA6aZ4vuCx2nBAKR05hNlGSINleMY6S2JA3HlkyY6e_XEHwYBCDzzq2sBjABOgQ8w7t9QgRB7arz.UouSQCmHWKxf55%2FULCeE%2B23EXOnvLHf%2FGM%2BsdpAmc9g
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIA6aZ4vuCx2nBAKR05hNlGSINleMY6S2JA3HlkyY6e_XEHwYBCDzzq2sBjABOgQ8w7t9QgRB7arz.UouSQCmHWKxf55%2FULCeE%2B23EXOnvLHf%2FGM%2BsdpAmc9g
cm.mgid.com/ Name: mg_sync
Value: {}
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8663-2!8663
.smartadserver.com/ Name: pid
Value: 662707815017478558
.pubmatic.com/ Name: KADUSERCOOKIE
Value: EF705E82-834E-4498-B549-A528228E689F
.dpm.demdex.net/ Name: dpm
Value: 42538027664982217971916778039638224646
.sitescout.com/ Name: ssi
Value: 21d7bfed-aad2-42c1-a38e-8733aa1f1edd#1703634803987
.yahoo.com/ Name: A3
Value: d=AQABBHRni2UCELg443MaAOUtBquCAjlRfuwFEgEBAQG4jGWVZdxH0iMA_eMAAA&S=AQAAAocZqgn7glBkuufR3pC1QcU
.sitescout.com/ Name: _ssuma
Value: eyI3IjoxNzAzNjM0ODA0MDU3fQ
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZYtndAAJ0smXVQAM
.analytics.yahoo.com/ Name: IDSYNC
Value: 19bk~2ftz
.turn.com/ Name: uid
Value: 8502203748285965579
.rubiconproject.com/ Name: khaos
Value: LQN06C0J-24-DBGS
.rubiconproject.com/ Name: audit
Value: 1|USPDiSTPEvG0yTVfa7LkndU010NyayQ4GuuNlWWk+Bnhj9K5Ghav9ZMc6i5tkqkJ30GYFKriDI1BK03vAHceENBQIIuieds9Ddbp94fzIm/mVKcm574yI9VBEx+gXgCEgdFD3amb8Tin4PnMzujYgs2O8qCVR0N4qoxmw57vRqc=
.liadm.com/ Name: lidid
Value: 4f062ad8-9c26-474a-b24f-40a16fc8480c
.simpli.fi/ Name: suid
Value: CC3E0FF596F344A6A824B36AB53A5030
.lijit.com/ Name: _ljtrtb_2
Value: CC3E0FF596F344A6A824B36AB53A5030
.t.sharethis.com/ Name: pxcelBcnLcy
Value: 35
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQsLA0TbS0tDAwSDM2NzQ3MEs1MzUwsjQxNEtJMTBJNjBgAILU7vTSf%2F%2F%2F%2F%2BcHccCA9%2FrhViOWP0EM%2FxkZPzCCyD1aIPKjLIhkuPfBErdk%2B7qn3Lhlzx09xIxb9ufGKSy4ZS%2BdesSGW3b3vssCuGU%2FNNwXYELxxOHFc%2FDY9XvmASbcpm3v1sIt%2BW4JPoMb%2Fmvi1goAQuCQXA%3D%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI7U4vBVIQwM7AwDUDzFzUCiIZtWZDqFkgis%2FdAcx7WA%2Bi%2BHX2A0kABlcIGA%3D%3D"
.lijit.com/ Name: ljtrtb
Value: eJyrVjJSslJydjZ2NXBzM7U0czM2MXE0c7QwMnEyNnN0MjV2NDUwNlCqBQC64Qkh
.lijit.com/ Name: _ljtrtb_5001
Value: 895a99800f371706e65029416dd04c00

7 Console Messages

Source Level URL
Text
other warning URL: https://layardesa21.cfd/(Line 1475)
Message:
Unrecognized feature: 'web-share'.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6138101579182938&output=html&adk=1812271804&adf=3025194257&lmt=1703634797&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x675_l%7C236x675_r&format=0x0&url=https%3A%2F%2Flayardesa21.cfd%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703634796763&bpp=874&bdt=187&idt=1095&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1647552926132&frm=20&pv=2&ga_vid=185124931.1703634798&ga_sid=1703634798&ga_hid=1938453711&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=4374870627996756&tmod=1186320321&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=1140
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
security error URL: https://layardesa21.cfd/
Message:
Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=H415jSZHJIZaxf55RVWaZjk0' because its MIME type ('image/gif') is not executable.
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20EF705E82-834E-4498-B549-A528228E689F&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
4.adsco.re
6.adsco.re
8drescq1tgaf.l4.adsco.re
8drescq1tgaf.n4.adsco.re
8drescq1tgaf.s4.adsco.re
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.mrtnsvr.com
ad.turn.com
ads.pubmatic.com
adsco.re
aorta.clickagy.com
ap.lijit.com
api.intentiq.com
api.trakteer.id
apis.google.com
assets.trakteer.id
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
betteradsystem.com
bh.contextweb.com
c.adsco.re
c1.adform.net
cdn.hyperpromote.com
cdn.trakteer.id
cdn.tynt.com
ce.lijit.com
cloudflareinsights.com
cm.adgrx.com
cm.g.doubleclick.net
cm.mgid.com
cms.analytics.yahoo.com
cms.quantserve.com
contextual.media.net
creativecdn.com
cs.krushmedia.com
d.turn.com
data-beacons.s-onetag.com
data.adsrvr.org
data.bvsrv.com
de.tynt.com
dis.criteo.com
dmp.truoptik.com
dp1.33across.com
dp2.33across.com
dpm.demdex.net
e.dtscout.com
eb2.3lift.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
googleads.g.doubleclick.net
hbx.media.net
i.liadm.com
i6.liadm.com
ib.adnxs.com
ic.tynt.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.dmca.com
img.involve.asia
layardesa21.cfd
layardesa21.online
loadus.exelator.com
map.go.affec.tv
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
ml314.com
onetag-geo.s-onetag.com
p.rfihub.com
pagead2.googlesyndication.com
pd.sharethis.com
pippio.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
polyfill.io
pool.admedo.com
pr-bh.ybp.yahoo.com
ps.eyeota.net
pubmatic-match.dotomi.com
push.bvsrv.com
px.ads.linkedin.com
r.bidswitch.net
rtb.adentifi.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s10.histats.com
s4.histats.com
scontent-ord5-2.xx.fbcdn.net
secure.adnxs.com
secure.quantserve.com
simage2.pubmatic.com
stags.bluekai.com
static.cloudflareinsights.com
static.xx.fbcdn.net
stream.trakteer.id
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.ipredictive.com
sync.sharethis.com
sync.smartadserver.com
sync.springserve.com
sync.srv.stackadapt.com
sync.technoratimedia.com
t.adx.opera.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
track2.securedvisit.com
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
usermatch.krxd.net
wt.rqtrk.eu
www.betteradsystem.com
www.facebook.com
www.google-analytics.com
www.google.com
www.youtube.com
x.bidswitch.net
xhr.invl.co
yt3.ggpht.com
z-na.amazon-adsystem.com
6.adsco.re
aax-eu.amazon-adsystem.com
ad.mrtnsvr.com
ce.lijit.com
cm.adgrx.com
eu-u.openx.net
pixel-us-east.rubiconproject.com
pool.admedo.com
s.tribalfusion.com
sync.technoratimedia.com
www.facebook.com
104.17.215.204
104.18.34.83
104.91.104.69
107.178.254.65
107.21.239.57
108.138.128.28
108.139.29.50
13.225.214.50
13.225.214.67
13.226.34.99
141.94.170.64
142.250.80.66
15.235.42.103
151.101.1.26
151.101.66.49
158.69.254.144
162.248.18.37
162.252.213.208
162.252.214.5
173.239.53.36
18.116.146.56
18.173.132.7
18.173.137.123
18.218.108.54
18.238.55.87
185.167.164.49
185.184.8.90
185.200.116.51
185.200.118.51
198.148.27.131
199.38.167.130
2001:df0:27b:2::20cb
207.198.113.87
213.19.162.80
23.105.12.120
23.196.3.202
23.205.72.21
23.216.137.114
23.56.212.28
23.62.11.11
2600:141b:1c00:31::1739:5a4b
2600:1f18:4e9:5a02:d4c8:9f2:5a1a:543f
2600:1f18:ed:550a:e949:4781:8199:98a6
2600:9000:2514:7800:c:69b9:6340:93a1
2606:4700:10::6814:5063
2606:4700:1::6813:854c
2606:4700:20::681a:4cb
2606:4700:20::ac43:44fb
2606:4700:20::ac43:4aba
2606:4700:21::8d65:780a
2606:4700::6810:3865
2606:4700::6810:3965
2606:4700::6811:a7ba
2606:4700::6812:cc0
2606:ae80:1471:19::1050
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80f::2004
2607:f8b0:4006:81c::2006
2607:f8b0:4006:81c::200e
2607:f8b0:4006:81d::2003
2607:f8b0:4006:820::2002
2607:f8b0:4006:820::200e
2607:f8b0:4006:821::2001
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::200e
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:f059:4f7e:28a9:1588
2620:1ec:21::14
2a02:6ea0:c400::11
2a02:6ea0:c454::1
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f082:108:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
3.213.97.139
3.223.16.170
3.223.88.167
3.225.218.10
3.230.251.91
3.232.179.229
3.233.22.19
3.33.220.150
34.111.113.62
34.117.77.79
34.192.249.162
34.197.227.33
34.96.105.8
34.98.64.218
35.169.93.15
35.194.66.159
35.207.24.140
35.211.118.13
35.211.178.172
35.244.154.8
35.71.139.29
38.132.109.115
38.68.201.140
40.76.134.238
44.211.9.18
50.16.197.56
52.45.111.235
52.46.155.104
52.6.38.206
52.73.206.246
52.77.187.112
54.156.62.74
54.160.62.46
54.166.148.14
54.209.94.68
63.251.86.51
67.202.105.22
67.202.105.31
67.202.105.33
68.67.179.155
69.173.151.100
69.90.254.78
74.119.119.150
8.18.47.7
8.2.110.134
8.28.7.81
8.28.7.83
8.28.7.84
82.145.213.8
0066f3bf2c19d60ee4000e7a688867b9a45118df898b9be6fca1e5d651772db5
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00fd6601121fa4380ad28e159b3a2586711087cd44163ec14cfb19f8eb0d6db6
017bb276226c4ee345ff2c4f63b33356555fbae14db2e22939417b5565331f40
049648cfcd7a6cea6c07b3a23759fb76b3cd7862664a862ee2797040c138e5fa
05200ae0f5c22e00627170adc25629bbf89397956054a23284f9d983b33c3545
053614d2054f37d32f01759162c923280ec122f195aa7513c829c32c65444a87
0542677cefad5d64dc432bffc75e4b701cb6a015e073953dd9de3bbf924e36ee
06458d915eb807957a569d949a84bf6ebce2f4c17df92d3789324e71429ba4bf
06786d595906d3edb8b6754cee7c372b421341cf5da74cdf92ed511e281bf310
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
078126c279125aedba7f05200b1d0c0e17549f22868ae18907da57b2fafb3ec5
0812f1ec045cff5fcc841c5ae347cb299f3dbeed4141c9d21bc6a37f63623eae
08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b1e245421d2f65824fa94a0fc62393774b1e64c1b28a0dab787b0fd035eba77
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcb6531cb0967359e17b655d4142b55d1eac2aed3fe5340f8ce930a7000e5d3
0c843180691cd9e7ee0e009084aa616fa501f8eb1a65dab21640f8326228d676
0ccca952743fdf3a508513e1c80b6bd84d1eb45a39918b5862ed826fe037d3b0
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
118072def42444292f1278d1d0348680fb0a72a9f49d41e49db04925e82217f1
13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24
14a9c86493b46589b82730003ed23b68888f6e2d73c92f279658aa6342312f2b
14cfbfe7efa045c8c4258889581e400abd534ee1be047d87d73e96188a61560e
155e6885d8e0c61afd8c8dd624d4bdd03409905e798c65940d28aaf8ae4bea77
1810f4ca5d97f062265af1880a6aa1b0e4a95f68aaa4b09c879b0797132635d7
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19469f733a882e909d675822102e3486a53d7dec8d072a9b9692e6a543e07065
1bc1770da2d72e2c5775d3157ce01cecd2c76067eaa5f6ea66a059ac4c99d91d
1c6f518eeb52ac428e414991cc7536284312c34763cb9e385271e63c48cddaab
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2004da08c3292d624ecf047b2abea5e34c7d9d723e28629e5e61c73ac383e1f7
230c606098a56269e556cfdb000c7097f75403003a3282447dc17ecf4094c3f5
264a0a28c23da253d460c72e9b7ff9e297a4e02ea590c5d20a1f0fa77bc9aadd
2929158a1a9ba9f1d1b246e033d0c5b4118036033656327f4b4cc888aaf54ed2
2a67da2b5a4b65e8507a0b252cd09c795c1c24755e9db22806fae08c6fd3a955
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2
2d9cc15e91cc9e0c00b43b367a157c107bb21f9b4d1951dd1dd614cd5281b05b
2db92e1371bd654c9f9a613a18f7a7dc5cf63e1ebd559a4a4ce9929feb779241
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2e23379e757d5ab4ac8aeaf54661dc2714d4438d8eece66a0d5fe73e75279953
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
321dee306f2d975900f4e3e276c86e3fd9b9b4618077f7df0ef81d44b4f55fe8
33c1d3f870a69b4e60a2ce5eeebf0aacc96506aad48eb6e44a2478bc271bbb7a
3513dde70c831e9d0646b72596b0fff140742da0831f132a3752de92a2ab8a3a
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
36104b593215c6cfe76d2c49a2d1f9f39627411556a8962f2805df76adfb9533
369570af203fe832b39be7ff64f94f07b6c97c928b733a9b9e6c8bcf1a98652c
37ecffeaecf1acf6c800c01c87aac56322e108292adea354cdc943a1cea9bc41
392334f7f1f5b0f12946bfc99d700813af5441ff50716e5f4c1546245e180926
398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414
39cf9abce51786437c69ac45ac5f39aa19af7f859d87e347478b6bd96abe52c3
3c941e217219e30fca0f0186a01d9b34941f231db82e055d9c53180a2b7d4695
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
402c7c7d36d4274554890a7a059b13ccc9e67660e2bde1f0cd03608adb9fb398
433d481c0196c03ff6692b2da53e23b6421302b2616ecac061a934487cb9eb64
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
45ec09974d948120c9f97cbedd141f4fa8df876bd2206f0c41133ae3a13fdf13
46c8312538b525fd6069f095eddcb95d1580a03e8f16d2aa3bb8ccf0a742bdc2
471eb448db387c12cd6fc0598c12f3c4410056426df3b43ada8dd0fad5fa6a74
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bbcbdee2c7be1d28bd25523b111d6d6ec384edf6a54c1736d4e8affaef7e2b2
4bd67e5286f792020d15ee78e1b770733f34297b7326249170002996b6b9e082
4d7bef142c84bf1eb5f614a160f6655811e71e4bdda8a5df8b6f4292607eee95
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f6c6a70792a5c5e2295098b9111c23b79ad69aa1c24a8d472daad1351ae8c0f
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fb6e4a8baba9fa64227844083c42f56b477a03431bd80f20fe58a662c181295
50901786732c055272b040accb61f5b1414225d7d99952f7be520277ea6b1655
5094ccbebe88be6b459174d1cca74c7a024fcada1f077756ffa80878347d967b
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
554b03faf217ca316961f1f58705cb58b14d71dcc49bf962a04f84e9c2e7fd48
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5718a2a750152c04f910e6e786ea44ab0bde664c5668674312c8e714fc89b318
59f1d8faa32f92bdac718ebb6ff280a35b06159a601319a97452470dca2afd74
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
5bcb3ba5be62072a5be691a6cb4625b83ab20458f7543e78575c665ce64743c5
5cd3c323eba2b8ccac16d42f1fb809e0005a425672c01a4a4f76f185f82d0fe4
5cebcfb1c7eeab58e2ce0f354fcdf8e3fc2e6547fc800ad358395460406c9a0a
5dc9299663315ebe805d7d609e43b8ea7fa4204a364384b82d923fe9cd9d4f9e
5e22b76918702ad8ccf06cb3614812c679e719bd6e8b98266273df5c882bdb7b
61382678bbc61b67488e3c0aaeb232e3191f8afd00d50c9ea7e81eb0e66cc2de
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63868faab6f4cedce0185c143414f81e6ac19d6506c621cbcd0b4ffec974f18c
63f70a227f2b9e30d939d9598f375b15f55e20646455be80dc39192ccb72b463
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
6523e175615853852859dd9b6add4e8733f33422057291dd3b801d0e0928e628
65802711d89571b28699f3399d58f642a270d1e2bc5e155a8a0c73c94c66ec3a
66c86faf35e66860b2506130133a0338aa77da22aa62149c1e2c155a8cce59aa
6b9d9a7466336a2c9447aa8f1a5e265e56ed83cefaad3a5d965deb249bbf5302
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
6e0c1ee9509aa0dbd37ae64bc63c12ddc361a71ef6fa9340c7389b78b64dd4a7
6f462726f9cdc2a6590f7c7964a29865d55a19711fbb0dc7665daeae92b1e436
79673954d83bfaf5561bcd06f96da904e6978f6627d2a0f464ba064c3612018d
7aa7a39fa6ec967abe729994991271bbaf3b04f9ce929a888f240bb8c2447b97
7ab54fad3ce182c2be3b80a578c7304bc17a21d45f7fcd78051a96e6ee65f444
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7f0675fa333e230406da0574400335044b5b5ae885ffde9d8b7398bf5fb14f30
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b
7f74247f7e2a1d06f3d5a67a91d5132ddd29b64d1dffb805e5dbdc5b32965f2b
8036423ce1d06a64fa7fd569d7a426f6c188c0a7354fa34609f79f5f6daf2264
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
811abc0acbe0bf9431243fa4d192b35b1a44a371315d029ca22b62fc1f57eafa
8132a9689d485de19643a740b8481c111dfcc255a7955c5f31498de2fcf160cc
81a68c5bace896b3fe9b8552491c255bc890aacd1026249a9639a89a5a8a1bf3
828996ae7cae734b785788d4f77ecf46721ef727c71d9babac69dea7c582fe1e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ef0e9bf00ac7014e3f83fdc9e9e5aec1760ab5495f086e95ea0b0f8f4467c3
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6
8744992f96b1d402ae1524f9fd416c0e213fff3065cf25b0478775630c9f10bc
875f6b288f6896cf229d348b2159d6cafe8d9869ce53278fa497f7416aa89dd8
8849ed1158e9a7dff29735dfc6addf6bb4131455ea7102f3a1a4bd40a481a0ce
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8ce8e7653090a3d8365b63889ace7c30861712383896e198495fba66277fcf27
8d29043207026c03654e14cb1a9ef665312a884a32bc84358245ccd82ed1a57f
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f53a375130a9dcc33b79b95d8e58d5ec02d92e70aac3ef70e17083dda50a7d0
917c2c696ccbef57717122aa931c09ea50815e2ca3ad8a6f138f1bc88894c4dc
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
93426f95ebcca74f67836f03c93ec7823ff0468ad56508d64d33eb1d3fd881ab
93a22d9bb7c49049f5e79cad146e04ada7b3f7e340cf50c8904439e447e6f00d
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9801c81127e18817b3d12447e86156dddf12f13689f87cdfeb1205082a80d5a2
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a737aee22dcfd3be2498d406cd05c854b2922041c49ae8baebfd0cffdbb2c1f
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a0bb0f6e27c39319a984893ac841db75b33d8b1c63c21ca269ab3e657ad4fa9f
a125b323b7ae63416255527e3cd7b8a9414d38fd014d14716e6b8ffe9f160eac
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
a6724ca5c82cc4d731b4934c492dfec4a3f832628f48e72edad7015b476dbf5c
a75a5c50db4d5628dad52eb05139bf0677fb4d19d6915f18d267806dbdd810ea
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acf572749c371d3e162cecca1f157cad1a5a1f6dad27b68e013132b5e7eb1a8c
adb6e72318ad52360a4f331ff525ae1c9991ce5ffc2087534545f67020fb1d33
ae49ff502948781cbcd774ff08e1cbeed552da68f9ede7e1e6a71d1a7c29ab18
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b181dada1a6ffd7196238a0bb70c5eb951e9c2dd0519399de4cc7c9cb35f7d9f
b20ecf3754eb1151d020e52fb4dd14afeeb0fb0d3b482253f06b3ab37eb10acc
b4208c430fb204fc4903653c1c36f9832e2c3bfb742a6828e96878e328d8e26e
b7a8490d7353f4d29b7a7c0e0da1a610d1067d0bfdbb8d88df5764651b9d25fe
b972f247ee87eff1f79efdbb33bb73cac96871458d0c83c9f413f9cfc1dbf2a6
badbda0bbbe362ae9b7d35b11a2ab03be6e6a69ad312b352e942899e59fd019a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2f33dc18eae27d4e878bf837dd97f1bde5151e44b0271408535bb93265b8c52
c4d9d0bdf2e780834ff0a1e89eb9931254a2d671f5ad2a0210daec34ab0eb208
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f
c6860f851148483c95a4050e2bd1facb7dc38566fb05327135fec1c3dafa1795
c6c395e77c4c49661e53c0b9b0f072b5dfd8a2021c6089ae035dccb5fe07a6ee
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
ca15ac1540010cea7015b4e4ec35c33cd999430f4bd5221b94e66d319456b2b0
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc2a604a1e6f73444e8db5d749a64c62899943e68ad07feeee39050b4fdb32cb
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
ce5adf26f76fcbd66c6b956b01ab9448516e12aabc21b6934222c8a332cc83fa
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0260a942842dfe2e8de7d78be4aecaa450e9ee0be021d76e6ba13d9f5c92b08
d061422ea894052fca477e2c5c713b8fdd2528372debaa53b6aad5baf21404ed
d0bd7abf5a1a60c7924f4c91c63f3a3ab94d063046728df0cfa36947ecff50b7
d1ea19a19ec8d6220550ff2184b4c0b90caae3b46865454cc42f803d52d2562e
d25bdd96ccfdca4751deb550101d8b70816a963eb2dcff7461a9e64d1367b65f
d585eb4e1ac5a351822e140f6ac323e7bd4d50bcaf1e1866aff1bda5dfb5f44a
d5e37a250a02f524e4f268172100aca0795c80f3936cc54857bdb161ca7f5ef1
d9816e6ca326b0ebe0935bc008cf9f2e2eddb7c79d5ebe38078700110d91c67d
da5db44956d9f6c55630074629deb758e0653a3c6b2d881f99bdb95cc23a17bd
db0b8fb718e6b7211877ada7715bc9826de57e2755cb67dcdce2f996d8961e5c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df005db28afc7b4cb2fad5d87be9d05750e4c2e16dd49cb3e368a9dbf4040fc4
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c0685328018e58d72238dfc506439992d800d33aedb5ced7878066920b649b
e5087f2fe725886f06c0b83cedba19cde1f087df9d2643c6dcd0adc82c9d72c0
e5cf4a0e494486a94b8badc74fa0fff38aa8bcfb479a183fbc119e2a02bfe392
e6769c4a2decdc92d2e2ac0ae95f6dacd4957e016ebbd5d74929f6412232c3fa
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e8e59600aef82a86c1a49715c6393db5989f9dfe9729dba7fdbc2e2accd02d77
e9cdb633be0027f2fc2814a11a1c93e8f14732e99ec6e47b72f49e8c76904999
ebd9a65d07f9010f987583d3f3e0e6c79febdb5c3515f1cef38290575b59c2c2
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
eec62b9d9d842598020aefa120be6ff12be3fd501b3752996461e42a4fcf58b1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07af3ceaf59fb9f62571cbd7a6ddb2886f90d4ce5cad8de1303beaab7b655c7
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f
f7e9b2cbafcb62022a813afaca27672d7abb1db60268626b7c47e19928e9c263
f9d3016b78add130c49024877c1b3b5b302ed4cb68f48a0650d241396b3b6654
fac6b6bde3598a918af4f50ffd01d9613b00ba883b7f580c9425b2ba8994cf86
fc55cfd04a2d1751807edb58724eb748b3427746807f90cdd71b591e9c15bae2
fcb77f65f1cff04bdccea6ef81fa0b38e22b393a9a6d280339923c559faad8ab