urlscan.io logo urlscan.io
SecurityTrails logo

livehd7.onl Open in urlscan Pro
2606:4700:3033::6815:4db6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://livehd7.onl/
Effective URL: https://livehd7.onl:2096/
Submission: On January 27 via manual from FR — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 46 IPs in 9 countries across 48 domains to perform 256 HTTP transactions. The main IP is 2606:4700:3033::6815:4db6, located in United States and belongs to CLOUDFLARENET, US. The main domain is livehd7.onl.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 3rd 2021. Valid for: a year.
This is the only time livehd7.onl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 49 2606:4700:303... 13335 (CLOUDFLAR...)
26 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 205.185.216.42 20446 (HIGHWINDS3)
17 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
11 2a00:1450:400... 15169 (GOOGLE)
11 142.250.184.226 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 45.133.44.3 7018 (ATT-INTER...)
4 2a0c:5c81:514... 55081 (24SHELLS)
4 2a00:1450:400... 15169 (GOOGLE)
4 213.19.147.42 26120 (RHYTHMONE)
2 178.250.2.131 44788 (ASN-CRITE...)
2 6 185.33.221.14 29990 (ASN-APPNEX)
1 184.31.84.150 16625 (AKAMAI-AS)
2 185.184.8.65 204995 (RTB-HOUSE...)
12 34.149.20.76 15169 (GOOGLE)
2 51.75.86.98 16276 (OVH)
2 4 72.251.249.13 29791 (VOXEL-DOT...)
2 147.75.38.124 54825 (PACKET)
21 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2 185.29.134.244 30419 (MEDIAMATH...)
7 26 142.250.185.162 15169 (GOOGLE)
1 1 151.101.194.49 54113 (FASTLY)
2 66.155.71.150 13768 (COGECO-PEER1)
2 2 18.193.160.53 16509 (AMAZON-02)
2 2 37.157.6.246 198622 (ADFORM)
2 2 69.173.144.139 26667 (RUBICONPR...)
2 2 18.156.0.31 16509 (AMAZON-02)
4 8 2.18.234.21 16625 (AKAMAI-AS)
18 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2 18.196.197.61 16509 (AMAZON-02)
1 1 3.216.174.50 14618 (AMAZON-AES)
1 1 31.172.81.172 44066 (DE-FIRSTC...)
1 1 81.222.128.216 20597 (ELTEL-AS)
2 2 198.47.127.19 3257 (GTT-BACKB...)
1 174.137.133.49 27257 (WEBAIR-IN...)
1 2a00:1450:400... 15169 (GOOGLE)
4 142.250.181.226 15169 (GOOGLE)
2 2a02:2638::3 44788 (ASN-CRITE...)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
3 178.250.0.157 44788 (ASN-CRITE...)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 82.113.101.132 6805 (TDDE-ASN1)
1 141.95.3.40 16276 (OVH)
256 46
49    2606:4700:3033::6815:4db6 (United States)

ASN13335 (CLOUDFLARENET, US)
livehd7.onl
www.livehd7.onl
26    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
jscdn.greeter.me
17    2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)
live.demand.supply
api.demand.supply
2    2606:4700:3030::6815:1641 (United States)

ASN13335 (CLOUDFLARENET, US)
livehd7.vip
1    2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)
kit-pro.fontawesome.com
11    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.nl
11    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
partner.googleadservices.com
securepubads.g.doubleclick.net
7    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
adservice.google.com
2    2a00:1450:400f:80a::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:3037::6815:3471 (United States)

ASN13335 (CLOUDFLARENET, US)
player.adtcdn.com
4    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2606:4700:3033::6815:2de (United States)

ASN13335 (CLOUDFLARENET, US)
adipolo.com
2    45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)
player.aplhb.adipolo.com
player.adtelligent.com
4    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.aplhb.adipolo.com
4    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
4    213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
6    185.33.221.14 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
12    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
2    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
4    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
21    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
26    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    18.193.160.53 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-160-53.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
8    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
18    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
5    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    18.196.197.61 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-197-61.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    3.216.174.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-174-50.compute-1.amazonaws.com
fksnk.com
1    31.172.81.172 (Muehlheim am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.sniperlog.ru
1    81.222.128.216 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad16.adriver.ru
ssp.adriver.ru
2    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    82.113.101.132 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de
portal.o2online.de
1    141.95.3.40 (France)

ASN16276 (OVH, FR)
PTR: p30.id5-sync.com
id5-sync.com
Apex Domain
Subdomains		 Transfer
51 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
484 KB
49 livehd7.onl
livehd7.onl
www.livehd7.onl
347 KB
46 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274
306 KB
18 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255
571 KB
17 demand.supply
live.demand.supply — Cisco Umbrella Rank: 31585
api.demand.supply — Cisco Umbrella Rank: 56143
33 KB
12 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1648
2 KB
10 google.com
adservice.google.com — Cisco Umbrella Rank: 80
www.google.com — Cisco Umbrella Rank: 13
2 KB
9 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 461
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
8 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 722
gum.criteo.com — Cisco Umbrella Rank: 369
mug.criteo.com — Cisco Umbrella Rank: 2864
8 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 241
6 KB
6 adipolo.com
adipolo.com — Cisco Umbrella Rank: 88330
player.aplhb.adipolo.com — Cisco Umbrella Rank: 123508
ghb.aplhb.adipolo.com — Cisco Umbrella Rank: 104453
33 KB
6 google.nl
adservice.google.nl — Cisco Umbrella Rank: 12328
1 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 324
103 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
41 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 690
2 KB
4 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 765
344 B
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
139 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 808
s.tribalfusion.com — Cisco Umbrella Rank: 2305
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 770
r.turn.com — Cisco Umbrella Rank: 3243
878 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 645
56 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 595
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 876
2 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
881 B
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
917 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 608
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
2 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 626
382 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
2 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1204
575 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1056
726 B
2 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5646
356 B
2 adtcdn.com
player.adtcdn.com — Cisco Umbrella Rank: 23756
96 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
2 livehd7.vip
livehd7.vip
1 KB
2 greeter.me
jscdn.greeter.me — Cisco Umbrella Rank: 94996
16 KB
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 596
534 B
1 o2online.de
portal.o2online.de — Cisco Umbrella Rank: 51584
609 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2859
104 B
1 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 5746
233 B
1 adriver.ru
ssp.adriver.ru — Cisco Umbrella Rank: 13446
340 B
1 sniperlog.ru
sync3.sniperlog.ru — Cisco Umbrella Rank: 37090
677 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 4594
612 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
536 B
1 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 5710
4 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 777
644 B
1 fontawesome.com
kit-pro.fontawesome.com — Cisco Umbrella Rank: 21196
50 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
36 KB
256 48
Domain Requested by
35 livehd7.onl 2 redirects livehd7.onl
26 cm.g.doubleclick.net 7 redirects 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
googleads.g.doubleclick.net
26 pagead2.googlesyndication.com livehd7.onl
pagead2.googlesyndication.com
live.demand.supply
tpc.googlesyndication.com
10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
www.googletagservices.com
21 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
livehd7.onl
s0.2mdn.net
18 s0.2mdn.net livehd7.onl
s0.2mdn.net
15 live.demand.supply livehd7.onl
live.demand.supply
14 www.livehd7.onl 14 redirects
12 ssc.33across.com player.adtcdn.com
10 securepubads.g.doubleclick.net jscdn.greeter.me
www.googletagservices.com
securepubads.g.doubleclick.net
livehd7.onl
8 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
6 ib.adnxs.com 2 redirects player.adtcdn.com
googleads.g.doubleclick.net
6 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 adservice.google.nl pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
livehd7.onl
10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 gum.criteo.com 2 redirects static.criteo.net
4 googleads4.g.doubleclick.net livehd7.onl
4 www.google.com tpc.googlesyndication.com
livehd7.onl
10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
4 ap.lijit.com 2 redirects player.adtcdn.com
4 targeting.unrulymedia.com player.adtcdn.com
4 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 ghb.aplhb.adipolo.com player.aplhb.adipolo.com
4 www.googletagservices.com jscdn.greeter.me
10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
livehd7.onl
3 mug.criteo.com
3 www.gstatic.com 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
2 static.criteo.net player.adtcdn.com
static.criteo.net
2 image6.pubmatic.com 2 redirects
2 pm.w55c.net 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 pixel.rubiconproject.com 2 redirects
2 c1.adform.net 2 redirects
2 x.bidswitch.net 2 redirects
2 pixel-sync.sitescout.com 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
2 sync.mathtag.com 2 redirects
2 fonts.googleapis.com 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
2 prebid.a-mo.net player.adtcdn.com
2 onetag-sys.com player.adtcdn.com
2 prebid-eu.creativecdn.com player.adtcdn.com
2 bidder.criteo.com player.adtcdn.com
2 api.demand.supply live.demand.supply
2 player.adtcdn.com jscdn.greeter.me
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 livehd7.vip 2 redirects
2 jscdn.greeter.me livehd7.onl
1 id5-sync.com player.adtcdn.com
1 portal.o2online.de
1 s.tribalfusion.com
1 a.tribalfusion.com 1 redirects
1 dclk-match.dotomi.com 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
1 r.turn.com
1 ad.turn.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 rtb2-useast.e-volution.ai 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
1 ssp.adriver.ru 1 redirects
1 sync3.sniperlog.ru 1 redirects
1 fksnk.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 htlb.casalemedia.com player.adtcdn.com
1 player.adtelligent.com player.adtcdn.com
1 player.aplhb.adipolo.com player.adtcdn.com
1 adipolo.com livehd7.onl
1 partner.googleadservices.com pagead2.googlesyndication.com
1 kit-pro.fontawesome.com livehd7.onl
1 www.googletagmanager.com livehd7.onl
256 64

This site contains links to these domains. Also see Links.

Domain
elshaikh.net
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-03 -
2022-10-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
greeter.me
R3		 2022-01-20 -
2022-04-20		 3 months crt.sh
demand.supply
Cloudflare Inc ECC CA-3		 2021-04-21 -
2022-04-20		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-01 -
2023-01-01		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
player.aplhb.adipolo.com
R3		 2022-01-17 -
2022-04-17		 3 months crt.sh
ghb.aplhb.adipolo.com
ZeroSSL ECC Domain Secure Site CA		 2021-12-12 -
2022-03-12		 3 months crt.sh
player.adtelligent.com
R3		 2022-01-18 -
2022-04-18		 3 months crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2022-01-23 -
2022-04-23		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.a-mo.net
R3		 2021-12-28 -
2022-03-28		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.e-volution.ai
Sectigo RSA Domain Validation Secure Server CA		 2021-09-13 -
2022-10-14		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.o2online.de
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-19 -
2022-02-19		 a year crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh

This page contains 24 frames:

Primary Page: https://livehd7.onl:2096/
Frame ID: CAD6317132069AFD8254E5D807D2088B
Requests: 127 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20190131/zrt_lookup.html
Frame ID: 562983469966CCE1E56707051C1E6CDC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1410072543553213&output=html&adk=1812271804&adf=3025194257&lmt=1643235770&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Flivehd7.onl%3A2096%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643271804051&bpp=3&bdt=162&idt=135&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5038177246020&frm=20&pv=2&ga_vid=542245380.1643271804&ga_sid=1643271804&ga_hid=543678338&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064036%2C31064216&oid=2&pvsid=3658751037657245&pem=201&tmod=445721460&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=153
Frame ID: 0040FE917DC65F976475C7E44DD6106C
Requests: 1 HTTP requests in this frame

Frame: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EE013C0CDA71B2949682D96E7E2E27F8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A31742E509C39C074ABDDFAB56166364
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A79C042C063233D7127B51D54BC509D3
Requests: 2 HTTP requests in this frame

Frame: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 56C714FCFFE7617365E4370BFE6F263A
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/load_preloaded_resource_fy2019.js
Frame ID: 73BFC4DA6BACF24CFA7C7FFDEA16ACEE
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6579B83458F386BA73CF473FAD088830
Requests: 9 HTTP requests in this frame

Frame: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3D8832DA326B792BE3FC49F065D71386
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARiXxqq_ATAB&v=APEucNUo2JigdIouzrQSud6s8_vpwH0p-VmjOmVLMohDGowuei-OKbxPvF9VMkA74-6MnzkO9K9uBS6sIQHPFhfDIA6ud_Wj7Sfn609yy4h2d2AbnhzqhL_UunS22i7vvtxK8PeGHThtZWFtRyhZmhw1XDPzFk1oZXC2tSTlnn42RZHnPDWWPFEHUXe_HqIXcLtt5W-1XOhOfmjPfPvGL8xEqW_iXL9WYg
Frame ID: 416233C9F57233D43A65D58E98306E87
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_zrOB3QLAO_PeBUjEHRsuG2py-ONetXSnj1k1Kpj1HKP-KChB_PHhvg4iBJYBk7IXb53d8m620B15ZJx9eZzxRY1aqJBfv_ltJyZWJ6rtJC-HkjhU2UsdSN0NF0PUADH5hINJEDR9FE87aaGy3qBhoc8l1A&dbm_d=AKAmf-AOapaDYjXlDH7fGoiq-a7S59MmZofpKsHbFHlNwwUmuikr9gX6zHVGKDRIXn1sgfkeFwggfh3dS3QXmgnuXDfMR7HpA9a7Lq-o6KMpVAA9Uj5mMN7pBhLWtYMHvT9gl9Epj9xAlYd0fh8DPmVPNyT_sfKPnVEu4XjR0oOi2oRfXDkIoJKKFes0wrI48e9slBnxDyxgcExKY9DiDaV4nlBjEjlqAvrQA8baSdygw3r5O4mo7LaOjg0Ae0lxb2h5i6lZTR6dsK6ZpVhWlUl7_w8krxUP_Tt2WE_cCwYYtBtlNANAKEW8qjOZZLAIL0OWmr_MSY-vUpgDjyrCe-ZFb7xamMewz2pTkL6McQiTtA_MoIoJCTR6aF5BmcvGSesqnm-DPmtqzwMhNbdj-7Ka-bRxcq3zaLhzcER90smRjyMzaix40e_6Onnhol2SBCd0Tv7TcsUDzau_EAS-COSlq1nhd0fCe1r80u1tv9bIQKIA3hUdFeNe3tk1QGhRDAHsM-xr8B55MPSE8iDmUn5VmWo5bVqowrEFi6aksN3J2r47kXjixZKWe3Gijd7mP1dp27nWt8Nx8RNWX3mqFjkIsRo2EDhzm8liAHI9msgmJouxm2rGh7O5rCB_cDQCvtXMwngD95t2lEjEclniWxy_DyilghOsZI09dr9OX4MPyBddKlPif2_LVUAD8rjWbnqGph4HR6ihdNUZZTIa39Gv7QtIpeWszK3YwcWY2K_FlJNLHlxp3lZ_SCGV6tqDEePBIVod4WMhsbYUoKHVvHElJCWb6o8BHCVi6Y-fJz0TEO4tMQxnqhu2bl6zKnwO6Q9pLfo3H1FFfP-aLnabh92JneCIHeDpufc7uo2djjK870yqGTjTnxCgEFwwYzE7dWgcI3V_xdJbfVn4q5ICd6yCJ7UnHs2vgRyMMPKUfkKmzCUu9njeg2ymrjc2HPQPng3a8zHRLKVkzq7O4Pn9ebkXxsDr_B_oXkpG2UuampGZuVv0cIjL93t30_sjFYjnQByLqkwzarWh-KcCWbcYIXA_oHl02zaa34tWABRDy0iA4cVciG3ykBZsktU1R70RjoBgp1icUJnweX9IpDOn8tjU5u9MwZpiaL9Nw-JM_2SZYr1Ym3wIbWawqBSep3vyg62NmBXik-nz4-bDIxMx1l8yYZaxoGBm0IUMJC9PdcPyND4XAa3xv_beWVWPHmYlJUgCssfnWRn8lZSQj0dfoDiEYh6dOZI-LXmxim_TYZlZkLVtbGhBXuX1U38FeqTag2ndlHT81XXnvkxFxbh6iTfTattKAp7KzxuOIj5CA6l2VBkWFhrB0WZuNyE_w_Q0q7VFiCw99ZXXA_0WPAF_N34hk8MES8xhCbYZQ2q8eOswQIZKJizFROmrdDLSTtA707e815AsENZ2yY1PGZYL_ww1rBv_bai2xM3-KcBNpdWm8yKItLCe-ZvHvLidxHWW3poOU_2WJZSWmORTwVkSmgjk7sl7kuGD4Yzf5-nl8Apl-xqS0rNZTGZxoWG-7VMFQcBhPaz43-rIP85lKDu-LB8MBxWtWwePCA5UraOecg5o7xU1GWG0dei7pLblDGqHeOEhxbVrz8ZBJ9E01Tr9Q2HJ678iFhRfzZj42Sptye7BbusczJvyyNGJeQQsb119JTMhS0NwRLzczJDH1Uoibwm5puBpH0HQDtjcvQwzXdvEEGHcqjZIk2WK3TXOffIdGL_icxXJTXnzXt4iCEsUjGbM189T1Qq8G2wxeueAxQAo3JIhxJv-pFg0GFZwfB-QlIszw9z17gG7vqLy536I61IpQg4hN9G4xntUPa5Ns6gjuZnyTJ8XQ90G5aFh0ZxmdRkJXJ5HSxtCn808ENn40bYt70aZcM6np2GlMjtLaM3Tv1vIR3EU-k6LOnSN99U7myw8BBNK_B9-9ENoUJVhqjgFjr3gODo-2TZaVRf0SJsEKUMPRyCeex1f3dg-cLkP-nHaBibrtm4Krk2CA4FW6ywnbdxDzYCexpVKjZvCvt_p6sh77SunKyy68dbgAIKh3q-XBopZoY_K_-JP-aU2x9LvIfBQz1UGuEESO_ET9XZD63Ww_MsGNrJnXf7bBsC0ik6Zih3zvymAiT8dMibJJnP8rzrmCglGvINmH3lEjeoPjfUJnOIhEsNrX3qHJ5nj-6Y1SpgdFaluBNExrhPjnyOfVz69Sf_lxrzNTbXtdL03y9LMqSzSelE8Hx5AFszzZWuZ1EwIBWKYMQkHLtPT2lzza2z4QiAHUcDKgt84QUC3bp2ENYjTiATcktPncJ_gjb_sS5nR7u570h3hgqbINv9X1532DJ6FiLboYCCx1Mjdv383RtgE1eYDDctC0wXcPdHiJfS55UZ3OCHGKK5RDlb_4ePQoVg2GXjmqhIBrQjVW7S663gKlz3bkr1zX3SAHHCguQFQh2nGYu4KFaojSmXUcfUcnH-aifPhzCX7COvsNE8WuwE8rVY19RYSARRbjkkf1a6Q2MqeMvUNH89S7fmuEvwFbzHFlzxdD70NY-n0qojA9iL5RgYSuOP-JSo_6NQHPG6z2K6EO45OlCDo7KFNeExd-BIBHNbrik-11_627l5BrwmxHqSBz9XddY4n0Vrq6kDkZuDaOpFI-KNFCPAM5tGEvUWTZAwIPOOdB9gqOzb71-3AGsP43w5gdwZzOS7uAZxS4Pf-Q78tztBBC3J2Io2VshntbS16bLOrMhkT-UlDoy8id4l3pAJ6NcVx1Bm4ggLWfc1EASToXQIj0_ffFpKKksI5whczVYQzH3VDpDCbP6GO7huISBOFQAhHa6toU9SRucGlm0o6pTZ8r8t5U-rRp9WBd3DJHhCiil4ZVnPOuL_AC454MvxEyn0600qkEMz3nUUXirY-hPl9H_5pBjd5ZL3_CreJwsltSVyv7uBhRJO_LJ_ANncbFiD6kOtAoLJnUKwXtH0phiPqB13mEDSqW23OyUxLNrdU0JnZDikwW_-LpYTNyC9isxdgjC8krbuLr3cdWsHB-mUdxsV6SX2ngbuIa4kX6U5pMPEBF2FTmVvKB_hlRSk9BsaHDO94SNi76eLfEDL1XjreCshQr2ltFBBVkKavfk6C0AtmiTRDQ4U8Zbr8swaJtNGTixKYM0B3pfDh&cid=CAASEuRoAeJ-VbzaYNDPYVwSEF-rmA&rfl=2%2Chttps%253A%252F%252Flivehd7.onl%253A2096%252F%240
Frame ID: FB2FAB277F8F45322FF8CADE251832AC
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs
Frame ID: 09EA4B64A2FB41F9279A6FC77716C3FB
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 91CA06A2CF2B307429B97BC55AB539EA
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C8563D9031A4D18CB1A2B5ED4E433FB4
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15778784046629838142/970x250.html?e=69&leftOffset=0&topOffset=0&c=kC4D2HVkU2&t=1&renderingType=2
Frame ID: 283B0C31E97ECF4AA9143A09242CD353
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jGbA3lvUbVA_isqhK0kcOmFQnhmy9VywXuVHQ76HhUI.js
Frame ID: 7CC2A412A2314186A2A6E1354ED311C9
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=livehd7.onl
Frame ID: BA8843F0BEFFE334C61DB7B856E035C8
Requests: 2 HTTP requests in this frame

Frame: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7FFD41ADA3BD969831582B63AAF9651F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiA_aO-ATAB&v=APEucNUfxT7kTaI0poUrNLtQ8tV_yrrOoPFP4nP793Zw-xm5rQMzmHxNwdnVV0hviHzQO2Uv89WfoTIPwC7JvEsvw9r7XovJcoY9FzxMzLxgDgm686q8Mf1lem7xTRpsmK5cMXs6LpTywWl9OF7PQTydAdzK7XgERB1srjp2fRY-Vno-0Mq3idU
Frame ID: F92DAF7BDE0432F062C8858CE2E337FE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D5573C89F3CC43D186273F4B7C24F71D
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C6EDD6E3E62C9D120B232F85A296EA57
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2035603817071902720/300x600.html?e=69&leftOffset=0&topOffset=0&c=UD2xLQaAm3&t=1&renderingType=2
Frame ID: C24E761C074769E725BBF83C68A9320D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jGbA3lvUbVA_isqhK0kcOmFQnhmy9VywXuVHQ76HhUI.js
Frame ID: 463ECA7D787424A7AF3B981093BD7202
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

الاسطورة لبث المباريات | livehd7

Page URL History Show full URLs

  1. http://livehd7.onl/ HTTP 301
    https://livehd7.onl/ HTTP 301
    https://livehd7.onl:2096/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Page Statistics

256
Requests

83 %
HTTPS

46 %
IPv6

48
Domains

64
Subdomains

46
IPs

9
Countries

2357 kB
Transfer

5900 kB
Size

45
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://livehd7.onl/ HTTP 301
    https://livehd7.onl/ HTTP 301
    https://livehd7.onl:2096/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A3%D8%B3%D8%AA%D8%B1%D8%A7%D9%84%D9%8A%D8%A7 HTTP 301
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A3%D8%B3%D8%AA%D8%B1%D8%A7%D9%84%D9%8A%D8%A7
Request Chain 7
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D9%81%D9%8A%D8%AA%D9%86%D8%A7%D9%85 HTTP 301
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D9%81%D9%8A%D8%AA%D9%86%D8%A7%D9%85
Request Chain 8
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D9%8A%D8%A7%D8%A8%D8%A7%D9%86 HTTP 301
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D9%8A%D8%A7%D8%A8%D8%A7%D9%86
Request Chain 9
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B5%D9%8A%D9%86 HTTP 301
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B5%D9%8A%D9%86
Request Chain 10
  • https://livehd7.vip/wp-content/uploads/2021/11/SVBzrEoo3aCu2Lw2wcv4LQ_96x96-e1636582459345.png HTTP 301
  • https://livehd7.onl:2096/wp-content/uploads/2021/11/SVBzrEoo3aCu2Lw2wcv4LQ_96x96-e1636582459345.png
Request Chain 11
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D9%83%D9%88%D8%B1%D9%8A%D8%A7%20%D8%A7%D9%84%D8%AC%D9%86%D9%88%D8%A8%D9%8A%D8%A9 HTTP 301
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D9%83%D9%88%D8%B1%D9%8A%D8%A7%20%D8%A7%D9%84%D8%AC%D9%86%D9%88%D8%A8%D9%8A%D8%A9
Request Chain 12
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A5%D9%8A%D8%B1%D8%A7%D9%86 HTTP 301
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A5%D9%8A%D8%B1%D8%A7%D9%86
Request Chain 13
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B9%D8%B1%D8%A7%D9%82 HTTP 301
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B9%D8%B1%D8%A7%D9%82
Request Chain 14
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A5%D9%85%D8%A7%D8%B1%D8%A7%D8%AA HTTP 301
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A5%D9%85%D8%A7%D8%B1%D8%A7%D8%AA
Request Chain 15
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%B3%D9%88%D8%B1%D9%8A%D8%A7 HTTP 301
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%B3%D9%88%D8%B1%D9%8A%D8%A7
Request Chain 16
  • https://livehd7.vip:2096/wp-content/uploads/2021/11/%D8%B3%D9%85%D9%88%D8%AD%D8%A9 HTTP 301
  • https://livehd7.onl:2096/wp-content/uploads/2021/11/%D8%B3%D9%85%D9%88%D8%AD%D8%A9
Request Chain 17
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A3%D9%87%D9%84%D9%8A HTTP 301
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A3%D9%87%D9%84%D9%8A
Request Chain 18
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9 HTTP 301
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9
Request Chain 19
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%B9%D9%85%D8%A7%D9%86 HTTP 301
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%B9%D9%85%D8%A7%D9%86
Request Chain 20
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A5%D9%83%D9%88%D8%A7%D8%AF%D9%88%D8%B1 HTTP 301
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A5%D9%83%D9%88%D8%A7%D8%AF%D9%88%D8%B1
Request Chain 21
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84 HTTP 301
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84
Request Chain 128
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMppq_6Wr9tD1tiuYeu2vxA&google_cver=1&google_push=AYg5qPL2akOliDMJLmFRVco3mCI95cuHqTQEa_5sCJhcQ3r0JFrk2qAoKRnWPfWxuc1iDHRLTbt_RPWxYyeKWpsSfkINXTYq5G7r HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL2akOliDMJLmFRVco3mCI95cuHqTQEa_5sCJhcQ3r0JFrk2qAoKRnWPfWxuc1iDHRLTbt_RPWxYyeKWpsSfkINXTYq5G7r
Request Chain 129
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENMcgCj9YIb6vuiVxf6hVRw&google_cver=1&google_push=AYg5qPKmmXEo10SpgfeHApZ8ArvPtJkAYqeLhlNRMGnqwu8PLXH8tGTTgNt2RQeTyyApQp4dwDoSIH2lYKcXAt84j5uvAjNKueA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENMcgCj9YIb6vuiVxf6hVRw&google_push=AYg5qPKmmXEo10SpgfeHApZ8ArvPtJkAYqeLhlNRMGnqwu8PLXH8tGTTgNt2RQeTyyApQp4dwDoSIH2lYKcXAt84j5uvAjNKueA
Request Chain 131
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFxYw_PoJvBycMyrKp6FOs0&google_cver=1&google_push=AYg5qPL3PxST8kv80Vr-rN0A3slsHeNhuSzN13Yx1O0tLSKcZNFyEAsy3Zm5BjrEbr7gJXDEakRB046ILc4TXOPDd2k4E3nvf0fW HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFxYw_PoJvBycMyrKp6FOs0&google_cver=1&google_push=AYg5qPL3PxST8kv80Vr-rN0A3slsHeNhuSzN13Yx1O0tLSKcZNFyEAsy3Zm5BjrEbr7gJXDEakRB046ILc4TXOPDd2k4E3nvf0fW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL3PxST8kv80Vr-rN0A3slsHeNhuSzN13Yx1O0tLSKcZNFyEAsy3Zm5BjrEbr7gJXDEakRB046ILc4TXOPDd2k4E3nvf0fW&google_hm=62ZAhjshRpu02Esrwe0pXA==
Request Chain 132
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEja2bleQHl9LA7mViBz6wA&google_cver=1&google_push=AYg5qPKPvTb7iv2h3yyXr7xclqkpJyPywZ8M9qyf4gJBlvgPPaDSTre_uDYdJ2gjIRWGLKSD7XRTCJtQnD1zc-hSzBD00rlFej2N HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEja2bleQHl9LA7mViBz6wA&google_cver=1&google_push=AYg5qPKPvTb7iv2h3yyXr7xclqkpJyPywZ8M9qyf4gJBlvgPPaDSTre_uDYdJ2gjIRWGLKSD7XRTCJtQnD1zc-hSzBD00rlFej2N HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzcxOTEwNDY2ODMyMzM2ODMyNg&google_push=AYg5qPKPvTb7iv2h3yyXr7xclqkpJyPywZ8M9qyf4gJBlvgPPaDSTre_uDYdJ2gjIRWGLKSD7XRTCJtQnD1zc-hSzBD00rlFej2N
Request Chain 133
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBLRlxmvGUtvvH0c6tlyjmk&google_cver=1&google_push=AYg5qPLAcAlgS6YEZ3u3MXbf4Cu5g9r66r8zgTsp8aDCPf0uIeleb1PQYwpnRNk2KYXftGJOv4_lVNnmjB5jxmQ6N0ZaOA1KUDeA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXUExTSVUtMjMtQVFUUw==&google_push=AYg5qPLAcAlgS6YEZ3u3MXbf4Cu5g9r66r8zgTsp8aDCPf0uIeleb1PQYwpnRNk2KYXftGJOv4_lVNnmjB5jxmQ6N0ZaOA1KUDeA
Request Chain 134
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEC5zfM47XRDCVF8Ywtdz7Pc&google_cver=1&google_push=AYg5qPLEKwNF3m-2yGOSpYhhUp4oXkA3INYTRgwpskTymBoScRmaLsB0_-vlv5F_a-CcC3Uj2Hw7hW-B68PVS757ysA7teTtHfSQKQ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEC5zfM47XRDCVF8Ywtdz7Pc&google_cver=1&google_push=AYg5qPLEKwNF3m-2yGOSpYhhUp4oXkA3INYTRgwpskTymBoScRmaLsB0_-vlv5F_a-CcC3Uj2Hw7hW-B68PVS757ysA7teTtHfSQKQ&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1fWHl2R0FwRTJ1RWdwTDJ1TUx3ZUxnQVNUcEJWaHV1OH5B&google_push=AYg5qPLEKwNF3m-2yGOSpYhhUp4oXkA3INYTRgwpskTymBoScRmaLsB0_-vlv5F_a-CcC3Uj2Hw7hW-B68PVS757ysA7teTtHfSQKQ
Request Chain 145
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKzPZMV9lbCtP2m_CJW8LyI&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKzPZMV9lbCtP2m_CJW8LyI&google_cver=1&C=1
Request Chain 146
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfJWfjafQ0SNic0uh3E3ngAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIz_usPOzCVfajsYn7KD7k&google_cver=1
Request Chain 147
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMzWEPBsRGu_upjdlNtYFaQ&google_cver=1
Request Chain 148
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU4MDkxMDk2MTQxMzc2NzI4NQ%3D%3D
Request Chain 167
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEL85QYzyPOgsMYoJZQ3_11A&google_cver=1&google_push=AYg5qPJbvOpDNwcmpOcBIUZaqhrGjgUnV6sdgXTf6g4LWiTp2DnT2TfjVKzTG1jy2kj3niyGVe1p9woJSaC5pNzPEVK67P3WEfXk HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEL85QYzyPOgsMYoJZQ3_11A&google_cver=1&google_push=AYg5qPJbvOpDNwcmpOcBIUZaqhrGjgUnV6sdgXTf6g4LWiTp2DnT2TfjVKzTG1jy2kj3niyGVe1p9woJSaC5pNzPEVK67P3WEfXk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ak9VelFSVlgxTmQwM1k1&google_gid=CAESEL85QYzyPOgsMYoJZQ3_11A&google_cver=1&google_push=AYg5qPJbvOpDNwcmpOcBIUZaqhrGjgUnV6sdgXTf6g4LWiTp2DnT2TfjVKzTG1jy2kj3niyGVe1p9woJSaC5pNzPEVK67P3WEfXk
Request Chain 168
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEIuF857nnSyXxMQDh0UEXM&google_cver=1&google_push=AYg5qPIThMFLFC5eu2rdHVtpPKxGVtdvHJzKouvxLXzSgRx-FDIuiOHxLYExP11bH2s1Pz-gWAIiDqB09eUJbcwDbzQnA6aK7nG- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=mTdh8lZ-SACMFBFWf6lTPw&google_push=AYg5qPIThMFLFC5eu2rdHVtpPKxGVtdvHJzKouvxLXzSgRx-FDIuiOHxLYExP11bH2s1Pz-gWAIiDqB09eUJbcwDbzQnA6aK7nG-
Request Chain 169
  • https://fksnk.com/cs/google?google_gid=CAESEOjHAhupDrW6SEhq3h7up6E&google_cver=1&google_push=AYg5qPJXWzCJwnwbVJQnDD4V9-9yr52cRhqU1Da4ZkOzlJE8jfgfNka4MYRMx_b549K_2QTZxrQs-6cJBISd0T1o5yVaeNaF93o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RDcxNzFBMzE5OTAyQjEyOQ==
Request Chain 170
  • https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESECJJbhf8kT3Hbe231XneWVA&google_cver=1&google_push=AYg5qPKw92PAWJFDAAKw_mkNeFo5Mey_IF9aIW-9ZF2Ft-eQrxaxDGtDR73A3DbflJBszKjpzyIikpXPgSSuQQxL6P0A649lehfj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPKw92PAWJFDAAKw_mkNeFo5Mey_IF9aIW-9ZF2Ft-eQrxaxDGtDR73A3DbflJBszKjpzyIikpXPgSSuQQxL6P0A649lehfj
Request Chain 171
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEJWYKDLLils8Lx74-xdC484&google_cver=1&google_push=AYg5qPJjkWlTjgys9cSsKUB9h1tO3168Qio_1KPlK0QZKtCj_TT5261opsguKxFL1TAA7mFUmk5gdnjlPnG2NLTTVMckAlS_hH4_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJjkWlTjgys9cSsKUB9h1tO3168Qio_1KPlK0QZKtCj_TT5261opsguKxFL1TAA7mFUmk5gdnjlPnG2NLTTVMckAlS_hH4_&google_hm=QWQza0ZDdVlVaEhEYVZaZ2hPbUVrSGc=
Request Chain 172
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE85helLdHo3u5pjlBkq8Z8&google_cver=1&google_push=AYg5qPKwol18KP2W8POswoV_zW53lFa4lNhutOIgz6WrxIO2-A5Stfo-RQMAYSUMlDjgUT-1K11xQjOjs1SfpEyqzSydp3b9UXo HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE85helLdHo3u5pjlBkq8Z8&google_cver=1&google_push=AYg5qPKwol18KP2W8POswoV_zW53lFa4lNhutOIgz6WrxIO2-A5Stfo-RQMAYSUMlDjgUT-1K11xQjOjs1SfpEyqzSydp3b9UXo&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8SanfUUWRdOkucYP6-RV4g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKwol18KP2W8POswoV_zW53lFa4lNhutOIgz6WrxIO2-A5Stfo-RQMAYSUMlDjgUT-1K11xQjOjs1SfpEyqzSydp3b9UXo
Request Chain 214
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=livehd7.onl&sn=ChromeSyncframe&so=0&topUrl=livehd7.onl&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=gQ7_eHxYSExHbklSbDhiN2hnMUFiM0lWMU0vdVdQYUVHWEY2dU5EVkZZdGZSMkdIYUxwYy9RaXNUbC9qQmVwQnlPc29kQ080Q080TEJ2MEZxeTA5VTB2S3haeDhLY0h0SU9IOXFyM2FKSWdwQ2M1UzcxQXJjaVBTa2kxQkpTb3g0dzNoaVNlcmYwU1VRMUppb08rcjA4VGNPUW9YaGR4NUdUOGdIa1pUOGJWWTYzQTFVZHJYN3BTZTBVdGtYUzU3VFNuMFVtS3djUG9LUWV1bURONzZmZndqblM5ZElCb24rLzFjeFFIK3VGaUx3RTV0VkVJdGdLM3BMWTZoTnJDNmw0SnlsaFBOWnhMeS9HNVBGQnpSZkY1d3pUUT09fA&cppv=2
Request Chain 223
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIz_usPOzCVfajsYn7KD7k&google_cver=1
Request Chain 224
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfJWfjafQ0SNic0uh3E3ngAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIz_usPOzCVfajsYn7KD7k&google_cver=1
Request Chain 225
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEE_cR1NzNeNN9K2gVPRu1wU&google_cver=1
Request Chain 226
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU4MDkxMDk2MTQxMzc2NzI4NQ%3D%3D
Request Chain 234
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBoIaxuFMvW7TlyyRXconI0&google_cver=1&google_push=AYg5qPJETwk0OJetyxstnXxD6xejLMesWl3rIn5a4YUbrfeqBUxwHwe8RScx9bokuwPr9iCnKcAmPsPQ7wXEyCp0RGy0t8nrFA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDM5MDI0MjI1NjA4NjUxODc4NA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBoIaxuFMvW7TlyyRXconI0&google_cver=1
Request Chain 236
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDFAkWB5MQ19rReFO4-fEaI&google_cver=1&google_push=AYg5qPK7qOnKJ1GJGuRMxKk4I6lZP_ZVqS_fJrjzKN8I2yDuTEedN-Rlb_fT7ERe7Sc61cZnvrczowWyYt2TymFdAm3FMnpKvT4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPK7qOnKJ1GJGuRMxKk4I6lZP_ZVqS_fJrjzKN8I2yDuTEedN-Rlb_fT7ERe7Sc61cZnvrczowWyYt2TymFdAm3FMnpKvT4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDFAkWB5MQ19rReFO4-fEaI&google_cver=1&google_push=AYg5qPK7qOnKJ1GJGuRMxKk4I6lZP_ZVqS_fJrjzKN8I2yDuTEedN-Rlb_fT7ERe7Sc61cZnvrczowWyYt2TymFdAm3FMnpKvT4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPK7qOnKJ1GJGuRMxKk4I6lZP_ZVqS_fJrjzKN8I2yDuTEedN-Rlb_fT7ERe7Sc61cZnvrczowWyYt2TymFdAm3FMnpKvT4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 238
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEM7rLjtg_FuFfdkUjZukym0&google_cver=1&google_push=AYg5qPI_7a7pG3fnOqnZciPC6zwu-HcHVc7_P5r3FJlXSTy5cHax36JLRjjARsoxciFPmMNIFI68ydMflEFk2y9LlfVvp_aSti8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXUExUWjAtVy0zR1RN&google_push=AYg5qPI_7a7pG3fnOqnZciPC6zwu-HcHVc7_P5r3FJlXSTy5cHax36JLRjjARsoxciFPmMNIFI68ydMflEFk2y9LlfVvp_aSti8
Request Chain 239
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEM3crKHvlGpVSixu9Q3MbpY&google_cver=1&google_push=AYg5qPKsef8R72QcxTHWqgJM6SdRQzsMiyjoptrdIsVzUatGaSfuAIlZWyyZsdEwzukJzGe0fqTXPmSobxm6EJA9S5F0wkQuRAU HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEM3crKHvlGpVSixu9Q3MbpY&google_cver=1&google_push=AYg5qPKsef8R72QcxTHWqgJM6SdRQzsMiyjoptrdIsVzUatGaSfuAIlZWyyZsdEwzukJzGe0fqTXPmSobxm6EJA9S5F0wkQuRAU&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKsef8R72QcxTHWqgJM6SdRQzsMiyjoptrdIsVzUatGaSfuAIlZWyyZsdEwzukJzGe0fqTXPmSobxm6EJA9S5F0wkQuRAU&google_hm=2d737e6a217d7d28ae381cad
Request Chain 257
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flivehd7.onl%3A2096%2F&domain=livehd7.onl&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=RUNVkHxYamFjZXlabGQ2UlZid3NMaUFGM05NQlFjRHN1UXZUZDJXUlRUR1NYcU9CN0pvS0FhejFaOGFvKzdkdUU2Y2pJaUFrclVieHZ5eDdpMm0zTDZOOUx5cVY3ejV6cnVzR3lFS2p3bDFEMmZ6ZjhiWUFMVy8xSjhRNERWMFRLWkk0Sy9lYVJsOVYxTmRXaG1ia0pWbFc0azd4WkJ4b2dQUklnM3JQNENpb1JiZlNFUlBvMndFUkxPZWhVRDJ4ZWVPb25FQ3lweW44bFEvNFJpMHBKWXhIR21ZQW02VUNPNGlqb2JHRjZpbVBWMkphS2ExdUd3bWZPdTNJcjhNZjF1eFB5Vk1oUlA2NC9takNBd24ramdPa0VaUT09fA&cppv=2

256 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
livehd7.onl/
Redirect Chain
  • http://livehd7.onl/
  • https://livehd7.onl/
  • https://livehd7.onl:2096/
191 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://livehd7.onl:2096/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3498958b69bfc948fd7684d9a61214c718da38be2698d0561049621422acaca9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Thu, 27 Jan 2022 08:23:23 GMT
content-type
text/html
last-modified
Wed, 26 Jan 2022 22:22:50 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7b5anCr%2FiuMSn5gNHGB%2F9Y9tmRJr9XmfWY0fDGya%2F5wcfpadQJXglc%2Ffc7l3sRqtUZh6lmLk4iceWEWPOhnuSCLG8z3Mud%2FPBR%2BhN6pco1ejdoHdxM%2B%2BVb7qDhzBD8KAMwyN6%2B%2B6eSUWTzat8VN"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d409425eab58fe3-FRA
content-encoding
br
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400

Redirect headers

date
Thu, 27 Jan 2022 08:23:23 GMT
content-type
text/html
location
https://livehd7.onl:2096/
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0G1oT83T3hDM45N%2BpVl4bpzUCCm6phxxts4GB%2Bo6JIfMCK6omWv9AwkLZtEk1ESS8ObXjmJIwl0CHIFw2so9vh2gOSuiRbB00jNrr6WjCHR1jcBb0Tl1kSUHZ44MMGNrJNRpozaG4mdr7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d4094254b439214-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
livehd7.onl/wp-content/themes/YallaShoot/ 		36 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://livehd7.onl:2096/wp-content/themes/YallaShoot/style.css?1597285340
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a15c58faa5a5944c528c5e384d57ae892428e5fe0c072161a81891b40c39e9f

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 11 Jan 2022 02:28:21 GMT
server
cloudflare
etag
W/"61dceb45-8ef6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6a1ur5kRRLuIvIFHXsuNYU3hxL85aVuoiE%2BYY1eM35Fw8JLm6JkQsguSRIeWLXXiX8EDqZjOarZ0sHAgwQadXea4sWeNf%2FWZ%2FIY944nPuUkP5dsdzTPIS8vGHECzNk0pkFzCtgGn%2FfoWzsM9gt1x"}],"group":"cf-nel","max_age":604800}
content-type
text/css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4094267bbd8fe3-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1410072543553213
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a433c5974d49682a17d9ed30b55797e88ce651766525cbcf104a2e4b137078c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://livehd7.onl:2096/
Origin
https://livehd7.onl:2096
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52489
x-xss-protection
0
server
cafe
etag
8537061676152658398
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 27 Jan 2022 08:23:23 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-146139292-8
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8ce9f3e3e7309d1187993bcf2d726c85637563ceba2e558910b96274d726bd7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35987
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 27 Jan 2022 08:23:23 GMT
livehd7tophead.js
jscdn.greeter.me/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jscdn.greeter.me/livehd7tophead.js
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
aff891386f526cb11ef9c7321ccc49937bad6688a2e802669c299455a10c2105
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 08:23:23 GMT
Connection
Keep-Alive
Last-Modified
Tue, 23 Nov 2021 11:40:53 GMT
x-amz-request-id
tx0000000000001153bde53-0061f25294-25d8085a-fra1b
etag
"ab766586cc50975849ca8f1e7a2f84ff"
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1643271803.dop125.am5.t,1643271803.cds226.am5.shn,1643271803.dop125.am5.t,1643271803.cds268.am5.c
Content-Type
text/javascript
Cache-Control
max-age=2601
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
7630
livehd7topdynamic.js
jscdn.greeter.me/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jscdn.greeter.me/livehd7topdynamic.js
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
a944e9ecf7f5e66cf37cde06e51254816fd6d0eff4919f6409f33631dcfb484e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 08:23:23 GMT
Connection
Keep-Alive
Last-Modified
Thu, 23 Dec 2021 12:53:06 GMT
x-amz-request-id
tx0000000000001154788ad-0061f2541a-25d72b1f-fra1b
etag
"3db9377300557f315bda29ee51cacf3e"
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1643271803.dop246.am5.t,1643271803.cds153.am5.shn,1643271803.dop246.am5.t,1643271803.cds240.am5.c
Content-Type
text/javascript
Cache-Control
max-age=2991
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
7970
up.js
live.demand.supply/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/up.js
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58e4a40ec73bd5f84c8d02e01b154eb9824e8a97ca6290c43eef7f09cc7fd996

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FT8129A5QE1ARG167RMH363A
date
Thu, 27 Jan 2022 08:23:24 GMT
content-encoding
br
cf-cache-status
HIT
age
326
cf-polished
origSize=3935
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
cf-bgj
minify
server
cloudflare
etag
W/"59de6717fa079a1bdca61971e7fc88e1-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
6d409426d8d090a3-FRA
link
<https://live.demand.supply/impl.v14.0.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v14-0-0/bGl2ZWhkNy5vbmw6MjA5Ni8=>; rel=preload; as=script
%D8%A3%D8%B3%D8%AA%D8%B1%D8%A7%D9%84%D9%8A%D8%A7
livehd7.onl/wp-content/uploads/2021/10/
Redirect Chain
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A3%D8%B3%D8%AA%D8%B1%D8%A7%D9%84%D9%8A%D8%A7
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A3%D8%B3%D8%AA%D8%B1%D8%A7%D9%84%D9%8A%D8%A7
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A3%D8%B3%D8%AA%D8%B1%D8%A7%D9%84%D9%8A%D8%A7
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90b0efe6cbe692bfd07130106bf3767af38ac06c7b991d930bf4607cf0fffe02

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:24 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 07 Oct 2021 09:16:30 GMT
server
cloudflare
etag
"615ebaee-1b47"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8SmbTTvGv1Wk6K7am%2FWR68KjiCG7RdHG0ivOn9KPnonTzSpGhBrDBKOxbNNZPKhwTs%2BZk99XrkSXWu1ZJo8KejLQ0vExVFLNA1DhT5t0Flp%2B4iHin2bbOc9rhx%2Bx4X3UNeF0nkYg5AdWSMe2mjQ"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
6d4094278e529237-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
6983

Redirect headers

date
Thu, 27 Jan 2022 08:23:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9sofOVouUhfAOejFFAGaB0BtnhxoZ%2F43qvBtD9QBDhF3bgg0oq%2FZJWh0fyKmdd%2BWgk8%2FuB6IVF6lM8g3uSqdgTyrItW%2BWhkVybwROWII489%2BhZeSbWH8I6BdcLyu8fR2uMFnQARBKSqC5N02Ixg%3D"}],"group":"cf-nel","max_age":604800}
location
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A3%D8%B3%D8%AA%D8%B1%D8%A7%D9%84%D9%8A%D8%A7
cache-control
max-age=3600
cf-ray
6d4094272f919214-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 27 Jan 2022 09:23:24 GMT
%D9%81%D9%8A%D8%AA%D9%86%D8%A7%D9%85
livehd7.onl/wp-content/uploads/2021/10/
Redirect Chain
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D9%81%D9%8A%D8%AA%D9%86%D8%A7%D9%85
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D9%81%D9%8A%D8%AA%D9%86%D8%A7%D9%85
5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D9%81%D9%8A%D8%AA%D9%86%D8%A7%D9%85
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f60c80eb2a99459ad969dc5a3fce85ac70749bee5045c988b2ca6ca4a029030

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:24 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 11 Oct 2021 21:59:20 GMT
server
cloudflare
etag
"6164b3b8-1512"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOK1g4sYmYkzq0kDTYUKAHAwoYheHRYWzx3gjeGV2QxstHNi3rc%2FY0AkfsyIxA6CbldzuWEXHiXXHgImXb3egcQD%2B%2BwOWtmnZpoP4zko615cw3AOeGnwBJ2UiiPqOXPaNyHe7LBHoyczxYKsUoO4"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
6d4094278e509237-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
5394

Redirect headers

date
Thu, 27 Jan 2022 08:23:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Y6GOwfenRK4dQOx%2BPg7XvmMKof2v5Qkr7lfiV3wQra%2BShb8DbBnKonRjC0NyKchBeV5gDnRdvNYdHI99vxkxfjOuHn5kpsdXVxPnyYPPoPOIk5Pvy1Q17xZ9cBtQAhl6I4MRZqS9mHQtmSpBFE%3D"}],"group":"cf-nel","max_age":604800}
location
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D9%81%D9%8A%D8%AA%D9%86%D8%A7%D9%85
cache-control
max-age=3600
cf-ray
6d4094272f959214-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 27 Jan 2022 09:23:24 GMT
%D8%A7%D9%84%D9%8A%D8%A7%D8%A8%D8%A7%D9%86
livehd7.onl/wp-content/uploads/2021/10/
Redirect Chain
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D9%8A%D8%A7%D8%A8%D8%A7%D9%86
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D9%8A%D8%A7%D8%A8%D8%A7%D9%86
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D9%8A%D8%A7%D8%A8%D8%A7%D9%86
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f17cee0cd55564321e8c60a25aecd63564b67a60a9eb2f7892302fad3703de39

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:24 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 07 Oct 2021 09:16:47 GMT
server
cloudflare
etag
"615ebaff-107b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MoU9hjRk%2BqajJ6PbPxFzfctvVbIvXTVOsn4yWqm%2BI%2Fmn1Zx%2BSF7ygUdGkqcnUTUTEpcBf96q2cfzs%2FX871G%2F6f2sUGlijRb72K4iN%2F5SAVO0TUB8Cyc11yBdDzjeWEfuFInembXfBZYrDMmHZEX"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
6d4094278e549237-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
4219

Redirect headers

date
Thu, 27 Jan 2022 08:23:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9fNRUbYDI9aPRmF4MySfJx6sA8ohDb3PSdOIe3JOQ1hSo5DamGTxI5PqqWD%2FVoS%2FINQzqFZ1yT%2BzJok0gTdUDjLPvE03xqQMlOfgmbaLWb8hSGRAufjnMtG9YnucSP8Sn9mlmSP%2B%2F%2B7vMZUPok%3D"}],"group":"cf-nel","max_age":604800}
location
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D9%8A%D8%A7%D8%A8%D8%A7%D9%86
cache-control
max-age=3600
cf-ray
6d4094272f979214-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 27 Jan 2022 09:23:24 GMT
%D8%A7%D9%84%D8%B5%D9%8A%D9%86
livehd7.onl/wp-content/uploads/2021/10/
Redirect Chain
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B5%D9%8A%D9%86
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B5%D9%8A%D9%86
5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B5%D9%8A%D9%86
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6e0c2f684b8a342ffa8d24d001f77c8ecff7b62d2fd816d6f3c26460e23d3a9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:24 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 11 Oct 2021 21:57:13 GMT
server
cloudflare
etag
"6164b339-13f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hulHhgVBTFZsucoC7Qr3uEdHnlm1V%2BeZ%2FlzlJ8zRYZAtw9F5NIJMoccu9xnFKXzDPWrXbxsJELwr3UtvDABg9OUNrVpP0%2FGWVIK1nDa4me5x9mR6WmhDm0L9cY7%2BPoYlbIztHpRqQc5pl2F65cE6"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
6d4094278e5a9237-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
5106

Redirect headers

date
Thu, 27 Jan 2022 08:23:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SG3vzJETOOJhMwqdEkB1lsdWN3ldnKGMKhI7%2FrQ7XpdzrJPb8f3FLln8wJ66Prf8hOwdX7UZcJK%2FIC6MXwtVLIGmuCnQibZxPR0mxULgEVHa%2F9eN0RTEvs0knxwH37zUqshVuYBvOquIKBxT5LM%3D"}],"group":"cf-nel","max_age":604800}
location
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B5%D9%8A%D9%86
cache-control
max-age=3600
cf-ray
6d4094272f999214-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 27 Jan 2022 09:23:24 GMT
SVBzrEoo3aCu2Lw2wcv4LQ_96x96-e1636582459345.png
livehd7.onl/wp-content/uploads/2021/11/
Redirect Chain
  • https://livehd7.vip/wp-content/uploads/2021/11/SVBzrEoo3aCu2Lw2wcv4LQ_96x96-e1636582459345.png
  • https://livehd7.onl:2096/wp-content/uploads/2021/11/SVBzrEoo3aCu2Lw2wcv4LQ_96x96-e1636582459345.png
2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/11/SVBzrEoo3aCu2Lw2wcv4LQ_96x96-e1636582459345.png
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04d621e619931739cfbf3b34649f09fbb70d3f0d0a8d8726101b6130f6be3e96

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:24 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 10 Nov 2021 23:00:04 GMT
server
cloudflare
etag
"618c4ef4-9bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfhz7XiVKZD6Zw5lvQqTS406Ip135r2Ktr6pYaKNxEkSdEYdVBfIzTj4jES%2FZ53pcACLqz%2B071cMd8OrYpG3tm%2FL9IlLzrc%2FbOZaKIbw%2BODal588DEogVgPNJCH9mJ1HaPoxfT7d97vIpQasYh09"}],"group":"cf-nel","max_age":604800}
content-type
image/png
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d4094270d2d9237-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
2495

Redirect headers

date
Thu, 27 Jan 2022 08:23:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFarNcxNfu3R84oHYM0uiBTYkDM5A26rZvCo%2Fshq4pcnQ3b6sPTxpDtUkQF0Lqax3qhUtfmPh9F4N4fTYJi2j6NXsiFVVKqNXtwqLzbdSPjiPAx3Hj%2FB9OqRlaPyvj%2FC5TJjPFjS3DcWmA%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://livehd7.onl:2096/wp-content/uploads/2021/11/SVBzrEoo3aCu2Lw2wcv4LQ_96x96-e1636582459345.png
cache-control
max-age=3600
cf-ray
6d409426d8485b4a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 27 Jan 2022 09:23:23 GMT
%D9%83%D9%88%D8%B1%D9%8A%D8%A7%20%D8%A7%D9%84%D8%AC%D9%86%D9%88%D8%A8%D9%8A%D8%A9
livehd7.onl/wp-content/uploads/2021/10/
Redirect Chain
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D9%83%D9%88%D8%B1%D9%8A%D8%A7%20%D8%A7%D9%84%D8%AC%D9%86%D9%88%D8%A8%D9%8A%D8%A9
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D9%83%D9%88%D8%B1%D9%8A%D8%A7%20%D8%A7%D9%84%D8%AC%D9%86%D9%88%D8%A8%D9%8A%D8%A9
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D9%83%D9%88%D8%B1%D9%8A%D8%A7%20%D8%A7%D9%84%D8%AC%D9%86%D9%88%D8%A8%D9%8A%D8%A9
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c72cba63484e9b5d152d2ae5f8deaa9e074f599c1b9d12fea38d0267db3b772

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:24 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 07 Oct 2021 09:43:50 GMT
server
cloudflare
etag
"615ec156-1a86"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10Vs1%2FBQLW7Z%2BZKLyq9T%2Fi7Eghwzj9dktoUoOzDxFGJS1fYwGn6FOdFt9kxt36%2BKlFtg%2BdbCVyDifdMJTabryjLpe5mLW5b%2Fd0SXzxdqcwxFJ1jHkyGcKfYtoyYfpX0h4fzFDh4Rts3NjoDH2DvH"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
6d4094278e589237-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
6790

Redirect headers

date
Thu, 27 Jan 2022 08:23:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3L2lBXYlaoXvNe922O3nCJ0FSB4ieCLvI7qDq1AzW0PI3WjneQ6iFyx4xce%2B%2FJXHcJikEmx3aYeaUq67litPXt8RYDsJ%2F8BJp7tkDkKc8elElDq8LLc0PNpiRN9Wg%2Fh26ru6BCkg2T9baF5OxQ%3D"}],"group":"cf-nel","max_age":604800}
location
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D9%83%D9%88%D8%B1%D9%8A%D8%A7%20%D8%A7%D9%84%D8%AC%D9%86%D9%88%D8%A8%D9%8A%D8%A9
cache-control
max-age=3600
cf-ray
6d4094272f9a9214-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 27 Jan 2022 09:23:24 GMT
%D8%A5%D9%8A%D8%B1%D8%A7%D9%86
livehd7.onl/wp-content/uploads/2021/10/
Redirect Chain
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A5%D9%8A%D8%B1%D8%A7%D9%86
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A5%D9%8A%D8%B1%D8%A7%D9%86
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A5%D9%8A%D8%B1%D8%A7%D9%86
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb426d0a0f9eae681050bc1c0cd013c50f0ca7eb7985eb25a7b1fe8a21064fae

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:24 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 07 Oct 2021 09:17:20 GMT
server
cloudflare
etag
"615ebb20-1bcb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EoRRF0Zs5zIQ%2FmuA%2FH2Izukz%2ByVUS5%2FaFuH68j4os6KJD0ooToHdnPGeR9tbdVx4s8TBCXtdpDNgRbip8dALlADaI9hDXyeyIbX8T5E9%2Fon8GJh6akAiXpQkcCvb73NcDyASyGrnO4vm9IGHzlFe"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
6d4094278e5c9237-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
7115

Redirect headers

date
Thu, 27 Jan 2022 08:23:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FFHJ4EDLgIjagJWeiNVxbPgOC1dVE6b2FcO40%2BF%2FZy49v6VppbfB%2FtoP%2BMUdp%2FQkQjPW6FOjlC914D2X2oAKEiqqQa77bBqeQUYyXVz2Kra6d26%2BV6U4L7jqjvPaWP94AifuuJyODcUk4h1Nu4%3D"}],"group":"cf-nel","max_age":604800}
location
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A5%D9%8A%D8%B1%D8%A7%D9%86
cache-control
max-age=3600
cf-ray
6d4094272f9c9214-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 27 Jan 2022 09:23:24 GMT
%D8%A7%D9%84%D8%B9%D8%B1%D8%A7%D9%82
livehd7.onl/wp-content/uploads/2021/10/
Redirect Chain
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B9%D8%B1%D8%A7%D9%82
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B9%D8%B1%D8%A7%D9%82
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B9%D8%B1%D8%A7%D9%82
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d2ff84f282acf57a96823d988b3aaed0ea0cdb0426af23bc0c243e8d8d22bd2

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:24 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 07 Oct 2021 09:17:32 GMT
server
cloudflare
etag
"615ebb2c-125b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rKwKA435E%2BcnspZvpeOVAXteFvj1cW4CYTvbR29rE4gjG1O%2FTMmYFqvQ2GHXUkGMMb1iebDFiU4TAQ%2Bm0Euf3s6kv12Jb4g%2FsUwDhH9YPVEOIlA3wYsGNORR3%2Bz7BEUFG2Udr8pHgtLnF8gKzr1W"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
6d4094280f429237-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
4699

Redirect headers

date
Thu, 27 Jan 2022 08:23:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p2641htfl6N3oqumhMzBWP2uulY1GC3yVlcbKSL6qToXesJ%2BmgEz5n54cI6ELECP02H4D4cvDPRCrIdC2pvopPSJDbtKYItr4P7xzrtO9lHWXFdlF7bHrBQk6jJeJwjVO2wCWPke8xdq0Vf8Pk0%3D"}],"group":"cf-nel","max_age":604800}
location
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B9%D8%B1%D8%A7%D9%82
cache-control
max-age=3600
cf-ray
6d409427bdb590a2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 27 Jan 2022 09:23:24 GMT
%D8%A7%D9%84%D8%A5%D9%85%D8%A7%D8%B1%D8%A7%D8%AA
livehd7.onl/wp-content/uploads/2021/10/
Redirect Chain
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A5%D9%85%D8%A7%D8%B1%D8%A7%D8%AA
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A5%D9%85%D8%A7%D8%B1%D8%A7%D8%AA
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A5%D9%85%D8%A7%D8%B1%D8%A7%D8%AA
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd751e14fe58f1186d1e7a8800fc3996ff49c8ea2803b5d5a0c218855385c2ba

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:24 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 07 Oct 2021 09:17:20 GMT
server
cloudflare
etag
"615ebb20-ffa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jK1jnVPrFZIZyPa2URa4aZu284MRxjOLWyIMsvki7qhUJUimysE848uizvZfWjIct%2BCWLy2GTkjwFcUl7M7lDNaMOrRZt%2FlzDZkOuzcoXwLcYLX8dkFtImZGjbtwbbiEJ1pZn54bcAbGf3uW%2B2ZO"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
6d4094280f479237-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
4090

Redirect headers

date
Thu, 27 Jan 2022 08:23:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyBZ4k%2Bx5xj2PPWSJvJiN6Da5wXQrixnP3sf06uL5vt2UA7usp301HW6qeJ3IXCNVKD3zwh6ZKN4%2BYiiFJK%2FseSmBhma%2B%2FoeTkJF%2B88EFhkJjRCLzxmoIYQYCXdsX5dlkx3TQ0bRpMyzTNvY8Cs%3D"}],"group":"cf-nel","max_age":604800}
location
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A5%D9%85%D8%A7%D8%B1%D8%A7%D8%AA
cache-control
max-age=3600
cf-ray
6d409427bdb490a2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 27 Jan 2022 09:23:24 GMT
%D8%B3%D9%88%D8%B1%D9%8A%D8%A7
livehd7.onl/wp-content/uploads/2021/10/
Redirect Chain
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%B3%D9%88%D8%B1%D9%8A%D8%A7
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%B3%D9%88%D8%B1%D9%8A%D8%A7
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%B3%D9%88%D8%B1%D9%8A%D8%A7
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
273abeffc139916ebed51ca83efd384b27829f822a3b49ff13a2f27294435776

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:24 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 07 Oct 2021 09:43:50 GMT
server
cloudflare
etag
"615ec156-1086"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CdNIfnvGmG1uxfMaXgvAfD%2FSlDGrxRwei%2BuX6C3b7TmWK8nx0FNDCwSq%2FHeRBX%2BWTXFXXOa8lf46EG2qtEj7T7t7tdj5Y8bTlOXfHC4WUEyNDuktf3UZmQt07CHEDfrhVmq55TVo177t%2FE39%2Fxui"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
6d409427ff219237-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
4230

Redirect headers

date
Thu, 27 Jan 2022 08:23:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehiRIKsPZQiHzzA39MiD7ix%2B7C4A4KspJV7JyrLDPVYwsW7u4pz4mbGYAo67%2Fxzfm7c%2B9ud7voPBE%2FpSQMywtOkHCbqztNn6ztFKOLi4XdbE2DFPufqqjFjNlLTkTxXeHxUZcNZw%2F8fiw0GEhfE%3D"}],"group":"cf-nel","max_age":604800}
location
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%B3%D9%88%D8%B1%D9%8A%D8%A7
cache-control
max-age=3600
cf-ray
6d409427bdae90a2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 27 Jan 2022 09:23:24 GMT
%D8%B3%D9%85%D9%88%D8%AD%D8%A9
livehd7.onl/wp-content/uploads/2021/11/
Redirect Chain
  • https://livehd7.vip:2096/wp-content/uploads/2021/11/%D8%B3%D9%85%D9%88%D8%AD%D8%A9
  • https://livehd7.onl:2096/wp-content/uploads/2021/11/%D8%B3%D9%85%D9%88%D8%AD%D8%A9
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/11/%D8%B3%D9%85%D9%88%D8%AD%D8%A9
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7dc701d43e74c1f69418e99a2870c4ee95a0a0b08ca9a7585b237900313bbf6

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:24 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 24 Nov 2021 22:20:33 GMT
server
cloudflare
etag
"619ebab1-2648"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8STjbh%2Bte1t52epMTXpCfhkrXjd%2BhL6XlRFgWtkcpxmDhYF%2BLsEE%2BBVv%2BZQSf1nCh13EkxAeAGOnh05PfgiH3xFZW6WWc%2FaidxXRdQNG0Dt7IHXhg237OkWu%2FFkmdKZB2QIif%2B6fUbRmbffclz8"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
6d409427ae949237-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
9800

Redirect headers

date
Thu, 27 Jan 2022 08:23:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3lO5A3tO2dwYnL81Wu6t0yUqgnTHeVuCeevyuooItvZ1qEW5AL4nrM%2FganBhaPzEaTmTTO2fksYYzYyTD1NV2PPAi4nwljZ5gxsVDcDkhvvBMo%2FaV1IuMreEIql1nj3ALnyAMJ%2BSVqftOA9HHFjR"}],"group":"cf-nel","max_age":604800}
location
https://livehd7.onl:2096/wp-content/uploads/2021/11/%D8%B3%D9%85%D9%88%D8%AD%D8%A9
cache-control
max-age=3600
cf-ray
6d4094277fc29229-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
expires
Thu, 27 Jan 2022 09:23:24 GMT
%D8%A7%D9%84%D8%A3%D9%87%D9%84%D9%8A
livehd7.onl/wp-content/uploads/2021/10/
Redirect Chain
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A3%D9%87%D9%84%D9%8A
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A3%D9%87%D9%84%D9%8A
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A3%D9%87%D9%84%D9%8A
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cb51f9d777bb08bdbdfef5969dba818cdddbc595b70fbb1ac48a4dff8d85d3f

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:24 GMT
cf-cache-status
DYNAMIC
last-modified
Fri, 15 Oct 2021 21:17:24 GMT
server
cloudflare
etag
"6169efe4-1b72"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9XVNH1NfRvr1naABOuP2snZYxqeL4xXP9mOPr6iOiI0nk1rd7bPOOGPiRctV0k3H8ptVZoV5lrgH1RboglL4HNpLdDm2hOXRrlUttiQqHhaSmdeKbGPUljnC30xw84uxYkrJ5NXbPzuRwrDKBs4d"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
6d409427ff239237-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
7026

Redirect headers

date
Thu, 27 Jan 2022 08:23:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YjRGXHJH3wWmG%2F0MOPlkhmpoGOWQw5aZDB9LpcGB06nBiwszIEWySwcFzXauF8rqaf6v%2FahTZ%2FKFb7XM46Dll2wuLity3EB4LarU5zU8E1LepSexuQbRkrZp7crC65ddiBPz2L0%2FIEr8Pn2Oo5U%3D"}],"group":"cf-nel","max_age":604800}
location
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A3%D9%87%D9%84%D9%8A
cache-control
max-age=3600
cf-ray
6d409427bdb390a2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 27 Jan 2022 09:23:24 GMT
%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9
livehd7.onl/wp-content/uploads/2021/10/
Redirect Chain
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9
6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55086289fc50f2edb6677074d247bcc8700b40b7990ee6aa47babf613da97dcf

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:24 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 07 Oct 2021 09:16:46 GMT
server
cloudflare
etag
"615ebafe-18c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DN51M59BxSYkb37Rloet4RRTBbFAk7KmGv%2FjCqY9V9zQd12UZEQdxjzzJBL6ATDTN1k%2BBzjyHr%2FZD8YG%2BbK%2F95Uhu4XjXgta8gPZgrz1RXXS8mupqOWa5xUXitQRTPsUbHneFfNDL4CQzn96bVmy"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
6d409427ff259237-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
6341

Redirect headers

date
Thu, 27 Jan 2022 08:23:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1wrws3p1xyZqE3rkdrxyzSN8dcqcGed9W7UkLFZbxkFjc9zqrJ5pOWXQILC4mdl4oqdK%2FQO6w5%2BDCqTPJMsw0XGALG0YjhD5T9JbQt7YqZIoFhP%2Bc4EMhE68016jYZgmPlDRrlOdTekVmb%2FbTE%3D"}],"group":"cf-nel","max_age":604800}
location
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9
cache-control
max-age=3600
cf-ray
6d409427bdb790a2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 27 Jan 2022 09:23:24 GMT
%D8%B9%D9%85%D8%A7%D9%86
livehd7.onl/wp-content/uploads/2021/10/
Redirect Chain
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%B9%D9%85%D8%A7%D9%86
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%B9%D9%85%D8%A7%D9%86
5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%B9%D9%85%D8%A7%D9%86
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e6845bbfc6fc8e3491a0205e2f581cc5e341f448fdba6d9780ad47846561e30

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:24 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 07 Oct 2021 09:16:30 GMT
server
cloudflare
etag
"615ebaee-15de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28hD4kobjLCATpMAuYQu8GkzW8CFvl%2FVouDQHqPhGYTFob2BBLocS%2FubERm2KqTqGBXXBrPJhwAi%2F9WiybaQukXLveQIB1lsVrVSUeaXM1YNoAhBuHxc6M3XP0nBfd0jt9%2BbKpesTb%2BY%2BnFI2zA9"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
6d4094281f589237-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
5598

Redirect headers

date
Thu, 27 Jan 2022 08:23:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pl5KrVAbuunhZSzHci101vdFAF5twiAYQztwfPiLIMka9p7ZTzh8GKcqhT6r3jAUgXCtZMuhhYAGkcet0nLSDnAvbopGBjE4ctM8FO59Wl2suNmoc9YOGOmElrtWOcpkgVg4L%2Fq5c%2BkCDHXk9uk%3D"}],"group":"cf-nel","max_age":604800}
location
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%B9%D9%85%D8%A7%D9%86
cache-control
max-age=3600
cf-ray
6d409427bdb990a2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 27 Jan 2022 09:23:24 GMT
%D8%A7%D9%84%D8%A5%D9%83%D9%88%D8%A7%D8%AF%D9%88%D8%B1
livehd7.onl/wp-content/uploads/2021/10/
Redirect Chain
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A5%D9%83%D9%88%D8%A7%D8%AF%D9%88%D8%B1
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A5%D9%83%D9%88%D8%A7%D8%AF%D9%88%D8%B1
8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A5%D9%83%D9%88%D8%A7%D8%AF%D9%88%D8%B1
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe6d3f26a9749524404bd3e7e268f791af04cc418b81980b11e8a7f702f2b415

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:24 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 14 Oct 2021 19:44:12 GMT
server
cloudflare
etag
"6168888c-2097"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WjeVBnF8QWbAwGeYa0ggdDVlGEsFX%2BHypYVFGpF6V8yX3D6JAkUQsKXdstrMj7OZ3AnrvhReZxBbHpcv6qDNDLNnno7JtULF6ANxVVFqvY%2Brb64GPoNtul2dJTeFCL4Kvct7lB8wb3QKv7vMBSAk"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
6d409427ff279237-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
8343

Redirect headers

date
Thu, 27 Jan 2022 08:23:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KldKYgxsJi8b8Q%2FtA57a2pfdutNdIa%2B88fEaqQegTRZ9omQA3TKCezEvNiWxsbVHbKtIHYns2CravBhf3iChgkyhaM94Z5QscEhtHXbS9U7ZQuzz%2BeZhfyW1d89Ku6MsWM%2BUDMXdDhcUl%2BEnASM%3D"}],"group":"cf-nel","max_age":604800}
location
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A5%D9%83%D9%88%D8%A7%D8%AF%D9%88%D8%B1
cache-control
max-age=3600
cf-ray
6d409427bdba90a2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 27 Jan 2022 09:23:24 GMT
%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84
livehd7.onl/wp-content/uploads/2021/10/
Redirect Chain
  • https://www.livehd7.onl/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84
  • https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
207f3d06a27fff0e057b67745bc12095cf7477b8d92eb48ca90905a9a20307e2

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:24 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 07 Oct 2021 21:39:24 GMT
server
cloudflare
etag
"615f690c-1f97"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkyXPWbMh56DfAUGKuVGT3g6pLIxLuab%2F35BS1dyTfwyAm0LW4QoiL2D%2BTYxK7r5noYSYa2m07lyVaZkTF1uJKcxGMivx1WR8UvW%2B0JHSDhLm4nJpP0oNDbOZqdqnAE%2FFzHcz3LxylXdeEGLcGzl"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
6d409427ff299237-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
8087

Redirect headers

date
Thu, 27 Jan 2022 08:23:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jQ%2F%2FhFH5Wo5kMOljRl3p2J4AmICZhGi9A2MfDMQMsfAdIovXp%2BXf69LllNqzYuypSOIUlDRGXppGMnuh7ogC3g5OkrVfgdZC1EFCx9s%2FrxcTndmsSabKB894doWu1R4Tkd258uEKLv%2BmX1zVKY%3D"}],"group":"cf-nel","max_age":604800}
location
https://livehd7.onl:2096/wp-content/uploads/2021/10/%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84
cache-control
max-age=3600
cf-ray
6d409427bdbc90a2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 27 Jan 2022 09:23:24 GMT
0147411-300x141.jpg
livehd7.onl/wp-content/uploads/2021/12/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/12/0147411-300x141.jpg
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
046c7932bcf50404be3268dea1fda1f1e4c71e9c831ae318faa42824f633979e

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:23 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 22 Dec 2021 23:00:02 GMT
server
cloudflare
etag
"61c3adf2-1d62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9QXhlNivtKgUi%2F5dhYt%2Bxj9nrtodCIw%2BEVNx3ShVTY7vIwm6AwmfGzM%2BqpRZUCrz8qfvWVpP3XWK291irFFK1%2FHpjpNdOo1KsVfcQpM10%2BLds6ZQh7WjIlRJDPQSj%2FRFoH%2Fv6Hq7iBI%2Badkqr321"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d4094268bd58fe3-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
7522
015644-300x141.jpg
livehd7.onl/wp-content/uploads/2021/12/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/12/015644-300x141.jpg
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3189f7cc7668612d8c08d6f0ed123181bbe092658d1ad8c724df8d3e3003264b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:23 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 22 Dec 2021 23:00:02 GMT
server
cloudflare
etag
"61c3adf2-1f24"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0kUobq%2BYZpCIDICIzakQ2uyDzEDoMibanJQ0odScPkp%2FDm9D%2FACehLBkGoMlX1lVtSpXGo13zK3LzGUrIe6v%2Be%2FxzYlDLRavf4aMPBoqjHs1dc1DxEgAVtwzqomVuDfyYIXvNndKePkMaGJc0IU"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d4094268bd78fe3-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
7972
014585256-300x141.jpg
livehd7.onl/wp-content/uploads/2021/12/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/12/014585256-300x141.jpg
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6be1225cb6c18646c91e435206402e91436fc1467fce1b7a05a914b70bd94eb6

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:23 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 19 Dec 2021 23:00:02 GMT
server
cloudflare
etag
"61bfb972-1f00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CIhth2%2F8ej7vQtB1I5CWuvItgf2tp1AUBCiqXCEGprZsL%2BQZi%2BDWp2aBTVJpDz9tEaEgBVRHzoOHGsTvK%2BvawaFK1l7KQpuF7u7rPR9cQLQKgeEY0LPtX5w%2BLsnA4I795Hek9oekcxLrN8lIxvCG"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d4094268bd88fe3-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
7936
01455223-300x141.jpg
livehd7.onl/wp-content/uploads/2021/12/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/12/01455223-300x141.jpg
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
172ae2bc66fe50288d8b97102429bce212f9ab89af9aaabb9444eda9fb19f253

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:24 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 19 Dec 2021 23:00:02 GMT
server
cloudflare
etag
"61bfb972-1ef7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7LSMXgQFTzAJonobh%2FN7nSo5cHNADkdiV1%2FjWqtryzUwRfLzSXAyMME%2BqEgQgU4pjsx3bEgq5DWSGwtTpAIyQzVdqhlHKQwFaZzVOg9T8W4psxi36zcVskPHo2xpfjKAYTH1uOVbx0Wzi69067w"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d4094268bd98fe3-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
7927
87441154-300x141.jpg
livehd7.onl/wp-content/uploads/2021/12/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/12/87441154-300x141.jpg
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bed0ef30789b17e3ae5fd9f1f9569fbc9e92d7018ff895a290d14b6b188288ab

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:23 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 09 Dec 2021 23:00:02 GMT
server
cloudflare
etag
"61b28a72-1e39"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FRGw%2BuluK0R8yQRvH55SYD2LLIsHZs5giFX0cgRexpGobu167lmLtv6vDeK5rq1TdFR28%2F8XmW3WiLxVaMrBQ7bHSxOtyxt7gRXqVpmQSCnJsUaBnrXVg3erCaR%2FohgVWLVYjIy5JJ5rvB%2FtRjcA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d4094268bdb8fe3-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
7737
184787-300x141.jpg
livehd7.onl/wp-content/uploads/2021/12/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/12/184787-300x141.jpg
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
223ec1a7b8b554cdd0a1aedeeffb0f50baffcf722b1ed5347d5b08a48777ffd1

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:23 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 09 Dec 2021 23:00:02 GMT
server
cloudflare
etag
"61b28a72-1cf0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCygA8iSRzDOjN0lnAcEXVG8LSTs2JbR312Ql1wz4A8cVn3uyjQWwzYXyLYV4T9ZFqg0g59SzAnQHwhZ%2Bp8Qng6F%2BmN29GciFsZq%2FKlPrCwoWRBLu1H5GU5aKPjkAFhe%2B5U9%2FEUjKVErQbrslNMt"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d4094268bdc8fe3-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
7408
95115-300x141.jpg
livehd7.onl/wp-content/uploads/2021/12/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/12/95115-300x141.jpg
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82f19bb31987f3ed984193421cc798b4d45d3e5739bb98f5ff21937828b97773

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:23 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 05 Dec 2021 23:00:02 GMT
server
cloudflare
etag
"61ad4472-1d89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ENBfBfSBmGJe30x9pytC1NYocwCjn0mHVzwmsetcNMc%2FH3REeyb8Sx5DeGZEI8l3nEDDY007BSHglTN%2F1C%2BT9aNoRnlxIR4gtl5m0MVUaxa%2B845uHRRZRoVE7tfx3D1y0q2jDjsxyMhaHR3Sv6Sv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d4094268bde8fe3-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
7561
785641-300x141.jpg
livehd7.onl/wp-content/uploads/2021/12/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/12/785641-300x141.jpg
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6b3db90845194628f17de68416eca25a672f15a213b5fb8c77c0e3ce315ba7e

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:23 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 05 Dec 2021 23:00:02 GMT
server
cloudflare
etag
"61ad4472-1d16"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKNvFKoqsUFqfzant%2B1ypxhzU6kgoD51qIzDK5npCMmXEeVPo5NmkxvzO1UxLyB3IeBN90%2F60pkyoTO8spjvYE2JTMvJME6qpaDVMCqUJ%2BQVUvkhbhkcv9ZxJT7AKT8h%2BUKbSHCH8tjeKyTXJ4VH"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d4094268bdf8fe3-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
7446
68947516-300x141.jpg
livehd7.onl/wp-content/uploads/2021/12/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/12/68947516-300x141.jpg
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ba39943f6ecb1c0242d64e829ace9c1a788362ecf44b2d00fb87778bcf71e54

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:23 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 02 Dec 2021 23:00:03 GMT
server
cloudflare
etag
"61a94ff3-1f6d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b999ECyEjHLhenxxOMlmXwrzW4uDvWJsjyRx%2BWRLGQvPTFdM5ZSTn1fno8luF6DTgrUTYPVuENt5x3ALBTaO6ev3%2FxxhYPrFiVvF6kuQv%2B9IOzAIgtfWPI%2FuYwIiaN9BpL9ELYDk%2BzlkkPboiLn0"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d4094268be18fe3-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
8045
0584548124-300x141.jpg
livehd7.onl/wp-content/uploads/2021/12/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/12/0584548124-300x141.jpg
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85c5e75cdb761bf0dc3e12c7e7f26078ac6846e905a88b93699c5c37712cfa15

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:23 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 02 Dec 2021 23:00:02 GMT
server
cloudflare
etag
"61a94ff2-1fc3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FR7N0%2BXTckmheLHsx85ynvx%2FdyzJXLXa%2B%2BSFNEmvdazTrwOLSmu1K8551zQg6m%2B0EtMhxEBg9wFkusPZ2sXrGtiB0h%2FT38moHj%2BzTu8gVcfRN1r5E9xXK%2Fqo8dc5rkfahZbWSyXywzW2mwScm7X2"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d409426ac078fe3-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
8131
15634964-300x141.jpg
livehd7.onl/wp-content/uploads/2021/11/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/11/15634964-300x141.jpg
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a9af85b8a99fd7e9073594f9a195742896a811b297d1e93a8da7c217ced2db8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:23 GMT
cf-cache-status
DYNAMIC
last-modified
Sat, 27 Nov 2021 23:00:02 GMT
server
cloudflare
etag
"61a2b872-1f91"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmqz%2FfW9mJbuNZIqPgwIqXA8pzKSDiCWJdappKLj%2F5BWnnjqSGqqYd8oC%2BchJqK8sKbjFSlI3qrIlcA2cbmtRNiSMoRXsp5TQkMjwpZevL4Jv%2FponVkER7sqpce%2B1L3eHxOziXcGaUE8LivRUkxx"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d409426ac088fe3-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
8081
1865123-300x141.jpg
livehd7.onl/wp-content/uploads/2021/11/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livehd7.onl:2096/wp-content/uploads/2021/11/1865123-300x141.jpg
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd8c37408d55794ec959545f74040e4a1a1f897f7143dfe98a3d10d914030287

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:23 GMT
cf-cache-status
DYNAMIC
last-modified
Sat, 27 Nov 2021 23:00:02 GMT
server
cloudflare
etag
"61a2b872-1e5f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJlTT7buVV0gPZbq26F4m0Odv3MMXcH8yh4vRb%2B4kYHHcIZoeWbCdc0yEdZjM5AxP8wbJ8aV5nUtQCGdsv4Qtewh1RjbByGZ35RDAEoUBLuOTyRWKat0mZCPkCTzlRaxb6EntZtwz0tL9p6%2BP3pX"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d409426ac098fe3-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
7775
pro.min.css
kit-pro.fontawesome.com/releases/v5.13.0/css/ 		303 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kit-pro.fontawesome.com/releases/v5.13.0/css/pro.min.css
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ae8f940fe8cef8f2e3ba4790ac45afd5fb5016c502ca2f37bc835357ce8d113

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 01 Jul 2021 19:42:29 GMT
server
cloudflare
age
13502853
etag
W/"f57f60748e19cd052e1a245c8c6ee24d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31556926
cf-ray
6d40942788c45c4a-FRA
x-amz-request-id
ZDJAT4V74WA9CZE9
x-amz-id-2
PMalzqkfifTMThzuBHLvVWiPLzgpUl4gpt5WTKhP+obrDJNkWqzhnXHuUU//HcbIG0Dgvd0VVl8=
expires
Fri, 27 Jan 2023 14:12:10 GMT
mmt.js
livehd7.onl/wp-content/themes/YallaShoot/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://livehd7.onl:2096/wp-content/themes/YallaShoot/mmt.js
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00611ab634229bce240792b312aa3fa195b521ad5d4307dc018d80a0150a06dc

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 10 Oct 2021 01:34:25 GMT
server
cloudflare
etag
W/"61624321-c9dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mSdtB7IPAwI8r1uVcTnjdhnnqe7TvuOs4ybfXp28VMdkFmVxLVHGdf2Njiz1BLZOeT4h2YDxgZFkCXwDWQatUHv3y3WQHgydgFmkDb8ssIZj1pzWl7%2BV9lOJy%2Bu0VYi2Ma%2BUbozRrb05X1Gyo04S"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d409426ac0b8fe3-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
timer.js
livehd7.onl/wp-content/themes/YallaShoot/ 		35 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://livehd7.onl:2096/wp-content/themes/YallaShoot/timer.js
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d73608ed3204ea01800b3c9fa64620c15be5ebaf5ee2301a37a4b019c8877124

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 10 Oct 2021 01:34:25 GMT
server
cloudflare
etag
W/"61624321-8d6d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nb150yIjtGYqLi1H1Jju%2Bos0%2B0WjrZbc5kWEHM9xFDWQh8wemJNlsESj47uf7iU79GRSGjzjCbYREM7diBPwFl9zozKRsA6%2Bkg2VZam0PUhc2SjlubmbT84ZLo6tlh6emzHwIsE2O3%2B5FMMYWdRm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d409426ac0c8fe3-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/ 		284 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1410072543553213&plah=livehd7.onl%3A2096&bust=31064216
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1410072543553213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
186045b4b42fb87e6c18b92248bd19b6a28c37f8856f0efb31d5d7dac2852610
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104674
x-xss-protection
0
server
cafe
etag
10497655394448544300
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 27 Jan 2022 08:23:24 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220125/r20190131/ Frame 5629 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220125/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1410072543553213
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4612
x-xss-protection
0
date
Wed, 26 Jan 2022 16:06:40 GMT
expires
Wed, 09 Feb 2022 16:06:40 GMT
cache-control
public, max-age=1209600
age
58604
etag
18247940800414524076
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
impl.v14.0.0.js
live.demand.supply/ 		78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/impl.v14.0.0.js
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47a00c205ac23427984e572961850c21efd9d16502680c3876904f4a9840e61d

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FKEFKNZGD9ZVC0KK5CB35266
date
Thu, 27 Jan 2022 08:23:24 GMT
content-encoding
br
cf-cache-status
HIT
age
2292868
cf-polished
origSize=79681
cf-ray
6d409427ab5f694b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"ce85a984a9876904f1c4ef475c2ab350-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
bGl2ZWhkNy5vbmw6MjA5Ni8=
live.demand.supply/p4/v14-0-0/ 		156 B
354 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v14-0-0/bGl2ZWhkNy5vbmw6MjA5Ni8=
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb94b462f27f138f78bc2f58584c8e4377ea23828ec4bf2de9a76b624419b6d0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:24 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6d409427ab57694b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cookie.js
partner.googleadservices.com/gampad/ 		215 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=livehd7.onl&callback=_gfp_s_&client=ca-pub-1410072543553213
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1410072543553213&plah=livehd7.onl%3A2096&bust=31064216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
a5ff2312e56efd70e644ae0f0872727dfe67d41a5d582801232bd58b2122521f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
200
x-xss-protection
0
integrator.js
adservice.google.nl/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=livehd7.onl
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1410072543553213&plah=livehd7.onl%3A2096&bust=31064216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 08:23:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=livehd7.onl
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1410072543553213&plah=livehd7.onl%3A2096&bust=31064216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 08:23:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0040 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1410072543553213&output=html&adk=1812271804&adf=3025194257&lmt=1643235770&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Flivehd7.onl%3A2096%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643271804051&bpp=3&bdt=162&idt=135&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5038177246020&frm=20&pv=2&ga_vid=542245380.1643271804&ga_sid=1643271804&ga_hid=543678338&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064036%2C31064216&oid=2&pvsid=3658751037657245&pem=201&tmod=445721460&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=153
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1410072543553213&plah=livehd7.onl%3A2096&bust=31064216
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 27 Jan 2022 08:23:24 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-146139292-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400f:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6129
date
Thu, 27 Jan 2022 06:41:16 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 27 Jan 2022 08:41:16 GMT
truncated
/ 		451 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		500 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
NeoSansArabic.woff
livehd7.onl/wp-content/themes/YallaShoot/UI/fonts/ 		56 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://livehd7.onl:2096/wp-content/themes/YallaShoot/UI/fonts/NeoSansArabic.woff
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/wp-content/themes/YallaShoot/style.css?1597285340
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6

Request headers

Referer
https://livehd7.onl:2096/wp-content/themes/YallaShoot/style.css?1597285340
Origin
https://livehd7.onl:2096
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 04 Oct 2021 22:57:06 GMT
server
cloudflare
etag
"615b86c2-e014"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBdeIMiCnQ%2Bu3o1gzZUkToYEMchM0c3sUqYa8Z%2F%2BRirDccBCf2%2BWzwhIibFvIoHllK19nm%2BuQJPKjjPQBRSeDoCSKLMgS5zw3uy4x3Z9ABfjWpVxeppouQ4Jd4wF9a5p3G%2BTQEqAbDNMQcOqgMMs"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d40942d59719237-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
57364
hb_323303_13052.js
player.adtcdn.com/prebidlink/456464/ 		319 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/livehd7tophead.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:3471 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4e3ab3749b8ccc0f5110c712b546f1f0ae02c283311f1c228993c2deb6778f0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
890
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 13 Jan 2022 16:24:52 GMT
server
cloudflare
etag
W/"61e05254-4fab3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tiUiU2%2FIaJ%2FpcusCc0L9OWNP6MBhnIkZpv%2Ba3Uw%2FMw2IinEIiDmVr7kAIUvW7aZeAdBrnIevKVrKVmfD7MXuTpgUrK%2BUPZvjv9346DXhIWwIpyazpJUTxYCRigLSmWVVzOoghSU8M%2FLMlHeWWfQtww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
6d40942e0b6a90a6-FRA
expires
Thu, 27 Jan 2022 08:23:35 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/livehd7tophead.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
0d20921d3495b1d2c456ebde74dd61f180c7e849c78b0ddfa8357b83d517849a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27061
x-xss-protection
0
server
sffe
etag
"1114 / 61 of 1000 / last-modified: 1643238370"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 27 Jan 2022 08:23:25 GMT
wrapper_hb_323303_13052.js
player.adtcdn.com/prebidlink/456464/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/456464/wrapper_hb_323303_13052.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/livehd7tophead.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:3471 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d6814bad94539e16bdbbd1d182a2b3295cc314fbf50bf981e7a1594ef966603

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
890
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 27 Jan 2022 07:39:34 GMT
server
cloudflare
etag
W/"61f24c36-421"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWO3fjKHEfI9seYSl6QgU%2BbfxuBT%2FF%2FNc8HCYYNx0xlKBC9Z4qOZ59pQDnAN4Pgc82xEpvRCRe%2FoU2%2BUusfDk8uyxHvG%2F9aE%2BEDcpLZsAm94EtmsxabSd9ubyzjIAfyHDhwgyhRFpDmFGbtylB3A3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
6d40942e0b6d90a6-FRA
expires
Thu, 27 Jan 2022 08:23:35 GMT
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/livehd7tophead.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa22184a42db47062235bcd69ff57c76032484d1a00ce71b369d8d23261f51ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27061
x-xss-protection
0
server
sffe
etag
"1114 / 872 of 1000 / last-modified: 1643238406"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 27 Jan 2022 08:23:25 GMT
adipolo_logo.png
adipolo.com/wp-content/uploads/2020/06/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
697
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7068
last-modified
Tue, 02 Jun 2020 09:04:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Glz%2Bgz%2BcKPX%2B15J%2BCmRgq1SOErmIgEHCpVU%2ByvSXH4GBO0569Y2JWLexsFHFuu0mWzJIupqWVTNaUalKFqNsJ%2BAGfVT8OwmpVUSWQYFNcINVzd0nWLUOLuk7%2BWBaiZCvtL3TDsh0y7ny1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d40942df9bb91f0-FRA
e.js
live.demand.supply/e/ 		0
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?e=ll&d=155&cs=c&dsReferer=aHR0cHM6Ly9saXZlaGQ3Lm9ubDoyMDk2Lw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FT5TQYFQVT2BD4NPGYXZNWR0
date
Thu, 27 Jan 2022 08:23:25 GMT
cf-cache-status
HIT
age
250632
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6d40942ddd225ba4-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98e69361eb9624c3aa97ed678cf563e80cdc866eac613806d1bf9d3aaaa76b71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52550
x-xss-protection
0
server
cafe
etag
13932672033487574445
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 27 Jan 2022 08:23:25 GMT
ds.2.html
live.demand.supply/ 		413 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FT5TQYFK9NJKAJV21AWZ16WW
date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
timing-allow-origin
*
age
250632
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
6d40942ddd275ba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
e.js
live.demand.supply/x/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=aHR0cHM6Ly9saXZlaGQ3Lm9ubDoyMDk2Lw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FT5TQYGEZJ093DR67RJFEQYQ
date
Thu, 27 Jan 2022 08:23:25 GMT
cf-cache-status
HIT
age
250632
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6d40942e0d6e5ba4-FRA
e.js
live.demand.supply/x/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=od&pp=DIV&dsReferer=aHR0cHM6Ly9saXZlaGQ3Lm9ubDoyMDk2Lw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FT5TQYGEZJ093DR67RJFEQYQ
date
Thu, 27 Jan 2022 08:23:25 GMT
cf-cache-status
HIT
age
250632
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6d40942e0d705ba4-FRA
livehd7.onl_fluid_lb+sq_top
api.demand.supply/v14-0-0/a/ 		318 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-0-0/a/livehd7.onl_fluid_lb+sq_top?&dsReferer=aHR0cHM6Ly9saXZlaGQ3Lm9ubDoyMDk2Lw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18fd056c5d415c9996c0d6b9c76e34217cae0b1407947116487691164263e4e9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
322
etag
W/"13e-7R8615yZoH7If8CISgEXzufg/cE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6d40942e7fc4692e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
livehd7.onl_fluid_lb+sq_top
api.demand.supply/v14-0-0/a/ 		318 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-0-0/a/livehd7.onl_fluid_lb+sq_top?&dsReferer=aHR0cHM6Ly9saXZlaGQ3Lm9ubDoyMDk2Lw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18fd056c5d415c9996c0d6b9c76e34217cae0b1407947116487691164263e4e9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
322
etag
W/"13e-7R8615yZoH7If8CISgEXzufg/cE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6d40942e7fca692e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=543678338&t=pageview&_s=1&dl=https%3A%2F%2Flivehd7.onl%2F&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D8%A7%D8%B3%D8%B7%D9%88%D8%B1%D8%A9%20%D9%84%D8%A8%D8%AB%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%7C%20livehd7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=977344008&gjid=1361213236&cid=542245380.1643271804&tid=UA-146139292-8&_gid=1978412687.1643271805&_r=1&gtm=2ou1o0&z=245603858
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400f:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://livehd7.onl:2096
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
hbw_master_323303_13052.js
player.aplhb.adipolo.com/prebidlink/456464/ 		73 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aplhb.adipolo.com/prebidlink/456464/hbw_master_323303_13052.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/wrapper_hb_323303_13052.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
c231ae5501bb361e51950032be570e1d1e1f609318ece7fb929ba597e7eff6c8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
gzip
last-modified
Thu, 27 Jan 2022 07:39:34 GMT
server
nginx
etag
W/"61f24c36-124ce"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Thu, 27 Jan 2022 09:23:25 GMT
pubads_impl_2022012504.js
securepubads.g.doubleclick.net/gpt/ 		351 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
86f6444eafceacae485c6aadbd60d9659319859369ba5b9d4d0a1bc09eb5d098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 15:22:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61236
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121040
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 15:13:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 26 Jan 2023 15:22:49 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		177 B
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=livehd7.onl%3A2096
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
df8f38416d8a9bfe7fee977b02abac1371a4f5ad6c31dd60986eeea577a114fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111
x-xss-protection
0
expires
Thu, 27 Jan 2022 08:23:25 GMT
livehd7.onl_fluid_lb+sq_top
live.demand.supply/cp/ 		28 B
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/livehd7.onl_fluid_lb+sq_top?mlos=wi&mlbr=ch&mlla=en&mlbs=18&dsReferer=aHR0cHM6Ly9saXZlaGQ3Lm9ubDoyMDk2Lw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
987bd49fbb4145cd12315ea7ee30a2eb1e72cf26c0baa7b7f4a0ae267d019a6a

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
6d40942ebe995ba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28
livehd7.onl_fluid_lb+sq_top
live.demand.supply/cp/ 		28 B
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/livehd7.onl_fluid_lb+sq_top?mlos=wi&mlbr=ch&mlla=en&mlbs=18&dsReferer=aHR0cHM6Ly9saXZlaGQ3Lm9ubDoyMDk2Lw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
987bd49fbb4145cd12315ea7ee30a2eb1e72cf26c0baa7b7f4a0ae267d019a6a

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
6d40942ebe9b5ba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28
/
ghb.aplhb.adipolo.com/geo/ 		135 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/geo/
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/456464/hbw_master_323303_13052.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
9399077dedc69f0f90170c9bf89cc32cae36e9cf0dee638e474da0a0d63fd752

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://livehd7.onl:2096
Date
Thu, 27 Jan 2022 08:23:24 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
135
Content-Type
application/json
tracking
ghb.aplhb.adipolo.com/adunit/ 		43 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=323303&site_id=13052&full_page_url=https%3A%2F%2Flivehd7.onl%3A2096%2F&adid=wplrvg.om&features=32&vpbv=N047&lifecycle_tte=1741
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/456464/hbw_master_323303_13052.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://livehd7.onl:2096
Date
Thu, 27 Jan 2022 08:23:24 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
config.json
player.adtelligent.com/exchange_rates/313490/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Flivehd7.onl%3A2096%2F
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
763c84e96b8ebf027db21751961edfa370311943733774bbf431b3259609bdbf

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
gzip
last-modified
Thu, 27 Jan 2022 00:03:17 GMT
server
nginx
etag
W/"61f1e145-2231"
content-type
application/json
access-control-allow-origin
https://livehd7.onl:2096
expires
Thu, 27 Jan 2022 09:23:25 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220125&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1410072543553213&plah=livehd7.onl%3A2096&bust=31064216
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
066389d046f2904e9f74dff2282c8158246660f3648a23218eaad8f4e5d9811b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8959
x-xss-protection
0
integrator.js
adservice.google.nl/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=livehd7.onl
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=livehd7.onl
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		133 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3658751037657245&correlator=4116780839926606&output=ldjh&impl=fifs&eid=31064557&vrg=2022012504&ptt=17&sc=1&sfv=1-0-38&ecs=20220127&iu_parts=7047%3A22618662325%2Capl%2Cinter&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&fas=8&eri=1&cookie=ID%3Dbbbd46be94da8e61-2274e6a32acd00cf%3AT%3D1643271804%3ART%3D1643271804%3AS%3DALNI_MaoMJd0Rh0nzzYuKMHkscR-8NjXXw&bc=31&abxe=1&dt=1643271805340&lmt=1643235770&dlt=1643271803889&idt=1411&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=3591489531&ucis=1&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Flivehd7.onl%3A2096%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=542245380.1643271804&ga_sid=1643271804&ga_hid=543678338&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
31a3f8f45092844e5acc468f0c2d0ab03a455d7aa605f9b0856821216fc1220f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36280
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://livehd7.onl:2096
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EE01 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 27 Jan 2022 08:23:25 GMT
expires
Fri, 27 Jan 2023 08:23:25 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_page_level_ads_2022012504.js
securepubads.g.doubleclick.net/gpt/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022012504.js?cb=31064557
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
8228e042d8ba2859d6867d999c789b79a67cd6fbab62e7b8291778349b9e1b87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 23:15:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
119275
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12961
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 15:13:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 25 Jan 2023 23:15:30 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://livehd7.onl:2096
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Thu, 27 Jan 2022 08:23:25 GMT
access-control-allow-origin
https://livehd7.onl:2096
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=60701032146
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Jan 2022 08:23:24 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://livehd7.onl:2096
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
09f6c5fca0d0da43af9e76da2815baffa66778a7b736c4ed96b5964fa1894636
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 27 Jan 2022 08:23:25 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
95.211.199.155; 95.211.199.155; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f787ec03-3c34-4cfe-ad63-e6b8028a81df
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://livehd7.onl:2096
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		38 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=707935&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22102f8800953a7817%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Flivehd7.onl%3A2096%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%226.7.0-pre%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22err%22%3A%7B%222%22%3A8%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22103b8e115b06918a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22707935%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22707935%22%2C%22sid%22%3A%22336x280%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22104bca6adf98f22%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22707935%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22707935%22%2C%22sid%22%3A%22336x280%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22105f34223ee0b335%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22707935%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22707935%22%2C%22sid%22%3A%22336x280%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22c00048d4-5d91-4881-94bb-102385cd48a3%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c3a85b0abbb12b3949983a32fbfe39a2bdf87d3d69ae996f45f869e47ccdef93

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:25 GMT
x-ak-initial-geo
CC:[NL], RC:[], CN:[EU], CIP:[95.211.199.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://livehd7.onl:2096
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
38
x-ak-client-geo
12
expires
Thu, 27 Jan 2022 08:23:25 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://livehd7.onl:2096
date
Thu, 27 Jan 2022 08:23:25 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
unruly_prebid
targeting.unrulymedia.com/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://livehd7.onl:2096
pragma
no-cache
date
Thu, 27 Jan 2022 08:23:25 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
hb
ssc.33across.com/api/v1/ 		60 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
41e7e51399e22068f26378408d0039ebb9459a0eda604c11ee5957debfb99b89

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://livehd7.onl:2096
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		60 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
41e7e51399e22068f26378408d0039ebb9459a0eda604c11ee5957debfb99b89

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://livehd7.onl:2096
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		60 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
41e7e51399e22068f26378408d0039ebb9459a0eda604c11ee5957debfb99b89

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://livehd7.onl:2096
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		60 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
41e7e51399e22068f26378408d0039ebb9459a0eda604c11ee5957debfb99b89

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://livehd7.onl:2096
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		60 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
41e7e51399e22068f26378408d0039ebb9459a0eda604c11ee5957debfb99b89

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://livehd7.onl:2096
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		60 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
41e7e51399e22068f26378408d0039ebb9459a0eda604c11ee5957debfb99b89

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://livehd7.onl:2096
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		60 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
41e7e51399e22068f26378408d0039ebb9459a0eda604c11ee5957debfb99b89

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://livehd7.onl:2096
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		60 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
41e7e51399e22068f26378408d0039ebb9459a0eda604c11ee5957debfb99b89

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://livehd7.onl:2096
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		60 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
41e7e51399e22068f26378408d0039ebb9459a0eda604c11ee5957debfb99b89

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://livehd7.onl:2096
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		60 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
41e7e51399e22068f26378408d0039ebb9459a0eda604c11ee5957debfb99b89

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://livehd7.onl:2096
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		60 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
41e7e51399e22068f26378408d0039ebb9459a0eda604c11ee5957debfb99b89

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://livehd7.onl:2096
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://livehd7.onl:2096
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid
ap.lijit.com/rtb/ 		25 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.7.0-pre
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
dfae461754a4e408cd04ef2d6117c3f80594565845c364971a72e957e46d40e8

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 27 Jan 2022 08:23:25 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://livehd7.onl:2096
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
c
prebid.a-mo.net/a/ 		0
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://livehd7.onl:2096
date
Thu, 27 Jan 2022 08:23:25 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
18
vary
origin, Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1410072543553213&plah=livehd7.onl%3A2096&bust=31064216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 08:23:25 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A317 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 07:37:31 GMT
expires
Fri, 27 Jan 2023 07:37:31 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
2754
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame A79C 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
649584155a689b889d5cd6b1f6c3a1d46c9e0dc1e8de3bbc3cb83ced3bfc7574
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KWhPCldpnqax+8+9oYMNIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 27 Jan 2022 08:23:25 GMT
date
Thu, 27 Jan 2022 08:23:25 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-KWhPCldpnqax+8+9oYMNIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
jGbA3lvUbVA_isqhK0kcOmFQnhmy9VywXuVHQ76HhUI.js
pagead2.googlesyndication.com/bg/ Frame A317 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jGbA3lvUbVA_isqhK0kcOmFQnhmy9VywXuVHQ76HhUI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c66c0de5bd46d503f8acaa12b491c3a61509e19b2f55cb05ee54743be878542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 15:36:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
146795
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13685
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Jan 2023 15:36:50 GMT
e.js
live.demand.supply/e/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=livehd7.onl_fluid_lb%2Bsq_top&pdc=-0.33967478275299073&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly9saXZlaGQ3Lm9ubDoyMDk2Lw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FT5TQYFQVT2BD4NPGYXZNWR0
date
Thu, 27 Jan 2022 08:23:25 GMT
cf-cache-status
HIT
age
250632
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6d4094316a455ba4-FRA
e.js
live.demand.supply/x/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=da&r=livehd7.onl_fluid_lb%2Bsq_top&dsReferer=aHR0cHM6Ly9saXZlaGQ3Lm9ubDoyMDk2Lw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FT5TQYGEZJ093DR67RJFEQYQ
date
Thu, 27 Jan 2022 08:23:25 GMT
cf-cache-status
HIT
age
250632
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6d4094316a465ba4-FRA
integrator.js
adservice.google.nl/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=livehd7.onl
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=livehd7.onl
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		54 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3658751037657245&correlator=2077338709871138&output=ldjh&impl=fifs&eid=31064557&vrg=2022012504&ptt=17&sc=1&sfv=1-0-38&ecs=20220127&iu_parts=44890869%3A22484832591%2Cca-pub-3831894559014614-tag%2C91594021-5cfc-40ca-ba2b-daf1d0e3a483&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&prev_scp=ti%3D5af006f0-ee81-4bf6-91ef-23ac9be48e93%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D18%26excl_cat%3DPREPOST&eri=1&cookie=ID%3Dbbbd46be94da8e61-2274e6a32acd00cf%3AT%3D1643271804%3ART%3D1643271804%3AS%3DALNI_MaoMJd0Rh0nzzYuKMHkscR-8NjXXw&bc=31&abxe=1&dt=1643271805669&lmt=1643235770&dlt=1643271803889&idt=1411&frm=20&biw=1600&bih=1200&oid=2&adxs=326&adys=100&adks=3221412050&ucis=2&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Flivehd7.onl%3A2096%2F&vis=1&scr_x=0&scr_y=0&psz=1100x116&msz=1100x116&ga_vid=542245380.1643271804&ga_sid=1643271804&ga_hid=543678338&ga_fc=true&fws=4&ohw=1100&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
643dba9826ca660354fbba18a9778bfe628bb371fc60d0e30ba7cbea4aa34b2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12801
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://livehd7.onl:2096
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A79C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220125&jk=3658751037657245&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
e.js
live.demand.supply/e/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=livehd7.onl_fluid_lb%2Bsq_top&pdc=-0.33967478275299073&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly9saXZlaGQ3Lm9ubDoyMDk2Lw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FT5TQYFQVT2BD4NPGYXZNWR0
date
Thu, 27 Jan 2022 08:23:25 GMT
cf-cache-status
HIT
age
250632
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6d409431bab55ba4-FRA
e.js
live.demand.supply/x/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=da&r=livehd7.onl_fluid_lb%2Bsq_top&dsReferer=aHR0cHM6Ly9saXZlaGQ3Lm9ubDoyMDk2Lw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FT5TQYGEZJ093DR67RJFEQYQ
date
Thu, 27 Jan 2022 08:23:25 GMT
cf-cache-status
HIT
age
250632
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6d409431bab85ba4-FRA
integrator.js
adservice.google.nl/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=livehd7.onl
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=livehd7.onl
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 08:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3658751037657245&correlator=1555432167319108&output=ldjh&impl=fifs&eid=31064557&vrg=2022012504&ptt=17&sc=1&sfv=1-0-38&ecs=20220127&iu_parts=44890869%3A22484832591%2Cca-pub-3831894559014614-tag%2C91594021-5cfc-40ca-ba2b-daf1d0e3a483&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&prev_scp=ti%3D5af006f0-ee81-4bf6-91ef-23ac9be48e93%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D18%26excl_cat%3DPREPOST&eri=1&cookie=ID%3Dbbbd46be94da8e61-2274e6a32acd00cf%3AT%3D1643271804%3ART%3D1643271804%3AS%3DALNI_MaoMJd0Rh0nzzYuKMHkscR-8NjXXw&bc=31&abxe=1&dt=1643271805725&lmt=1643235770&dlt=1643271803889&idt=1411&frm=20&biw=1600&bih=1200&oid=2&adxs=326&adys=1419&adks=3221412051&ucis=3&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Flivehd7.onl%3A2096%2F&vis=1&scr_x=0&scr_y=0&psz=1100x116&msz=1100x116&ga_vid=542245380.1643271804&ga_sid=1643271804&ga_hid=543678338&ga_fc=true&fws=4&ohw=1100&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
c9cbec37696f3334f17fac000bd30cfd0a8acecdf288f5ba015b29e82cb0961e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10520
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://livehd7.onl:2096
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame A317 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?RsbX7g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220125&jk=3658751037657245&bg=!WVqlWh7NAAY6OBv_Ojg7ACkAdvg8WioKCSD0SVqiLauSkt6YDqF2vmOK-cssD6Nu8OUys_Ty3QD73gIAAAB0UgAAAAdoAQeZAs9HyaVE265-fasngvxq4utq00ZYWJuBqOI1LBb4s8BdSk-snX8BHiFw_iAuZQ8pvedUBW6Y6vBojtLBJ3KdjikURT-RyF7qet9AT8GVeI0bOhusNthe4hqdzmbgAZ00SZBxfsx0v41nPHz2z6rzmCjG3aQy4-Me8DdpF9TmWxoWnhjPeKAs7GSZWn-wSmaFRVFazcJGW9FDp5sCs886lw3jdyVTXzfCIduUBsofjacyTQvRFicxNY45x5me3faAlScTZ1nnZYb4tIhZcOx16d0xQKGuPFJXLw4r60KckaGXbLQjtC5Pb_h5HSwO16b2aChS28XCPaOVvgoAMu0sNdf66HzbCyko9x71MEq4w6od2OgfuWIXG0K84TJA2eR15u5H9lqHSUUuKlqcrQgRqzlVA3odxI_7jNYjPe3GZxbtBEabY8QrtG417SYz7OGatDTZWmH75gHPpIwbxL-UNLAoExy4F1Cyy98QVvLjOxF34V82sP1OrBtt9Pt6lyOJ_jAoV-U2VIYmwuMPBDsQW92fS7Nr8QpjdZym5O2rk1i_lQFVhvZScEQyg42P8orIKeWSP1C4bYsNs5iBEpDydCpAyBtPg_hpPRwIU9cWyWXcEKOhcqYKpI5ub1iIGdSaHpNOQ-uizX4mTF3IQ6R-uSdrRPa4jBmHWdaRyAN-hiLeoIXX7I4A8PPGPy4wUghTZ292NIxGenHQHlfR-DmlcBJkr1kYGrAdJdIlaG09SEfOhQ1_uAzVErF5oLIrskqUsWuFH60oZT6aAvgtyPq-rncYbAlrqcoeNbwrJ0IpfrwPi7JPsr0xH7CPh2BnW5rRWCJVyX7ifooFhq3Vtv37qcWkBKeVLiXdvBASHBP877_RO2nqdTWMOCVhc17X25YwnFs5lXX06cf-DvpuCZE37sB8wjXI1ibgHx_vDOkqrt3ftJb09ELAp3SMmlidE4UzNQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 56C7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 08:23:25 GMT
expires
Fri, 27 Jan 2023 08:23:25 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css2
fonts.googleapis.com/ Frame 56C7 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 08:13:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 08:23:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 08:23:26 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame 73BF 		1 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:19:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 08:19:41 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/ Frame 73BF 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/abg_lite_fy2019.js
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7548dbf6ff83ed583dfb6d62a87364a673eb18403686b425248fdb4ffc00e753
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7601
x-xss-protection
0
server
cafe
etag
4205405063411256933
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 08:23:14 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame 73BF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/window_focus_fy2019.js
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 07:44:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2350
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 07:44:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 73BF 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 08:23:26 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame 73BF 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fa7f49e3a869a02c248c7c730f895951b3fc2f811e504d3ab30f72c1f74913c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
1875255482418879373
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 08:22:35 GMT
fccbdb50d0e11463e1edb3d8fcf7c364.js
www.gstatic.com/mysidia/ Frame 73BF 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 00:35:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
200864
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11411
x-xss-protection
0
last-modified
Fri, 21 Jan 2022 01:20:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 25 Apr 2022 00:35:42 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/elements/html/ Frame 56C7 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f71615ff8525c5569ded3c8534c4f38aa6c72802b7b224714accd759f95f0288
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:08:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
896
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7817
x-xss-protection
0
server
cafe
etag
9919231309400997276
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 08:08:29 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 56C7 		205 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 20:41:08 GMT
x-content-type-options
nosniff
age
301338
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 23 Jan 2023 20:41:08 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 56C7 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:25:06 GMT
x-content-type-options
nosniff
age
223100
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 24 Jan 2023 18:25:06 GMT
integrator.js
adservice.google.nl/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=livehd7.onl
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 08:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=livehd7.onl
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 08:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		71 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3658751037657245&correlator=2462805364152904&output=ldjh&impl=fifs&eid=31064557%2C676982996&vrg=2022012504&ptt=17&sc=1&sfv=1-0-38&ecs=20220127&iu_parts=7047%3A22618662325%2Capl%2Caplmcm7047%2Ccube%2Ccube2%2Ccube3%2Crich%2Crich2%2Csky%2Cresponsive%2Cresponsive3%2Cresponsive4%2Cresponsive5%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F7%2C%2F0%2F1%2F2%2F8%2C%2F0%2F1%2F2%2F9%2C%2F0%2F1%2F2%2F10%2C%2F0%2F1%2F2%2F11%2C%2F0%2F1%2F2%2F12%2C%2F0%2F1%2F2%2F13&prev_iu_szs=300x250%7C336x280%2C300x250%7C336x280%2C300x250%7C336x280%2C728x90%7C320x50%7C320x100%2C728x90%7C320x50%7C320x100%2C120x600%7C160x600%7C300x600%2C970x250%2C970x250%2C970x250%2C970x250%2C970x90%7C728x90%7C320x50%7C320x100&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Ctest%3Drefresh%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cookie=ID%3Dbbbd46be94da8e61%3AT%3D1643271804%3AS%3DALNI_MaGDaMpQgWWsGOpBjeXjX4tiW-frQ&bc=31&abxe=1&dt=1643271805990&lmt=1643235770&dlt=1643271803889&idt=1411&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=836732577%2C4124271110%2C151961791%2C3780817077%2C4214470542%2C1963953738%2C4225520808%2C2921236190%2C3951737734%2C1846796185%2C664362832&ucis=4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Flivehd7.onl%3A2096%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=542245380.1643271804&ga_sid=1643271804&ga_hid=543678338&ga_fc=true&fws=2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
163d2c508afe8ebe485d9ae27075ddf4962e2b9b911cc1906ace3b0ca0ac9d9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10795
x-xss-protection
0
google-lineitem-id
5818019657,5818019657,5818019657,-2,-2,5850403633,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374438803,138374037624,138374037645,-2,-2,138374455612,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://livehd7.onl:2096
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6579 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 27 Jan 2022 05:53:44 GMT
expires
Fri, 28 Jan 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
8982
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
cm.g.doubleclick.net/ Frame 6579
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMppq_6Wr9tD1tiuYeu2vxA&google_cver=1&google_push=AYg5qPL2akOliDMJLmFRVco3mCI95cuHqTQEa_5sCJhcQ3r0JFrk2qAoKRnWPfWxuc1iDHRLTbt_RPWxYyeKWpsS...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL2akOliDMJLmFRVco3mCI95cuHqTQEa_5sCJhcQ3r0JFrk2qAoKRnWPfWxuc1iDHRLTbt_RPWxYyeKWpsSfkINXTYq5G7r
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL2akOliDMJLmFRVco3mCI95cuHqTQEa_5sCJhcQ3r0JFrk2qAoKRnWPfWxuc1iDHRLTbt_RPWxYyeKWpsSfkINXTYq5G7r
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 27 Jan 2022 08:23:26 GMT
Server
MT3 4133 baa842e master cdg-pixel-x26 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL2akOliDMJLmFRVco3mCI95cuHqTQEa_5sCJhcQ3r0JFrk2qAoKRnWPfWxuc1iDHRLTbt_RPWxYyeKWpsSfkINXTYq5G7r
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 27 Jan 2022 08:23:25 GMT
pixel
cm.g.doubleclick.net/ Frame 6579
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENMcgCj9YIb6vuiVxf6hVRw&google_push=AYg5qPKmmXEo10SpgfeHApZ8ArvPtJkAYqeLhlNRMGnqwu8PLXH8tGTTgN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENMcgCj9YIb6vuiVxf6hVRw&google_push=AYg5qPKmmXEo10SpgfeHApZ8ArvPtJkAYqeLhlNRMGnqwu8PLXH8tGTTgNt2RQeTyyApQp4dwDoSIH2lYKcXAt84j5uvAjNKueA
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:26 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1643271806.082133,VS0,VE89
x-served-by
cache-ams21063-AMS
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENMcgCj9YIb6vuiVxf6hVRw&google_push=AYg5qPKmmXEo10SpgfeHApZ8ArvPtJkAYqeLhlNRMGnqwu8PLXH8tGTTgNt2RQeTyyApQp4dwDoSIH2lYKcXAt84j5uvAjNKueA
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6579 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEHwW2OMR6YkgfcUHOsraVp4&google_cver=1&google_push=AYg5qPIDQyEFc7nmWVqN_M8JAgY9fl9i8SioG1n5SKThVf3i-Y-6keuASW01O3qKUN9zreUzI-OAWcxA-R3bV7M-yMJI2fzTFOI
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:25 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 6579
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFxYw_PoJvBycMyrKp6FOs0&google_cver=1&google_push=AYg5qPL3PxST8kv80Vr-rN0A3slsHeNhuSzN13Yx1O0tLSKcZNFyEAsy3Zm5BjrEbr7gJXDEakRB046ILc4TXOPDd2k4...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFxYw_PoJvBycMyrKp6FOs0&google_cver=1&google_push=AYg5qPL3PxST8kv80Vr-rN0A3slsHeNhuSzN13Yx1O0tLSKcZNFyEAsy3Zm5BjrEbr7gJXDEakRB046ILc4TXO...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL3PxST8kv80Vr-rN0A3slsHeNhuSzN13Yx1O0tLSKcZNFyEAsy3Zm5BjrEbr7gJXDEakRB046ILc4TXOPDd2k4E3nvf0fW&google_hm=62ZAhjshRpu02Esrwe0pXA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL3PxST8kv80Vr-rN0A3slsHeNhuSzN13Yx1O0tLSKcZNFyEAsy3Zm5BjrEbr7gJXDEakRB046ILc4TXOPDd2k4E3nvf0fW&google_hm=62ZAhjshRpu02Esrwe0pXA==
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL3PxST8kv80Vr-rN0A3slsHeNhuSzN13Yx1O0tLSKcZNFyEAsy3Zm5BjrEbr7gJXDEakRB046ILc4TXOPDd2k4E3nvf0fW&google_hm=62ZAhjshRpu02Esrwe0pXA==
Date
Thu, 27 Jan 2022 08:23:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 6579
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEja2bleQHl9LA7mViBz6wA&google_cver=1&google_push=AYg5qPKPvTb7iv2h3yyXr7xclqkpJyPywZ8M9qyf4gJBlvgPPaDSTre_uDYdJ2gjIRWGLKSD7XRTCJtQ...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEja2bleQHl9LA7mViBz6wA&google_cver=1&google_push=AYg5qPKPvTb7iv2h3yyXr7xclqkpJyPywZ8M9qyf4gJBlvgPPaDSTre_uDYdJ2gjIRWGLKSD7XR...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzcxOTEwNDY2ODMyMzM2ODMyNg&google_push=AYg5qPKPvTb7iv2h3yyXr7xclqkpJyPywZ8M9qyf4gJBlvgPPaDSTre_uDYdJ2gjIRWGLKSD7XRTCJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzcxOTEwNDY2ODMyMzM2ODMyNg&google_push=AYg5qPKPvTb7iv2h3yyXr7xclqkpJyPywZ8M9qyf4gJBlvgPPaDSTre_uDYdJ2gjIRWGLKSD7XRTCJtQnD1zc-hSzBD00rlFej2N
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:26 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzcxOTEwNDY2ODMyMzM2ODMyNg&google_push=AYg5qPKPvTb7iv2h3yyXr7xclqkpJyPywZ8M9qyf4gJBlvgPPaDSTre_uDYdJ2gjIRWGLKSD7XRTCJtQnD1zc-hSzBD00rlFej2N
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 6579
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBLRlxmvGUtvvH0c6tlyjmk&google_cver=1&google_push=AYg5qPLAcAlgS6YEZ3u3MXbf4Cu5g9r66r8zgTsp8aDCPf0uIeleb1PQYwpnRNk2KYXftGJOv4_...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXUExTSVUtMjMtQVFUUw==&google_push=AYg5qPLAcAlgS6YEZ3u3MXbf4Cu5g9r66r8zgTsp8aDCPf0uIeleb1PQYwpnRNk2KYXftGJOv4_lVNnmjB5jxmQ6N0ZaOA1KUDeA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXUExTSVUtMjMtQVFUUw==&google_push=AYg5qPLAcAlgS6YEZ3u3MXbf4Cu5g9r66r8zgTsp8aDCPf0uIeleb1PQYwpnRNk2KYXftGJOv4_lVNnmjB5jxmQ6N0ZaOA1KUDeA
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXUExTSVUtMjMtQVFUUw==&google_push=AYg5qPLAcAlgS6YEZ3u3MXbf4Cu5g9r66r8zgTsp8aDCPf0uIeleb1PQYwpnRNk2KYXftGJOv4_lVNnmjB5jxmQ6N0ZaOA1KUDeA
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame 6579
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEC5zfM47XRDCVF8Ywtdz7Pc&google_cver=1&google_push=AYg5qPLEKwNF3m-2yGOSpYhhUp4oXkA3INYTRgwpskTymBoScRmaLsB0_-vlv5F_a-CcC3Uj2H...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEC5zfM47XRDCVF8Ywtdz7Pc&google_cver=1&google_push=AYg5qPLEKwNF3m-2yGOSpYhhUp4oXkA3INYTRgwpskTymBoScRmaLsB0_-vlv5F_a-CcC3Uj2H...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1fWHl2R0FwRTJ1RWdwTDJ1TUx3ZUxnQVNUcEJWaHV1OH5B&google_push=AYg5qPLEKwNF3m-2yGOSpYhhUp4oXkA3INYTRgwpskTymBoScRmaLsB0_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1fWHl2R0FwRTJ1RWdwTDJ1TUx3ZUxnQVNUcEJWaHV1OH5B&google_push=AYg5qPLEKwNF3m-2yGOSpYhhUp4oXkA3INYTRgwpskTymBoScRmaLsB0_-vlv5F_a-CcC3Uj2Hw7hW-B68PVS757ysA7teTtHfSQKQ
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1fWHl2R0FwRTJ1RWdwTDJ1TUx3ZUxnQVNUcEJWaHV1OH5B&google_push=AYg5qPLEKwNF3m-2yGOSpYhhUp4oXkA3INYTRgwpskTymBoScRmaLsB0_-vlv5F_a-CcC3Uj2Hw7hW-B68PVS757ysA7teTtHfSQKQ
date
Thu, 27 Jan 2022 08:23:26 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 6579 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IMHR2c14VrX5EFgyqW_akP5Yt-spmgD1wf5bMTKof7rSz_qy4gZgWWBiuyTIXHUHzSVfSfDg
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
container.html
10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3D88 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 08:23:25 GMT
expires
Fri, 27 Jan 2023 08:23:25 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
e.js
live.demand.supply/e/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=livehd7.onl_fluid_lb%2Bsq_top&sy=b1511ddb-e754-4e79-a1be-6726112b15d9&ts=18&cd=2&pud=155&pus=c&pue=521&pid=87&pis=c&pie=614&ppd=111&pps=a&ppe=639&pad=126&pas=c&pae=492&pcl=1544&ttc=1686&tti=2545&ttif=0&lca=639&lcak=ppe&lct=639&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=livehd7.onl%3A2096&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=5af006f0-ee81-4bf6-91ef-23ac9be48e93&e=lm&dsReferer=aHR0cHM6Ly9saXZlaGQ3Lm9ubDoyMDk2Lw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FT5TQYFQVT2BD4NPGYXZNWR0
date
Thu, 27 Jan 2022 08:23:26 GMT
cf-cache-status
HIT
age
250633
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6d4094341e6a5ba4-FRA
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4162 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARiXxqq_ATAB&v=APEucNUo2JigdIouzrQSud6s8_vpwH0p-VmjOmVLMohDGowuei-OKbxPvF9VMkA74-6MnzkO9K9uBS6sIQHPFhfDIA6ud_Wj7Sfn609yy4h2d2AbnhzqhL_UunS22i7vvtxK8PeGHThtZWFtRyhZmhw1XDPzFk1oZXC2tSTlnn42RZHnPDWWPFEHUXe_HqIXcLtt5W-1XOhOfmjPfPvGL8xEqW_iXL9WYg
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 27 Jan 2022 08:23:26 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame FB2F 		71 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_zrOB3QLAO_PeBUjEHRsuG2py-ONetXSnj1k1Kpj1HKP-KChB_PHhvg4iBJYBk7IXb53d8m620B15ZJx9eZzxRY1aqJBfv_ltJyZWJ6rtJC-HkjhU2UsdSN0NF0PUADH5hINJEDR9FE87aaGy3qBhoc8l1A&dbm_d=AKAmf-AOapaDYjXlDH7fGoiq-a7S59MmZofpKsHbFHlNwwUmuikr9gX6zHVGKDRIXn1sgfkeFwggfh3dS3QXmgnuXDfMR7HpA9a7Lq-o6KMpVAA9Uj5mMN7pBhLWtYMHvT9gl9Epj9xAlYd0fh8DPmVPNyT_sfKPnVEu4XjR0oOi2oRfXDkIoJKKFes0wrI48e9slBnxDyxgcExKY9DiDaV4nlBjEjlqAvrQA8baSdygw3r5O4mo7LaOjg0Ae0lxb2h5i6lZTR6dsK6ZpVhWlUl7_w8krxUP_Tt2WE_cCwYYtBtlNANAKEW8qjOZZLAIL0OWmr_MSY-vUpgDjyrCe-ZFb7xamMewz2pTkL6McQiTtA_MoIoJCTR6aF5BmcvGSesqnm-DPmtqzwMhNbdj-7Ka-bRxcq3zaLhzcER90smRjyMzaix40e_6Onnhol2SBCd0Tv7TcsUDzau_EAS-COSlq1nhd0fCe1r80u1tv9bIQKIA3hUdFeNe3tk1QGhRDAHsM-xr8B55MPSE8iDmUn5VmWo5bVqowrEFi6aksN3J2r47kXjixZKWe3Gijd7mP1dp27nWt8Nx8RNWX3mqFjkIsRo2EDhzm8liAHI9msgmJouxm2rGh7O5rCB_cDQCvtXMwngD95t2lEjEclniWxy_DyilghOsZI09dr9OX4MPyBddKlPif2_LVUAD8rjWbnqGph4HR6ihdNUZZTIa39Gv7QtIpeWszK3YwcWY2K_FlJNLHlxp3lZ_SCGV6tqDEePBIVod4WMhsbYUoKHVvHElJCWb6o8BHCVi6Y-fJz0TEO4tMQxnqhu2bl6zKnwO6Q9pLfo3H1FFfP-aLnabh92JneCIHeDpufc7uo2djjK870yqGTjTnxCgEFwwYzE7dWgcI3V_xdJbfVn4q5ICd6yCJ7UnHs2vgRyMMPKUfkKmzCUu9njeg2ymrjc2HPQPng3a8zHRLKVkzq7O4Pn9ebkXxsDr_B_oXkpG2UuampGZuVv0cIjL93t30_sjFYjnQByLqkwzarWh-KcCWbcYIXA_oHl02zaa34tWABRDy0iA4cVciG3ykBZsktU1R70RjoBgp1icUJnweX9IpDOn8tjU5u9MwZpiaL9Nw-JM_2SZYr1Ym3wIbWawqBSep3vyg62NmBXik-nz4-bDIxMx1l8yYZaxoGBm0IUMJC9PdcPyND4XAa3xv_beWVWPHmYlJUgCssfnWRn8lZSQj0dfoDiEYh6dOZI-LXmxim_TYZlZkLVtbGhBXuX1U38FeqTag2ndlHT81XXnvkxFxbh6iTfTattKAp7KzxuOIj5CA6l2VBkWFhrB0WZuNyE_w_Q0q7VFiCw99ZXXA_0WPAF_N34hk8MES8xhCbYZQ2q8eOswQIZKJizFROmrdDLSTtA707e815AsENZ2yY1PGZYL_ww1rBv_bai2xM3-KcBNpdWm8yKItLCe-ZvHvLidxHWW3poOU_2WJZSWmORTwVkSmgjk7sl7kuGD4Yzf5-nl8Apl-xqS0rNZTGZxoWG-7VMFQcBhPaz43-rIP85lKDu-LB8MBxWtWwePCA5UraOecg5o7xU1GWG0dei7pLblDGqHeOEhxbVrz8ZBJ9E01Tr9Q2HJ678iFhRfzZj42Sptye7BbusczJvyyNGJeQQsb119JTMhS0NwRLzczJDH1Uoibwm5puBpH0HQDtjcvQwzXdvEEGHcqjZIk2WK3TXOffIdGL_icxXJTXnzXt4iCEsUjGbM189T1Qq8G2wxeueAxQAo3JIhxJv-pFg0GFZwfB-QlIszw9z17gG7vqLy536I61IpQg4hN9G4xntUPa5Ns6gjuZnyTJ8XQ90G5aFh0ZxmdRkJXJ5HSxtCn808ENn40bYt70aZcM6np2GlMjtLaM3Tv1vIR3EU-k6LOnSN99U7myw8BBNK_B9-9ENoUJVhqjgFjr3gODo-2TZaVRf0SJsEKUMPRyCeex1f3dg-cLkP-nHaBibrtm4Krk2CA4FW6ywnbdxDzYCexpVKjZvCvt_p6sh77SunKyy68dbgAIKh3q-XBopZoY_K_-JP-aU2x9LvIfBQz1UGuEESO_ET9XZD63Ww_MsGNrJnXf7bBsC0ik6Zih3zvymAiT8dMibJJnP8rzrmCglGvINmH3lEjeoPjfUJnOIhEsNrX3qHJ5nj-6Y1SpgdFaluBNExrhPjnyOfVz69Sf_lxrzNTbXtdL03y9LMqSzSelE8Hx5AFszzZWuZ1EwIBWKYMQkHLtPT2lzza2z4QiAHUcDKgt84QUC3bp2ENYjTiATcktPncJ_gjb_sS5nR7u570h3hgqbINv9X1532DJ6FiLboYCCx1Mjdv383RtgE1eYDDctC0wXcPdHiJfS55UZ3OCHGKK5RDlb_4ePQoVg2GXjmqhIBrQjVW7S663gKlz3bkr1zX3SAHHCguQFQh2nGYu4KFaojSmXUcfUcnH-aifPhzCX7COvsNE8WuwE8rVY19RYSARRbjkkf1a6Q2MqeMvUNH89S7fmuEvwFbzHFlzxdD70NY-n0qojA9iL5RgYSuOP-JSo_6NQHPG6z2K6EO45OlCDo7KFNeExd-BIBHNbrik-11_627l5BrwmxHqSBz9XddY4n0Vrq6kDkZuDaOpFI-KNFCPAM5tGEvUWTZAwIPOOdB9gqOzb71-3AGsP43w5gdwZzOS7uAZxS4Pf-Q78tztBBC3J2Io2VshntbS16bLOrMhkT-UlDoy8id4l3pAJ6NcVx1Bm4ggLWfc1EASToXQIj0_ffFpKKksI5whczVYQzH3VDpDCbP6GO7huISBOFQAhHa6toU9SRucGlm0o6pTZ8r8t5U-rRp9WBd3DJHhCiil4ZVnPOuL_AC454MvxEyn0600qkEMz3nUUXirY-hPl9H_5pBjd5ZL3_CreJwsltSVyv7uBhRJO_LJ_ANncbFiD6kOtAoLJnUKwXtH0phiPqB13mEDSqW23OyUxLNrdU0JnZDikwW_-LpYTNyC9isxdgjC8krbuLr3cdWsHB-mUdxsV6SX2ngbuIa4kX6U5pMPEBF2FTmVvKB_hlRSk9BsaHDO94SNi76eLfEDL1XjreCshQr2ltFBBVkKavfk6C0AtmiTRDQ4U8Zbr8swaJtNGTixKYM0B3pfDh&cid=CAASEuRoAeJ-VbzaYNDPYVwSEF-rmA&rfl=2%2Chttps%253A%252F%252Flivehd7.onl%253A2096%252F%240
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2858d0c843a51ad5a74a4f75f914c588a8bf37b7435a4492e7b01c089f31046b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30243
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame FB2F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/window_focus_fy2019.js
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 07:44:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2351
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 07:44:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FB2F 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 08:23:26 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame FB2F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fa7f49e3a869a02c248c7c730f895951b3fc2f811e504d3ab30f72c1f74913c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
1875255482418879373
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 08:22:35 GMT
l
www.google.com/ads/measurement/ Frame FB2F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR_xUOUcN0HVFUnDPaooJy5piWmoPWrGSAiy75kz5NIYrj7PYozlw208uRPyEgkTpJ_GdtJ25-uCzihXDFvTBofsFbc0A
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame FB2F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A9wD_3MvUfEZM3xuVw1P8S5FnJbK69EDad0RbavH5LmLjHQOelgv8oijHZcA6vUirQ3CEBhreYFkhM-GnovnY4ogjIDYa65dvEW7U1zDbqtZ1mcZY
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4162
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKzPZMV9lbCtP2m_CJW8LyI&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKzPZMV9lbCtP2m_CJW8LyI&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKzPZMV9lbCtP2m_CJW8LyI&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARiXxqq_ATAB&v=APEucNUo2JigdIouzrQSud6s8_vpwH0p-VmjOmVLMohDGowuei-OKbxPvF9VMkA74-6MnzkO9K9uBS6sIQHPFhfDIA6ud_Wj7Sfn609yy4h2d2AbnhzqhL_UunS22i7vvtxK8PeGHThtZWFtRyhZmhw1XDPzFk1oZXC2tSTlnn42RZHnPDWWPFEHUXe_HqIXcLtt5W-1XOhOfmjPfPvGL8xEqW_iXL9WYg
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 08:23:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 27 Jan 2022 08:23:26 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 08:23:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKzPZMV9lbCtP2m_CJW8LyI&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Thu, 27 Jan 2022 08:23:26 GMT
rum
dsum-sec.casalemedia.com/ Frame 4162
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfJWfjafQ0SNic0uh3E3ngAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIz_usPOzCVfajsYn7KD7k&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIz_usPOzCVfajsYn7KD7k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARiXxqq_ATAB&v=APEucNUo2JigdIouzrQSud6s8_vpwH0p-VmjOmVLMohDGowuei-OKbxPvF9VMkA74-6MnzkO9K9uBS6sIQHPFhfDIA6ud_Wj7Sfn609yy4h2d2AbnhzqhL_UunS22i7vvtxK8PeGHThtZWFtRyhZmhw1XDPzFk1oZXC2tSTlnn42RZHnPDWWPFEHUXe_HqIXcLtt5W-1XOhOfmjPfPvGL8xEqW_iXL9WYg
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 08:23:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 27 Jan 2022 08:23:26 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIz_usPOzCVfajsYn7KD7k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 4162
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMzWEPBsRGu_upjdlNtYFaQ&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMzWEPBsRGu_upjdlNtYFaQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARiXxqq_ATAB&v=APEucNUo2JigdIouzrQSud6s8_vpwH0p-VmjOmVLMohDGowuei-OKbxPvF9VMkA74-6MnzkO9K9uBS6sIQHPFhfDIA6ud_Wj7Sfn609yy4h2d2AbnhzqhL_UunS22i7vvtxK8PeGHThtZWFtRyhZmhw1XDPzFk1oZXC2tSTlnn42RZHnPDWWPFEHUXe_HqIXcLtt5W-1XOhOfmjPfPvGL8xEqW_iXL9WYg
Protocol
HTTP/1.1
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 08:23:26 GMT
X-Proxy-Origin
95.211.199.155; 95.211.199.155; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
36566d64-7a1a-4a79-95df-afd060c4c51e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMzWEPBsRGu_upjdlNtYFaQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4162
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU4MDkxMDk2MTQxMzc2NzI4NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU4MDkxMDk2MTQxMzc2NzI4NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARiXxqq_ATAB&v=APEucNUo2JigdIouzrQSud6s8_vpwH0p-VmjOmVLMohDGowuei-OKbxPvF9VMkA74-6MnzkO9K9uBS6sIQHPFhfDIA6ud_Wj7Sfn609yy4h2d2AbnhzqhL_UunS22i7vvtxK8PeGHThtZWFtRyhZmhw1XDPzFk1oZXC2tSTlnn42RZHnPDWWPFEHUXe_HqIXcLtt5W-1XOhOfmjPfPvGL8xEqW_iXL9WYg
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 08:23:26 GMT
X-Proxy-Origin
95.211.199.155; 95.211.199.155; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b63d421e-bcac-47f5-88d1-ecbc174737e3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU4MDkxMDk2MTQxMzc2NzI4NQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame FB2F 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
Origin
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 11:59:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73454
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jan 2022 11:59:12 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220125/r20110914/elements/html/ Frame FB2F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220125/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_zrOB3QLAO_PeBUjEHRsuG2py-ONetXSnj1k1Kpj1HKP-KChB_PHhvg4iBJYBk7IXb53d8m620B15ZJx9eZzxRY1aqJBfv_ltJyZWJ6rtJC-HkjhU2UsdSN0NF0PUADH5hINJEDR9FE87aaGy3qBhoc8l1A&dbm_d=AKAmf-AOapaDYjXlDH7fGoiq-a7S59MmZofpKsHbFHlNwwUmuikr9gX6zHVGKDRIXn1sgfkeFwggfh3dS3QXmgnuXDfMR7HpA9a7Lq-o6KMpVAA9Uj5mMN7pBhLWtYMHvT9gl9Epj9xAlYd0fh8DPmVPNyT_sfKPnVEu4XjR0oOi2oRfXDkIoJKKFes0wrI48e9slBnxDyxgcExKY9DiDaV4nlBjEjlqAvrQA8baSdygw3r5O4mo7LaOjg0Ae0lxb2h5i6lZTR6dsK6ZpVhWlUl7_w8krxUP_Tt2WE_cCwYYtBtlNANAKEW8qjOZZLAIL0OWmr_MSY-vUpgDjyrCe-ZFb7xamMewz2pTkL6McQiTtA_MoIoJCTR6aF5BmcvGSesqnm-DPmtqzwMhNbdj-7Ka-bRxcq3zaLhzcER90smRjyMzaix40e_6Onnhol2SBCd0Tv7TcsUDzau_EAS-COSlq1nhd0fCe1r80u1tv9bIQKIA3hUdFeNe3tk1QGhRDAHsM-xr8B55MPSE8iDmUn5VmWo5bVqowrEFi6aksN3J2r47kXjixZKWe3Gijd7mP1dp27nWt8Nx8RNWX3mqFjkIsRo2EDhzm8liAHI9msgmJouxm2rGh7O5rCB_cDQCvtXMwngD95t2lEjEclniWxy_DyilghOsZI09dr9OX4MPyBddKlPif2_LVUAD8rjWbnqGph4HR6ihdNUZZTIa39Gv7QtIpeWszK3YwcWY2K_FlJNLHlxp3lZ_SCGV6tqDEePBIVod4WMhsbYUoKHVvHElJCWb6o8BHCVi6Y-fJz0TEO4tMQxnqhu2bl6zKnwO6Q9pLfo3H1FFfP-aLnabh92JneCIHeDpufc7uo2djjK870yqGTjTnxCgEFwwYzE7dWgcI3V_xdJbfVn4q5ICd6yCJ7UnHs2vgRyMMPKUfkKmzCUu9njeg2ymrjc2HPQPng3a8zHRLKVkzq7O4Pn9ebkXxsDr_B_oXkpG2UuampGZuVv0cIjL93t30_sjFYjnQByLqkwzarWh-KcCWbcYIXA_oHl02zaa34tWABRDy0iA4cVciG3ykBZsktU1R70RjoBgp1icUJnweX9IpDOn8tjU5u9MwZpiaL9Nw-JM_2SZYr1Ym3wIbWawqBSep3vyg62NmBXik-nz4-bDIxMx1l8yYZaxoGBm0IUMJC9PdcPyND4XAa3xv_beWVWPHmYlJUgCssfnWRn8lZSQj0dfoDiEYh6dOZI-LXmxim_TYZlZkLVtbGhBXuX1U38FeqTag2ndlHT81XXnvkxFxbh6iTfTattKAp7KzxuOIj5CA6l2VBkWFhrB0WZuNyE_w_Q0q7VFiCw99ZXXA_0WPAF_N34hk8MES8xhCbYZQ2q8eOswQIZKJizFROmrdDLSTtA707e815AsENZ2yY1PGZYL_ww1rBv_bai2xM3-KcBNpdWm8yKItLCe-ZvHvLidxHWW3poOU_2WJZSWmORTwVkSmgjk7sl7kuGD4Yzf5-nl8Apl-xqS0rNZTGZxoWG-7VMFQcBhPaz43-rIP85lKDu-LB8MBxWtWwePCA5UraOecg5o7xU1GWG0dei7pLblDGqHeOEhxbVrz8ZBJ9E01Tr9Q2HJ678iFhRfzZj42Sptye7BbusczJvyyNGJeQQsb119JTMhS0NwRLzczJDH1Uoibwm5puBpH0HQDtjcvQwzXdvEEGHcqjZIk2WK3TXOffIdGL_icxXJTXnzXt4iCEsUjGbM189T1Qq8G2wxeueAxQAo3JIhxJv-pFg0GFZwfB-QlIszw9z17gG7vqLy536I61IpQg4hN9G4xntUPa5Ns6gjuZnyTJ8XQ90G5aFh0ZxmdRkJXJ5HSxtCn808ENn40bYt70aZcM6np2GlMjtLaM3Tv1vIR3EU-k6LOnSN99U7myw8BBNK_B9-9ENoUJVhqjgFjr3gODo-2TZaVRf0SJsEKUMPRyCeex1f3dg-cLkP-nHaBibrtm4Krk2CA4FW6ywnbdxDzYCexpVKjZvCvt_p6sh77SunKyy68dbgAIKh3q-XBopZoY_K_-JP-aU2x9LvIfBQz1UGuEESO_ET9XZD63Ww_MsGNrJnXf7bBsC0ik6Zih3zvymAiT8dMibJJnP8rzrmCglGvINmH3lEjeoPjfUJnOIhEsNrX3qHJ5nj-6Y1SpgdFaluBNExrhPjnyOfVz69Sf_lxrzNTbXtdL03y9LMqSzSelE8Hx5AFszzZWuZ1EwIBWKYMQkHLtPT2lzza2z4QiAHUcDKgt84QUC3bp2ENYjTiATcktPncJ_gjb_sS5nR7u570h3hgqbINv9X1532DJ6FiLboYCCx1Mjdv383RtgE1eYDDctC0wXcPdHiJfS55UZ3OCHGKK5RDlb_4ePQoVg2GXjmqhIBrQjVW7S663gKlz3bkr1zX3SAHHCguQFQh2nGYu4KFaojSmXUcfUcnH-aifPhzCX7COvsNE8WuwE8rVY19RYSARRbjkkf1a6Q2MqeMvUNH89S7fmuEvwFbzHFlzxdD70NY-n0qojA9iL5RgYSuOP-JSo_6NQHPG6z2K6EO45OlCDo7KFNeExd-BIBHNbrik-11_627l5BrwmxHqSBz9XddY4n0Vrq6kDkZuDaOpFI-KNFCPAM5tGEvUWTZAwIPOOdB9gqOzb71-3AGsP43w5gdwZzOS7uAZxS4Pf-Q78tztBBC3J2Io2VshntbS16bLOrMhkT-UlDoy8id4l3pAJ6NcVx1Bm4ggLWfc1EASToXQIj0_ffFpKKksI5whczVYQzH3VDpDCbP6GO7huISBOFQAhHa6toU9SRucGlm0o6pTZ8r8t5U-rRp9WBd3DJHhCiil4ZVnPOuL_AC454MvxEyn0600qkEMz3nUUXirY-hPl9H_5pBjd5ZL3_CreJwsltSVyv7uBhRJO_LJ_ANncbFiD6kOtAoLJnUKwXtH0phiPqB13mEDSqW23OyUxLNrdU0JnZDikwW_-LpYTNyC9isxdgjC8krbuLr3cdWsHB-mUdxsV6SX2ngbuIa4kX6U5pMPEBF2FTmVvKB_hlRSk9BsaHDO94SNi76eLfEDL1XjreCshQr2ltFBBVkKavfk6C0AtmiTRDQ4U8Zbr8swaJtNGTixKYM0B3pfDh&cid=CAASEuRoAeJ-VbzaYNDPYVwSEF-rmA&rfl=2%2Chttps%253A%252F%252Flivehd7.onl%253A2096%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:22:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 08:22:54 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220125/r20110914/ Frame FB2F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220125/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_zrOB3QLAO_PeBUjEHRsuG2py-ONetXSnj1k1Kpj1HKP-KChB_PHhvg4iBJYBk7IXb53d8m620B15ZJx9eZzxRY1aqJBfv_ltJyZWJ6rtJC-HkjhU2UsdSN0NF0PUADH5hINJEDR9FE87aaGy3qBhoc8l1A&dbm_d=AKAmf-AOapaDYjXlDH7fGoiq-a7S59MmZofpKsHbFHlNwwUmuikr9gX6zHVGKDRIXn1sgfkeFwggfh3dS3QXmgnuXDfMR7HpA9a7Lq-o6KMpVAA9Uj5mMN7pBhLWtYMHvT9gl9Epj9xAlYd0fh8DPmVPNyT_sfKPnVEu4XjR0oOi2oRfXDkIoJKKFes0wrI48e9slBnxDyxgcExKY9DiDaV4nlBjEjlqAvrQA8baSdygw3r5O4mo7LaOjg0Ae0lxb2h5i6lZTR6dsK6ZpVhWlUl7_w8krxUP_Tt2WE_cCwYYtBtlNANAKEW8qjOZZLAIL0OWmr_MSY-vUpgDjyrCe-ZFb7xamMewz2pTkL6McQiTtA_MoIoJCTR6aF5BmcvGSesqnm-DPmtqzwMhNbdj-7Ka-bRxcq3zaLhzcER90smRjyMzaix40e_6Onnhol2SBCd0Tv7TcsUDzau_EAS-COSlq1nhd0fCe1r80u1tv9bIQKIA3hUdFeNe3tk1QGhRDAHsM-xr8B55MPSE8iDmUn5VmWo5bVqowrEFi6aksN3J2r47kXjixZKWe3Gijd7mP1dp27nWt8Nx8RNWX3mqFjkIsRo2EDhzm8liAHI9msgmJouxm2rGh7O5rCB_cDQCvtXMwngD95t2lEjEclniWxy_DyilghOsZI09dr9OX4MPyBddKlPif2_LVUAD8rjWbnqGph4HR6ihdNUZZTIa39Gv7QtIpeWszK3YwcWY2K_FlJNLHlxp3lZ_SCGV6tqDEePBIVod4WMhsbYUoKHVvHElJCWb6o8BHCVi6Y-fJz0TEO4tMQxnqhu2bl6zKnwO6Q9pLfo3H1FFfP-aLnabh92JneCIHeDpufc7uo2djjK870yqGTjTnxCgEFwwYzE7dWgcI3V_xdJbfVn4q5ICd6yCJ7UnHs2vgRyMMPKUfkKmzCUu9njeg2ymrjc2HPQPng3a8zHRLKVkzq7O4Pn9ebkXxsDr_B_oXkpG2UuampGZuVv0cIjL93t30_sjFYjnQByLqkwzarWh-KcCWbcYIXA_oHl02zaa34tWABRDy0iA4cVciG3ykBZsktU1R70RjoBgp1icUJnweX9IpDOn8tjU5u9MwZpiaL9Nw-JM_2SZYr1Ym3wIbWawqBSep3vyg62NmBXik-nz4-bDIxMx1l8yYZaxoGBm0IUMJC9PdcPyND4XAa3xv_beWVWPHmYlJUgCssfnWRn8lZSQj0dfoDiEYh6dOZI-LXmxim_TYZlZkLVtbGhBXuX1U38FeqTag2ndlHT81XXnvkxFxbh6iTfTattKAp7KzxuOIj5CA6l2VBkWFhrB0WZuNyE_w_Q0q7VFiCw99ZXXA_0WPAF_N34hk8MES8xhCbYZQ2q8eOswQIZKJizFROmrdDLSTtA707e815AsENZ2yY1PGZYL_ww1rBv_bai2xM3-KcBNpdWm8yKItLCe-ZvHvLidxHWW3poOU_2WJZSWmORTwVkSmgjk7sl7kuGD4Yzf5-nl8Apl-xqS0rNZTGZxoWG-7VMFQcBhPaz43-rIP85lKDu-LB8MBxWtWwePCA5UraOecg5o7xU1GWG0dei7pLblDGqHeOEhxbVrz8ZBJ9E01Tr9Q2HJ678iFhRfzZj42Sptye7BbusczJvyyNGJeQQsb119JTMhS0NwRLzczJDH1Uoibwm5puBpH0HQDtjcvQwzXdvEEGHcqjZIk2WK3TXOffIdGL_icxXJTXnzXt4iCEsUjGbM189T1Qq8G2wxeueAxQAo3JIhxJv-pFg0GFZwfB-QlIszw9z17gG7vqLy536I61IpQg4hN9G4xntUPa5Ns6gjuZnyTJ8XQ90G5aFh0ZxmdRkJXJ5HSxtCn808ENn40bYt70aZcM6np2GlMjtLaM3Tv1vIR3EU-k6LOnSN99U7myw8BBNK_B9-9ENoUJVhqjgFjr3gODo-2TZaVRf0SJsEKUMPRyCeex1f3dg-cLkP-nHaBibrtm4Krk2CA4FW6ywnbdxDzYCexpVKjZvCvt_p6sh77SunKyy68dbgAIKh3q-XBopZoY_K_-JP-aU2x9LvIfBQz1UGuEESO_ET9XZD63Ww_MsGNrJnXf7bBsC0ik6Zih3zvymAiT8dMibJJnP8rzrmCglGvINmH3lEjeoPjfUJnOIhEsNrX3qHJ5nj-6Y1SpgdFaluBNExrhPjnyOfVz69Sf_lxrzNTbXtdL03y9LMqSzSelE8Hx5AFszzZWuZ1EwIBWKYMQkHLtPT2lzza2z4QiAHUcDKgt84QUC3bp2ENYjTiATcktPncJ_gjb_sS5nR7u570h3hgqbINv9X1532DJ6FiLboYCCx1Mjdv383RtgE1eYDDctC0wXcPdHiJfS55UZ3OCHGKK5RDlb_4ePQoVg2GXjmqhIBrQjVW7S663gKlz3bkr1zX3SAHHCguQFQh2nGYu4KFaojSmXUcfUcnH-aifPhzCX7COvsNE8WuwE8rVY19RYSARRbjkkf1a6Q2MqeMvUNH89S7fmuEvwFbzHFlzxdD70NY-n0qojA9iL5RgYSuOP-JSo_6NQHPG6z2K6EO45OlCDo7KFNeExd-BIBHNbrik-11_627l5BrwmxHqSBz9XddY4n0Vrq6kDkZuDaOpFI-KNFCPAM5tGEvUWTZAwIPOOdB9gqOzb71-3AGsP43w5gdwZzOS7uAZxS4Pf-Q78tztBBC3J2Io2VshntbS16bLOrMhkT-UlDoy8id4l3pAJ6NcVx1Bm4ggLWfc1EASToXQIj0_ffFpKKksI5whczVYQzH3VDpDCbP6GO7huISBOFQAhHa6toU9SRucGlm0o6pTZ8r8t5U-rRp9WBd3DJHhCiil4ZVnPOuL_AC454MvxEyn0600qkEMz3nUUXirY-hPl9H_5pBjd5ZL3_CreJwsltSVyv7uBhRJO_LJ_ANncbFiD6kOtAoLJnUKwXtH0phiPqB13mEDSqW23OyUxLNrdU0JnZDikwW_-LpYTNyC9isxdgjC8krbuLr3cdWsHB-mUdxsV6SX2ngbuIa4kX6U5pMPEBF2FTmVvKB_hlRSk9BsaHDO94SNi76eLfEDL1XjreCshQr2ltFBBVkKavfk6C0AtmiTRDQ4U8Zbr8swaJtNGTixKYM0B3pfDh&cid=CAASEuRoAeJ-VbzaYNDPYVwSEF-rmA&rfl=2%2Chttps%253A%252F%252Flivehd7.onl%253A2096%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
afa00dedbe6d549e60e8d88516d437069d74af91f302b9c8f1f825d6bad511a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:20:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9276
x-xss-protection
0
server
cafe
etag
18268840599439890861
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 08:20:05 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111152338000/ Frame 09EA 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14b52d5e44212b22f6de0be5caeeb5bba561a29fd91bf6076bf1ad6d45ecae6f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
336353
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55581
x-xss-protection
0
server
sffe
date
Sun, 23 Jan 2022 10:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8559bae154d80579"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 23 Jan 2023 10:57:33 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 09EA 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111152338000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
134618
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4994
x-xss-protection
0
server
sffe
date
Tue, 25 Jan 2022 18:59:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b314c3eb801664ba"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 25 Jan 2023 18:59:48 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 09EA 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111152338000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
336353
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28443
x-xss-protection
0
server
sffe
date
Sun, 23 Jan 2022 10:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"976e6f5df80f4e35"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 23 Jan 2023 10:57:33 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 09EA 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111152338000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
336353
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1727
x-xss-protection
0
server
sffe
date
Sun, 23 Jan 2022 10:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"423ab13fb6ff63c9"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 23 Jan 2023 10:57:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 09EA 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111152338000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
336353
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12843
x-xss-protection
0
server
sffe
date
Sun, 23 Jan 2022 10:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08cf721d9e54e414"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 23 Jan 2023 10:57:33 GMT
css
fonts.googleapis.com/ Frame 09EA 		8 KB
888 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 08:19:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 08:23:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 08:23:26 GMT
ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 09EA 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 14:27:16 GMT
x-content-type-options
nosniff
server
cafe
age
64570
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
9421415325968714010
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2737
x-xss-protection
0
expires
Thu, 27 Jan 2022 14:27:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 09EA 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 16:59:05 GMT
x-content-type-options
nosniff
server
cafe
age
55461
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 27 Jan 2022 16:59:05 GMT
l
www.google.com/ads/measurement/ Frame 09EA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTihEwIZ8me9B6lhMvWh818BadF1JNw8M6O_Z9KLv8BwhA7JG4akgQ6p4BaRS4s3v-WNkJcFjkBNKmb8no_UUWmdHCxJA
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 09EA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C01DKfVbyYdnwK8Ou3gP2qayABJuopPZnitW69poMrJO1yowOEAEglZvKIWCViomOsAegAeenmN8CyAEJqQIMKgc7f9KyPuACAKgDAcgDCqoE4wFP0HDLy9xbY9Gc4AeLUeb-BiCsxf6qvUtSZpXLpFTbkFGCrzVv5EAQZVtpHWwdoBfJGQZkQypiw1OpS97dQRCoEevJqrm_S0lKSmAkUEa-Rvraew6T21kF8ZBLnq0X2khpwoWw4fR3ep8b56zfJWx3xSSXr-6kWD91rjFiw0MkMWRmn7wjgHAgFkt9AbhTd69ntvE_4PzIlbLha1PC7M_O0XwURt-apIK1FBvEgBP02SSfLmBI5M7bGPuaZ-l0oIZIP3tHNe1TqDdQAByW4QDays5HRi3d5cthLu5gmEmsqZfZXMAE39u93rUD4AQBkgUECAQYAZIFBAgFGASgBi6AB4HY56ABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ36U80ggJCIDhgBAQARgdgAoDyAsBuBOIJ9gTDIgUCtAVAZgWAYAXAbIXHgocCAASFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=kNq-ltx-ysU&uach_m=[UACH]&template_id=5000&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
e.js
live.demand.supply/e/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=livehd7.onl_fluid_lb%2Bsq_top&sy=b1511ddb-e754-4e79-a1be-6726112b15d9&ts=18&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=livehd7.onl%3A2096&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=5af006f0-ee81-4bf6-91ef-23ac9be48e93&e=lm&dsReferer=aHR0cHM6Ly9saXZlaGQ3Lm9ubDoyMDk2Lw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FT5TQYFQVT2BD4NPGYXZNWR0
date
Thu, 27 Jan 2022 08:23:26 GMT
cf-cache-status
HIT
age
250633
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6d4094351feb5ba4-FRA
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FB2F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 15:54:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59364
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Jan 2023 15:54:02 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 91CA 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 27 Jan 2022 05:53:44 GMT
expires
Fri, 28 Jan 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
8982
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame FB2F 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88672c96779d8e7a84c885b23168e132b49296eb08e0daee785ddeecf6ceefa0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C856 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 26 Jan 2022 11:10:53 GMT
expires
Thu, 26 Jan 2023 11:10:53 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
76353
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
cm.g.doubleclick.net/ Frame 91CA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEL85QYzyPOgsMYoJZQ3_11A&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEL85QYzyPOgsMYoJZQ3_11A&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ak9VelFSVlgxTmQwM1k1&google_gid=CAESEL85QYzyPOgsMYoJZQ3_11A&google_cver=1&google_push=AYg5qPJbvOpDNwcmpOcBIUZaqhrGjgUnV6sdgXTf6g4LWiT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ak9VelFSVlgxTmQwM1k1&google_gid=CAESEL85QYzyPOgsMYoJZQ3_11A&google_cver=1&google_push=AYg5qPJbvOpDNwcmpOcBIUZaqhrGjgUnV6sdgXTf6g4LWiTp2DnT2TfjVKzTG1jy2kj3niyGVe1p9woJSaC5pNzPEVK67P3WEfXk
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 08:23:26 GMT
Server
PingMatch/v2.0.30-700-g8d321aa#rel-ec2-master i-0f1453ad8cfc832d7@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ak9VelFSVlgxTmQwM1k1&google_gid=CAESEL85QYzyPOgsMYoJZQ3_11A&google_cver=1&google_push=AYg5qPJbvOpDNwcmpOcBIUZaqhrGjgUnV6sdgXTf6g4LWiTp2DnT2TfjVKzTG1jy2kj3niyGVe1p9woJSaC5pNzPEVK67P3WEfXk
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 91CA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEIuF857nnSyXxMQDh0UEXM&google_cver=1&google_push=AYg5qPIThMFLFC5eu2rdHVtpPKxGVtdvHJzKouvxLXzSgRx-FDIuiOHxLYExP11bH2s1Pz-gWAIiDqB09eUJbcwD...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=mTdh8lZ-SACMFBFWf6lTPw&google_push=AYg5qPIThMFLFC5eu2rdHVtpPKxGVtdvHJzKouvxLXzSgRx-FDIuiOHxLYExP11bH2s1Pz-gWAIiDqB09eUJbcwDbzQnA6aK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=mTdh8lZ-SACMFBFWf6lTPw&google_push=AYg5qPIThMFLFC5eu2rdHVtpPKxGVtdvHJzKouvxLXzSgRx-FDIuiOHxLYExP11bH2s1Pz-gWAIiDqB09eUJbcwDbzQnA6aK7nG-
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 27 Jan 2022 08:23:26 GMT
Server
MT3 4133 baa842e master cdg-pixel-x28 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=mTdh8lZ-SACMFBFWf6lTPw&google_push=AYg5qPIThMFLFC5eu2rdHVtpPKxGVtdvHJzKouvxLXzSgRx-FDIuiOHxLYExP11bH2s1Pz-gWAIiDqB09eUJbcwDbzQnA6aK7nG-
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 27 Jan 2022 08:23:25 GMT
pixel
cm.g.doubleclick.net/ Frame 91CA
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEOjHAhupDrW6SEhq3h7up6E&google_cver=1&google_push=AYg5qPJXWzCJwnwbVJQnDD4V9-9yr52cRhqU1Da4ZkOzlJE8jfgfNka4MYRMx_b549K_2QTZxrQs-6cJBISd0T1o5yVaeNaF93o
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RDcxNzFBMzE5OTAyQjEyOQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RDcxNzFBMzE5OTAyQjEyOQ==
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RDcxNzFBMzE5OTAyQjEyOQ==
date
Thu, 27 Jan 2022 08:23:26 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame 91CA
Redirect Chain
  • https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESECJJbhf8kT3Hbe231XneWVA&google_cver=1&google_push=AYg5qPKw92PAWJFDAAKw_mkNeFo5Mey_IF9aIW-9ZF2Ft-eQrxaxDGtDR73A3DbflJBszKjpzyIikpXPgSSuQQxL6P0A...
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPKw92PAWJFDAAKw_mkNeFo5Mey_IF9aIW-9ZF2Ft-eQrxaxDGtDR73A3DbflJBszKjpzyIikpXPgSSuQQxL6P0A649lehfj
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPKw92PAWJFDAAKw_mkNeFo5Mey_IF9aIW-9ZF2Ft-eQrxaxDGtDR73A3DbflJBszKjpzyIikpXPgSSuQQxL6P0A649lehfj
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 27 Jan 2022 08:23:26 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPKw92PAWJFDAAKw_mkNeFo5Mey_IF9aIW-9ZF2Ft-eQrxaxDGtDR73A3DbflJBszKjpzyIikpXPgSSuQQxL6P0A649lehfj
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 91CA
Redirect Chain
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEJWYKDLLils8Lx74-xdC484&google_cver=1&google_push=AYg5qPJjkWlTjgys9cSsKUB9h1tO3168Qio_1KPlK0QZKtCj_TT5261opsguKxFL1TAA7...
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJjkWlTjgys9cSsKUB9h1tO3168Qio_1KPlK0QZKtCj_TT5261opsguKxFL1TAA7mFUmk5gdnjlPnG2NLTTVMckAlS_hH4_&google_hm=QWQza0ZDdVlVaEhEYVZaZ2hP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJjkWlTjgys9cSsKUB9h1tO3168Qio_1KPlK0QZKtCj_TT5261opsguKxFL1TAA7mFUmk5gdnjlPnG2NLTTVMckAlS_hH4_&google_hm=QWQza0ZDdVlVaEhEYVZaZ2hPbUVrSGc=
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJjkWlTjgys9cSsKUB9h1tO3168Qio_1KPlK0QZKtCj_TT5261opsguKxFL1TAA7mFUmk5gdnjlPnG2NLTTVMckAlS_hH4_&google_hm=QWQza0ZDdVlVaEhEYVZaZ2hPbUVrSGc=
Date
Thu, 27 Jan 2022 08:23:27 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
pixel
cm.g.doubleclick.net/ Frame 91CA
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8SanfUUWRdOkucYP6-RV4g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8SanfUUWRdOkucYP6-RV4g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKwol18KP2W8POswoV_zW53lFa4lNhutOIgz6WrxIO2-A5Stfo-RQMAYSUMlDjgUT-1K11xQjOjs1SfpEyqzSydp3b9UXo
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8SanfUUWRdOkucYP6-RV4g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKwol18KP2W8POswoV_zW53lFa4lNhutOIgz6WrxIO2-A5Stfo-RQMAYSUMlDjgUT-1K11xQjOjs1SfpEyqzSydp3b9UXo
date
Thu, 27 Jan 2022 08:23:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
sync
rtb2-useast.e-volution.ai/ Frame 91CA 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEOu06U2ilyS-iH1Aa7IVxw4&google_cver=1&google_push=AYg5qPIR1qlhS-dF6E6_gVeaYAjahh9ZuT_-7rFY5jIYRsh6cYTF5Ir-dH6AWQSkUHXgnK01LbBBe2AaQf3WWoBrhc4EcConUpOlww
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 08:23:26 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
attr
cm.g.doubleclick.net/pixel/ Frame 91CA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J2X7BYWs292n5HBEZH_NrBUZxHP1r0BwKI72q2FkaK_44tGQe-8yL0fqMmJZSSvt4H2vB7sg
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
downsize_200k_v1
tpc.googlesyndication.com/simgad/8870689191097928153/ Frame 09EA 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8870689191097928153/downsize_200k_v1?w=600&h=314
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2771943bba7565d6e8b8c3b6850927c778305cf32453a4f8ccb694792000586b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 02:02:26 GMT
x-content-type-options
nosniff
age
195660
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44194
x-xss-protection
0
last-modified
Tue, 31 Aug 2021 11:52:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 25 Jan 2023 02:02:26 GMT
truncated
/ Frame 09EA 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 09EA 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 09EA 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9ce8f33df850b9ee3afd027b69a855559d08a9040d68297c4e13f1057577189

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame 09EA 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://livehd7.onl:2096
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 18:14:29 GMT
x-content-type-options
nosniff
age
137337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28196
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 17:53:50 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 18:14:29 GMT
jGbA3lvUbVA_isqhK0kcOmFQnhmy9VywXuVHQ76HhUI.js
pagead2.googlesyndication.com/bg/ Frame C856 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jGbA3lvUbVA_isqhK0kcOmFQnhmy9VywXuVHQ76HhUI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c66c0de5bd46d503f8acaa12b491c3a61509e19b2f55cb05ee54743be878542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 15:36:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
146796
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13685
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Jan 2023 15:36:50 GMT
multitracking
ghb.aplhb.adipolo.com/adunit/ 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/456464/hbw_master_323303_13052.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://livehd7.onl:2096
Date
Thu, 27 Jan 2022 08:23:25 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
970x250.html
s0.2mdn.net/sadbundle/15778784046629838142/ Frame 283B 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15778784046629838142/970x250.html?e=69&leftOffset=0&topOffset=0&c=kC4D2HVkU2&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b781f6c72589e1f4de2892a2fe2d9fedacd1535adf2dd08906c7edf2c3b58e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
1654
date
Thu, 27 Jan 2022 08:23:26 GMT
expires
Fri, 27 Jan 2023 08:23:26 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 22 Dec 2021 16:12:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame FB2F 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss3oh7qt2wInj5Qy3AbbEpo2VZWFYc-jjzwtQpJUosDSJujN1R61alJ9TDufWY947OgmBbSSFZaJVE4kbZFquXPVKGmj91tfrz_fbOSQVdmuMKcsLl1pgQWpqQiQqypbDC6BKtB4ws5Y_Be-sFcUPPb7T_43jdysP2yY4a-pH3-_6aFmTHlqFZF7U1ir2abmmRGVziqolGuVSg3zCxVla3m57jreIt1GA4YzDmISL0BQBz7hrL2iNXtyRK-dLWik6MYgD0Z9dxrxQbV2qK6CR9eCFvIA7Wr5QCBT7-E1reDuj7jWiLdlQICj3M2odivMTcaFEKz7wNqf6oI3SZHzjutcPFxbmEnXL5mPOF2xMGYZZD_6PMRI57tQZsecgg2TmWeLjE5dqUw2f1T_kBYjCOegIQiOPQ7g7FmUsG0b1TtbjJBfRYRnLbJs4dQq25vVsoHR4ciXZcM-VEbNxx_AibomN4ItU0KcFeArDSMuLDjJFWpwDH_FPsHrQuLLgoeTzg7qAedrrh2GnzO7bl6L0sCyixTF-ydV3Ul1BJdXsz2QSTn5C8EFfzzgZD5aQ6xIiSqHVPLCXfbDORSftbEpXdwjVHSoFq7oeD6karjGPr5s4iNupkLUCsFlBSgpJo4FwdPj9QqXJqunL22CrFyAvpj6p9JnZFFFZk8MT_7S0P-9ZOwd05KjNhiMjjwQAkjKtzzcWPX3QToev7BIqQT1hvmU0dGr7B1KS7IkIewFy7FsjItzbes1BxircV0GJ5PuRGCAml8ZYYV59JyDSJ5iiKqk27a3qzJyYDXdOadFKNTlH5-HSFVUNZW3I6vqQlkFSHtbAYiCW1kuUfyR_QZ9JLyjBsku9l0tyJop2lLmnnbdYBPfGWOcYbETnIQ9DTK6F0cbFCJufxNOvlobYJIfd0hhqOU6mvv910aW-ly27jo_uc2LM5TLl9iVXoVpQ8tpjA65bsK-CVwy_35iU1WKx31_jRSQKTpvHyVOrHEoVwOENdpzKMeyvV7m7XQMHOAPZ8XHyjY7pjDTO8kwiSE40qa3DYbUza9xw8eYRW01_fJgs6UxFZ6OpdMD1F-Mts-WD3khBqFGxveSKsKtFYXBHSrwbqxU6KlVkSebCLT63NV15nSkxbbTpNgwZWRcpA1R8pMv0hPEowQpFs&sai=AMfl-YRJMgpJGSe9CTEhvfmdxZr0dYte3ky9praXSD-Y4lZd4BdIYd1NAVZq-Zj5OoA9RBzkxbAOWUM5uqnacXYRyo735eME3v43DJXvJJSjZ9C7CrfCD5s4CQrWMalSAPEqlM_bBAXkicbIO_28BrvAdywC2j3opA&sig=Cg0ArKJSzI0s_msphF41EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=220&cbvp=1&cstd=214&cisv=r20220125.47475&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 27 Jan 2022 08:23:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 283B 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15778784046629838142/970x250.html?e=69&leftOffset=0&topOffset=0&c=kC4D2HVkU2&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15778784046629838142/970x250.html?e=69&leftOffset=0&topOffset=0&c=kC4D2HVkU2&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jan 2022 08:23:26 GMT
970x250.js
s0.2mdn.net/sadbundle/15778784046629838142/ Frame 283B 		53 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15778784046629838142/970x250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15778784046629838142/970x250.html?e=69&leftOffset=0&topOffset=0&c=kC4D2HVkU2&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98cae41d97c80672f0522ad57c9ddf5ff21c30f9eacf5a20a53ea7483b6f1723
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15778784046629838142/970x250.html?e=69&leftOffset=0&topOffset=0&c=kC4D2HVkU2&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 12:00:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73394
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11360
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 16:12:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 26 Jan 2023 12:00:12 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 283B 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15778784046629838142/970x250.html?e=69&leftOffset=0&topOffset=0&c=kC4D2HVkU2&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15778784046629838142/970x250.html?e=69&leftOffset=0&topOffset=0&c=kC4D2HVkU2&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 12:03:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73171
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jan 2022 12:03:55 GMT
clicktag.js
s0.2mdn.net/sadbundle/15778784046629838142/ Frame 283B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15778784046629838142/clicktag.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15778784046629838142/970x250.html?e=69&leftOffset=0&topOffset=0&c=kC4D2HVkU2&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea51f498a2e11e522503ca4033674ae7233a3d2a5e5fe9c07491f5fbe5883ac7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15778784046629838142/970x250.html?e=69&leftOffset=0&topOffset=0&c=kC4D2HVkU2&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 12:00:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73394
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
995
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 16:12:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 26 Jan 2023 12:00:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C856 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4-m8flbyYZjBCqq5x_AP24GqwAcAAAAAOAHgBAI&bg=!CQqlCk7NAAY6OBv_Ojg7ACkAdvg8WlFaVzM2cOVOJuTofSuxc03e9MW-7qgl9A0ljG4sYXwRhVGXPwIAAADSUgAAAAZoAQeZA1PAvjBcZ_CGGeFaHMuYI74qIYw2bxL5_9UkRUjVQWvXhYDnhl4PIK5MYx2BsBP32FSjHY9jg5ekS9J1db8aO1IEmVXRbHjiDcPwpj5CIidbLS3iQXU9JyTn-DWEEY1EnFBtNe_RbzyL_Smx4K5gqGwu3Ya7-qouDPkJ9MC9MerViFwKmZ3n8FBpHR7Tq_IQSvQOC4d2xeItS5IkZgBmehttTycS7Vjxkdjo0gCCEcrG1E-9x4O6CI-oJxZYYR5uPTJ2B9F8IrWwvgJQAv2YrH0y9h5n2IFTgoax3268jeronVF1cVy-N56vu07bkY44C-KEKQHyWEDtxOHCgo_n03UG9kHKdEmLGIC32kH9tuHOuIMNmPaOU4Wkb7_fBO0-yY7XW88JxN9LHwLF7Fi1wLSLqKSpbY99CzITLr9aGAj0VbCExeFqcmf9OiW-0q22PJbjT6MtBuYkDC0IaOF-vQFENspEJjETvc3VmmuGr4fY8gwkbWWivwTGrSYb6Yh_wvHUfNaLtd9-5EFcFBg8oHOyzez5eQLT3E4xQ4K_Y7HTrgC7lvlqAMStSiQqc6jtseaA9WYIikSDw6mL1k-ezytNFEFx03s1s5UrE9JYSJhtPXW76RBM3ruaCwZUcLdXkHMIZrDB4XWvhaGD65An8SVycgmVevGCWRsusuXJ9RE1tL5IBrKsEty17gw5X7NxNUs-vG9OCw8qXXgVhIoFcBuT26kOGJT7gqhGwizMnjo8w3cgnWBCYLsNl6AFNeZbwxfZB7PK9znb-DmTO442H6Qm9nmSV64wrUN7qgIaVkfWe_wqtRlwJZ-1NqFD4ZDR3SOkwuJmZ8gr0gFhJLnoTZueDUb3znE1fTNddw0SG_owpWqs72i9oZWVEWxC7RU-tRVdN5Q0uOD2bM5Ur2e-MnaPxDdj1wzgzqwPwGcNvrySjQMmkWb9qkyArt7V8h6nA7UyWeywy7qFLG-ozwiTe46kPLIiKxlVjywpxTLNp9b7euKhIyelYViP3UDdHeBs3Sgivham9uftJYjyNy80dqGinsrUpY1gTOlZIPRgmlj4A3dGvV8gna9suOSeE1b8xNr4ymvY_IEQyHaVkmTPHj_eXqQmOngzEE9zsiLBAgiNxTqOIw
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FB2F 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss3oh7qt2wInj5Qy3AbbEpo2VZWFYc-jjzwtQpJUosDSJujN1R61alJ9TDufWY947OgmBbSSFZaJVE4kbZFquXPVKGmj91tfrz_fbOSQVdmuMKcsLl1pgQWpqQiQqypbDC6BKtB4ws5Y_Be-sFcUPPb7T_43jdysP2yY4a-pH3-_6aFmTHlqFZF7U1ir2abmmRGVziqolGuVSg3zCxVla3m57jreIt1GA4YzDmISL0BQBz7hrL2iNXtyRK-dLWik6MYgD0Z9dxrxQbV2qK6CR9eCFvIA7Wr5QCBT7-E1reDuj7jWiLdlQICj3M2odivMTcaFEKz7wNqf6oI3SZHzjutcPFxbmEnXL5mPOF2xMGYZZD_6PMRI57tQZsecgg2TmWeLjE5dqUw2f1T_kBYjCOegIQiOPQ7g7FmUsG0b1TtbjJBfRYRnLbJs4dQq25vVsoHR4ciXZcM-VEbNxx_AibomN4ItU0KcFeArDSMuLDjJFWpwDH_FPsHrQuLLgoeTzg7qAedrrh2GnzO7bl6L0sCyixTF-ydV3Ul1BJdXsz2QSTn5C8EFfzzgZD5aQ6xIiSqHVPLCXfbDORSftbEpXdwjVHSoFq7oeD6karjGPr5s4iNupkLUCsFlBSgpJo4FwdPj9QqXJqunL22CrFyAvpj6p9JnZFFFZk8MT_7S0P-9ZOwd05KjNhiMjjwQAkjKtzzcWPX3QToev7BIqQT1hvmU0dGr7B1KS7IkIewFy7FsjItzbes1BxircV0GJ5PuRGCAml8ZYYV59JyDSJ5iiKqk27a3qzJyYDXdOadFKNTlH5-HSFVUNZW3I6vqQlkFSHtbAYiCW1kuUfyR_QZ9JLyjBsku9l0tyJop2lLmnnbdYBPfGWOcYbETnIQ9DTK6F0cbFCJufxNOvlobYJIfd0hhqOU6mvv910aW-ly27jo_uc2LM5TLl9iVXoVpQ8tpjA65bsK-CVwy_35iU1WKx31_jRSQKTpvHyVOrHEoVwOENdpzKMeyvV7m7XQMHOAPZ8XHyjY7pjDTO8kwiSE40qa3DYbUza9xw8eYRW01_fJgs6UxFZ6OpdMD1F-Mts-WD3khBqFGxveSKsKtFYXBHSrwbqxU6KlVkSebCLT63NV15nSkxbbTpNgwZWRcpA1R8pMv0hPEowQpFs&sai=AMfl-YRJMgpJGSe9CTEhvfmdxZr0dYte3ky9praXSD-Y4lZd4BdIYd1NAVZq-Zj5OoA9RBzkxbAOWUM5uqnacXYRyo735eME3v43DJXvJJSjZ9C7CrfCD5s4CQrWMalSAPEqlM_bBAXkicbIO_28BrvAdywC2j3opA&sig=Cg0ArKJSzI0s_msphF41EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=461&vt=11&dtpt=241&dett=3&cstd=214&cisv=r20220125.47475&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 08:23:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame 283B 		6 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
641038d44ddc7fa0aaab9ccb27fe315019345b1f499be1ae819fb8821c8f5319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 08:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4760
x-xss-protection
0
bg_img.jpg
s0.2mdn.net/sadbundle/15778784046629838142/ Frame 283B 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15778784046629838142/bg_img.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8725abc3d35382f44c9b16b12a7e8bbcef855b58f71df5da5b00e7acce75047e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15778784046629838142/970x250.html?e=69&leftOffset=0&topOffset=0&c=kC4D2HVkU2&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 23:00:12 GMT
x-content-type-options
nosniff
age
292994
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112143
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 16:12:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 Jan 2023 23:00:12 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 283B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 08:23:26 GMT
logo_ibes.png
s0.2mdn.net/sadbundle/15778784046629838142/ Frame 283B 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15778784046629838142/logo_ibes.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd3e16168400c57fc2ed2b2276f8a27baebc81e3162df72f90680e827b1f4ad9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15778784046629838142/970x250.html?e=69&leftOffset=0&topOffset=0&c=kC4D2HVkU2&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 12:00:09 GMT
x-content-type-options
nosniff
age
73397
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8629
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 16:12:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 26 Jan 2023 12:00:09 GMT
jGbA3lvUbVA_isqhK0kcOmFQnhmy9VywXuVHQ76HhUI.js
pagead2.googlesyndication.com/bg/ Frame 7CC2 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jGbA3lvUbVA_isqhK0kcOmFQnhmy9VywXuVHQ76HhUI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c66c0de5bd46d503f8acaa12b491c3a61509e19b2f55cb05ee54743be878542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 15:36:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
146796
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13685
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Jan 2023 15:36:50 GMT
sprite01.png
s0.2mdn.net/sadbundle/15778784046629838142/ Frame 283B 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15778784046629838142/sprite01.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c92baf4ac12adeea944ec9c5307144ea7f2a0aa98e4c34dfb042d3b48169020
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15778784046629838142/970x250.html?e=69&leftOffset=0&topOffset=0&c=kC4D2HVkU2&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 12:00:10 GMT
x-content-type-options
nosniff
age
73396
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8110
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 16:12:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 26 Jan 2023 12:00:10 GMT
sprite02.png
s0.2mdn.net/sadbundle/15778784046629838142/ Frame 283B 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15778784046629838142/sprite02.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa3666eb27c134f44533ce00519008c4d5f8fceee32d766d518e26104a3e791a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15778784046629838142/970x250.html?e=69&leftOffset=0&topOffset=0&c=kC4D2HVkU2&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 23:00:13 GMT
x-content-type-options
nosniff
age
292993
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8754
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 16:12:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 Jan 2023 23:00:13 GMT
sprite03.png
s0.2mdn.net/sadbundle/15778784046629838142/ Frame 283B 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15778784046629838142/sprite03.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
436881b12c4bcec03ca0d3fbfbc8d0626702397de2daea1aea49de5bb7a9d613
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15778784046629838142/970x250.html?e=69&leftOffset=0&topOffset=0&c=kC4D2HVkU2&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 23:00:13 GMT
x-content-type-options
nosniff
age
292993
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8467
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 16:12:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 Jan 2023 23:00:13 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://livehd7.onl:2096
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Thu, 27 Jan 2022 08:23:27 GMT
access-control-allow-origin
https://livehd7.onl:2096
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://livehd7.onl:2096
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid
ap.lijit.com/rtb/ 		25 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.7.0-pre
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b56b04fa9e982304e87497818233e5be62454b64d32a513d2edd807dce7c524e

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 27 Jan 2022 08:23:27 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://livehd7.onl:2096
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
hb
ssc.33across.com/api/v1/ 		60 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
b236c44af7672976be55ccac04d023f9fb16f2d7cf9f32c6898ee37825469782

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Jan 2022 08:23:27 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://livehd7.onl:2096
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
unruly_prebid
targeting.unrulymedia.com/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://livehd7.onl:2096
pragma
no-cache
date
Thu, 27 Jan 2022 08:23:27 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
c
prebid.a-mo.net/a/ 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://livehd7.onl:2096
date
Thu, 27 Jan 2022 08:23:26 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
7
vary
origin, Accept-Encoding
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=64184088652
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Jan 2022 08:23:26 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://livehd7.onl:2096
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://livehd7.onl:2096
date
Thu, 27 Jan 2022 08:23:27 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		146 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0204b2888677861f56954aca3c6e7eb01f62ca6e425d113a33fbe572da9139cb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 08:23:27 GMT
X-Proxy-Origin
95.211.199.155; 95.211.199.155; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ba146605-1477-44dd-8e06-fbcd6b365a4d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://livehd7.onl:2096
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
146
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.nl/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=livehd7.onl
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 08:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=livehd7.onl
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 08:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3658751037657245&correlator=3153819681689969&output=ldjh&impl=fifs&eid=31064557%2C676982996&vrg=2022012504&ptt=17&sc=1&sfv=1-0-38&ecs=20220127&iu_parts=7047%3A22618662325%2Capl%2Caplmcm7047%2Cdynamic%2Calicampaign&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x600&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cookie=ID%3Dbbbd46be94da8e61%3AT%3D1643271804%3AS%3DALNI_MaGDaMpQgWWsGOpBjeXjX4tiW-frQ&bc=31&abxe=1&dt=1643271807361&lmt=1643235770&dlt=1643271803889&idt=1411&frm=20&biw=1600&bih=1200&oid=2&adxs=-300&adys=601&adks=2115259490&ucis=f&ifi=16&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Flivehd7.onl%3A2096%2F&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H8VzrqleQjQ0O0VqI-SHgu1u9UtMZZirBYQx0Zk-5nDs6WysOXiGRpiZ1O909N75tlt8808R8ar6G8Ke87GRIdXbaE%2CAGkb-H-nUkh1p7J5BYOpjfyQR9Y6A2PresyLoSTGA50vwH9gTVFQzrl3_dYe_codmZZ89H6icRLQzpwBHU-HZhIKGhtvqx4%2CAGkb-H_8v5wz5NmsGWeZrKL70rQBNEGOB_X1L_hIsIBZb3vk_gQ3rruqmt4BBv37wLc7GopIsHEMgzgaW5iRjmxREhcTIXo%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9sMhfpd0IbjKcONd1QuoE7UDSFQxIHDarO1Eo9Ouvbqg73H9OJfopiSK914r64RWj347Vhg5-AyP9vKk3Jj3GruwI%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=542245380.1643271804&ga_sid=1643271804&ga_hid=543678338&ga_fc=true&fws=516&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
148db4d02d3fe12403c2f599cb4325da78d063ff7bb173b05e86a20b33021290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9182
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://livehd7.onl:2096
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:27 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 28 Jan 2022 08:23:27 GMT
syncframe
gum.criteo.com/ Frame BA88 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=livehd7.onl
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7225c811b9035a4ce65639eb7ab5e7850833a340a866cc8e4bc5c2ce4abe8756
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2101
date
Thu, 27 Jan 2022 08:23:26 GMT
content-length
5180
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
5f1a0eb046f22533fd96fde5da0c9f951cb8b69354839596657271c9af223be0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:27 GMT
content-encoding
gzip
last-modified
Mon, 24 Jan 2022 04:27:55 GMT
server
nginx
etag
W/"61ee2acb-16429"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 28 Jan 2022 08:23:27 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 09EA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstncGfz1f5u7blCp6Yf6fMjhP5efYommOdCykavqktrHQNzPNrAAXGxqcPIln2curd8Q3MTvtqzY44M5paQagCtwlzVTyu9ghe9iLP4WFgMz_Q4i5OviA&sai=AMfl-YTu8Jwp-UmvlD5O0M3CkDMoaRyq2yOLDQqF_UxIK7Ct7urWbR0Sv7s-v_OxmRNyBtVnlh9iCwjhX5mueX1GGp8VyvEKP423JopI6cWoD9AKpDRkR77v0cc2TC4y&sig=Cg0ArKJSzO5wCymOq3HjEAE&cid=CAASF-RoY5_59YBN_PirvJ2lu9zlu2teMjiw&id=ampim&o=288,100&d=1024,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=289&tls=1289&g=100&h=100&tt=1290&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=3221412050
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame BA88
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=livehd7.onl&sn=ChromeSyncframe&so=0&topUrl=livehd7.onl&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=gQ7_eHxYSExHbklSbDhiN2hnMUFiM0lWMU0vdVdQYUVHWEY2dU5EVkZZdGZSMkdIYUxwYy9RaXNUbC9qQmVwQnlPc29kQ080Q080TEJ2MEZxeTA5VTB2S3haeDhLY0h0SU9IOXFyM2FKSWdwQ2M1UzcxQXJjaVBTa2kxQk...
419 B
625 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=gQ7_eHxYSExHbklSbDhiN2hnMUFiM0lWMU0vdVdQYUVHWEY2dU5EVkZZdGZSMkdIYUxwYy9RaXNUbC9qQmVwQnlPc29kQ080Q080TEJ2MEZxeTA5VTB2S3haeDhLY0h0SU9IOXFyM2FKSWdwQ2M1UzcxQXJjaVBTa2kxQkpTb3g0dzNoaVNlcmYwU1VRMUppb08rcjA4VGNPUW9YaGR4NUdUOGdIa1pUOGJWWTYzQTFVZHJYN3BTZTBVdGtYUzU3VFNuMFVtS3djUG9LUWV1bURONzZmZndqblM5ZElCb24rLzFjeFFIK3VGaUx3RTV0VkVJdGdLM3BMWTZoTnJDNmw0SnlsaFBOWnhMeS9HNVBGQnpSZkY1d3pUUT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
474839f856ef2f3e176cac9f6e048d906bcee65b3f9eb84fe0fda253636751d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:27 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3803
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:27 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=gQ7_eHxYSExHbklSbDhiN2hnMUFiM0lWMU0vdVdQYUVHWEY2dU5EVkZZdGZSMkdIYUxwYy9RaXNUbC9qQmVwQnlPc29kQ080Q080TEJ2MEZxeTA5VTB2S3haeDhLY0h0SU9IOXFyM2FKSWdwQ2M1UzcxQXJjaVBTa2kxQkpTb3g0dzNoaVNlcmYwU1VRMUppb08rcjA4VGNPUW9YaGR4NUdUOGdIa1pUOGJWWTYzQTFVZHJYN3BTZTBVdGtYUzU3VFNuMFVtS3djUG9LUWV1bURONzZmZndqblM5ZElCb24rLzFjeFFIK3VGaUx3RTV0VkVJdGdLM3BMWTZoTnJDNmw0SnlsaFBOWnhMeS9HNVBGQnpSZkY1d3pUUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1837
content-length
541
expires
0
container.html
10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7FFD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012504.js?31064557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 08:23:25 GMT
expires
Fri, 27 Jan 2023 08:23:25 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame F92D 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiA_aO-ATAB&v=APEucNUfxT7kTaI0poUrNLtQ8tV_yrrOoPFP4nP793Zw-xm5rQMzmHxNwdnVV0hviHzQO2Uv89WfoTIPwC7JvEsvw9r7XovJcoY9FzxMzLxgDgm686q8Mf1lem7xTRpsmK5cMXs6LpTywWl9OF7PQTydAdzK7XgERB1srjp2fRY-Vno-0Mq3idU
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 27 Jan 2022 08:23:27 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 7FFD 		77 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AR8MzPE5buY3mb-v2nWQEldxQTLDv2FxJtegMz1actt6RT-exyISrVBsOgNY-LLqbkY6T7DbqZDoGsiLr3jGAS91PERifITjue5-e68Tj0jA6yG8mRz1T95bCehDUpz89lL29SDicv3aoM6V0TNegfTcknyw&dbm_d=AKAmf-DR9kYAlAxndSDixKs1JeB3PdtpzU4NC2tn6-l-gW_eq-rkgij2KmaZL9P7Hmnyd29eWSrWMqznnSlZNV4fV7XL6sHZiyDioIZ9io6H73xNTaZDXYdc6Yz1afhLbqOHS1w_fhtTsfOtjI3peuMJ6s2PkH8XZqDkqgigOqiHK2FzIR_DkFeKvmh1JIpWJf-S1qqqUFhkaQJJZfszM9dm3FYlv8n6JmM79sBVDLer7Mlg5dcdlykh_C50ze2Je8qFibMwcjYEUrm_MlipnlJrz7XnZbJsKWBc0vGaEU9OVt84iMEygu-OLOsyKPQn5CH-3PD-Qbgaf0txc7TMWccIk7vcQ8k9Lb0IUfrVTmehqvs1DNgsReFgJXy8iTjfCpOP6pUPxAS4yRVBQ7yyfX4rlBT2lGOs0B7h71RDatgJuXbAxoONmyweKXGjRSpwpWRTCg3j8Bp2bXOC6xooF4OBnCxChL8G9QOvBRW_yrn6p3zXumMv20S9-_Xx6aJismPfVvlljUiL5dfD6CoBx-5NdWPLNT0Rv0UQqAoCCuBH_0URgQFI-BLY-ib_yOqCYR-9gl1s38x6ip31IXVMkdYttRlmiuY3ysTef-SCxeLzOX47C8eHxK0mL7nhFgqlSMGfF_ZCWDwhb3FTZUCB4X3t5auMAIpZXlrH9b84dmyrhHRCMwpsEdfbw0Z0Pw7fxdM-oG5YPJiGByZpgRsVacq6jbWuxwo_I-kfIKrrDOEDFjD4lmOJoQCzVZXPfYgxX72mL-mm081vDu5Z_yq6qqDD0x_ZKVb-f-UDBGOudGElsVCQXTg1jjf4Xxgm4Gpth-IMM_9oV41DrtkmzPuhs5iOwm_D2-zSV2-GTQGVsj-12mhBS7pEx2rXM9VX1OmNmYjMqGTqcGpoq5wevoFOfE0bsq8c7-gJcRIxmOe3C6B9aIfsrG-CwxfSL4LDSOHiS3WJAVWzLYp8bramiOe4dvfhZE_Zwi1x9QtN9Psb-eeSCFS3ztJnaicnqloxiGrI9hKu9qc5x3Qd5kxPvo2ZMc2LEwrV6bYoiJKOg21tM4rorND93F0ToGp0Ytxn-0VP4HA7dkpgxs6zxRTAbDDie_hBXlSkrYpgoeNrPFO4LC2pFw0a9Fl6PXmRS4xZfhU1Ls3X2nTtRTnO5ODqxdwlzcEJ4K9d8a7yPTPWWZNpRm6N50jSbH29a9M68d9ebL_T--GgUQ4pQxri1CX_R9Mn88GRtLE-Id9d8TOeujJO6AVQI50jsWdmonsoZC6p-reUybhk_DRB2Xs_NzCeEW6IBDsy_KEDKEFR7pooupZLRWz2D--AefaWXCzhYHda3eEvN8f5XVEhHWgHtNFxa3YWeBbLiWlkIrfA-hGgVk0FA7A9NLqB5c3pRwarfPkJZcwPdp-ZGkCr8XQ5ecyzAz7pMuBwIfLJVD-KtTQ_04HUWyN8B9uvS8Bo1Kob9nSjzKO863FMJR8L9mF4CKcVrL5g2chg4JKoCsHc3HbgLirQrdpjJ6aT-YXnWt0zpdpthXTja1ZnpfM7CmG2yZeBMJznA7X5sPXSqqCU8zRt-Tdqh-NCXy3DWqABCCpwXBi6key2hdPFgRKxLjfqFfd4jdNuRoKd-j-rSlykko4mCa_jlOFGTGqiS7KaEnxJ0K9pE3RuhYGJZ37fXRk-h_4ulDY_NZ_eHj2VbYgePYZLfk7Xqqme9rpcuPOXMaE-70Rp2FRfgWr8Lxy-LfJwJzYI4fKtNOGS0Lvgyivl-2hSaYImwbQPOMykIUDHcbCNHx4UJm4_cygH39yg6nF7oECz6Z6guDS2XAm7TgfMvJRtNTsdZvsIpVsz0mhexpSeDhCO70bUbV14VzXnGbDMBpmPbGlPyFlq8_ikX45LAIfWd0rmWv9SqIjxU_wjhKC85zDGl0cA9E5uyKXq1zPonn-Q6NZ8coMnFwOAQW3LiZkXOGpO1GgGBQgOmJjAB8mRhwogFi3b0t7Tl55B3CSslvB-Vsqo8lFiWOSAgnNPesnIgfwUQUilqiClkbMaak9R9JhieHjyzCNfLlhSiYebWV4528Gb1KcVC7LGco7O5C-JMcK3ZQ0URu-2fIEZbOwx6iXm44IVpR5XBS5X3baq5YR--MFV9JNq4zoUxIDrYBDTcNfp8Mcp3vGGa85Lj28CJ3eVbmrTT2xS5LX8bG8Xqm9Com3F3_2QnOmI8_dQ_zq86zU2pIeBxKOABOwWzXGqzD3Zq8qaFoA6tA8YAxuZ0rh44qG7kBi2vIsmHGPiwT8nUQRkZ07l96WM3GdvIMYPaqerVGHk3U04qcjYFToXPRBoYy2tWrcrQ6DgAq3R4DIbkIMY7EjI95cVWTZU9d-KCI7_ag5hTwfpFZZt9inFEfwV2pV_Wfxo7AQaojVNqkkcka7Lfq14kKolN31q5CN5FSFlJ-aaXQosBnWAfq4KYRhzUCmpp_yfU_yyJ_XnYzUfA6Q7jjULGjgZJhjeaqvlAnwxQCGdxgnRTH33CApkgRzxuxhIZ-5rDrQLotDAncZQGUuwpwjGuYP1HcfPR0I9j4JvFxBjpGVBfoZ9SAXqKe2bg6WXPLEepH4ER5KfVOaMqapkp-OG2JvSRGGZ0lFDFcZKSt605N3ZYgkD32a7dImBW2Wn2UsK5PANE39vACPfcBxYnY4GuZQhle6WEpePEZxdsm0jFtiz0r5DJZw-B8VVCnbcJ9BB01CYxwPTiNQwCuQRz-R8STfAQO1jWCn1yBzRqmC_I9AbmlZWxSRUvzu7eaHwtnVZLVvns839zmZpPA_nHpo5kNTtaujLicfmdjSyvUZPaF9T779FtEP6e2jYlSyG5hm4UpxrmFNAdPdTPvhuwPOImp-EguhQSEi-lMNfysECEa2FbyP6dNrYxF8CL0CU9f6LH4WLDNg2xKwaaDyOhcQomUKQoSXlNeYUiTxAB8o-ltSMUKOzX7ne7J0nev-tPnQgYBpE5EvNaKGtaWztmX5ZZG8DBTFhSi6VY2CMemPITMpNZefuXHzQHcaCWoxeZxd9H3PudMicVS97I_1av4R_J9GwQTc-4o23t41qTBixDZ87AuUja9wde5e-9D9k0dPOWCKTChiVPQ&cid=CAASEuRob8rLU5ua4KZAnhMugBE6Lw&rfl=1%2Chttps%253A%252F%252Flivehd7.onl%253A2096%252F%240
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3c2c7a955fbe54933453cc698bf9bff05bca82a51e25b4e9aa626ae3ed1e8be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31320
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FFD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DIkHAEzHdmujU-pAtMy7SPKbsztLzTc-Pzmvc6npDd4XTU-_Hp2rkR3Phba3_jZx30ac_yKrbUHJh-ZkaA_O0Tmu7UsZU90P44kPs1cp4FJhwCMco
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame 7FFD 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/window_focus_fy2019.js
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 07:44:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2352
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 07:44:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7FFD 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 08:23:27 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame 7FFD 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fa7f49e3a869a02c248c7c730f895951b3fc2f811e504d3ab30f72c1f74913c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
1875255482418879373
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 08:22:35 GMT
l
www.google.com/ads/measurement/ Frame 7FFD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTcZqqOTNsKzHUVwrz5rFxi4joaBBQQi04euQwIE88nTnygVVi6IDdWIFf6mefIYI4FsNAA4OSCFFmmci5WOX5ZSarH2w
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame F92D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIz_usPOzCVfajsYn7KD7k&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIz_usPOzCVfajsYn7KD7k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiA_aO-ATAB&v=APEucNUfxT7kTaI0poUrNLtQ8tV_yrrOoPFP4nP793Zw-xm5rQMzmHxNwdnVV0hviHzQO2Uv89WfoTIPwC7JvEsvw9r7XovJcoY9FzxMzLxgDgm686q8Mf1lem7xTRpsmK5cMXs6LpTywWl9OF7PQTydAdzK7XgERB1srjp2fRY-Vno-0Mq3idU
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 08:23:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 27 Jan 2022 08:23:27 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIz_usPOzCVfajsYn7KD7k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F92D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfJWfjafQ0SNic0uh3E3ngAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIz_usPOzCVfajsYn7KD7k&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIz_usPOzCVfajsYn7KD7k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiA_aO-ATAB&v=APEucNUfxT7kTaI0poUrNLtQ8tV_yrrOoPFP4nP793Zw-xm5rQMzmHxNwdnVV0hviHzQO2Uv89WfoTIPwC7JvEsvw9r7XovJcoY9FzxMzLxgDgm686q8Mf1lem7xTRpsmK5cMXs6LpTywWl9OF7PQTydAdzK7XgERB1srjp2fRY-Vno-0Mq3idU
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 08:23:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 27 Jan 2022 08:23:27 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIz_usPOzCVfajsYn7KD7k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame F92D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEE_cR1NzNeNN9K2gVPRu1wU&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEE_cR1NzNeNN9K2gVPRu1wU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiA_aO-ATAB&v=APEucNUfxT7kTaI0poUrNLtQ8tV_yrrOoPFP4nP793Zw-xm5rQMzmHxNwdnVV0hviHzQO2Uv89WfoTIPwC7JvEsvw9r7XovJcoY9FzxMzLxgDgm686q8Mf1lem7xTRpsmK5cMXs6LpTywWl9OF7PQTydAdzK7XgERB1srjp2fRY-Vno-0Mq3idU
Protocol
HTTP/1.1
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 08:23:27 GMT
X-Proxy-Origin
95.211.199.155; 95.211.199.155; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2fc27b81-2ca3-4b83-96b7-0004c7228666
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEE_cR1NzNeNN9K2gVPRu1wU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F92D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU4MDkxMDk2MTQxMzc2NzI4NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU4MDkxMDk2MTQxMzc2NzI4NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiA_aO-ATAB&v=APEucNUfxT7kTaI0poUrNLtQ8tV_yrrOoPFP4nP793Zw-xm5rQMzmHxNwdnVV0hviHzQO2Uv89WfoTIPwC7JvEsvw9r7XovJcoY9FzxMzLxgDgm686q8Mf1lem7xTRpsmK5cMXs6LpTywWl9OF7PQTydAdzK7XgERB1srjp2fRY-Vno-0Mq3idU
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 08:23:27 GMT
X-Proxy-Origin
95.211.199.155; 95.211.199.155; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
6d34394e-faf9-4c69-8f47-6b8046033598
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU4MDkxMDk2MTQxMzc2NzI4NQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 7FFD 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
Origin
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 11:59:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73455
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jan 2022 11:59:12 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220125/r20110914/elements/html/ Frame 7FFD 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220125/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AR8MzPE5buY3mb-v2nWQEldxQTLDv2FxJtegMz1actt6RT-exyISrVBsOgNY-LLqbkY6T7DbqZDoGsiLr3jGAS91PERifITjue5-e68Tj0jA6yG8mRz1T95bCehDUpz89lL29SDicv3aoM6V0TNegfTcknyw&dbm_d=AKAmf-DR9kYAlAxndSDixKs1JeB3PdtpzU4NC2tn6-l-gW_eq-rkgij2KmaZL9P7Hmnyd29eWSrWMqznnSlZNV4fV7XL6sHZiyDioIZ9io6H73xNTaZDXYdc6Yz1afhLbqOHS1w_fhtTsfOtjI3peuMJ6s2PkH8XZqDkqgigOqiHK2FzIR_DkFeKvmh1JIpWJf-S1qqqUFhkaQJJZfszM9dm3FYlv8n6JmM79sBVDLer7Mlg5dcdlykh_C50ze2Je8qFibMwcjYEUrm_MlipnlJrz7XnZbJsKWBc0vGaEU9OVt84iMEygu-OLOsyKPQn5CH-3PD-Qbgaf0txc7TMWccIk7vcQ8k9Lb0IUfrVTmehqvs1DNgsReFgJXy8iTjfCpOP6pUPxAS4yRVBQ7yyfX4rlBT2lGOs0B7h71RDatgJuXbAxoONmyweKXGjRSpwpWRTCg3j8Bp2bXOC6xooF4OBnCxChL8G9QOvBRW_yrn6p3zXumMv20S9-_Xx6aJismPfVvlljUiL5dfD6CoBx-5NdWPLNT0Rv0UQqAoCCuBH_0URgQFI-BLY-ib_yOqCYR-9gl1s38x6ip31IXVMkdYttRlmiuY3ysTef-SCxeLzOX47C8eHxK0mL7nhFgqlSMGfF_ZCWDwhb3FTZUCB4X3t5auMAIpZXlrH9b84dmyrhHRCMwpsEdfbw0Z0Pw7fxdM-oG5YPJiGByZpgRsVacq6jbWuxwo_I-kfIKrrDOEDFjD4lmOJoQCzVZXPfYgxX72mL-mm081vDu5Z_yq6qqDD0x_ZKVb-f-UDBGOudGElsVCQXTg1jjf4Xxgm4Gpth-IMM_9oV41DrtkmzPuhs5iOwm_D2-zSV2-GTQGVsj-12mhBS7pEx2rXM9VX1OmNmYjMqGTqcGpoq5wevoFOfE0bsq8c7-gJcRIxmOe3C6B9aIfsrG-CwxfSL4LDSOHiS3WJAVWzLYp8bramiOe4dvfhZE_Zwi1x9QtN9Psb-eeSCFS3ztJnaicnqloxiGrI9hKu9qc5x3Qd5kxPvo2ZMc2LEwrV6bYoiJKOg21tM4rorND93F0ToGp0Ytxn-0VP4HA7dkpgxs6zxRTAbDDie_hBXlSkrYpgoeNrPFO4LC2pFw0a9Fl6PXmRS4xZfhU1Ls3X2nTtRTnO5ODqxdwlzcEJ4K9d8a7yPTPWWZNpRm6N50jSbH29a9M68d9ebL_T--GgUQ4pQxri1CX_R9Mn88GRtLE-Id9d8TOeujJO6AVQI50jsWdmonsoZC6p-reUybhk_DRB2Xs_NzCeEW6IBDsy_KEDKEFR7pooupZLRWz2D--AefaWXCzhYHda3eEvN8f5XVEhHWgHtNFxa3YWeBbLiWlkIrfA-hGgVk0FA7A9NLqB5c3pRwarfPkJZcwPdp-ZGkCr8XQ5ecyzAz7pMuBwIfLJVD-KtTQ_04HUWyN8B9uvS8Bo1Kob9nSjzKO863FMJR8L9mF4CKcVrL5g2chg4JKoCsHc3HbgLirQrdpjJ6aT-YXnWt0zpdpthXTja1ZnpfM7CmG2yZeBMJznA7X5sPXSqqCU8zRt-Tdqh-NCXy3DWqABCCpwXBi6key2hdPFgRKxLjfqFfd4jdNuRoKd-j-rSlykko4mCa_jlOFGTGqiS7KaEnxJ0K9pE3RuhYGJZ37fXRk-h_4ulDY_NZ_eHj2VbYgePYZLfk7Xqqme9rpcuPOXMaE-70Rp2FRfgWr8Lxy-LfJwJzYI4fKtNOGS0Lvgyivl-2hSaYImwbQPOMykIUDHcbCNHx4UJm4_cygH39yg6nF7oECz6Z6guDS2XAm7TgfMvJRtNTsdZvsIpVsz0mhexpSeDhCO70bUbV14VzXnGbDMBpmPbGlPyFlq8_ikX45LAIfWd0rmWv9SqIjxU_wjhKC85zDGl0cA9E5uyKXq1zPonn-Q6NZ8coMnFwOAQW3LiZkXOGpO1GgGBQgOmJjAB8mRhwogFi3b0t7Tl55B3CSslvB-Vsqo8lFiWOSAgnNPesnIgfwUQUilqiClkbMaak9R9JhieHjyzCNfLlhSiYebWV4528Gb1KcVC7LGco7O5C-JMcK3ZQ0URu-2fIEZbOwx6iXm44IVpR5XBS5X3baq5YR--MFV9JNq4zoUxIDrYBDTcNfp8Mcp3vGGa85Lj28CJ3eVbmrTT2xS5LX8bG8Xqm9Com3F3_2QnOmI8_dQ_zq86zU2pIeBxKOABOwWzXGqzD3Zq8qaFoA6tA8YAxuZ0rh44qG7kBi2vIsmHGPiwT8nUQRkZ07l96WM3GdvIMYPaqerVGHk3U04qcjYFToXPRBoYy2tWrcrQ6DgAq3R4DIbkIMY7EjI95cVWTZU9d-KCI7_ag5hTwfpFZZt9inFEfwV2pV_Wfxo7AQaojVNqkkcka7Lfq14kKolN31q5CN5FSFlJ-aaXQosBnWAfq4KYRhzUCmpp_yfU_yyJ_XnYzUfA6Q7jjULGjgZJhjeaqvlAnwxQCGdxgnRTH33CApkgRzxuxhIZ-5rDrQLotDAncZQGUuwpwjGuYP1HcfPR0I9j4JvFxBjpGVBfoZ9SAXqKe2bg6WXPLEepH4ER5KfVOaMqapkp-OG2JvSRGGZ0lFDFcZKSt605N3ZYgkD32a7dImBW2Wn2UsK5PANE39vACPfcBxYnY4GuZQhle6WEpePEZxdsm0jFtiz0r5DJZw-B8VVCnbcJ9BB01CYxwPTiNQwCuQRz-R8STfAQO1jWCn1yBzRqmC_I9AbmlZWxSRUvzu7eaHwtnVZLVvns839zmZpPA_nHpo5kNTtaujLicfmdjSyvUZPaF9T779FtEP6e2jYlSyG5hm4UpxrmFNAdPdTPvhuwPOImp-EguhQSEi-lMNfysECEa2FbyP6dNrYxF8CL0CU9f6LH4WLDNg2xKwaaDyOhcQomUKQoSXlNeYUiTxAB8o-ltSMUKOzX7ne7J0nev-tPnQgYBpE5EvNaKGtaWztmX5ZZG8DBTFhSi6VY2CMemPITMpNZefuXHzQHcaCWoxeZxd9H3PudMicVS97I_1av4R_J9GwQTc-4o23t41qTBixDZ87AuUja9wde5e-9D9k0dPOWCKTChiVPQ&cid=CAASEuRob8rLU5ua4KZAnhMugBE6Lw&rfl=1%2Chttps%253A%252F%252Flivehd7.onl%253A2096%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:22:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 08:22:54 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220125/r20110914/ Frame 7FFD 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220125/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AR8MzPE5buY3mb-v2nWQEldxQTLDv2FxJtegMz1actt6RT-exyISrVBsOgNY-LLqbkY6T7DbqZDoGsiLr3jGAS91PERifITjue5-e68Tj0jA6yG8mRz1T95bCehDUpz89lL29SDicv3aoM6V0TNegfTcknyw&dbm_d=AKAmf-DR9kYAlAxndSDixKs1JeB3PdtpzU4NC2tn6-l-gW_eq-rkgij2KmaZL9P7Hmnyd29eWSrWMqznnSlZNV4fV7XL6sHZiyDioIZ9io6H73xNTaZDXYdc6Yz1afhLbqOHS1w_fhtTsfOtjI3peuMJ6s2PkH8XZqDkqgigOqiHK2FzIR_DkFeKvmh1JIpWJf-S1qqqUFhkaQJJZfszM9dm3FYlv8n6JmM79sBVDLer7Mlg5dcdlykh_C50ze2Je8qFibMwcjYEUrm_MlipnlJrz7XnZbJsKWBc0vGaEU9OVt84iMEygu-OLOsyKPQn5CH-3PD-Qbgaf0txc7TMWccIk7vcQ8k9Lb0IUfrVTmehqvs1DNgsReFgJXy8iTjfCpOP6pUPxAS4yRVBQ7yyfX4rlBT2lGOs0B7h71RDatgJuXbAxoONmyweKXGjRSpwpWRTCg3j8Bp2bXOC6xooF4OBnCxChL8G9QOvBRW_yrn6p3zXumMv20S9-_Xx6aJismPfVvlljUiL5dfD6CoBx-5NdWPLNT0Rv0UQqAoCCuBH_0URgQFI-BLY-ib_yOqCYR-9gl1s38x6ip31IXVMkdYttRlmiuY3ysTef-SCxeLzOX47C8eHxK0mL7nhFgqlSMGfF_ZCWDwhb3FTZUCB4X3t5auMAIpZXlrH9b84dmyrhHRCMwpsEdfbw0Z0Pw7fxdM-oG5YPJiGByZpgRsVacq6jbWuxwo_I-kfIKrrDOEDFjD4lmOJoQCzVZXPfYgxX72mL-mm081vDu5Z_yq6qqDD0x_ZKVb-f-UDBGOudGElsVCQXTg1jjf4Xxgm4Gpth-IMM_9oV41DrtkmzPuhs5iOwm_D2-zSV2-GTQGVsj-12mhBS7pEx2rXM9VX1OmNmYjMqGTqcGpoq5wevoFOfE0bsq8c7-gJcRIxmOe3C6B9aIfsrG-CwxfSL4LDSOHiS3WJAVWzLYp8bramiOe4dvfhZE_Zwi1x9QtN9Psb-eeSCFS3ztJnaicnqloxiGrI9hKu9qc5x3Qd5kxPvo2ZMc2LEwrV6bYoiJKOg21tM4rorND93F0ToGp0Ytxn-0VP4HA7dkpgxs6zxRTAbDDie_hBXlSkrYpgoeNrPFO4LC2pFw0a9Fl6PXmRS4xZfhU1Ls3X2nTtRTnO5ODqxdwlzcEJ4K9d8a7yPTPWWZNpRm6N50jSbH29a9M68d9ebL_T--GgUQ4pQxri1CX_R9Mn88GRtLE-Id9d8TOeujJO6AVQI50jsWdmonsoZC6p-reUybhk_DRB2Xs_NzCeEW6IBDsy_KEDKEFR7pooupZLRWz2D--AefaWXCzhYHda3eEvN8f5XVEhHWgHtNFxa3YWeBbLiWlkIrfA-hGgVk0FA7A9NLqB5c3pRwarfPkJZcwPdp-ZGkCr8XQ5ecyzAz7pMuBwIfLJVD-KtTQ_04HUWyN8B9uvS8Bo1Kob9nSjzKO863FMJR8L9mF4CKcVrL5g2chg4JKoCsHc3HbgLirQrdpjJ6aT-YXnWt0zpdpthXTja1ZnpfM7CmG2yZeBMJznA7X5sPXSqqCU8zRt-Tdqh-NCXy3DWqABCCpwXBi6key2hdPFgRKxLjfqFfd4jdNuRoKd-j-rSlykko4mCa_jlOFGTGqiS7KaEnxJ0K9pE3RuhYGJZ37fXRk-h_4ulDY_NZ_eHj2VbYgePYZLfk7Xqqme9rpcuPOXMaE-70Rp2FRfgWr8Lxy-LfJwJzYI4fKtNOGS0Lvgyivl-2hSaYImwbQPOMykIUDHcbCNHx4UJm4_cygH39yg6nF7oECz6Z6guDS2XAm7TgfMvJRtNTsdZvsIpVsz0mhexpSeDhCO70bUbV14VzXnGbDMBpmPbGlPyFlq8_ikX45LAIfWd0rmWv9SqIjxU_wjhKC85zDGl0cA9E5uyKXq1zPonn-Q6NZ8coMnFwOAQW3LiZkXOGpO1GgGBQgOmJjAB8mRhwogFi3b0t7Tl55B3CSslvB-Vsqo8lFiWOSAgnNPesnIgfwUQUilqiClkbMaak9R9JhieHjyzCNfLlhSiYebWV4528Gb1KcVC7LGco7O5C-JMcK3ZQ0URu-2fIEZbOwx6iXm44IVpR5XBS5X3baq5YR--MFV9JNq4zoUxIDrYBDTcNfp8Mcp3vGGa85Lj28CJ3eVbmrTT2xS5LX8bG8Xqm9Com3F3_2QnOmI8_dQ_zq86zU2pIeBxKOABOwWzXGqzD3Zq8qaFoA6tA8YAxuZ0rh44qG7kBi2vIsmHGPiwT8nUQRkZ07l96WM3GdvIMYPaqerVGHk3U04qcjYFToXPRBoYy2tWrcrQ6DgAq3R4DIbkIMY7EjI95cVWTZU9d-KCI7_ag5hTwfpFZZt9inFEfwV2pV_Wfxo7AQaojVNqkkcka7Lfq14kKolN31q5CN5FSFlJ-aaXQosBnWAfq4KYRhzUCmpp_yfU_yyJ_XnYzUfA6Q7jjULGjgZJhjeaqvlAnwxQCGdxgnRTH33CApkgRzxuxhIZ-5rDrQLotDAncZQGUuwpwjGuYP1HcfPR0I9j4JvFxBjpGVBfoZ9SAXqKe2bg6WXPLEepH4ER5KfVOaMqapkp-OG2JvSRGGZ0lFDFcZKSt605N3ZYgkD32a7dImBW2Wn2UsK5PANE39vACPfcBxYnY4GuZQhle6WEpePEZxdsm0jFtiz0r5DJZw-B8VVCnbcJ9BB01CYxwPTiNQwCuQRz-R8STfAQO1jWCn1yBzRqmC_I9AbmlZWxSRUvzu7eaHwtnVZLVvns839zmZpPA_nHpo5kNTtaujLicfmdjSyvUZPaF9T779FtEP6e2jYlSyG5hm4UpxrmFNAdPdTPvhuwPOImp-EguhQSEi-lMNfysECEa2FbyP6dNrYxF8CL0CU9f6LH4WLDNg2xKwaaDyOhcQomUKQoSXlNeYUiTxAB8o-ltSMUKOzX7ne7J0nev-tPnQgYBpE5EvNaKGtaWztmX5ZZG8DBTFhSi6VY2CMemPITMpNZefuXHzQHcaCWoxeZxd9H3PudMicVS97I_1av4R_J9GwQTc-4o23t41qTBixDZ87AuUja9wde5e-9D9k0dPOWCKTChiVPQ&cid=CAASEuRob8rLU5ua4KZAnhMugBE6Lw&rfl=1%2Chttps%253A%252F%252Flivehd7.onl%253A2096%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
afa00dedbe6d549e60e8d88516d437069d74af91f302b9c8f1f825d6bad511a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:20:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
202
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9276
x-xss-protection
0
server
cafe
etag
18268840599439890861
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 08:20:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7FFD 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 15:54:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59365
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Jan 2023 15:54:02 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D557 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 27 Jan 2022 05:53:44 GMT
expires
Fri, 28 Jan 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
8983
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 7FFD 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5ce4afdffbbd51da089d0e2af9d9450d22fc61e7f1a07774fa2da57edda7f86

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C6ED 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 26 Jan 2022 11:10:53 GMT
expires
Thu, 26 Jan 2023 11:10:53 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
76354
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame D557
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBoIaxuFMvW7TlyyRXconI0&google_cver=1&google_push=AYg5qPJETwk0OJetyxstnXxD6xejLMesWl3rIn5a4YUbrfeqBUxwHwe8RScx9bokuwPr9iCnKcAmPsPQ7wXEyCp0RGy0t8nrFA
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDM5MDI0MjI1NjA4NjUxODc4NA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBoIaxuFMvW7TlyyRXconI0&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBoIaxuFMvW7TlyyRXconI0&google_cver=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBoIaxuFMvW7TlyyRXconI0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame D557 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOJvbqUb78VwMEYtlpPkGvk&google_cver=1&google_push=AYg5qPK34GK928Nz9T38n_p39I6f6FSMR8BD4kJgQ2PSMK29zwEuAzpJejgXerqFXu2FAIr8RCbRMuMb_3JcBNhs9QtAsP-bTAQ
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:28 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame D557
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDFAkWB5MQ19rReFO4-fEaI&google_cver=1&google_push=AYg5qPK7qOnKJ1GJGuRMxKk4I6lZP_ZVqS_fJrjzKN8I2yDuTEedN-Rlb_fT7ERe7Sc61cZnvrczowWyYt2TymFdAm3FMnpKvT4&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDFAkWB5MQ19rReFO4-fEaI&google_cver=1&google_push=AYg5qPK7qOnKJ1GJGuRMxKk4I6lZP_ZVqS_fJrjzKN8I2yDuTEedN-Rlb_fT7ERe7Sc61cZnvrczowWyYt2TymFdAm3FMnpKvT4...
43 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDFAkWB5MQ19rReFO4-fEaI&google_cver=1&google_push=AYg5qPK7qOnKJ1GJGuRMxKk4I6lZP_ZVqS_fJrjzKN8I2yDuTEedN-Rlb_fT7ERe7Sc61cZnvrczowWyYt2TymFdAm3FMnpKvT4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPK7qOnKJ1GJGuRMxKk4I6lZP_ZVqS_fJrjzKN8I2yDuTEedN-Rlb_fT7ERe7Sc61cZnvrczowWyYt2TymFdAm3FMnpKvT4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:28 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6d409441ab99903c-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:28 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
95
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6d409440590d903c-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDFAkWB5MQ19rReFO4-fEaI&google_cver=1&google_push=AYg5qPK7qOnKJ1GJGuRMxKk4I6lZP_ZVqS_fJrjzKN8I2yDuTEedN-Rlb_fT7ERe7Sc61cZnvrczowWyYt2TymFdAm3FMnpKvT4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPK7qOnKJ1GJGuRMxKk4I6lZP_ZVqS_fJrjzKN8I2yDuTEedN-Rlb_fT7ERe7Sc61cZnvrczowWyYt2TymFdAm3FMnpKvT4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame D557 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEJYNOA_16vL41iGuPapLSws&google_cver=1&google_push=AYg5qPLMdGIN3BKAotxORP7wkKpmLbVefjUd5IfuFM_oV3GZsKuJQ0i60sF67mfEgCdQKJYcE3V0QSoxr-6s4UH87UcGhDYktg
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:27 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame D557
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEM7rLjtg_FuFfdkUjZukym0&google_cver=1&google_push=AYg5qPI_7a7pG3fnOqnZciPC6zwu-HcHVc7_P5r3FJlXSTy5cHax36JLRjjARsoxciFPmMNIFI6...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXUExUWjAtVy0zR1RN&google_push=AYg5qPI_7a7pG3fnOqnZciPC6zwu-HcHVc7_P5r3FJlXSTy5cHax36JLRjjARsoxciFPmMNIFI68ydMflEFk2y9LlfVvp_aSti8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXUExUWjAtVy0zR1RN&google_push=AYg5qPI_7a7pG3fnOqnZciPC6zwu-HcHVc7_P5r3FJlXSTy5cHax36JLRjjARsoxciFPmMNIFI68ydMflEFk2y9LlfVvp_aSti8
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lXUExUWjAtVy0zR1RN&google_push=AYg5qPI_7a7pG3fnOqnZciPC6zwu-HcHVc7_P5r3FJlXSTy5cHax36JLRjjARsoxciFPmMNIFI68ydMflEFk2y9LlfVvp_aSti8
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame D557
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEM3crKHvlGpVSixu9Q3MbpY&google_cver=1&google_push=AYg5qPKsef8R72QcxTHWqgJM6SdRQzsMiyjoptrdIsVzUatGaSfuAIlZWyyZsdEwzukJzGe0fqTXPmSobxm6EJA9S...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEM3crKHvlGpVSixu9Q3MbpY&google_cver=1&google_push=AYg5qPKsef8R72QcxTHWqgJM6SdRQzsMiyjoptrdIsVzUatGaSfuAIlZWyyZsdEwzukJzGe0fqTXPmSobxm6EJA9S...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKsef8R72QcxTHWqgJM6SdRQzsMiyjoptrdIsVzUatGaSfuAIlZWyyZsdEwzukJzGe0fqTXPmSobxm6EJA9S5F0wkQuRAU&google_hm=2d737e6a217d7d28ae381cad
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKsef8R72QcxTHWqgJM6SdRQzsMiyjoptrdIsVzUatGaSfuAIlZWyyZsdEwzukJzGe0fqTXPmSobxm6EJA9S5F0wkQuRAU&google_hm=2d737e6a217d7d28ae381cad
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 27 Jan 2022 08:23:28 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKsef8R72QcxTHWqgJM6SdRQzsMiyjoptrdIsVzUatGaSfuAIlZWyyZsdEwzukJzGe0fqTXPmSobxm6EJA9S5F0wkQuRAU&google_hm=2d737e6a217d7d28ae381cad
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
attr
cm.g.doubleclick.net/pixel/ Frame D557 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KEdmEzBawsR6wtgEjN2MfENkG-pPSqnIQf5YjcqKUQ-2HfdWPHOdM2Gidf4gbxZw
Requested by
Host: 10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
URL: https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:27 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
300x600.html
s0.2mdn.net/sadbundle/2035603817071902720/ Frame C24E 		47 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2035603817071902720/300x600.html?e=69&leftOffset=0&topOffset=0&c=UD2xLQaAm3&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
220d9ee76aa547f9a0555829cd88b5aea75ec009aaa09ddba5d912918c9101c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
date
Thu, 27 Jan 2022 08:23:28 GMT
expires
Fri, 27 Jan 2023 08:23:28 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 24 Sep 2021 03:34:51 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 7FFD 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuFs2yPcpcsZ2qz9m7izGIDnt-NOdjwEUTRYx2b0theK8mIe27HrcmF9fSKE7NhG7N8Lp2Gj3bpi24ogtn_rZLmF-Q5TIm5zmH__Mgwx4xX9wN-2mHhcqpsuZ2R9a1BIBFwE6yIZJVwwIVQnpl6N3nNVZbMxJPfLaY_cGTX_IiJjKHir1vtCRw96ztqtZbCvQWo-NhXQtVJUbA4QO-f-Ij-msEeLf2Dxg7gG0Ocm0m9IZ9eN_e1RAcCeK-_wSAJZcAKHhB7I8gOKX_sxA_aqy97QAxiezaWXpZNd2TsTbr6cJ56ANc1uTuUkX2lUTjrxzCWeRhon4p82xT_6txCpscplKPHGMJFhRwhdins0KLEgNze1sCdA4SaXw0LmR0TgUUlfqxat6TLSARKXP5_TmOGeW6ixfUXAoxAwihl9TkU56UcYhl7KfJxZe18_urz-fdy2EGXkwom4oG2zn78QQBoeOSUOiewHl-iEq6gXIQZYCTTF4rQzfLYaTZMTEiQ-fq7Bufp9O0SYuRbwa9i6oj1MdBHdp0UXGQk5zKOgxO3NHwvp9b43aEVgrOrYE2d_fdxEgisX_8RATdpTHl6mawkNmstPskBvijwpCv_AhGxvLQAcEVEYBehjznQb1M2rGltcQC8a-6rrsz9_mVdYMTE-hMC81ptRq0cevKkQnSMKvMdTkNxMKb3Yxi4MSbZQB_L_rdcWqxiPXv2KG3UKADkhLts8By2h2ZhHuhDkRHAw8BhiHpw1KQNaowOW91bpvOmLlIHUQdWmgOF90sXDvn1YNILO5mJlyEzJB9F3_iK8XFlo7DMdYr8JgDb2tGj6LEW4CoWXgJ5hC9CMehorVDIoef2_fnCGGfHJ-EO-v6w4dZLEC7CjGvQZXIvC76v0P9r7ABxhtiSBwd6QF9oGivUzYXPL99i9RQvkdcJAxKcZKEdPU6uFiapa0wj5bRUkGqsvsg7jA9PD74Ejw_4AqGFTAcDm4RDgQfqsMF5r7zszJx4Je9yT66-mFLMrvydDygGKzOp8iZbzdE5ZQH7DFYph12U4yg_hLpf0CtCSQXJVYj1jjoKVW3oeIYNsqVK7KBCh5raxRQP2AUM0kGdLwsHhGqu_6M1ZuJ0r3VlcF-KCT0ENFu6ifHyE9ysqSdIzhPObRGXp1ytgacQrnB7pk-4ueFTvrSOErgiLAJt5kG29byvjzEXkitXm3SN1_t69MxsKCBy2rpTh1W8pgFUUmmdt8ySSemVNQ&sai=AMfl-YTW7NzS2nLnVAxy2LBUceJCjNewuKvrRDVRZItBhhUvN9iR5f927KhCEbzEfFu2ffkkQywPwG85XA2pZqkflMBn5D48dx7doEfoH6hZet972g3gABMyGM2Z7453xFRk0CmlPyUXgwm7uWO3BwXwB-a0NfPmoA&sig=Cg0ArKJSzJ3ZSgZVJdZmEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=77&cbvp=1&cstd=73&cisv=r20220125.62673&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 27 Jan 2022 08:23:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
jGbA3lvUbVA_isqhK0kcOmFQnhmy9VywXuVHQ76HhUI.js
pagead2.googlesyndication.com/bg/ Frame C6ED 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jGbA3lvUbVA_isqhK0kcOmFQnhmy9VywXuVHQ76HhUI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c66c0de5bd46d503f8acaa12b491c3a61509e19b2f55cb05ee54743be878542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 15:36:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
146798
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13685
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Jan 2023 15:36:50 GMT
Enabler_01_246.js
s0.2mdn.net/879366/ Frame C24E 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_246.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2035603817071902720/300x600.html?e=69&leftOffset=0&topOffset=0&c=UD2xLQaAm3&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2035603817071902720/300x600.html?e=69&leftOffset=0&topOffset=0&c=UD2xLQaAm3&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 10:40:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78190
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40237
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jan 2022 10:40:18 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame C24E 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2035603817071902720/300x600.html?e=69&leftOffset=0&topOffset=0&c=UD2xLQaAm3&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2035603817071902720/300x600.html?e=69&leftOffset=0&topOffset=0&c=UD2xLQaAm3&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jan 2022 08:23:28 GMT
multitracking
ghb.aplhb.adipolo.com/adunit/ 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/456464/hbw_master_323303_13052.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://livehd7.onl:2096
Date
Thu, 27 Jan 2022 08:23:27 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
view
googleads4.g.doubleclick.net/pcs/ Frame 7FFD 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuFs2yPcpcsZ2qz9m7izGIDnt-NOdjwEUTRYx2b0theK8mIe27HrcmF9fSKE7NhG7N8Lp2Gj3bpi24ogtn_rZLmF-Q5TIm5zmH__Mgwx4xX9wN-2mHhcqpsuZ2R9a1BIBFwE6yIZJVwwIVQnpl6N3nNVZbMxJPfLaY_cGTX_IiJjKHir1vtCRw96ztqtZbCvQWo-NhXQtVJUbA4QO-f-Ij-msEeLf2Dxg7gG0Ocm0m9IZ9eN_e1RAcCeK-_wSAJZcAKHhB7I8gOKX_sxA_aqy97QAxiezaWXpZNd2TsTbr6cJ56ANc1uTuUkX2lUTjrxzCWeRhon4p82xT_6txCpscplKPHGMJFhRwhdins0KLEgNze1sCdA4SaXw0LmR0TgUUlfqxat6TLSARKXP5_TmOGeW6ixfUXAoxAwihl9TkU56UcYhl7KfJxZe18_urz-fdy2EGXkwom4oG2zn78QQBoeOSUOiewHl-iEq6gXIQZYCTTF4rQzfLYaTZMTEiQ-fq7Bufp9O0SYuRbwa9i6oj1MdBHdp0UXGQk5zKOgxO3NHwvp9b43aEVgrOrYE2d_fdxEgisX_8RATdpTHl6mawkNmstPskBvijwpCv_AhGxvLQAcEVEYBehjznQb1M2rGltcQC8a-6rrsz9_mVdYMTE-hMC81ptRq0cevKkQnSMKvMdTkNxMKb3Yxi4MSbZQB_L_rdcWqxiPXv2KG3UKADkhLts8By2h2ZhHuhDkRHAw8BhiHpw1KQNaowOW91bpvOmLlIHUQdWmgOF90sXDvn1YNILO5mJlyEzJB9F3_iK8XFlo7DMdYr8JgDb2tGj6LEW4CoWXgJ5hC9CMehorVDIoef2_fnCGGfHJ-EO-v6w4dZLEC7CjGvQZXIvC76v0P9r7ABxhtiSBwd6QF9oGivUzYXPL99i9RQvkdcJAxKcZKEdPU6uFiapa0wj5bRUkGqsvsg7jA9PD74Ejw_4AqGFTAcDm4RDgQfqsMF5r7zszJx4Je9yT66-mFLMrvydDygGKzOp8iZbzdE5ZQH7DFYph12U4yg_hLpf0CtCSQXJVYj1jjoKVW3oeIYNsqVK7KBCh5raxRQP2AUM0kGdLwsHhGqu_6M1ZuJ0r3VlcF-KCT0ENFu6ifHyE9ysqSdIzhPObRGXp1ytgacQrnB7pk-4ueFTvrSOErgiLAJt5kG29byvjzEXkitXm3SN1_t69MxsKCBy2rpTh1W8pgFUUmmdt8ySSemVNQ&sai=AMfl-YTW7NzS2nLnVAxy2LBUceJCjNewuKvrRDVRZItBhhUvN9iR5f927KhCEbzEfFu2ffkkQywPwG85XA2pZqkflMBn5D48dx7doEfoH6hZet972g3gABMyGM2Z7453xFRk0CmlPyUXgwm7uWO3BwXwB-a0NfPmoA&sig=Cg0ArKJSzJ3ZSgZVJdZmEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=250&vt=11&dtpt=173&dett=3&cstd=73&cisv=r20220125.62673&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: livehd7.onl
URL: https://livehd7.onl:2096/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 08:23:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame C6ED 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=ByJArf1byYbzfM5LRgAeY0bOwCwAAAAA4AeAEAg&bg=!SEulSw_NAAY6OBv_Ojg7ACkAdvg8WuUApZYedLBV1IyLb4Tz9F8x2zPPe2Qs4sp2XkJ2f3IOnu3qwwIAAACRUgAAAAJoAQeZAxA7xJgESkrLkrbvT6hUmvoZvIoLKlUPMpC_5H31oDAYKIlg_Ljfeq0a_dpG-bgQJYJPZ-ZKpG0_vYw4Dh-7FOPFaYQK3cdYaHDAcQoyuHW9jhMQJLzFYYzNK6bg1cCzCl8kYvGL5vnaIb-lqTW7i_qFueDmGg1WLf8zYJu6t721TJo43MfVxcVLs2a2ByOwSQiMH_Rehl-4LF0xFJ20bJAcbUvcbOguwcaKZe74wqY40EadXcEXjpD8MklSpN4Tv7L9jUXn-jDT9PFkiwUlbg3dBxTkrCKWJFRisiFza7lFoSRxIE9m2xy8t9J7Oi-if70zgpE9XPQs1JYUcEC3lSOoYoHnrnqW8DWgq9sxHzWAyDeHB-QmKBHTzosgs1_huzAiLQqKL18Ve7XWsuaq6SGz5edRks6UGdB1A5RyizxyDGcbQYx7322_ZPzX9q-R1dQtROqvFFlbZtgBI0czkmyI-x4JbsmbYLn4L3Ssa2oF2T8oyG-eUdw09F3Yx4Ny_VbL666LKOYPMRoO1ok-3tN129a4EXMCoINtIYMd0idYWwDKiiLMHCBH5SBz3_Ej1ZROSTlkVABLVTqMu9hpehXqe9hXuPbf5MYMTTQKFHlUjyrS1wrYevpDpD1KLJJd0btZKqV9iQttVRfBkrLO1XELqS1HQSYAxtd00w60jzBkW3WQaI2O8UfXvoW5G-kwThAkd4cTERQCxOHjQDZPwwnBksxfS6fJCYtn4t2_ycsRKSrjWwyinWT7mUbZRXQ9_9Lt2SZkqo1o3Og_iMhwb6lDsP4eY8tW0pQcXrRcWgcgeKiX66pdsJFyW2FwDbTegO95Gr3hVvxXQqfSamGm_ypSqcvlduGirhXxsJ8Gh_9yAwWbG5AaEzvmjgVayxiAxGF29PjymRXLu0LTZ5BqLevAAgA8tmwT6ib09YWGFT2gyptTQvrm4Pt2xjanJEWcJ0jDdst9i4d_A7NKsZ5ngePhN4kSB1v26ti73IBbpKHYnVO4n9dRTU-nV_tdxQhvR3aNwRJwG1yWZj2EFbO_HWVa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame C24E 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/2035603817071902720/300x600.html?e=69&leftOffset=0&topOffset=0&c=UD2xLQaAm3&t=1&renderingType=2
Origin
https://s0.2mdn.net
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:15:25 GMT
x-content-type-options
nosniff
age
483
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jan 2022 08:30:25 GMT
OnAir-Regular.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame C24E 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Regular.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/2035603817071902720/300x600.html?e=69&leftOffset=0&topOffset=0&c=UD2xLQaAm3&t=1&renderingType=2
Origin
https://s0.2mdn.net
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:18:52 GMT
x-content-type-options
nosniff
age
276
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47848
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jan 2022 08:33:52 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C24E 		6 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e010667aedd59740dbdea8321a2b55a789a5e1f58b6593fbe159b6ec773c9e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 08:23:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4643
x-xss-protection
0
60005582_20211014235440811_APP_iPhone-13-Pro_Asset.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame C24E 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211014235440811_APP_iPhone-13-Pro_Asset.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59f93c8637fa1e41eb70ab270cc6a5dff7887d9ab040daec1a8fba1e3edc4cd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2035603817071902720/300x600.html?e=69&leftOffset=0&topOffset=0&c=UD2xLQaAm3&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 14:13:07 GMT
x-content-type-options
nosniff
age
65421
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26568
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 06:54:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jan 2022 14:13:07 GMT
postview.gif
portal.o2online.de/nws/img/ Frame C24E 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27008872_4307561_324251169_146045686_-0&ref=27008872_4307561_324251169_146045686_-0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.132 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 08:23:28 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C24E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 08:23:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 08:23:28 GMT
jGbA3lvUbVA_isqhK0kcOmFQnhmy9VywXuVHQ76HhUI.js
pagead2.googlesyndication.com/bg/ Frame 463E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jGbA3lvUbVA_isqhK0kcOmFQnhmy9VywXuVHQ76HhUI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c66c0de5bd46d503f8acaa12b491c3a61509e19b2f55cb05ee54743be878542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 15:36:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
146798
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13685
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Jan 2023 15:36:50 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flivehd7.onl%3A2096%2F&domain=livehd7.onl&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://livehd7.onl:2096
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://livehd7.onl:2096
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1529
date
Thu, 27 Jan 2022 08:23:28 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flivehd7.onl%3A2096%2F&domain=livehd7.onl&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=RUNVkHxYamFjZXlabGQ2UlZid3NMaUFGM05NQlFjRHN1UXZUZDJXUlRUR1NYcU9CN0pvS0FhejFaOGFvKzdkdUU2Y2pJaUFrclVieHZ5eDdpMm0zTDZOOUx5cVY3ejV6cnVzR3lFS2p3bDFEMmZ6ZjhiWUFMVy8xSjhRNE...
420 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=RUNVkHxYamFjZXlabGQ2UlZid3NMaUFGM05NQlFjRHN1UXZUZDJXUlRUR1NYcU9CN0pvS0FhejFaOGFvKzdkdUU2Y2pJaUFrclVieHZ5eDdpMm0zTDZOOUx5cVY3ejV6cnVzR3lFS2p3bDFEMmZ6ZjhiWUFMVy8xSjhRNERWMFRLWkk0Sy9lYVJsOVYxTmRXaG1ia0pWbFc0azd4WkJ4b2dQUklnM3JQNENpb1JiZlNFUlBvMndFUkxPZWhVRDJ4ZWVPb25FQ3lweW44bFEvNFJpMHBKWXhIR21ZQW02VUNPNGlqb2JHRjZpbVBWMkphS2ExdUd3bWZPdTNJcjhNZjF1eFB5Vk1oUlA2NC9takNBd24ramdPa0VaUT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
61a4ff5edce351bbb72e7911ec154a0db3b46c67d3d0d654882bf65d05deb93e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://livehd7.onl:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:29 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3073
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:28 GMT
location
https://mug.criteo.com/sid?cpp=RUNVkHxYamFjZXlabGQ2UlZid3NMaUFGM05NQlFjRHN1UXZUZDJXUlRUR1NYcU9CN0pvS0FhejFaOGFvKzdkdUU2Y2pJaUFrclVieHZ5eDdpMm0zTDZOOUx5cVY3ejV6cnVzR3lFS2p3bDFEMmZ6ZjhiWUFMVy8xSjhRNERWMFRLWkk0Sy9lYVJsOVYxTmRXaG1ia0pWbFc0azd4WkJ4b2dQUklnM3JQNENpb1JiZlNFUlBvMndFUkxPZWhVRDJ4ZWVPb25FQ3lweW44bFEvNFJpMHBKWXhIR21ZQW02VUNPNGlqb2JHRjZpbVBWMkphS2ExdUd3bWZPdTNJcjhNZjF1eFB5Vk1oUlA2NC9takNBd24ramdPa0VaUT09fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://livehd7.onl:2096
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1828
content-length
541
expires
0
692.json
id5-sync.com/g/v2/ 		213 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456464/hb_323303_13052.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.3.40 , France, ASN16276 (OVH, FR),
Reverse DNS
p30.id5-sync.com
Software
/
Resource Hash
f026d3d83302f0344a62804dd0c50e14f47d1add90866f83e224dfcc4b81e74e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://livehd7.onl:2096/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://livehd7.onl:2096
Date
Thu, 27 Jan 2022 08:23:28 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=RUNVkHxYamFjZXlabGQ2UlZid3NMaUFGM05NQlFjRHN1UXZUZDJXUlRUR1NYcU9CN0pvS0FhejFaOGFvKzdkdUU2Y2pJaUFrclVieHZ5eDdpMm0zTDZOOUx5cVY3ejV6cnVzR3lFS2p3bDFEMmZ6ZjhiWUFMVy8xSjhRNERWMFRLWkk0Sy9lYVJsOVYxTmRXaG1ia0pWbFc0azd4WkJ4b2dQUklnM3JQNENpb1JiZlNFUlBvMndFUkxPZWhVRDJ4ZWVPb25FQ3lweW44bFEvNFJpMHBKWXhIR21ZQW02VUNPNGlqb2JHRjZpbVBWMkphS2ExdUd3bWZPdTNJcjhNZjF1eFB5Vk1oUlA2NC9takNBd24ramdPa0VaUT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1019
date
Thu, 27 Jan 2022 08:23:28 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 7FFD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstdFdopSfHrCj78Rce7cp7rstza98qSd42JHQHnzKlSynkWXzTtgvfXIXV7TgPNTDBApnn5yvzP9Ef7T3qF1l-yRkUHsDbPijA3VR9rF7sIqFaHDz29dg&sai=AMfl-YQU6MNC7ZRZvPC30Q_mz2FdH9AEuBfvSoc3J3Zibw4NsdCGdwT5biWl6bQ3JmIdAvwtFDa3qxhOLa8-aRUXgMjWuVoee4P3IIVXY48OAg2KaP-f5J8NVhfb9Mk0&sig=Cg0ArKJSzMyFfBbzQ6veEAE&cid=CAASEuRob8rLU5ua4KZAnhMugBE6Lw&id=lidar2&mcvt=1000&p=601,-41,641,0&mtos=0,998,1000,1025,1080&tos=0,998,2,25,55&v=20220126&bin=7&avms=nio&bs=0,0&mc=0.82&if=1&app=0&itpl=20&adk=2115259490&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643271807793&rpt=168&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 08:23:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| google_tag_manager object| dataLayer object| google_js_reporting_queue number| google_srt object| googletag object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| gtag object| google_tag_data string| GoogleAnalyticsObject function| ga object| gptAdSlots object| interstitialSlot undefined| staticSlot object| anchorSlot object| vmpbjs object| vpb object| adipolo string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| houseAdCampaigns string| demandSupplyTi object| demandSupplyTc object| demandSupply function| $ function| jQuery string| HomeURL string| TempURL function| rdmode function| moment object| dspbjs object| _app object| gaplugins object| gaData function| vmpbjsChunk object| _pbjsGlobals object| Criteo object| GoogleGcLKhOms object| google_image_requests object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

45 Cookies

Domain/Path Name / Value
live.demand.supply/ Name: demandSupplyTi
Value: 5af006f0-ee81-4bf6-91ef-23ac9be48e93
.livehd7.onl/ Name: _ga
Value: GA1.2.542245380.1643271804
.livehd7.onl/ Name: _gid
Value: GA1.2.1978412687.1643271805
.livehd7.onl/ Name: _gat_gtag_UA_146139292_8
Value: 1
livehd7.onl/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.livehd7.onl/ Name: _pubcid
Value: c00048d4-5d91-4881-94bb-102385cd48a3
.aplhb.adipolo.com/ Name: vmuid
Value: 0e1bd0e185ac84a7
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.livehd7.onl/ Name: __gads
Value: ID=bbbd46be94da8e61:T=1643271804:S=ALNI_MaGDaMpQgWWsGOpBjeXjX4tiW-frQ
.adnxs.com/ Name: uuid2
Value: 5580910961413767285
.mathtag.com/ Name: uuid
Value: 993761f2-567e-4800-8c14-11567fa9533f
.mathtag.com/ Name: mt_mop
Value: 4:1643271806
.adform.net/ Name: C
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBH5W8mECEDVRFfFoBJqrr2uXuCJl_XcFEgEBAQGn82H8YQAAAAAA_eMAAA&S=AQAAAjXTChdlp-9cHO7hbx83OME
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~22w8
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YfJWfgABqe4FmgBH
.bidswitch.net/ Name: tuuid
Value: eb664086-3b21-469b-b4d8-4b2bc1ed295c
.bidswitch.net/ Name: c
Value: 1643271806
.bidswitch.net/ Name: tuuid_lu
Value: 1643271806
.adform.net/ Name: uid
Value: 3719104668323368326
.bidswitch.net/ Name: google_push
Value: AYg5qPL3PxST8kv80Vr-rN0A3slsHeNhuSzN13Yx1O0tLSKcZNFyEAsy3Zm5BjrEbr7gJXDEakRB046ILc4TXOPDd2k4E3nvf0fW
.doubleclick.net/ Name: IDE
Value: AHWqTUnSo599p7dYBMwswmiqKbmV0XCo54ZIJYwaA5a-PbGnu5doEr47J36o9ky_eHQ
.casalemedia.com/ Name: CMPS
Value: 3235
.casalemedia.com/ Name: CMID
Value: YfJWfjafQ0SNic0uh3E3ngAA
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.casalemedia.com/ Name: CMPRO
Value: 1111
.pubmatic.com/ Name: KADUSERCOOKIE
Value: F126A77D-4516-45D3-A4B9-C60FEBE455E2
.sniperlog.ru/ Name: guid
Value: B76016748CD26C3F
.w55c.net/ Name: wfivefivec
Value: jOUzQRVX1Nd03Y5
.w55c.net/ Name: matchgoogle
Value: 5
fksnk.com/ Name: AWSALBCORS
Value: vImR38/XkwyYRDd5Y78pZroZhiO7rrTY/PDwwdMGsv/Fn5UtbhDIYT3qsEXtL97spIytHEd8iZfp156g+6Zsu7pJV7f2wlWZvWTbA8+J8OLGf7b418e26Vc68slH
.fksnk.com/ Name: f_001
Value: D7171A319902B129
.fksnk.com/ Name: g_001
Value: 1
prebid.a-mo.net/ Name: __amc
Value: 2_1643271805_1643271807
.adnxs.com/ Name: icu
Value: ChgInKN6EAoYAiACKAIw_6zJjwY4AkACSAIQ_6zJjwYYAQ..
.criteo.com/ Name: uid
Value: 5abccaa6-28f1-4b3e-acc6-336c429840ea
.casalemedia.com/ Name: CMST
Value: YfJWfmHyVn8A
.casalemedia.com/ Name: CMRUM3
Value: 2d61f2567f2760CAESEKIz_usPOzCVfajsYn7KD7k
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In8p.vk<!]tdE8i_iqf!oN/@E'zz<*Z0QkH.HP9gg.h@)RXCHpqx2NAtk]spft?GNSX3<QG=%9sk@3@'s>T:a>Ky
.lijit.com/ Name: ljt_reader
Value: 2d737e6a217d7d28ae381cad
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27008872_4307561_324251169_146045686_-0&ref=27008872_4307561_324251169_146045686_-0
.tribalfusion.com/ Name: ANON_ID
Value: aRnseFPME7fQmKvCiHhhZdZb4Njpsvq1aaRENbZaGZbds7NYvZc5mif5phM7EIUbg8wAGXfR3yv029AR4jkfPm04W
.turn.com/ Name: uid
Value: 4390242256086518784
.livehd7.onl/ Name: cto_bundle
Value: cQLXS19GNGJSckM5dWZYaG5OOXNDV0hxUWpjUzB4TkllWE9LM2ltY1dVVzFSTFlyJTJCMFRmYkxodDBtN25WZXhtTXh5SllaY1k4QlJKWHRXZWFyMXpPaEJ5Z202c0NzeE9FOTAwaTViQ2clMkZBS2VUZE5UYUhZTiUyQkZXbU1EMU56SiUyRlEyTG1LOUtSOEZFa256NnNtWG1BS2w3OVF1dyUzRCUzRA
.livehd7.onl/ Name: cto_bidid
Value: s2XKIV9SUDlmdElnTGFjME9KOW9VdGdqZWN2MFQ2dWlsJTJCTnRldGxBb1ZCeHFhcmhibVpsTkRHcHNhendMdlVQNzlDbzRkWjhZaHglMkZ3aGlMbEV3eWhVbnUlMkJrMVZUbCUyQkRRJTJCdFlmN3UlMkJmbzh2TUlnNCUzRA

2 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1410072543553213&output=html&adk=1812271804&adf=3025194257&lmt=1643235770&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Flivehd7.onl%3A2096%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643271804051&bpp=3&bdt=162&idt=135&shv=r20220125&mjsv=m202201200401&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5038177246020&frm=20&pv=2&ga_vid=542245380.1643271804&ga_sid=1643271804&ga_hid=543678338&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064036%2C31064216&oid=2&pvsid=3658751037657245&pem=201&tmod=445721460&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=153
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://cdn.ampproject.org/rtv/012111152338000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10956b0e50e580f8ed05e22d2b4ebd4e.safeframe.googlesyndication.com
a.tribalfusion.com
ad.turn.com
adipolo.com
adservice.google.com
adservice.google.nl
ap.lijit.com
api.demand.supply
bidder.criteo.com
c1.adform.net
cdn.ampproject.org
cm.g.doubleclick.net
dclk-match.dotomi.com
dsum-sec.casalemedia.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
ghb.aplhb.adipolo.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
jscdn.greeter.me
kit-pro.fontawesome.com
live.demand.supply
livehd7.onl
livehd7.vip
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
player.adtcdn.com
player.adtelligent.com
player.aplhb.adipolo.com
pm.w55c.net
portal.o2online.de
prebid-eu.creativecdn.com
prebid.a-mo.net
r.turn.com
rtb2-useast.e-volution.ai
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssc.33across.com
ssp.adriver.ru
static.criteo.net
sync-tm.everesttech.net
sync.mathtag.com
sync3.sniperlog.ru
targeting.unrulymedia.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.livehd7.onl
x.bidswitch.net
141.95.3.40
142.250.181.226
142.250.184.226
142.250.185.162
147.75.38.124
151.101.194.49
174.137.133.49
178.250.0.157
178.250.2.131
18.156.0.31
18.193.160.53
18.196.197.61
184.31.84.150
185.184.8.65
185.29.134.244
185.33.221.14
198.47.127.19
2.18.234.21
2001:678:cb4:bbbb::11
205.185.216.42
213.19.147.42
2606:4700:3030::6815:1641
2606:4700:3033::6815:2de
2606:4700:3033::6815:4db6
2606:4700:3037::6815:3471
2606:4700::6810:8616
2606:4700::6812:1634
2606:4700::6812:d05
2a00:1450:4001:800::2001
2a00:1450:4001:802::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2006
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:400f:80a::200e
2a02:2638:1::13
2a02:2638::3
2a02:fa8:8806:20::2040
2a0c:5c81:5142::2
3.216.174.50
31.172.81.172
34.149.20.76
37.157.6.246
45.133.44.3
51.75.86.98
66.155.71.150
69.173.144.139
72.251.249.13
81.222.128.216
82.113.101.132
00611ab634229bce240792b312aa3fa195b521ad5d4307dc018d80a0150a06dc
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0204b2888677861f56954aca3c6e7eb01f62ca6e425d113a33fbe572da9139cb
046c7932bcf50404be3268dea1fda1f1e4c71e9c831ae318faa42824f633979e
04d621e619931739cfbf3b34649f09fbb70d3f0d0a8d8726101b6130f6be3e96
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
066389d046f2904e9f74dff2282c8158246660f3648a23218eaad8f4e5d9811b
09f6c5fca0d0da43af9e76da2815baffa66778a7b736c4ed96b5964fa1894636
0a9af85b8a99fd7e9073594f9a195742896a811b297d1e93a8da7c217ced2db8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0d20921d3495b1d2c456ebde74dd61f180c7e849c78b0ddfa8357b83d517849a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
148db4d02d3fe12403c2f599cb4325da78d063ff7bb173b05e86a20b33021290
14b52d5e44212b22f6de0be5caeeb5bba561a29fd91bf6076bf1ad6d45ecae6f
163d2c508afe8ebe485d9ae27075ddf4962e2b9b911cc1906ace3b0ca0ac9d9a
172ae2bc66fe50288d8b97102429bce212f9ab89af9aaabb9444eda9fb19f253
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
186045b4b42fb87e6c18b92248bd19b6a28c37f8856f0efb31d5d7dac2852610
18fd056c5d415c9996c0d6b9c76e34217cae0b1407947116487691164263e4e9
207f3d06a27fff0e057b67745bc12095cf7477b8d92eb48ca90905a9a20307e2
220d9ee76aa547f9a0555829cd88b5aea75ec009aaa09ddba5d912918c9101c5
223ec1a7b8b554cdd0a1aedeeffb0f50baffcf722b1ed5347d5b08a48777ffd1
273abeffc139916ebed51ca83efd384b27829f822a3b49ff13a2f27294435776
2771943bba7565d6e8b8c3b6850927c778305cf32453a4f8ccb694792000586b
279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b
2858d0c843a51ad5a74a4f75f914c588a8bf37b7435a4492e7b01c089f31046b
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3189f7cc7668612d8c08d6f0ed123181bbe092658d1ad8c724df8d3e3003264b
31a3f8f45092844e5acc468f0c2d0ab03a455d7aa605f9b0856821216fc1220f
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3498958b69bfc948fd7684d9a61214c718da38be2698d0561049621422acaca9
3b781f6c72589e1f4de2892a2fe2d9fedacd1535adf2dd08906c7edf2c3b58e1
3d2ff84f282acf57a96823d988b3aaed0ea0cdb0426af23bc0c243e8d8d22bd2
41e7e51399e22068f26378408d0039ebb9459a0eda604c11ee5957debfb99b89
436881b12c4bcec03ca0d3fbfbc8d0626702397de2daea1aea49de5bb7a9d613
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
474839f856ef2f3e176cac9f6e048d906bcee65b3f9eb84fe0fda253636751d2
47a00c205ac23427984e572961850c21efd9d16502680c3876904f4a9840e61d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ae8f940fe8cef8f2e3ba4790ac45afd5fb5016c502ca2f37bc835357ce8d113
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55086289fc50f2edb6677074d247bcc8700b40b7990ee6aa47babf613da97dcf
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58e4a40ec73bd5f84c8d02e01b154eb9824e8a97ca6290c43eef7f09cc7fd996
59f93c8637fa1e41eb70ab270cc6a5dff7887d9ab040daec1a8fba1e3edc4cd5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f1a0eb046f22533fd96fde5da0c9f951cb8b69354839596657271c9af223be0
61a4ff5edce351bbb72e7911ec154a0db3b46c67d3d0d654882bf65d05deb93e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778
641038d44ddc7fa0aaab9ccb27fe315019345b1f499be1ae819fb8821c8f5319
643dba9826ca660354fbba18a9778bfe628bb371fc60d0e30ba7cbea4aa34b2f
649584155a689b889d5cd6b1f6c3a1d46c9e0dc1e8de3bbc3cb83ced3bfc7574
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ba39943f6ecb1c0242d64e829ace9c1a788362ecf44b2d00fb87778bcf71e54
6be1225cb6c18646c91e435206402e91436fc1467fce1b7a05a914b70bd94eb6
6c92baf4ac12adeea944ec9c5307144ea7f2a0aa98e4c34dfb042d3b48169020
6f60c80eb2a99459ad969dc5a3fce85ac70749bee5045c988b2ca6ca4a029030
7225c811b9035a4ce65639eb7ab5e7850833a340a866cc8e4bc5c2ce4abe8756
7548dbf6ff83ed583dfb6d62a87364a673eb18403686b425248fdb4ffc00e753
763c84e96b8ebf027db21751961edfa370311943733774bbf431b3259609bdbf
7a433c5974d49682a17d9ed30b55797e88ce651766525cbcf104a2e4b137078c
7e010667aedd59740dbdea8321a2b55a789a5e1f58b6593fbe159b6ec773c9e1
8228e042d8ba2859d6867d999c789b79a67cd6fbab62e7b8291778349b9e1b87
82f19bb31987f3ed984193421cc798b4d45d3e5739bb98f5ff21937828b97773
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
85c5e75cdb761bf0dc3e12c7e7f26078ac6846e905a88b93699c5c37712cfa15
86f6444eafceacae485c6aadbd60d9659319859369ba5b9d4d0a1bc09eb5d098
8725abc3d35382f44c9b16b12a7e8bbcef855b58f71df5da5b00e7acce75047e
88672c96779d8e7a84c885b23168e132b49296eb08e0daee785ddeecf6ceefa0
8a15c58faa5a5944c528c5e384d57ae892428e5fe0c072161a81891b40c39e9f
8c66c0de5bd46d503f8acaa12b491c3a61509e19b2f55cb05ee54743be878542
8c72cba63484e9b5d152d2ae5f8deaa9e074f599c1b9d12fea38d0267db3b772
8ce9f3e3e7309d1187993bcf2d726c85637563ceba2e558910b96274d726bd7f
8d6814bad94539e16bdbbd1d182a2b3295cc314fbf50bf981e7a1594ef966603
90b0efe6cbe692bfd07130106bf3767af38ac06c7b991d930bf4607cf0fffe02
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9399077dedc69f0f90170c9bf89cc32cae36e9cf0dee638e474da0a0d63fd752
987bd49fbb4145cd12315ea7ee30a2eb1e72cf26c0baa7b7f4a0ae267d019a6a
98cae41d97c80672f0522ad57c9ddf5ff21c30f9eacf5a20a53ea7483b6f1723
98e69361eb9624c3aa97ed678cf563e80cdc866eac613806d1bf9d3aaaa76b71
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cb51f9d777bb08bdbdfef5969dba818cdddbc595b70fbb1ac48a4dff8d85d3f
9e6845bbfc6fc8e3491a0205e2f581cc5e341f448fdba6d9780ad47846561e30
9fa7f49e3a869a02c248c7c730f895951b3fc2f811e504d3ab30f72c1f74913c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e3ab3749b8ccc0f5110c712b546f1f0ae02c283311f1c228993c2deb6778f0
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a5ff2312e56efd70e644ae0f0872727dfe67d41a5d582801232bd58b2122521f
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7dc701d43e74c1f69418e99a2870c4ee95a0a0b08ca9a7585b237900313bbf6
a944e9ecf7f5e66cf37cde06e51254816fd6d0eff4919f6409f33631dcfb484e
aa3666eb27c134f44533ce00519008c4d5f8fceee32d766d518e26104a3e791a
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
afa00dedbe6d549e60e8d88516d437069d74af91f302b9c8f1f825d6bad511a4
aff891386f526cb11ef9c7321ccc49937bad6688a2e802669c299455a10c2105
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b236c44af7672976be55ccac04d023f9fb16f2d7cf9f32c6898ee37825469782
b56b04fa9e982304e87497818233e5be62454b64d32a513d2edd807dce7c524e
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
bb426d0a0f9eae681050bc1c0cd013c50f0ca7eb7985eb25a7b1fe8a21064fae
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bed0ef30789b17e3ae5fd9f1f9569fbc9e92d7018ff895a290d14b6b188288ab
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
c231ae5501bb361e51950032be570e1d1e1f609318ece7fb929ba597e7eff6c8
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c3a85b0abbb12b3949983a32fbfe39a2bdf87d3d69ae996f45f869e47ccdef93
c3c2c7a955fbe54933453cc698bf9bff05bca82a51e25b4e9aa626ae3ed1e8be
c6b3db90845194628f17de68416eca25a672f15a213b5fb8c77c0e3ce315ba7e
c6e0c2f684b8a342ffa8d24d001f77c8ecff7b62d2fd816d6f3c26460e23d3a9
c9cbec37696f3334f17fac000bd30cfd0a8acecdf288f5ba015b29e82cb0961e
cd3e16168400c57fc2ed2b2276f8a27baebc81e3162df72f90680e827b1f4ad9
d5ce4afdffbbd51da089d0e2af9d9450d22fc61e7f1a07774fa2da57edda7f86
d73608ed3204ea01800b3c9fa64620c15be5ebaf5ee2301a37a4b019c8877124
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dd8c37408d55794ec959545f74040e4a1a1f897f7143dfe98a3d10d914030287
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
df8f38416d8a9bfe7fee977b02abac1371a4f5ad6c31dd60986eeea577a114fc
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
dfae461754a4e408cd04ef2d6117c3f80594565845c364971a72e957e46d40e8
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e9ce8f33df850b9ee3afd027b69a855559d08a9040d68297c4e13f1057577189
ea51f498a2e11e522503ca4033674ae7233a3d2a5e5fe9c07491f5fbe5883ac7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f026d3d83302f0344a62804dd0c50e14f47d1add90866f83e224dfcc4b81e74e
f17cee0cd55564321e8c60a25aecd63564b67a60a9eb2f7892302fad3703de39
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
f71615ff8525c5569ded3c8534c4f38aa6c72802b7b224714accd759f95f0288
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
fa22184a42db47062235bcd69ff57c76032484d1a00ce71b369d8d23261f51ff
fb94b462f27f138f78bc2f58584c8e4377ea23828ec4bf2de9a76b624419b6d0
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
fd751e14fe58f1186d1e7a8800fc3996ff49c8ea2803b5d5a0c218855385c2ba
fe6d3f26a9749524404bd3e7e268f791af04cc418b81980b11e8a7f702f2b415
ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4