hdhub4u.re Open in urlscan Pro
2606:4700:3032::6815:41fc Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hdhub4u.foo/0.9177470730060231
Effective URL:
https://hdhub4u.re/0.9177470730060231
Submission: On February 17 via api (February 17th 2024, 9:45:39 pm UTC) from US — Scanned from US

Summary HTTP 214 Redirects Behaviour Indicators

Summary

This website contacted 39 IPs in 3 countries across 26 domains to perform 214 HTTP transactions. The main IP is 2606:4700:3032::6815:41fc, located in United States and belongs to CLOUDFLARENET, US. The main domain is hdhub4u.re.
TLS certificate: Issued by E1 on February 16th 2024. Valid for: 3 months.

This is the only time hdhub4u.re was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3030::ac43:935e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
46	2606:4700:303... 2606:4700:3032::6815:41fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:80a::200a	15169 (GOOGLE) (GOOGLE)
1 11	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
4	139.45.197.242 139.45.197.242	9002 (RETN-AS) (RETN-AS)
9	2606:4700:303... 2606:4700:3030::ac43:9df2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2400:52e0:1a0... 2400:52e0:1a00::1068:1	200325 (BUNNYCDN) (BUNNYCDN)
8	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
1	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4006:820::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c40... 2a02:6ea0:c400::12	60068 (CDN77 _) (CDN77 _)
1	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	172.240.108.68 172.240.108.68	7979 (SERVERS-COM) (SERVERS-COM)
3	2607:f8b0:400... 2607:f8b0:4006:81c::2001	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3033::6815:3dfe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
6	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::ac43:c134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
19	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
1 19	2607:f8b0:400... 2607:f8b0:4006:809::2001	15169 (GOOGLE) (GOOGLE)
1	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:824::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
3 4	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	68.67.179.87 68.67.179.87	29990 (ASN-APPNEX) (ASN-APPNEX)
2	139.45.197.154 139.45.197.154	9002 (RETN-AS) (RETN-AS)
1 2	54.84.238.155 54.84.238.155	() ()
10	2607:f8b0:400... 2607:f8b0:4006:80b::2006	15169 (GOOGLE) (GOOGLE)
2	142.251.40.166 142.251.40.166	15169 (GOOGLE) (GOOGLE)
2	142.251.35.162 142.251.35.162	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:80c::2001	15169 (GOOGLE) (GOOGLE)
3	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
4	2600:9000:247... 2600:9000:247b:2c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f13:800... 2600:1f13:800:7781:cbe6:a42e:55d7:3029	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:820::2004	15169 (GOOGLE) (GOOGLE)
214	39

1 2606:4700:3030::ac43:935e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hdhub4u.foo	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2606:4700:3032::6815:41fc (United States)

ASN13335 (CLOUDFLARENET, US)

hdhub4u.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80a::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:81f::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)

bygliscortor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3030::ac43:9df2 (United States)

ASN13335 (CLOUDFLARENET, US)

catimages.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2400:52e0:1a00::1068:1 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)

image.tmdb.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:817::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

hdhub4u-comments.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c400::12 (New York, United States)

ASN60068 (CDN77 _, GB)

cdn77.coolserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

bureauelderlydivine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.240.108.68 (United States)

ASN7979 (SERVERS-COM, US)

monthcurrencybeam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::2001 (United States)

ASN15169 (GOOGLE, US)

f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:3dfe (United States)

ASN13335 (CLOUDFLARENET, US)

coolserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:c134 (United States)

ASN13335 (CLOUDFLARENET, US)

tzegilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4006:80c::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4006:809::2001 (United States) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

fleraprt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:824::200e (United States)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.98 (Queens, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.179.87 (North Bergen, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.154 (United Kingdom)

ASN9002 (RETN-AS, GB)

static.ptoahaistais.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.84.238.155 (Ashburn, United States) 1 redirects

ASN- ()
PTR: ec2-54-84-238-155.compute-1.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:80b::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.166 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.35.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80c::2001 (United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.65.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:247b:2c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f13:800:7781:cbe6:a42e:55d7:3029 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	hdhub4u.re hdhub4u.re	1 MB
41	googlesyndication.com 1 redirects f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	391 KB
25	tmdb.org image.tmdb.org — Cisco Umbrella Rank: 18911	3 MB
22	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 278 ad.doubleclick.net — Cisco Umbrella Rank: 149 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 551	297 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com	623 KB
11	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 951 static.adsafeprotected.com — Cisco Umbrella Rank: 664 dt.adsafeprotected.com — Cisco Umbrella Rank: 638	121 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 328	85 KB
9	catimages.org catimages.org — Cisco Umbrella Rank: 524387	740 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 381	104 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48 ajax.googleapis.com — Cisco Umbrella Rank: 434	39 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 272	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 696	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	21 KB
4	bygliscortor.com bygliscortor.com — Cisco Umbrella Rank: 345840	36 KB
3	coolserving.com cdn77.coolserving.com — Cisco Umbrella Rank: 136609 coolserving.com — Cisco Umbrella Rank: 118427	15 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 141
2	ptoahaistais.com static.ptoahaistais.com — Cisco Umbrella Rank: 47109	5 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	163 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	fleraprt.com fleraprt.com — Cisco Umbrella Rank: 18903	480 B
1	tzegilo.com tzegilo.com — Cisco Umbrella Rank: 20281	8 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9876	541 B
1	monthcurrencybeam.com monthcurrencybeam.com
1	bureauelderlydivine.com bureauelderlydivine.com
1	disqus.com hdhub4u-comments.disqus.com	2 KB
1	hdhub4u.foo 1 redirects hdhub4u.foo	458 B
214	26

	Domain	Requested by
46	hdhub4u.re	hdhub4u.re
25	image.tmdb.org	hdhub4u.re
19	tpc.googlesyndication.com	1 redirects hdhub4u.re f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
19	pagead2.googlesyndication.com	hdhub4u.re f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com securepubads.g.doubleclick.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
11	securepubads.g.doubleclick.net	1 redirects hdhub4u.re securepubads.g.doubleclick.net
10	s0.2mdn.net	hdhub4u.re s0.2mdn.net
9	catimages.org	hdhub4u.re
8	fonts.gstatic.com	hdhub4u.re fonts.googleapis.com
5	dt.adsafeprotected.com	f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	encrypted-tbn3.gstatic.com	f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
4	static.adsafeprotected.com	f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com srcdoc
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	bygliscortor.com	hdhub4u.re bygliscortor.com
4	fonts.googleapis.com	hdhub4u.re f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com securepubads.g.doubleclick.net bygliscortor.com
3	googleads4.g.doubleclick.net	hdhub4u.re
3	f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.googleadservices.com	hdhub4u.re
2	ad.doubleclick.net	hdhub4u.re
2	fw.adsafeprotected.com	1 redirects hdhub4u.re
2	static.ptoahaistais.com	hdhub4u.re
2	encrypted-tbn0.gstatic.com	f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
2	googleads.g.doubleclick.net	hdhub4u.re pagead2.googlesyndication.com
2	coolserving.com	cdn77.coolserving.com hdhub4u.re
2	www.googletagmanager.com	hdhub4u.re www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	encrypted-tbn1.gstatic.com	f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
1	www.gstatic.com	f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
1	fleraprt.com	tzegilo.com
1	tzegilo.com	bygliscortor.com
1	my.rtmark.net	bygliscortor.com
1	monthcurrencybeam.com	hdhub4u.re
1	bureauelderlydivine.com	hdhub4u.re
1	cdn77.coolserving.com	hdhub4u.re
1	hdhub4u-comments.disqus.com	hdhub4u.re
1	ajax.googleapis.com	hdhub4u.re
1	hdhub4u.foo	1 redirects
214	40

This site contains no links.

Subject Issuer	Validity	Valid
hdhub4u.re E1	`2024-02-16` - `2024-05-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
bygliscortor.com R3	`2023-11-30` - `2024-02-28`	3 months	crt.sh
catimages.org GTS CA 1P5	`2023-12-25` - `2024-03-24`	3 months	crt.sh
image.tmdb.org R3	`2024-01-13` - `2024-04-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-13` - `2024-04-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
1548164934.rsc.cdn77.org R3	`2024-02-16` - `2024-05-16`	3 months	crt.sh
bureauelderlydivine.com R3	`2024-02-15` - `2024-05-15`	3 months	crt.sh
monthcurrencybeam.com R3	`2024-01-03` - `2024-04-02`	3 months	crt.sh
coolserving.com E1	`2024-02-13` - `2024-05-13`	3 months	crt.sh
rtmark.net R3	`2023-12-23` - `2024-03-22`	3 months	crt.sh
tzegilo.com GTS CA 1P5	`2024-01-31` - `2024-04-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
fleraprt.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-09` - `2025-01-13`	a year	crt.sh
ptoahaistais.com R3	`2023-12-10` - `2024-03-09`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://hdhub4u.re/0.9177470730060231
Frame ID: 4A507696582A4957F64F924C9556C64A
Requests: 83 HTTP requests in this frame

Frame: https://hdhub4u.re/slider/index.html
Frame ID: E262AEB1EBE8A9147C9D660134E4EAF7
Requests: 35 HTTP requests in this frame

Frame: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5B955F4D96A1F104BE66E73C3018CD9C
Requests: 1 HTTP requests in this frame

Frame: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0D92855B887215F3DFB45EE2182AAD17
Requests: 1 HTTP requests in this frame

Frame: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9F742D454E53D5796AEA7C7E3EA02B39
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxicu8yBAjAB&v=APEucNXem8D_oxI9O5P6qJMPXd4msn6I1O87Gs-xY-FXfd68Ty4sOQJseZRfhTlM7xUrsI9M_Q-OgIkeiGik1kBTL6S7amrM9A
Frame ID: 5D609AA9A65C8E97C4AEAC804565F359
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: B1F090E8845C98FFD87817BEDCBDBB02
Requests: 25 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js
Frame ID: 492CFE699AC9AFC3120E712BA7F6C006
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012402060239000/amp4ads-v0.mjs
Frame ID: 31038B2866D00D568DD4569EDE882DC4
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4F1B33D2DE66A21E7445D5632632838B
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6667214961386394198/index.html?ev=01_250
Frame ID: 09F615F071FD39616CB671D8A574ED93
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: EC0E0ECFD3009F6A403BDF46786A0BD5
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_300x250.js
Frame ID: 58587399BEAE90A911DECE9F61F39BC1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6D937062EA55C60D34AC8D6ED7CEF3FB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B578FADDDB72187E9D3386EBD83453E8
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
Frame ID: E4382CBABFE1464CEA3A4F36B83D8B6D
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found —

Page URL History Show full URLs

http://hdhub4u.foo/0.9177470730060231 HTTP 307
https://hdhub4u.foo/0.9177470730060231 HTTP 301
https://hdhub4u.re/0.9177470730060231 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

214
Requests

96 %
HTTPS

64 %
IPv6

26
Domains

40
Subdomains

39
IPs

3
Countries

6426 kB
Transfer

9838 kB
Size

21
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hdhub4u.foo/0.9177470730060231 HTTP 307
https://hdhub4u.foo/0.9177470730060231 HTTP 301
https://hdhub4u.re/0.9177470730060231 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 136

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCg1bX8fRCwCRiwCTIIRvRkT-fB35c HTTP 301
https://tpc.googlesyndication.com/simgad/7516144864796486839

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnyv6ByF9s4nWHfaNhsTo8&google_cver=1

Request Chain 138

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdEo.0t3ud4AADPnAA61JwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnyv6ByF9s4nWHfaNhsTo8&google_cver=1&google_hm=2

Request Chain 139

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHhan6Rq0HtqgG1Az7Zn220&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHhan6Rq0HtqgG1Az7Zn220%26google_cver%3D1

Request Chain 140

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkyODgxMDgyODYxNjQwMTcyMQ%3D%3D

Request Chain 155

https://ad.doubleclick.net/ddm/trackimp/N803256.134426GOOGLEDISPLAYNETWO/B25285800.354971241;dc_trk_aid=545792033;dc_trk_cid=183816395;ord=2859653484;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2&nis=5 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N803256.134426GOOGLEDISPLAYNETWO/B25285800.354971241;dc_pre=CKrj3Lyss4QDFboMaAgdAekMMA;dc_trk_aid=545792033;dc_trk_cid=183816395;ord=2859653484;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2&nis=5

Request Chain 156

https://securepubads.g.doubleclick.net/pagead/adview?ai=Cw7TH-SjRZZ21OJj3zLUP3NqcOMLwqN11z_zUu_AQZBABILGT7Xlgye6Oi8CkjBCgAZvn4N8DyAEJ4AIAqAMByAPLBKoEvAJP0KSxEXdAREnLajxETbp8cMVTGzLA8pI7xweYpbB_kYj3Td9ZX-LBtdz7teC_2xge2l3l5s4BT1Y2ak6voA7NjHOXJfMOO8-AcQ63Y9LLMWTPNeUGEeCxfHpkhkXAo_1LBge45isL_ImgagknHRMlniZZd6_V-4IzdEzR7yZ0UxKAVTtP1LlWp4CPRHX58AklCFWc8BQR6BP5xxg1NZPU1PCP8ZZ3E0-KBCmEXsT1xk0S_ge96XLbn-BvKVG2r2313dXn6CNiGaslZxfiZyLQKR8q9IjZ1DgM7iH4ScyQJ3-EAmriiwkPVoq0xLPfNuRozp1aGCmTde3SJvgPbkVFpy5VkDCssd6Pyn6bQbfygLGIcjIEeBVMgtHCgQTXs_lbXUAEiYHLnv2bCSEDQHJgRoYL084R2gi3diFqwAT5rq7LkQTgBAGIBdix-8BHkgUECAQYAZIFBAgFGASgBi6AB8Kl1hCoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAemvhvYBwDyBwQQ19Ut0ggkCIBhEAEYHTICigI6CYBAgMCAgICACEi9_cE6WMzT_Luss4QDmgnrAmh0dHBzOi8vd3d3LmFzaGxleWZ1cm5pdHVyZS5jb20vP3V0bV9zb3VyY2U9ODQ1MDg1MXw0ODQyMzUxJnV0bV9tZWRpdW09ZGlzcGxheSZ1dG1fY2FtcGFpZ249MjUyODU4MDAmdXRtX3Rlcm09MzU0OTcxMjQxJnV0bV9jb250ZW50PTU0NTc5MjAzNnwwJm1ya2dhZGlkPTEmbXJrZ2VuPSZtcmtnYmZsYWc9Jm1ya2djYXQ9JiZhY2N0aWQ9MjE3MDAwMDAwMDE0OTc4OTQmZHNrZXl3b3JkaWQ9JiZkZXZpY2U9YyZuZXR3b3JrPWQmbWF0Y2h0eXBlPSZsb2NhdGlvbmlkPTkwMDU1MzImY3JlYXRpdmU9NjQxOTU4NTI3OTg2JnRhcmdldGlkPSZjYW1wYWlnbmlkPTE5MTk1MTU2Njk2JmFkZ3JvdXBpZD0xNDIxNjA0MDIyOTcmZ2Nsc3JjPWF3LmRzJoAKA8gLAdoMEQoLENDphsD6jsqatAESAgED4g0TCJGA_buss4QDFZg7swAdXC0HB9gTDYgUAtAVAYAXAbIXHgocCAASFHB1Yi05NjU1ODI0NTkzMzE1NjI1GILzcg&sigh=060BApGdXDI&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_pLnTFB_wbTJCX3OGTf0POB7Oa1V_1UjJA-vGVh1Zrk8ZfEot58XhtGMhVnU5LzVRA92vyjYPw2Zn1BLLVuiSJUYKIEllCbHWGhgB&template_id=494&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x182b0c68371e14ed0000000000000000%22,%222%22:%220x333b654554435c8f0000000000000000%22,%223%22:%220xce8b7218c0a42b3f0000000000000000%22,%224%22:%220x3a4fa55cd79048f80000000000000000%22,%225%22:%220x1d869b86453317e90000000000000000%22},%22debug_key%22:%228628857758726858980%22,%22debug_reporting%22:true,%22destination%22:%22https://ashleyfurniture.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221006121883%22],%2222%22:[%22true%22],%224%22:[%2202-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227728375144658435297%22}&andc=true

Request Chain 182

https://fw.adsafeprotected.com/rfw/st/1885389/77498866/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015691919&ias_pubId=pub-2205121062140812&ias_chanId=1&ias_placementId=21013602907&bidurl=maxxfour.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0i9Ka4XmQjRYGQPd8GUiL2F&adContainerId=brand_safety_-yjRZc_OArTRoPwP3JevEA&cbFunctionName=goog_wrapCb_-yjRZc_OArTRoPwP3JevEA&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fhdhub4u.re&adsafe_type=g&adsafe_url=https%3A%2F%2Fhdhub4u.re%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Ff66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:c28d7b1a-7240-f2bc-fadd-32902463de64,c:4tGk2E,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-659c4c654f-6mwcb,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:7,mot:0,app:0,maw:0,tdt:s,fm:u4AbGtR+11%7C12%7C131*.1885389-77498866%7C1311%7C13121%7C1313%7C141%7C15,idMap:131*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:42,oid:df833b4f-cddd-11ee-9d44-3234afdb74f6,v:19.8.483,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

214 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request 0.9177470730060231 Show response
hdhub4u.re/
Redirect Chain

http://hdhub4u.foo/0.9177470730060231
https://hdhub4u.foo/0.9177470730060231
https://hdhub4u.re/0.9177470730060231

221 KB
46 KB

753ms
658ms

Document
text/html

2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afdeaaea9a3dffdc26c890fc6e90884319d9317c8df47e307f675d2f23684229

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 857137b16e1c4bc1-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 21:45:29 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://hdhub4u.re/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjwJQftwa9H8TAM7RI5%2FMevxBSvy28HhE5xlX%2BUerCseXDBcmNu%2Fufvopi1nLmQI%2Fv%2BGaMpgBgvCXiy0HQ38pV3zVYolONW2VZvhcQCNFNjz06215hEtR9e2nSvP2zUb23CX%2BOedyF2g"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: miss
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 2d3_HTTP.404,2d3_404,2d3_URL.ea831affb8c3777c24f32d93d3877db0,2d3_
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 857137b09ee94bc3-BUF
date: Sat, 17 Feb 2024 21:45:28 GMT
expires: Sat, 17 Feb 2024 22:45:28 GMT
location: https://hdhub4u.re/0.9177470730060231
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e3svQ9FvBTpNxWPcy311qWfPnuxcu%2Bc7PucAz8IuHncpbXMs%2FCQ6ABQxy1aweR1TyqDkoOE342oCAthZh%2BVPqlm6Qt0P2CUcbanLbakZzYqRrUfvWHa29mq8YHwqLV%2B9iiP812FYtm%2F6og%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 69e57ec3164952777a016e30068f3eda.css
hdhub4u.re/wp-content/litespeed/css/ 339 B
509 B 45ms
34ms Stylesheet
text/css 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hdhub4u.re/wp-content/litespeed/css/69e57ec3164952777a016e30068f3eda.css?ver=f3eda
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caffb92deb05a0d71b92c900b9e52d85c18df5e1491f641d9d7a186c56c6b1a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/0.9177470730060231
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Feb 2024 17:42:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 100979
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGt6fvcj%2BKsJprbWYlQ0VMSfRpl%2Fda66ovz0wQI0JlkAf9r2dYUX%2F0I%2BwP79aC9haPpAjCHHBjRbqH7fvuU80OZB%2FM0FxDjQh4IW%2FUr6%2FaH1zsr5IuqjbiKnEZOeE9oi13L9FQCcgeGN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
cf-ray: 857137b5a9e14bc1-BUF
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jun 2024 09:20:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 120ms
44ms Other
text/css 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hdhub4u.re/
Origin: https://hdhub4u.re
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 21:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 20:56:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 21:45:29 GMT

GET css
fonts.googleapis.com/ 0
0

GET
H2 200 b44f2925497486a3a12956915206735c.css
hdhub4u.re/wp-content/litespeed/css/ 108 KB
15 KB 51ms
43ms Stylesheet
text/css 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hdhub4u.re/wp-content/litespeed/css/b44f2925497486a3a12956915206735c.css?ver=6735c
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8508848209758027adbbf1d665a08a5b603e5d154bdd755f03d01d3201879a7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/0.9177470730060231
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Feb 2024 17:42:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 100979
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57XwxFbMY2nJefk%2BPflAMCS8UaOoknU8dbHYWFdrDLckIHj%2FLS1gimneAjVxp78qmiOZ12Nkn3K8GpRocNV5%2BIxesomu3mzaAr%2FObewEcSIGYxgKePqIE5i5l5RQPwjeWAqHPM26tVbp"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
cf-ray: 857137b5a9e34bc1-BUF
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jun 2024 09:20:08 GMT

GET
H2 200 61278211c95fb3a0320b721c5b19ed56.css
hdhub4u.re/wp-content/litespeed/css/ 1015 B
612 B 42ms
35ms Stylesheet
text/css 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hdhub4u.re/wp-content/litespeed/css/61278211c95fb3a0320b721c5b19ed56.css?ver=9ed56
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93aaac71b64ae7019823c8596b20637fed9988f1b4c10592186f6c6ebcc43fe9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/0.9177470730060231
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Feb 2024 17:42:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 100979
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYt%2BzbonGmTAlflQ7I9HnkvOJoweRI67eqVZpu%2F6ky%2F1M1%2FICGcpH3QwUXU5j68UaclvNHFQj3gSi1foblD%2BOD8ZIhAhE8o8pA2S7wqi2BkaO0QgGNrP7CEKx37FLbW%2FCW149UEOMnXP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
cf-ray: 857137b5a9e44bc1-BUF
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jun 2024 09:20:08 GMT

GET
H2 200 6a8133363bd722b4f5fa7b4fe948f13f.css
hdhub4u.re/wp-content/litespeed/css/ 119 KB
20 KB 46ms
39ms Stylesheet
text/css 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hdhub4u.re/wp-content/litespeed/css/6a8133363bd722b4f5fa7b4fe948f13f.css?ver=8f13f
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a824e11d139abab34c9c52c7c852aad98e675254fad5b4cb75102c0a4ed2e645

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/0.9177470730060231
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Feb 2024 17:42:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 100979
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SM%2BvWPQHE%2BU71tpS9RBHLXFLEnXGVJCW0PApaZ94xHMQgww%2Fdlm86NgKyHVpX8b%2BBmAJ%2Bm2clw%2F7T%2BSGPTrfkEjg1vEyTwLH2USzwhorr5t8sGfz%2FidssN88vU9oSWwx%2FBkBMs3Oe%2BHW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
cf-ray: 857137b5a9e54bc1-BUF
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jun 2024 09:20:08 GMT

GET
H2 200 1b4db1ba498d8ea79199f317b12b9f98.css
hdhub4u.re/wp-content/litespeed/css/ 719 B
593 B 45ms
38ms Stylesheet
text/css 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hdhub4u.re/wp-content/litespeed/css/1b4db1ba498d8ea79199f317b12b9f98.css?ver=b9f98
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62f13c4f18340473ec8c90ac65969eefbae5d90ae8eaf36101fe2a64d88d3eed

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/0.9177470730060231
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Feb 2024 17:42:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 100979
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dz%2FOFh1T2Zy%2B6Dh7fdW5EFBuSY8k0y%2BR8IZRH7JXGA7j%2FfjgigQO6AQMhdvIy5Reh4VWedZ6PgrgpojYqkcxSTlsSWrJ6RuCm1R%2Bm2ObLlrgPwLkuGIXP6g8VGeGhXZ5fvnRabtXMWYQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
cf-ray: 857137b5a9e64bc1-BUF
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jun 2024 09:20:08 GMT

GET
H2 200 jquery.min.js Show response
hdhub4u.re/wp-includes/js/jquery/ 86 KB
31 KB 50ms
44ms Script
application/javascript 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hdhub4u.re/wp-includes/js/jquery/jquery.min.js
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/0.9177470730060231
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Nov 2023 02:42:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 100979
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JX6HwmXIAtHxzRD4eh8EjVavqJm2wmMeDnESuxwDourMme6aeDDZGVcmsW1CFjCoPsg2E6hWGAf8QsDdlnq8Lc4I%2BHv9aZom3x%2Fh9If1op57UHN00OU60X56yCTqlWLeR8zPiGLr%2B7AE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 857137b5a9e74bc1-BUF
alt-svc: h3=":443"; ma=86400
expires: Fri, 23 Feb 2024 17:42:12 GMT

GET
H2 200 jquery-migrate.min.js Show response
hdhub4u.re/wp-includes/js/jquery/ 13 KB
5 KB 43ms
37ms Script
application/javascript 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hdhub4u.re/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/0.9177470730060231
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Aug 2023 06:42:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 100979
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYh9pBylwdToIyLlaFFrsJSfjLnnEzPSnGJbAKFOL5MPsFluwfxSydxi2ecay0VwlQcGZoKrHTUIUQEGB03Ms9dRSiB7GhDudEJ5nWqivwoIZJNRqjmrfdUuRfJ0jnj5%2BQZJAhA3Hii5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 857137b5a9e84bc1-BUF
alt-svc: h3=":443"; ma=86400
expires: Fri, 23 Feb 2024 17:42:12 GMT

GET
H2 200 frontend.js Show response
hdhub4u.re/wp-content/plugins/remove-disqus-ads/assets/js/ 393 B
511 B 39ms
36ms Script
application/javascript 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hdhub4u.re/wp-content/plugins/remove-disqus-ads/assets/js/frontend.js
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f5310930719be7ef701e73b540cdfe6d0eeb918d1a93484e2d1d2788f32577b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/0.9177470730060231
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 20:40:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 100979
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGD9F4EWBKGWTo4eTAsisKxxv%2B4jllR6uaRVH69W0estV87lFN8PPullXkGCAtv4DlDzCaC5lvjtowhJkcFxyNk0dVS4grO28n2svfuxiQT4PyE1QCnX6UrXGRhyyO4mcKLi2HaPhK6E"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
cf-ray: 857137b5a9e94bc1-BUF
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jun 2024 09:20:08 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 132ms
69ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a271aedd228b5ed78d945bdfeaac6088830ef3e4192906f372ee6bebd44ca736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29165
x-xss-protection: 0
server: cafe
etag: 533 / 19770 / m202402130101 / config-hash: 11148296534494914191
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 21:45:29 GMT

GET
H2 200 hdhub4ulogo.png
hdhub4u.re/wp-content/uploads/2021/05/ 9 KB
9 KB 40ms
36ms Image
image/png 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/wp-content/uploads/2021/05/hdhub4ulogo.png
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e1dbe30885c2e8640fc235a2a9917364536542bafd1b9e6b3e5f7c762a69d81

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/0.9177470730060231
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100978
alt-svc: h3=":443"; ma=86400
content-length: 8915
last-modified: Thu, 12 Jan 2023 20:40:25 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eyq00fD9gp9IP2Zm4ofJc2a%2BWmlmYaVzAHshnsUnPnRhGY4FD4vYKkFweCi1BV5AFO3PjYsnkzjgQG7gvcCLh5tdVvIaEhq8TpH%2FmdG0kKmUhm0DwnmZQcy8UlivNAMy8t1YSj3mtESC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137b5b9ea4bc1-BUF
expires: Fri, 23 Feb 2024 17:42:13 GMT

GET
H2 200 6981480 Show response
bygliscortor.com/401/ 87 KB
34 KB 476ms
193ms Script
application/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bygliscortor.com/401/6981480

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

abd62c83176e74def22fe39e4f60ec81b4141d4732faf02f1a16c471726d9a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 3bd486bdec14f05e6be68e68d2df9038
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 index.html Show response
hdhub4u.re/slider/ Frame E262 27 KB
6 KB 268ms
255ms Document
text/html 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hdhub4u.re/slider/index.html
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b64eb664d568cf397ed278655d813f27ca95c336e53ea063f98ef13067170a86

Request headers

Referer: https://hdhub4u.re/0.9177470730060231
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 857137b67e556aed-BUF
content-encoding: br
content-type: text/html
date: Sat, 17 Feb 2024 21:45:29 GMT
last-modified: Sun, 30 Apr 2023 18:46:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wfaFQMBUeDSXEFH%2Bb5ElzprXfUULgPQtDJu939WspZUCKb8q8viMNgtd%2BdLkxFNooq96R67fdXI9D6hoVtJHO9vRE04xzOA5WBnJJIzB%2FOfvra2llaAsHHd32o%2BUoNI8DQOqT93KjDU"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H3 200 404.png.webp
hdhub4u.re/wp-content/themes/9xhd/assets/ 5 KB
5 KB 287ms
273ms Image
image/webp 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/wp-content/themes/9xhd/assets/404.png.webp
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e163f5de299bdc752f1e39c965cf5d6118d02d7a35fc3416440542b33c915738

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/0.9177470730060231
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cf-cache-status: MISS
last-modified: Mon, 30 Jan 2023 17:50:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ty0%2BlxWH1chaiM3XLm2QPJCLvKxx0TXq%2F3DDHJpWgi18WgxEVgb1gmiosZoprP9eGj0YOliUTCf1uKL35mb%2BmjK1AMc38L63DCRn4V3Jk7esBtXuABXLGJzAPBqSBWVGgOUQfc11sSef"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137b67e566aed-BUF
alt-svc: h3=":443"; ma=86400
content-length: 4758
expires: Sat, 08 Jun 2024 13:23:05 GMT

GET
H2 200 Madame-Web-2024-HIndi-HDTS-Full-Movie.jpg
catimages.org/images/2024/02/17/ 54 KB
54 KB 152ms
41ms Image
image/jpeg 2606:4700:3030::ac43:9df2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catimages.org/images/2024/02/17/Madame-Web-2024-HIndi-HDTS-Full-Movie.jpg

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:9df2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd94b2d7743016f51bc7f85580839e53c981d131ea369d5b1d2b71897b0e53a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 90628
alt-svc: h3=":443"; ma=86400
content-length: 55084
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Fri, 16 Feb 2024 19:44:05 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FeRbXb%2FlHzdotKfmpRd2CLsvgpQyKwwKaplpQh11f%2Bzkw32viEejiygFHSLiRJREPbU6Blgv56qlQoNfBNIEYzawDwVph6EIEcUZwKQVRihP9I2RewjfsNUg3cLaOgHHzH6dJXA5hhjvI%2B3R"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 857137b71a734bc0-BUF
expires: Tue, 16 Apr 2024 20:35:01 GMT

GET
H2 200 5MWHYRYQ9DEKA5pAkhnniqPdJrr.jpg
image.tmdb.org/t/p/original/ 435 KB
436 KB 127ms
51ms Image
image/jpeg 2400:52e0:1a00::1068:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/original/5MWHYRYQ9DEKA5pAkhnniqPdJrr.jpg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1068:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1068 /
Resource Hash: 42db956af3d163d55440d285487b7aa900ece14accfe222fbfe97f282d78a6ce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cdn-edgestorageid: 1067
perma-cache: HIT
cdn-storageserver: NY-346
cdn-cachedat: 02/15/2024 22:06:45
cdn-pullzone: 775336
content-length: 445567
last-modified: Thu, 15 Feb 2024 21:52:58 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 673
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "65ce87ba-6cc7f"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: 27d2a907aa9267cb91f3037d15fe91dd
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 zAug8d6kpBMPyxZvY66q2x8csd.jpg
image.tmdb.org/t/p/w400/ 24 KB
24 KB 159ms
83ms Image
image/jpeg 2400:52e0:1a00::1068:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w400/zAug8d6kpBMPyxZvY66q2x8csd.jpg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1068:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1068 /
Resource Hash: 1fa3ff887375803e2e8235f882143bef7f2eb61f4046318e0b3cd478099ecb51

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cdn-edgestorageid: 1068
perma-cache: HIT
cdn-storageserver: NY-267
cdn-cachedat: 02/16/2024 06:06:55
cdn-pullzone: 775336
content-length: 24313
last-modified: Sun, 24 Dec 2023 11:24:47 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 693
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "658814ff-5ef9"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: 5838ca742048e9baf4e7117e6c8c7333
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Scammy-Boys-2024.jpg
catimages.org/images/2024/02/16/ 92 KB
93 KB 196ms
86ms Image
image/jpeg 2606:4700:3030::ac43:9df2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catimages.org/images/2024/02/16/Scammy-Boys-2024.jpg

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:9df2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ce6f50be4985a39977529d614d8b0343bbc073c3b6cf8d3c801f125b677c327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 172734
alt-svc: h3=":443"; ma=86400
content-length: 94496
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 15 Feb 2024 20:14:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMcBCSv9T5nGiWmO9lL9pGyvm%2FgACgPS7pixoqlMhG%2FAX71WMcXKq22%2FoFAI7YJn5Pkj6LJsqsXtWO3KSZTplN2KSbKla3qeakoIBiHdr%2BbdjxoH6e7E9Zi95BymDMVJPb8OEh%2BTOWuJcTmJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 857137b71a744bc0-BUF
expires: Mon, 15 Apr 2024 21:46:34 GMT

GET
H2 200 g70f3hwn5jPaNzqPssoa9unlawo.jpg
image.tmdb.org/t/p/w400/ 24 KB
25 KB 170ms
95ms Image
image/jpeg 2400:52e0:1a00::1068:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w400/g70f3hwn5jPaNzqPssoa9unlawo.jpg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1068:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1068 /
Resource Hash: 13cb40fa8e632a4220e6d4bdd998c65b09d0467ce6981c658648ff2a322b6120

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cdn-edgestorageid: 1029
perma-cache: HIT
cdn-storageserver: NY-430
cdn-cachedat: 02/15/2024 09:41:02
cdn-pullzone: 775336
content-length: 24636
last-modified: Fri, 05 May 2023 18:24:49 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 426
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "645549f1-603c"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: 56666de5e833c6d4179e7af784eefd80
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 gdD4rdpjtxtb3WPS7ig6vetphu3.jpg
image.tmdb.org/t/p/w400/ 37 KB
37 KB 170ms
96ms Image
image/jpeg 2400:52e0:1a00::1068:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w400/gdD4rdpjtxtb3WPS7ig6vetphu3.jpg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1068:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1068 /
Resource Hash: 8e591d2d8e9bb1257c872d85bc57b246a17a93e140722a82287026b1c92ce2c8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cdn-edgestorageid: 940
perma-cache: HIT
cdn-storageserver: NY-427
cdn-cachedat: 02/14/2024 10:01:32
cdn-pullzone: 775336
content-length: 37759
last-modified: Tue, 06 Feb 2024 22:46:30 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 707
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "65c2b6c6-937f"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: 758e93ad0944d94087ee93362d45d682
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 kPRb1mbVHGop0egQ7153y0lhzGL.jpg
image.tmdb.org/t/p/w400/ 47 KB
48 KB 168ms
93ms Image
image/jpeg 2400:52e0:1a00::1068:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w400/kPRb1mbVHGop0egQ7153y0lhzGL.jpg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1068:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1068 /
Resource Hash: c26bd7f716f2de44336c5e63e51b42e1516a2e86a41dfcc08b64fc27eb53c0c1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cdn-edgestorageid: 1029
perma-cache: HIT
cdn-storageserver: NY-430
cdn-cachedat: 02/14/2024 14:49:23
cdn-pullzone: 775336
content-length: 48513
last-modified: Sun, 05 Nov 2023 13:38:23 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 718
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "65479acf-bd81"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: e31e0276a8bbb2c4bb2810031cecd942
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 7JkPcKeyQX0hVotlkwIVkdEoRdl.jpg
image.tmdb.org/t/p/w400/ 48 KB
49 KB 168ms
94ms Image
image/jpeg 2400:52e0:1a00::1068:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w400/7JkPcKeyQX0hVotlkwIVkdEoRdl.jpg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1068:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1068 /
Resource Hash: 7767a96aeebf335ae82554c07fa3bdd597cc69b3351c9ecfba037bdeca69c72a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cdn-edgestorageid: 894
perma-cache: HIT
cdn-storageserver: NY-346
cdn-cachedat: 02/14/2024 09:39:01
cdn-pullzone: 775336
content-length: 49605
last-modified: Wed, 14 Feb 2024 09:18:54 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 426
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "65cc857e-c1c5"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: 2ccd2e110ffde24f2b8f5b40290772b3
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ajGJmcLNgFNTHN2IkOwoQDHqXv0.jpg
image.tmdb.org/t/p/w400/ 24 KB
25 KB 87ms
59ms Image
image/jpeg 2400:52e0:1a00::1068:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w400/ajGJmcLNgFNTHN2IkOwoQDHqXv0.jpg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1068:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1068 /
Resource Hash: fef06b6d4a00b4ec9befeacb638d08496460449c0b01920e7f2d4d3503e60ffd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cdn-edgestorageid: 941
perma-cache: HIT
cdn-storageserver: NY-430
cdn-cachedat: 02/13/2024 18:46:15
cdn-pullzone: 775336
content-length: 25052
last-modified: Tue, 13 Feb 2024 09:08:06 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 694
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "65cb3176-61dc"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: 68177c8733f2b1d4b61ada5a674f9c6b
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 msTE1EAg8COupvuupSoB0IXYx4J.jpg
image.tmdb.org/t/p/w400/ 34 KB
34 KB 92ms
65ms Image
image/jpeg 2400:52e0:1a00::1068:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w400/msTE1EAg8COupvuupSoB0IXYx4J.jpg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1068:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1068 /
Resource Hash: a624536b525c3135e4123b7b054ffd2482da762d79ff6501336c29c358bcb352

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cdn-edgestorageid: 1029
perma-cache: HIT
cdn-storageserver: NY-427
cdn-cachedat: 02/15/2024 09:32:57
cdn-pullzone: 775336
content-length: 34719
last-modified: Mon, 12 Feb 2024 14:26:26 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 695
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "65ca2a92-879f"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: d85be3215fa3871cd9d91f172df3b3bc
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 8FiYNECy6JOSs0wef86Mj8PyGiQ.jpg
image.tmdb.org/t/p/w400/ 27 KB
28 KB 92ms
65ms Image
image/jpeg 2400:52e0:1a00::1068:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w400/8FiYNECy6JOSs0wef86Mj8PyGiQ.jpg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1068:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1068 /
Resource Hash: cf33799ff4d15ac1e42b6233ab8f3188bc340a9a2175f2cc261c5906ffe0660b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cdn-edgestorageid: 1069
perma-cache: HIT
cdn-storageserver: NY-430
cdn-cachedat: 02/10/2024 19:14:08
cdn-pullzone: 775336
content-length: 27680
last-modified: Fri, 03 Nov 2023 08:38:07 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 704
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "6544b16f-6c20"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: 59b02e3bcbb0e4c103a4ecdc2d07a508
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 cuV2O5ZyDLHSOWzg3nLVljp1ubw.jpg
image.tmdb.org/t/p/original/ 361 KB
361 KB 98ms
71ms Image
image/jpeg 2400:52e0:1a00::1068:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/original/cuV2O5ZyDLHSOWzg3nLVljp1ubw.jpg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1068:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1068 /
Resource Hash: 87353b4b2f3bf6ce0ef77bd3bc08f34e6a85aec3b9e7e5efb92d3bfa9d60a29d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cdn-edgestorageid: 718
perma-cache: HIT
cdn-storageserver: NY-430
cdn-cachedat: 01/05/2024 15:19:49
cdn-pullzone: 775336
content-length: 369220
last-modified: Thu, 21 Dec 2023 22:00:28 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 695
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "6584b57c-5a244"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: 83b4f0f414a8e149ad5b015e398280ae
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 2FCXTnTRMHLmArxcwdO1DGxeSmT.jpg
image.tmdb.org/t/p/w500/ 77 KB
78 KB 101ms
75ms Image
image/jpeg 2400:52e0:1a00::1068:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w500/2FCXTnTRMHLmArxcwdO1DGxeSmT.jpg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1068:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1068 /
Resource Hash: c80409172faf270a61a46b3cafab276420371813d93a56b813d162d09eae5972

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cdn-edgestorageid: 1069
perma-cache: HIT
cdn-storageserver: NY-268
cdn-cachedat: 02/11/2024 04:21:49
cdn-pullzone: 775336
content-length: 79277
last-modified: Thu, 01 Feb 2024 23:49:00 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 718
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "65bc2dec-135ad"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: 5c8ceed81117904506feac80264eea09
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 vf1bpbpCUL7orMx36pqJ5yZrFwr.jpg
image.tmdb.org/t/p/w400/ 30 KB
31 KB 97ms
70ms Image
image/jpeg 2400:52e0:1a00::1068:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w400/vf1bpbpCUL7orMx36pqJ5yZrFwr.jpg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1068:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1068 /
Resource Hash: 673398682a3d6453c12c65983f58ee4af23285984aa974f6778380d220a46b87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cdn-edgestorageid: 1029
perma-cache: HIT
cdn-storageserver: NY-268
cdn-cachedat: 02/09/2024 14:46:38
cdn-pullzone: 775336
content-length: 30918
last-modified: Tue, 06 Feb 2024 16:25:05 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 718
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "65c25d61-78c6"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: c94f22bc02f38b40c43355e4836d169d
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 o85zwioYQ1m586ZF7TbqHQItT5g.jpg
image.tmdb.org/t/p/w500/ 47 KB
47 KB 97ms
71ms Image
image/jpeg 2400:52e0:1a00::1068:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w500/o85zwioYQ1m586ZF7TbqHQItT5g.jpg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1068:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1068 /
Resource Hash: 76e581a4020cea86791076cab4b9f990adde0bdeff37e7e16027aa48ef988b55

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cdn-edgestorageid: 941
perma-cache: HIT
cdn-storageserver: NY-346
cdn-cachedat: 02/08/2024 20:29:37
cdn-pullzone: 775336
content-length: 47822
last-modified: Fri, 12 Jan 2024 06:05:35 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 673
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "65a0d6af-bace"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: 6422ec9bb0db8cd459f89f4aa5f8890e
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 2eCELoyf0l3njFKfn3oddo3JaRG.jpg
image.tmdb.org/t/p/w400/ 28 KB
28 KB 98ms
71ms Image
image/jpeg 2400:52e0:1a00::1068:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w400/2eCELoyf0l3njFKfn3oddo3JaRG.jpg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1068:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1068 /
Resource Hash: 3fca9545e7e6b4a6b6caa7cabda77e9f6a87cdfc32ed34c2e106bf9d1bb2f231

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cdn-edgestorageid: 1067
perma-cache: HIT
cdn-storageserver: NY-268
cdn-cachedat: 02/16/2024 00:09:39
cdn-pullzone: 775336
content-length: 28623
last-modified: Sat, 20 Jan 2024 10:14:06 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 673
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "65ab9cee-6fcf"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: 6f486fabfbf88e4f8bae3b6d71ddb774
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 4WvxzCSHmjbxqc3wethZoBZ5hmA.jpg
image.tmdb.org/t/p/w500/ 65 KB
65 KB 101ms
75ms Image
image/jpeg 2400:52e0:1a00::1068:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w500/4WvxzCSHmjbxqc3wethZoBZ5hmA.jpg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1068:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1068 /
Resource Hash: eaaf42c610c31466fdb5b8511ce57579d2a843ae696cd9b0e6dc930c1274efe9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cdn-edgestorageid: 871
perma-cache: HIT
cdn-storageserver: NY-268
cdn-cachedat: 02/07/2024 22:56:26
cdn-pullzone: 775336
content-length: 66464
last-modified: Thu, 01 Jun 2023 15:18:42 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 628
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "6478b6d2-103a0"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: 8339936994323dc3ed38f722b32f0a1a
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 dlMkWhZLPKxegC8kHq5I2I9EPRE.jpg
image.tmdb.org/t/p/w400/ 29 KB
29 KB 96ms
72ms Image
image/jpeg 2400:52e0:1a00::1068:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w400/dlMkWhZLPKxegC8kHq5I2I9EPRE.jpg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1068:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1068 /
Resource Hash: 12fc4b10a91619c19bcf68ef2f722e067fe045b1d6f600688eb87930fb908506

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cdn-edgestorageid: 845
perma-cache: HIT
cdn-storageserver: NY-267
cdn-cachedat: 02/09/2024 10:31:44
cdn-pullzone: 775336
content-length: 29256
last-modified: Fri, 09 Feb 2024 04:49:03 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 753
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "65c5aebf-7248"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: 0d34dd709a36f9b8ca64283b7ca1ebac
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 eYsdP5QffklSZMXJMy295xTHKmt.jpg
image.tmdb.org/t/p/w400/ 28 KB
28 KB 95ms
72ms Image
image/jpeg 2400:52e0:1a00::1068:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w400/eYsdP5QffklSZMXJMy295xTHKmt.jpg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1068:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1068 /
Resource Hash: f0d9c5ca94a730775c9f13cdf91090eea353083ddbf5a71014ac0dae321df0cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cdn-edgestorageid: 1068
perma-cache: HIT
cdn-storageserver: NY-430
cdn-cachedat: 02/09/2024 04:20:55
cdn-pullzone: 775336
content-length: 28164
last-modified: Fri, 09 Feb 2024 02:27:43 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 751
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "65c58d9f-6e04"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: e189cf8517e3a04408a8ddb93dce74c5
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Captain-Miller-2024-Hindi-HDRip-Full-Movie-HDHub4u.jpg
catimages.org/images/2024/01/13/ 49 KB
50 KB 63ms
39ms Image
image/jpeg 2606:4700:3030::ac43:9df2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catimages.org/images/2024/01/13/Captain-Miller-2024-Hindi-HDRip-Full-Movie-HDHub4u.jpg

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:9df2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7a943fc1dcbef59beb6331eac82580cf03d8e6744dad4539f185649a73455d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3126505
alt-svc: h3=":443"; ma=86400
content-length: 50599
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Fri, 12 Jan 2024 16:31:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=um0e2jMMbhO53voLvWbCjSVy3BjegBesF2mlNDYRXyXYF89axBlofGJ3UJWc7rSE3Hq2fnngcCrnJTaWj8RyDxhprm6ocuCaA0eoY1kpOY75qvxQ8BGC0DIsW2hcH0bfa4vWdtGtuoI1Yeq8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 857137b7db514bc0-BUF
expires: Tue, 12 Mar 2024 17:17:03 GMT

GET
H2 200 Lantrani-2024.jpg
catimages.org/images/2024/02/09/ 91 KB
92 KB 99ms
76ms Image
image/jpeg 2606:4700:3030::ac43:9df2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catimages.org/images/2024/02/09/Lantrani-2024.jpg

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:9df2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6669d81483d2b9e364300c9f223166c2e06a932fa7c6ef594f38498f3a9e3b39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 781839
alt-svc: h3=":443"; ma=86400
content-length: 93309
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 08 Feb 2024 19:07:54 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NaUPoIy81Kvzi0DTKjHJJiXzUvq3wTiBmjsuo2iItnSMr2gCEDIhUdM5VUVKE5bdT7h%2BjFHZBoTiuq4X%2FJIsIwYtEzANaJaevfwEzjN%2BPvUb01cUlmpxhGyyQTQ2xzHDJx3712lIYRCB7Lv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 857137b7db544bc0-BUF
expires: Mon, 08 Apr 2024 20:34:50 GMT

GET
H2 200 hZuq34U1dWuIIWgTa6wZNPeDinS.jpg
image.tmdb.org/t/p/w400/ 35 KB
36 KB 96ms
73ms Image
image/jpeg 2400:52e0:1a00::1068:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w400/hZuq34U1dWuIIWgTa6wZNPeDinS.jpg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1068:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1068 /
Resource Hash: cfca96e6c73ec75b8ac3cbab97c20ca6ec467ca869617a80d1272f7544e7e1a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cdn-edgestorageid: 1067
perma-cache: HIT
cdn-storageserver: NY-267
cdn-cachedat: 02/04/2024 22:19:36
cdn-pullzone: 775336
content-length: 35941
last-modified: Wed, 29 Nov 2023 14:19:55 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 705
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "6567488b-8c65"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: 2dd4e451685a5040882fb73cc6d59217
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 dCDgSV9h2NIHCZCE7fPnIh0lYqz.jpg
image.tmdb.org/t/p/w500/ 54 KB
55 KB 95ms
72ms Image
image/jpeg 2400:52e0:1a00::1068:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w500/dCDgSV9h2NIHCZCE7fPnIh0lYqz.jpg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1068:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1068 /
Resource Hash: 44780344563fa14fe8664888dafa24e513299ee994ae2a6def74392183915f39

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cdn-edgestorageid: 1070
perma-cache: HIT
cdn-storageserver: NY-267
cdn-cachedat: 02/06/2024 20:43:36
cdn-pullzone: 775336
content-length: 55738
last-modified: Wed, 27 Sep 2023 19:19:38 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 707
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "6514804a-d9ba"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: 4ce7b43476e120b5f18ec57c005965ca
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 wykOtxx7rPxXPHgzyrEH6ZsH3sF.jpg
image.tmdb.org/t/p/w500/ 50 KB
51 KB 95ms
73ms Image
image/jpeg 2400:52e0:1a00::1068:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w500/wykOtxx7rPxXPHgzyrEH6ZsH3sF.jpg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1068:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1068 /
Resource Hash: a7be6ddc62d5eb5ea25866362fbe27c380c01c1ccf68b56df10b306f26a23f8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cdn-edgestorageid: 1029
perma-cache: HIT
cdn-storageserver: NY-346
cdn-cachedat: 02/02/2024 08:32:41
cdn-pullzone: 775336
content-length: 51212
last-modified: Sun, 05 Feb 2023 00:27:37 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 427
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "63def7f9-c80c"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: 7d0ab86a8d2115cb8eed0ff848c018a0
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 n49FNv8T4elzdVSwYs6G3K6gUOb.jpg
image.tmdb.org/t/p/w400/ 45 KB
45 KB 96ms
73ms Image
image/jpeg 2400:52e0:1a00::1068:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w400/n49FNv8T4elzdVSwYs6G3K6gUOb.jpg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1068:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1068 /
Resource Hash: 30297e4399a5ed0c12ff07932159b316dea625365eb3d47b4c56e527c61623ca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cdn-edgestorageid: 718
perma-cache: HIT
cdn-storageserver: NY-267
cdn-cachedat: 02/02/2024 19:49:37
cdn-pullzone: 775336
content-length: 45589
last-modified: Sun, 19 Nov 2023 02:39:48 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 716
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "65597574-b215"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: efaed55f4061a1b7ec2a58eb13db97eb
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 fUWvkg61yd5hi8P50MMztUhR03p.jpg
image.tmdb.org/t/p/w500/ 41 KB
42 KB 96ms
74ms Image
image/jpeg 2400:52e0:1a00::1068:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w500/fUWvkg61yd5hi8P50MMztUhR03p.jpg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1068:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1068 /
Resource Hash: 6001ad1261ff9a8c3a046338f797a47e670bb66af5d2cdb169907657a081d75c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cdn-edgestorageid: 941
perma-cache: HIT
cdn-storageserver: NY-267
cdn-cachedat: 01/14/2024 08:47:12
cdn-pullzone: 775336
content-length: 42119
last-modified: Sun, 14 Jan 2024 08:35:57 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 704
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "65a39ced-a487"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: d74314a18e9c704381f41eb8bc72c43c
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 95VlSEfLMqeX36UVcHJuNlWEpwf.jpg
image.tmdb.org/t/p/w500/ 85 KB
86 KB 96ms
74ms Image
image/jpeg 2400:52e0:1a00::1068:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w500/95VlSEfLMqeX36UVcHJuNlWEpwf.jpg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1068:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1068 /
Resource Hash: dc7162f7468f17842c20f6566409a3387bbe6b024b2f7348ed7071b4f6f1023a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cdn-edgestorageid: 1067
perma-cache: HIT
cdn-storageserver: NY-346
cdn-cachedat: 01/26/2024 02:19:06
cdn-pullzone: 775336
content-length: 87186
last-modified: Mon, 08 Jan 2024 18:00:19 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 707
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "659c3833-15492"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: a169ce0fc26b251afd518fdfe4374a58
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 hr9rjR3J0xBBKmlJ4n3gHId9ccx.jpg
image.tmdb.org/t/p/w500/ 51 KB
51 KB 96ms
74ms Image
image/jpeg 2400:52e0:1a00::1068:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w500/hr9rjR3J0xBBKmlJ4n3gHId9ccx.jpg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1068:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1068 /
Resource Hash: 7bd567993d21b639dfb775bdc9fcb3591c712591af1650ff8f4aba823cc3bb4f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cdn-edgestorageid: 718
perma-cache: HIT
cdn-storageserver: NY-267
cdn-cachedat: 09/28/2023 11:50:24
cdn-pullzone: 775336
content-length: 52183
last-modified: Wed, 20 Sep 2023 01:46:52 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 693
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "650a4f0c-cbd7"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: 3293e0a4303cb92761303c9ff8877bdf
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 szDEqqarPi3YqiPLevm7LObYrDJ.jpg
image.tmdb.org/t/p/original/ 894 KB
895 KB 107ms
85ms Image
image/jpeg 2400:52e0:1a00::1068:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/original/szDEqqarPi3YqiPLevm7LObYrDJ.jpg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1068:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1068 /
Resource Hash: d90a2e4411818a1398fb46fb9fc9d42b2476df6af7e05b568d7b56e79262e6e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
cdn-edgestorageid: 1068
perma-cache: HIT
cdn-storageserver: NY-430
cdn-cachedat: 05/25/2023 14:20:30
cdn-pullzone: 775336
content-length: 915388
last-modified: Thu, 25 May 2023 13:41:29 GMT
server: BunnyCDN-IL1-1068
cdn-fileserver: 628
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: "646f6589-df7bc"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: 65f358eab85f292ebc2071fe6fc2b93e
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Pariah.2024.1080p.CAMRip.BE.jpg
catimages.org/images/2024/02/14/ 89 KB
89 KB 98ms
76ms Image
image/jpeg 2606:4700:3030::ac43:9df2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catimages.org/images/2024/02/14/Pariah.2024.1080p.CAMRip.BE.jpg

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:9df2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1d5ce8ed2bdf5c3f4e75363b70253d2c5c0c1a7f5a09991c66ac928e8f65c66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 293516
alt-svc: h3=":443"; ma=86400
content-length: 91135
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 14 Feb 2024 10:58:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0NRUnElF910jR0n6KUj7bC2mS86f4wtpmwy3K1gWJiANr6NYx9IOAuIU2s3of%2BRZRo939h6h0UcyYASWDv%2FzdM2TpgDNQASUvO6u2EvXWafQNHjUXmF%2FTmMvnZQzK5bAdJ5%2FTPC1c7c%2FkMmo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 857137b7db574bc0-BUF
expires: Sun, 14 Apr 2024 12:13:33 GMT

GET
H2 200 Lover.2024.1080p.CAMRip.TAM.jpg
catimages.org/images/2024/02/14/ 73 KB
73 KB 73ms
51ms Image
image/jpeg 2606:4700:3030::ac43:9df2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catimages.org/images/2024/02/14/Lover.2024.1080p.CAMRip.TAM.jpg

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:9df2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b500a42d47c75fcc188c3605b3f7f80d2f18f8471e06d739783a2ec164f95dd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 293516
alt-svc: h3=":443"; ma=86400
content-length: 74502
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 14 Feb 2024 10:52:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9F8f5Vko8WPZokctJ9au7PNQ0KP%2B79a%2BP8gdW5Jpf9jDIBmxCiPQvT7oYZv0XmiQ0QKLt3PO1ZmdFmYu2RIuNYGwssIYeShkdrvYLF22WJxbWuRm8HphxCDYD0HuBoyL4zdooxSbaQAgtcJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 857137b7db594bc0-BUF
expires: Sun, 14 Apr 2024 12:13:33 GMT

GET
H2 200 Kismat.2024.1080p.CAMRip.TE.jpg
catimages.org/images/2024/02/14/ 113 KB
113 KB 90ms
68ms Image
image/jpeg 2606:4700:3030::ac43:9df2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catimages.org/images/2024/02/14/Kismat.2024.1080p.CAMRip.TE.jpg

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:9df2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f580e5cbe9df9ea790ef820f2898d545788a860266a3d2107721f85e3b846a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 293516
alt-svc: h3=":443"; ma=86400
content-length: 115518
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 14 Feb 2024 10:48:31 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10F%2FOlABR5Wt4BUIGyioJaW8fFH2rcjj8%2BuTUpzi1t2CXd%2FuNl6jp3CjT6i1rm%2BcLpEM%2BbySnzwb%2B%2Bo9xCeiMh40PFacsBk4kSkPEP%2FRhZ19ebg56i31Fkf8eyKFPw93hGF4v%2F2rHo%2Fr%2FU7V"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 857137b7db5b4bc0-BUF
expires: Sun, 14 Apr 2024 12:13:33 GMT

GET
H2 200 Bootcut.Balaraju.2024.1080p.jpg
catimages.org/images/2024/02/14/ 106 KB
106 KB 97ms
75ms Image
image/jpeg 2606:4700:3030::ac43:9df2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catimages.org/images/2024/02/14/Bootcut.Balaraju.2024.1080p.jpg

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:9df2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

178330e83676d9a537c2ed6b2a6d7a2659968fa814b59ffa2c8e945a907c8d49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 293514
alt-svc: h3=":443"; ma=86400
content-length: 108373
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 14 Feb 2024 10:44:43 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBqIEVT7VYpC4sB769PVywHe%2BKTgv5UDZDQjV3sfXWf0UpaMQB0vwoRjjirdx8DVDQNcmx9uEXjWW71JJskeEZE5j6lBjHggxGdblqYsUmwWzP3tplqtVyZq8eOentk3Y6O5WQyXeNxVrP%2BP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 857137b7db5c4bc0-BUF
expires: Sun, 14 Apr 2024 12:13:35 GMT

GET
H2 200 Game.On.2024.1080p.HDCAM.TE.jpg
catimages.org/images/2024/02/14/ 69 KB
70 KB 97ms
75ms Image
image/jpeg 2606:4700:3030::ac43:9df2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://catimages.org/images/2024/02/14/Game.On.2024.1080p.HDCAM.TE.jpg

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:9df2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad1fe51b75ad5579fa08cd59cefbd7ee3d6fe9de30a1a9871e6eb416cea9884c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 293513
alt-svc: h3=":443"; ma=86400
content-length: 70653
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 14 Feb 2024 10:37:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azaISKChlhYlZD3zakOIQHV84Kzv0B5tzUwfsos2g%2FsujBq8VXpBroLXdOrU9hAcFSO9JxNe3083YmDd180%2FI9lDgAiN3J9GnAoPb%2BEBYfYozOH%2BhJK7T8O%2FZ9fdaZ6vUj7n4u9aHXhee0da"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 857137b7db5d4bc0-BUF
expires: Sun, 14 Apr 2024 12:13:35 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 90ms
27ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdhub4u.re/
Origin: https://hdhub4u.re
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 15:26:18 GMT
x-content-type-options: nosniff
age: 195551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 15:26:18 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNZ.ttf
fonts.gstatic.com/s/materialicons/v141/ 348 KB
171 KB 125ms
64ms Font
font/ttf 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v141/flUhRq6tzZclQEJ-Vdg-IuiaDsNZ.ttf

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/wp-content/litespeed/css/1b4db1ba498d8ea79199f317b12b9f98.css?ver=b9f98

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef149f08bdd2ff09a4e2c8573476b7b0f3fbb15b623954ade59899e7175bedda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdhub4u.re/
Origin: https://hdhub4u.re
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 17:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175076
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:11:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 17:59:14 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 100ms
31ms Script
text/javascript 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 17:15:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Feb 2025 17:15:52 GMT

GET
H3 200 script.min.js Show response
hdhub4u.re/wp-content/themes/9xhd/script/ 37 KB
11 KB 63ms
61ms Script
application/javascript 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hdhub4u.re/wp-content/themes/9xhd/script/script.min.js
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd98ca66f57803c3c6d80762727e5ae866f26a95b88de9ab1fff17657de3345a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/0.9177470730060231
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 30 Jan 2023 17:50:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 100976
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XpKkxy95pMoeG3RLwgvR2Yn07GkW5QN2F%2BJ1MDS4MRvEll5OYMganVtjFHU%2BAEEiCrDxVBrRl8xykzjsEDO4ge2AbdmEwXlDWQkKDk0iPIZgkY71%2BcY7moubtvw6nJ8RKhOxXhJOKS%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
cf-ray: 857137b6aea56aed-BUF
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jun 2024 09:20:11 GMT

GET
H/1.1 200
OK count.js Show response
hdhub4u-comments.disqus.com/ 1 KB
2 KB 115ms
18ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hdhub4u-comments.disqus.com/count.js

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 21:45:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=300; includeSubdomains
X-Amz-Cf-Pop: DFW3-C1
Age: 179
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 08 Feb 2024 18:44:04 GMT
Server: nginx
ETag: "65c520f4-367"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: evYOLdacCkE_MLxrq8v_jKMWJFm0rpCAlPrl06tNLNC5200ZJXJfuw==

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
18 KB 90ms
82ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdhub4u.re/
Origin: https://hdhub4u.re
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 16:33:15 GMT
x-content-type-options: nosniff
age: 191534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18668
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 16:33:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
70 KB 174ms
80ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-89947843-1

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7e2931cbccea83b1b14c2a1586c19746e81e693f20b5c15f00922fbaedaa908

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 70988
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 17 Feb 2024 21:45:29 GMT

GET
H2 200 faa2876b.js Show response
cdn77.coolserving.com/ 36 KB
14 KB 220ms
55ms Script
text/javascript 2a02:6ea0:c400::12
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.coolserving.com/faa2876b.js
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5c76ddb42f2f4e3c85ae7458f64dc086ac7e810dc918066b14a2ee8d3e4b8d6d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-77-nzt: EgwBWbuxDwH3f+kCAAwBnJI74gH3AQAAAA
x-accel-expires: @1709052281
date: Sat, 17 Feb 2024 21:45:29 GMT
content-encoding: gzip
x-77-age: 190848
x-77-pop: newyorkUSNY
server: CDN77-Turbo
etag: W/"02976a5fda0be8e5265728a77a83056dc"
x-77-nzt-ray: 49be140819aaa283f928d165d447452c
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/javascript
x-cache: HIT
x-age: 190847
x-accel-date: 1708015482

GET
H/1.1 403
Forbidden posts
bureauelderlydivine.com/api/ 0
0 569ms
36ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bureauelderlydivine.com/api/posts?token=Lzk5LzEwLzM4Lzk5MTAzODQwNzBlOGFhYzYwMzE4NzAzNTczMjM0NzhjLmpz
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 21:45:30 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden 4f4b6d4c10533cebc108ea520a776cca.js
monthcurrencybeam.com/4f/4b/6d/ 0
0 658ms
38ms Script
application/javascript 172.240.108.68
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://monthcurrencybeam.com/4f/4b/6d/4f4b6d4c10533cebc108ea520a776cca.js
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.108.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 21:45:30 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/ 430 KB
136 KB 45ms
11ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b085792cba4cacf7144409083b663be6d15686af10d7b3a1293aea5b7d9b3932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:33:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 707
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138611
x-xss-protection: 0
server: cafe
etag: 13668746270024245435
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 16 Feb 2025 21:33:42 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 61 B
79 B 177ms
109ms XHR
application/json 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=hdhub4u.re

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29770f01b88052c400040d96ff5dd4711392581e245fc895fa3499be92fc72eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55
x-xss-protection: 0
expires: Sat, 17 Feb 2024 21:45:29 GMT

GET
H3 200 normalize.min.css
hdhub4u.re/slider/css/ Frame E262 2 KB
1 KB 60ms
44ms Stylesheet
text/css 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hdhub4u.re/slider/css/normalize.min.css
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/slider/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66d71454ac7b48566e394ff9d3b588ee9a1e31cd16d2e7c23d60dc0331f0b6cd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 100977
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vFSpRTawEQXExBd4bARiGidQLbrBSqBfnHzWBohx8YWV9QUMD2SoLWoqEKIFzb24tmMS3HOYgN%2BcbBZ1xmY7v2ZlsYPvssOlfAhwIi17BeAefo2dm%2FWxCBk7HvxflPiO1UW%2BMSNjZN7"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
cf-ray: 857137b838156aed-BUF
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jun 2024 09:20:10 GMT

GET
H3 200 smartslider.min.css
hdhub4u.re/slider/css/ Frame E262 23 KB
4 KB 63ms
47ms Stylesheet
text/css 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hdhub4u.re/slider/css/smartslider.min.css
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/slider/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33e484423ef906a2b9ba964682e174bb252c3fed27676461a686dd2e21834c68

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 100977
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rf%2BYBkz%2F6MxRhXKPHG%2Bwv2WdvriGXqlI0HoyE6XYyp913nsynK%2FpcNUjeBE9XKhdpztshNLkgKANiioxUlPfsjs4qj2TY8mqzGCKfJN12q330bw8tKJGr93ig9JSKmUO1rqqX7cXZd6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
cf-ray: 857137b8382e6aed-BUF
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jun 2024 09:20:09 GMT

GET
H3 200 n2-j.min.js Show response
hdhub4u.re/slider/js/ Frame E262 108 KB
38 KB 68ms
52ms Script
application/javascript 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hdhub4u.re/slider/js/n2-j.min.js
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/slider/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c33b89f8f9654bd4773f3ffba902aa40ac78c8484bef37a96f885f919598d64

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 100977
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1LQZhcRhf2NvPqkGvBnB2jrqBhIPGeWqW3QViM88xLlAN0V1oodVxkUBTZjQ3XG9lZVSIHXKVxRXDJ8bXsAyls7cj7owqUDL%2FR0K1gONL5MBgq%2BLYWcKOtigjqVf18ju6jTU6iRkWFB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
cf-ray: 857137b838316aed-BUF
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jun 2024 09:20:10 GMT

GET
H3 200 nextend-gsap.min.js Show response
hdhub4u.re/slider/js/ Frame E262 97 KB
35 KB 118ms
103ms Script
application/javascript 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hdhub4u.re/slider/js/nextend-gsap.min.js
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/slider/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0224d72c3d2cd8261d34f6c41289a401874af6464513b59b35d8c0d86b1583d9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 100977
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRbxfIkHX4PPTzE%2BHE8AM3ueUrO0P3HiGUtEM6nMKclZTqREB%2BEMHyo7PqMUVX4s6UmsjDfgsivPRujsdLuOFkShpQLhy2o9BbkyQlBYbdsII7I8fqtHym0yAKl4U6YM0RLYmc%2BerpGA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
cf-ray: 857137b838336aed-BUF
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jun 2024 09:20:09 GMT

GET
H3 200 smartslider-frontend.min.js Show response
hdhub4u.re/slider/js/ Frame E262 229 KB
52 KB 191ms
176ms Script
application/javascript 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hdhub4u.re/slider/js/smartslider-frontend.min.js
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/slider/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f62c574b96692be0cb94c3921894089946d678b08d7692d7cfacf5e1ffcf35cb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 100977
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mauS74ERNHYUH8yWNi2XXg5KV1teTCJq5DhzMWIpT8lpNEs4oDo5IeG%2FLSVHDIjXDndFRSRLZNLtPiIKDe1fc%2B0nBCVCVjrxLQr5JvfMBYUAnt9m8b5Nz9IHPpUpDlgvtVE8YGZhii8d"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
cf-ray: 857137b838356aed-BUF
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jun 2024 09:20:10 GMT

GET
H3 200 smartslider-carousel-single-type-frontend.min.js Show response
hdhub4u.re/slider/js/ Frame E262 11 KB
3 KB 66ms
51ms Script
application/javascript 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hdhub4u.re/slider/js/smartslider-carousel-single-type-frontend.min.js
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/slider/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ab386f71fceca28b3d1e7764a0d53f222fa3c8e727598b5d5802df79331d6bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 100977
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4e8OYlTDKy5eGChLMFvpsAE%2BmyYHKQlcuEHPLgMtBIVPXMVmhNq76WNMr754a8se6p8%2F7wtDKYP3X9T%2BAbhJY3Jo0q0oB5kXrjeKiwaK4ebk7go65txmx7yWpz1MHCBEwDn6g8zO3ML"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
cf-ray: 857137b838376aed-BUF
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jun 2024 09:20:10 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
805 B 80ms
79ms Fetch
text/plain 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=675654944568816&correlator=1164990936519437&eid=31079959%2C31080856%2C31081139%2C31081226%2C31079240%2C31079525&output=ldjh&gdfp_req=1&vrg=202402130101&ptt=17&impl=fifs&iu_parts=21857590943%3A22898391074%2Cgdspike.com%2Cgdspike.com_anchor%2Cgdspike.com_interstitial&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=1x1%2C1x1&ifi=1&sfv=1-0-40&ists=3&fas=1%2C8&eri=4&sc=1&cookie_enabled=1&cdm=hdhub4u.re&abxe=1&dt=1708206329821&adxs=-9%2C-9&adys=-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=maxxfour.com&loc=https%3A%2F%2Fhdhub4u.re%2F0.9177470730060231&vis=1&psz=0x-1%7C0x-1&msz=0x-1%7C0x-1&fws=2%2C2&ohw=0%2C0&ga_vid=1409589444.1708206330&ga_sid=1708206330&ga_hid=660448023&ga_fc=false&dlt=1708206329201&idt=494&adks=3126589872%2C1366862700&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c6d9094eb844f880f0c3920165d9a56d374d3524ea5fecf307a1c074f849b30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 775
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hdhub4u.re
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
10 KB 657ms
656ms Fetch
text/plain 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=675654944568816&correlator=1164990936519437&eid=31079959%2C31080856%2C31081139%2C31081226%2C31079240%2C31079525&output=ldjh&gdfp_req=1&vrg=202402130101&ptt=17&impl=fifs&iu_parts=21857590943%3A22897900207%2Cmaxxfour.com%2Cmaxxfour.com_336x280_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=336x280&ifi=3&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=hdhub4u.re&abxe=1&dt=1708206329843&adxs=632&adys=362&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=maxxfour.com&loc=https%3A%2F%2Fhdhub4u.re%2F0.9177470730060231&vis=1&psz=1318x0&msz=1318x0&fws=4&ohw=1600&ga_vid=1409589444.1708206330&ga_sid=1708206330&ga_hid=660448023&ga_fc=false&dlt=1708206329201&idt=494&adks=4022176879&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

366df13410c07651ef230324c955c3c96735707a54dfa20c2f45b62238a5c95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10443
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hdhub4u.re
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 174 KB
46 KB 664ms
663ms Fetch
text/plain 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=675654944568816&correlator=1164990936519437&eid=31079959%2C31080856%2C31081139%2C31081226%2C31079240%2C31079525&output=ldjh&gdfp_req=1&vrg=202402130101&ptt=17&impl=fifs&iu_parts=21857590943%3A22898391074%2Cgdspike.com%2Cgdspike.com_300x600&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C160x600&ifi=4&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=hdhub4u.re&abxe=1&dt=1708206329854&adxs=1155&adys=448&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=gdspike.com&loc=https%3A%2F%2Fhdhub4u.re%2F0.9177470730060231&vis=1&psz=302x0&msz=302x0&fws=4&ohw=310&ga_vid=1409589444.1708206330&ga_sid=1708206330&ga_hid=660448023&ga_fc=false&dlt=1708206329201&idt=494&adks=919832463&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

163978ac95e2e8c5929bea2a5a4722724582e05a2ed6aa5ecb424c1e9f871352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47496
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hdhub4u.re
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 73 KB
17 KB 1346ms
1346ms Fetch
text/plain 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=675654944568816&correlator=1164990936519437&eid=31079959%2C31080856%2C31081139%2C31081226%2C31079240%2C31079525&output=ldjh&gdfp_req=1&vrg=202402130101&ptt=17&impl=fifs&iu_parts=21857590943%3A22898391074%2Cgdspike.com%2Cgdspike.com_300x600&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C160x600&ifi=5&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=hdhub4u.re&abxe=1&dt=1708206329862&adxs=1155&adys=603&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=gdspike.com&loc=https%3A%2F%2Fhdhub4u.re%2F0.9177470730060231&vis=1&psz=302x0&msz=302x0&fws=4&ohw=310&ga_vid=1409589444.1708206330&ga_sid=1708206330&ga_hid=660448023&ga_fc=false&dlt=1708206329201&idt=494&adks=919832448&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1e569dfcd857b578795498cbb75f7bfb3efbe0f70207362b5b131b0c41a8c91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:31 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17281
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hdhub4u.re
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5B95 6 KB
3 KB 128ms
40ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdhub4u.re/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 21:45:29 GMT
expires: Sun, 16 Feb 2025 21:45:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/ 45 KB
14 KB 26ms
26ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

edb3c01e1be23cd4ab06a59dd05ed00229349a2c70b703607ad37e618b6251d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:07:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38283
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14639
x-xss-protection: 0
server: cafe
etag: 18293442981272338312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 16 Feb 2025 11:07:26 GMT

GET
DATA 200
OK truncated
/ Frame E262 73 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97eb88015da141967b2879ea1f809c8588d4740b35508abf1330f4c309632d70

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 zyAaRDz8u3LlAl6W_b3rXYBGCJ8nnumfxlaiGJLnASAbmAHtqdorNG60OAd6lnMhF-Xge_NDpxm6PAU_ECRaX54rs9ZcN9Q3bi4fe5xYrqtam1-fxATn3PAppk5Dqu9ZhJynko5RWO_DMb2jA3ul1K1kbLkmTQJrVu2AvwT0P73ESp6DAUaB0D51FhFKIFmvKxtj-... Show response
coolserving.com/ 723 B
1 KB 607ms
256ms XHR
application/json 2606:4700:3033::6815:3dfe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coolserving.com/zyAaRDz8u3LlAl6W_b3rXYBGCJ8nnumfxlaiGJLnASAbmAHtqdorNG60OAd6lnMhF-Xge_NDpxm6PAU_ECRaX54rs9ZcN9Q3bi4fe5xYrqtam1-fxATn3PAppk5Dqu9ZhJynko5RWO_DMb2jA3ul1K1kbLkmTQJrVu2AvwT0P73ESp6DAUaB0D51FhFKIFmvKxtj-FJC1Uo3WNuYd0a8K87uZMBqIRxatfR5u16FRuv3sVdayZlzv4qpRMJkBMlVM3o_qsZ0AGZ1WUq5Bav1NqhpHCDxAgOH90y5BP4LKVrB09AzQlAy8M60j4OKdnRRPyZ5LoPgGF85Zom4aHrEKl2KjdNZkPb_ijMF8zYjQAUw_ASToYR9idUXd303jh3A7MlejXHgyorCnP5En-gt_EYt1RnbhtNf5z6W_k9ZRlS4RojLxk1cAXpJuFiVLOcopHAodkGQPKGdZPU_Sw6P3e2RcSUrrvffq-EFMjsubijBIve6Ru8zo5YOv5z7LhbXdxfaBDcJNsffYsNYGonU3sZC9x5Onbv4cGTWW3w9TtlEERkde?
Requested by: Host: cdn77.coolserving.com
URL: https://cdn77.coolserving.com/faa2876b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3dfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ecad2d0f6a8937e4c51959157e67df59567085aa496b71276bf7b3ac844ab3a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="CAO PSA OUR"
alt-svc: h3=":443"; ma=86400
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Wb0AuMLzmyXp9f%2FjZ5glesLoTnKF8XOByl3gFPUIq4L7UBqrp9Jj49eYDqlENgXL31q%2Fp447yQvgpalLWNZloGVHWRPWblpecdzdHIZA%2FsKKlFgoHHn7iWIGskoKXrGD0YrlJolIxrybHBn1xc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://hdhub4u.re
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
cf-ray: 857137bd3d1c4bcf-BUF
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 318ms
103ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: bygliscortor.com
URL: https://bygliscortor.com/401/6981480

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3c998dd8e91dd8207d8d2fdc223e58340c6f691bdd0164a8d87851d7ba64ce4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hdhub4u.re
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 tenet-poster-hdhub4u.jpeg
hdhub4u.re/slider/images/ Frame E262 18 KB
18 KB 46ms
40ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/tenet-poster-hdhub4u.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f72dff2441fdd5731348f15ec6c819ccd192cdce11d922150b22f1d5134f9c75

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100977
alt-svc: h3=":443"; ma=86400
content-length: 18358
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbM2ecdJVV7q95BpJMYfd3HmyWuKbbmzcTVjTD%2BShv9Fi81RjW73l8%2FB55bJq4rFHhvsD6kfM6dJ2ol2uaKEXvBL19V66LF7SeuwUrHb7JNk0W5SNfW0qaPCN14%2BNIL%2BygXeoONk7LS4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bbfceb6aed-BUF
expires: Fri, 07 Jun 2024 09:20:11 GMT

GET
H3 200 mirzapur2.jpeg
hdhub4u.re/slider/images/ Frame E262 22 KB
22 KB 47ms
41ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/mirzapur2.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c0e999014e6fcb85c8d78c040532ec0427b81c10b28689d5befff105c45d1a7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100977
alt-svc: h3=":443"; ma=86400
content-length: 22249
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FdWfwtxt0RuBTWgQXV%2BOxyozqgWop9gIfT1lzB5oNJ13crzR3upKbHZPSCiQie3sIm8OlK4uVq2jE8Zct2hJLJm44uAMV65cNcnYvl%2BpcHwu5tmfGp%2FjHNj8VDyeFsb3GWY14an9nkSn"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bbfcec6aed-BUF
expires: Fri, 07 Jun 2024 09:20:11 GMT

GET
H3 200 mcu.p-i-ii-iii.jpeg
hdhub4u.re/slider/images/ Frame E262 21 KB
21 KB 75ms
69ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/mcu.p-i-ii-iii.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e58cb050ecc9efa1dd9731d927771a31ab9067cc8854ef0a696361f3266a540

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100977
alt-svc: h3=":443"; ma=86400
content-length: 21457
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XrCcTyG%2FkiVXxufyW2DajlXNBNGiov7PeiapuXpskzr22o0%2FD%2BNHSbZBmJA6ZzeBz6qqPgLWe5AwgRVTptT%2BDrKNN%2BbDFdAHljwSwcs7Ewx92o%2FkoNIqJrYIaVi8h4DwvOpOy%2B2SnUO0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bbfcee6aed-BUF
expires: Fri, 07 Jun 2024 09:20:11 GMT

GET
H3 200 gandi-baat-s05-poster-hdhub4u.link_.jpeg
hdhub4u.re/slider/images/ Frame E262 25 KB
25 KB 81ms
76ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/gandi-baat-s05-poster-hdhub4u.link_.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c695ddd33411d4dba4b7cf4cd1c795d2f565a3a1dbbe2799620c4c70a401734e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100977
alt-svc: h3=":443"; ma=86400
content-length: 25407
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D1qExBLbJpLSrOGHoMwvu%2Bjks3pP2Hf4TJ824czvaUWCy9HI4%2BZ5ozwc%2Fb%2BbBEZtD8AI8qgP77O%2Bn39YLQWt9U2IJ9%2BC1L0pgdYQWCWk0Xh7kO7gB3E586AS9byaZS%2BA0dIqmUFidIxy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bbfcf16aed-BUF
expires: Fri, 07 Jun 2024 09:20:11 GMT

GET
H3 200 axdkuzw36xivzmpjz7kkz5budzf.jpeg
hdhub4u.re/slider/images/ Frame E262 16 KB
17 KB 52ms
46ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/axdkuzw36xivzmpjz7kkz5budzf.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc364d7510f9b17a67ee3e9aedc57fca35db4abe6a783f0ffa6a79a1bc8ba13f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100977
alt-svc: h3=":443"; ma=86400
content-length: 16751
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80lK0HaG0%2BGQd7RMWU9UCpdkhQwq6E7bt3UErplZgqTamMCvPS6Q93PprgwSoK2klFbvQ32Nt1U1%2FLxaiVR3rRYD4q03w68g%2FbhHIGcQz%2B9yvthKhvrnESHMe1x4E2yfR1OdhOn2L6ta"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bbfcf36aed-BUF
expires: Fri, 07 Jun 2024 09:20:11 GMT

GET
H3 200 mv5bmdjinzuwyzetnmq2yy00nwe4lwewnzctm2m0mje0oguxzta3xkeyxkfqcgdeqxvymtmxodk2otu_v1_sy1000_cr006751000_al_.jpeg
hdhub4u.re/slider/images/ Frame E262 14 KB
15 KB 109ms
104ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/mv5bmdjinzuwyzetnmq2yy00nwe4lwewnzctm2m0mje0oguxzta3xkeyxkfqcgdeqxvymtmxodk2otu_v1_sy1000_cr006751000_al_.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee35da34ad87787d0ccd98bdf76bf87472440b4db131bb654ee488266e5cda97

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100977
alt-svc: h3=":443"; ma=86400
content-length: 14364
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nEt6l0KX%2B7oNwAnkqb5b0ko7ghfkg75A33iXEEyWRoR6pNFAY3S%2Bo2oosgj8dluCl8V%2BwyeXOW%2BmErFqUhfGiEs15ffoQZ%2B6YEcwpd3F1yJ5FvPdhsAzkIuIoACRmhx%2BZV57qaGvsqmO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bbfcf56aed-BUF
expires: Fri, 07 Jun 2024 09:20:11 GMT

GET
H3 200 the-family-man-poster-hdhub4u.jpeg
hdhub4u.re/slider/images/ Frame E262 19 KB
20 KB 109ms
104ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/the-family-man-poster-hdhub4u.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c048682d98b95d9e7b87863ae6cee20656084eeffbb7c3866e2cb35d72ac241

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100977
alt-svc: h3=":443"; ma=86400
content-length: 19871
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1bdSP7mALncZ%2FCiYDixDi8MeIyXdF8NwTbiibHhTmHpzTN7XyrSPLSk%2BaF1sLwLvrnfhc9VYJA0NzzXK1S06h0ejdbHS5AEqq9RiKnMd2fn2VzxmdLCwcWc7w5Llk7d3xAev2mPMzwQ2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bbfcf76aed-BUF
expires: Fri, 07 Jun 2024 09:20:11 GMT

GET
H3 200 174127-1.jpeg
hdhub4u.re/slider/images/ Frame E262 21 KB
22 KB 119ms
115ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/174127-1.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ab35e657657777dfd6fe0bfdace38cd2e535dd11fefaea082ada8933e6f998d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100977
alt-svc: h3=":443"; ma=86400
content-length: 21570
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TjjqNtMmYYhmXbHRL4%2FxV%2FLfVQnukvRgveCJ6XJ4cbjo4cSsE6AYApMBUb5s3be2jT3TGqbYBDtiXUtpXkaGTV0mwGVRG66zGC6Xecof4MbWkmAqeT5z7QYmBK6pRPpQvWuwC0CCM4U"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bbfcf96aed-BUF
expires: Fri, 07 Jun 2024 09:20:11 GMT

GET
H3 200 65071e2a5874189ffbe5928a53f4cbb7-1.jpeg
hdhub4u.re/slider/images/ Frame E262 23 KB
24 KB 139ms
134ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/65071e2a5874189ffbe5928a53f4cbb7-1.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43faccf52ac8ad0e0c7df42891fd7fffcab85881cde34fae91e2899363413c7a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100977
alt-svc: h3=":443"; ma=86400
content-length: 23904
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7O53O1GsbGqFRVfDpNaEh7h8CIqMYvRfpzWo0ArdSRAJQtf6ivkk6NVtJvZK8rrmpGiRBfniJk1D12aA4sDgoa8gwg%2FDxqCicHhQXsZWTIexoui0BDFUgxzDnvGi3aRIZ4ZRcXpYit5i"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bbfcfa6aed-BUF
expires: Fri, 07 Jun 2024 09:20:11 GMT

GET
H3 200 hostages.s02.poster.jpeg
hdhub4u.re/slider/images/ Frame E262 18 KB
18 KB 147ms
143ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/hostages.s02.poster.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d837a0efb1c1037a22e43efaa347147392c289036b0f147e5607b830f9d921f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100976
alt-svc: h3=":443"; ma=86400
content-length: 17968
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqeVLjLHVieCohOv0R1GdD5VF7FqnTWI8MqmtDg%2BUt0irLo0G0tfzjlLsqedRXZdZplhIpUwsJao6Enfq3fk9P9407gpIknU4UUAtGtu6by2%2FAH0Xs%2Fe7dCOMkPJEX%2BAk1vaR3jGk9SK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bbfcfb6aed-BUF
expires: Fri, 07 Jun 2024 09:20:11 GMT

GET
H3 200 1b721396f789e8be4f175175962b2a90.jpeg
hdhub4u.re/slider/images/ Frame E262 20 KB
20 KB 170ms
166ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/1b721396f789e8be4f175175962b2a90.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f413a963dad82bc5ceb5ff9478412d479b84ce9c4d33d91f6bcdd15b4132779

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100976
alt-svc: h3=":443"; ma=86400
content-length: 20031
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=il2aVTfj%2FBHhwyu7XTsopm2%2BTJuWEtTOA285bTvSJnANBPKJzcPPnvBwzx%2FpzaNFPMMi9D%2Bf%2FfCK5%2Fj2ZEJsvTePOXUJiPQT%2FtSNdEcCWI5JrDAWqfDwEOn0rtjGawmYp1RHFh%2Buirnp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bbfcfc6aed-BUF
expires: Fri, 07 Jun 2024 09:20:11 GMT

GET
H3 200 scam1992_portrait_thumb_gen.jpeg
hdhub4u.re/slider/images/ Frame E262 21 KB
22 KB 205ms
202ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/scam1992_portrait_thumb_gen.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d0038f40c8fdc05673f459191b1c800442d4dc946ba6742395a55904931528c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100976
alt-svc: h3=":443"; ma=86400
content-length: 21784
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qBD0a6CqpP5HA97cNgP623p%2FLXCxtcYh6iwnKWGC6I5sXR7k7TmlEprE4VW8ERRRfONl3ClqOeogzsuGPoirMzV%2BUrqjQQizIBVkGx8nhWDfRERHkHcjIWouMvJJQ5dkfHpBVEOU8RlW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bbfcfd6aed-BUF
expires: Fri, 07 Jun 2024 09:20:12 GMT

GET
H3 200 wsxjho9whlb0acwvqrtco7vomwa.jpeg
hdhub4u.re/slider/images/ Frame E262 27 KB
28 KB 175ms
171ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/wsxjho9whlb0acwvqrtco7vomwa.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a371516d364b42b9be530eff2fe670d63d522aa584ca47036aa4a359e8583c6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100976
alt-svc: h3=":443"; ma=86400
content-length: 27936
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21pzmHNwntf1bRTiR1DcTrE3FMn7gv6F2rG7fUou6TwwVc6c9wUJD%2FK82ZetaM5FZNqDC5OyudwtQDY%2BFti%2FJiKZ7k%2FsLVoOxM3EG22xesTA0aSxgFfa7u0UC8i3UQEQS5m25RbccWXE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bbfcfe6aed-BUF
expires: Fri, 07 Jun 2024 09:20:12 GMT

GET
H3 200 5959e28954f39ac422d9802a36497741.jpeg
hdhub4u.re/slider/images/ Frame E262 179 KB
180 KB 204ms
201ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/5959e28954f39ac422d9802a36497741.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 371081b3096d2f86467a072296b3f764ae833f59ac8d392f4b573e6d4eeeffde

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100976
alt-svc: h3=":443"; ma=86400
content-length: 183281
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m1C%2FtM2rQqsl8cQEQKOZS4bp51VyVvLStxun0iMiHmC6efCGfhFifizEbgEvWdxykxI9HYqZ43POYcHK5WOnpHKKTPzKQNMCoryYIaMums3TyCLjQloKfi3ribDe4Ur6yxWnkS93psVC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bbfcff6aed-BUF
expires: Fri, 07 Jun 2024 09:20:12 GMT

GET
H3 200 ciwaesuu15rl4zivikw2bfmakvd.jpeg
hdhub4u.re/slider/images/ Frame E262 16 KB
17 KB 328ms
325ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/ciwaesuu15rl4zivikw2bfmakvd.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fbcf68ebb3b0f14fa80a9e4238d152e00fb4b3d8c453dd652db63ad4cbbf018

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100976
alt-svc: h3=":443"; ma=86400
content-length: 16836
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7rKQfzcmyUOSZdSENZplVNM8Jl2yycK6gavcjEqn6%2BsTaDVy9UHGflNCkVyd7PZkl0RNwhtgK5hh1LqK57obl%2F4fcrn1%2Bo6bo18odLQ3TCQy87b3QXK0sq36ZfNZrFttYcIr3Js%2F68Jq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bbfd006aed-BUF
expires: Fri, 07 Jun 2024 09:20:12 GMT

GET
H3 200 ebcdgcpucaatayu.jpeg
hdhub4u.re/slider/images/ Frame E262 19 KB
20 KB 333ms
330ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/ebcdgcpucaatayu.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99e174a614d7cc5225fbc175fdd582b69e9e097d5111092bfe2f5f32370ada18

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100976
alt-svc: h3=":443"; ma=86400
content-length: 19959
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmsHKHPMW8aubSMRxblykHaI%2BRcqihG3I2PPXcahnpQEH%2BGX%2BFfyUYDrxbwIBoW9o%2F2z1mzN7rKcBphwfuK3dC9%2BNsfSVqBlnQLNrDIl5ZP82w%2FBeocw%2BfSfLoHma8rIDfC%2BOZpdNzT6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bbfd016aed-BUF
expires: Fri, 07 Jun 2024 09:20:12 GMT

GET
H3 200 v-movie-poster-hdhub4u.jpeg
hdhub4u.re/slider/images/ Frame E262 14 KB
15 KB 349ms
347ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/v-movie-poster-hdhub4u.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 588e2b076a5f4767c9d4e8afd7eb89b4498ec9cd250e81f86fbeb23c95911cb6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100976
alt-svc: h3=":443"; ma=86400
content-length: 14641
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IUp40r%2FY%2FJonKaSoRxKz8UCU6gQJvRqxcqs3gWY0sYLueARrVuNPGhQstwL4BXB0R8SA8LSwgQccmyecLFpqfxGILBe3N36v5axobWoF2pIiTDaRYVb%2Flb86D4nULHatTvSGcuWm7i0J"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bbfd026aed-BUF
expires: Fri, 07 Jun 2024 09:20:12 GMT

GET
H3 200 e5c6174f35c27f03f35febbb11f1f0b1.jpeg
hdhub4u.re/slider/images/ Frame E262 201 KB
202 KB 352ms
349ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/e5c6174f35c27f03f35febbb11f1f0b1.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fb566e2e6e4132f147ae593fdd61bdd7af5306880e8fcfe9e2c646d50758a5c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100976
alt-svc: h3=":443"; ma=86400
content-length: 205847
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSFrWRqcmbFVRXRt0P5U3tsU9MJLk7uo7lE25OV0jc%2FHXYlFzj7lo%2F1vwSSpAhpz1YlS01RakEE1pp59BZlCI693bftHsFVckY9TUCfbayNJYckPL6pQXs6Sxfea5ZDSSnxbe%2FDMXIq0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bbfd036aed-BUF
expires: Fri, 07 Jun 2024 09:20:12 GMT

GET
H3 200 844a89f324afd743543d9054c4d19f4f.jpeg
hdhub4u.re/slider/images/ Frame E262 10 KB
11 KB 465ms
463ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/844a89f324afd743543d9054c4d19f4f.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7d8e505ff6c9946a04f052c518d35e92fda3b29dac7f9b40e86b6dfb89adbab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100976
alt-svc: h3=":443"; ma=86400
content-length: 10616
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rH62koV%2B5tbAT6lolfeljYcsxRTJAmMxe225qGkyf0U4IVUuSIHQeB4QP7cMDfR1MD1VZ7v7QyEgErXh%2BdzLud1kQUKoeXCzqas%2FK7XDGfOr8RJZxk6dWQBYrzVHgLdqSrOVvp77%2BkBQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bbfd046aed-BUF
expires: Fri, 07 Jun 2024 09:20:12 GMT

GET
H3 200 28917_front.jpeg
hdhub4u.re/slider/images/ Frame E262 8 KB
9 KB 471ms
469ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/28917_front.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0964e3486392c454c00143d8816a05843b79cff6b1de609c0b8d322f323b17f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100976
alt-svc: h3=":443"; ma=86400
content-length: 8334
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LuJKuBa3ZXNnngD2UFPFT7RIPS4TF3ZZFUw9qY7pE7e%2FbRPWOraiUQZPKXkwqg0YciC1ppRdwOSqGkv3tZXoAM6dYhbden8ipJgEEc1S1351i32dJFKzpTK1NHi%2BTz0QMXl2rCo0TqGn"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bbfd056aed-BUF
expires: Fri, 07 Jun 2024 09:20:12 GMT

GET
H3 200 285621529ae4195f00a2270a5c932f71.jpeg
hdhub4u.re/slider/images/ Frame E262 9 KB
9 KB 485ms
483ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/285621529ae4195f00a2270a5c932f71.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7074ed8d7df2c612fe5f7d4e6a8bc8b8d728107d91ff9aa3f8c32f8d2baef95

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100976
alt-svc: h3=":443"; ma=86400
content-length: 8729
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Ye68AswNxAG2S9JTEiE24KlrUL9mJZrb48mzIlMwEUrD1n5qstebPuJqsELpeiuEAqvkdN%2B0P3Tb%2FKt5bGENCCHDy08xXnyj74ZzV7FWlrd0ATbvGXnswjeZ9n8nFIPDgGiGK3X51uO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bbfd076aed-BUF
expires: Fri, 07 Jun 2024 09:20:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
93 KB 64ms
51ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QFVL8KLXT6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89947843-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0115e2a546a748f5db2f68912db503dadda30b2e1f11516bb1c7e8c50bff8063

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94994
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 17 Feb 2024 21:45:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 106ms
25ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89947843-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 17 Feb 2024 19:51:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6828
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 17 Feb 2024 21:51:42 GMT

GET
H3 200 tenet-poster-hdhub4u.jpeg
hdhub4u.re/slider/images/ Frame E262 18 KB
18 KB 395ms
394ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/tenet-poster-hdhub4u.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/slider/js/n2-j.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f72dff2441fdd5731348f15ec6c819ccd192cdce11d922150b22f1d5134f9c75

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100977
alt-svc: h3=":443"; ma=86400
content-length: 18358
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opibQw6Dc4mii1Lenm1teIS8LXQ1WU4ELK9HoO1%2BCPfxGcltPaDcJ%2B4zpBTkTT6tPJ0sH7B9bfCmS9lWskd616s%2BHK4mq7dAewtzwnJhhRQeVZnc4a2c1iJ9OyNo3ogicqcbx0TcFGWE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bc9d7f6aed-BUF
expires: Fri, 07 Jun 2024 09:20:11 GMT

GET
H3 200 mirzapur2.jpeg
hdhub4u.re/slider/images/ Frame E262 22 KB
22 KB 400ms
399ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/mirzapur2.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/slider/js/n2-j.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c0e999014e6fcb85c8d78c040532ec0427b81c10b28689d5befff105c45d1a7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100977
alt-svc: h3=":443"; ma=86400
content-length: 22249
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTfheHQP0yprBdDUajsLsJCK0N50EfEEeBthotWk8fqL8tPkHVldvGUj175UnAWhoa8DpFAwJpzcGmvi5lX2MB19mhttqxgAp0GdktFYQQr42wmCEiq0xd7gnUCxj4HBOwFAlyTlHmVj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bc9d806aed-BUF
expires: Fri, 07 Jun 2024 09:20:11 GMT

GET
H3 200 mcu.p-i-ii-iii.jpeg
hdhub4u.re/slider/images/ Frame E262 21 KB
21 KB 443ms
442ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/mcu.p-i-ii-iii.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/slider/js/n2-j.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e58cb050ecc9efa1dd9731d927771a31ab9067cc8854ef0a696361f3266a540

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100977
alt-svc: h3=":443"; ma=86400
content-length: 21457
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYMM7eUMIgLLcc%2BCTsxDAFl9xyQRmvk9PcScavscRh%2FbnR6aRMAIyawTMErr%2FDjE5i6umpTJpo3ZHyYfd7D0z%2Fpo9i0nTY4VKMbZEt8T1kHWcYwfZQa9bnndAzhog%2Bhmig%2BjPI3%2BefNf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bc9d816aed-BUF
expires: Fri, 07 Jun 2024 09:20:11 GMT

GET
H3 200 gandi-baat-s05-poster-hdhub4u.link_.jpeg
hdhub4u.re/slider/images/ Frame E262 25 KB
25 KB 443ms
442ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/gandi-baat-s05-poster-hdhub4u.link_.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/slider/js/n2-j.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c695ddd33411d4dba4b7cf4cd1c795d2f565a3a1dbbe2799620c4c70a401734e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100977
alt-svc: h3=":443"; ma=86400
content-length: 25407
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0nvzQZXcacG8M4bEWdQBamjibgAFXOunkOHIApupTC6%2FY%2F3Z363NUJIf5zQrk%2BUnnoTWSOISwlMgJQ5y3Rd3Y8KAtdSJZ%2Ba87nfUtD3drJ9sBkD3EmP1BUdYykLHxOjo2VS7sUIKH0oA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bc9d826aed-BUF
expires: Fri, 07 Jun 2024 09:20:11 GMT

GET
H3 200 axdkuzw36xivzmpjz7kkz5budzf.jpeg
hdhub4u.re/slider/images/ Frame E262 16 KB
17 KB 440ms
439ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/axdkuzw36xivzmpjz7kkz5budzf.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/slider/js/n2-j.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc364d7510f9b17a67ee3e9aedc57fca35db4abe6a783f0ffa6a79a1bc8ba13f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100977
alt-svc: h3=":443"; ma=86400
content-length: 16751
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4MJf5i18H9AVTLBovduCrJfhcYWYSv7dyXUc3OkyLo7AISLctKl%2BaEicKGbUFy6HFK1pcbo9cFtjomYiUwpgDiS8DAp8W5mcSTuSi7lzokHVFZcADx8nf0r5bxX60bAr%2BglN7Gv6EF%2FP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bcad896aed-BUF
expires: Fri, 07 Jun 2024 09:20:11 GMT

GET
H3 200 mv5bmdjinzuwyzetnmq2yy00nwe4lwewnzctm2m0mje0oguxzta3xkeyxkfqcgdeqxvymtmxodk2otu_v1_sy1000_cr006751000_al_.jpeg
hdhub4u.re/slider/images/ Frame E262 14 KB
15 KB 450ms
449ms Image
image/jpeg 2606:4700:3032::6815:41fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdhub4u.re/slider/images/mv5bmdjinzuwyzetnmq2yy00nwe4lwewnzctm2m0mje0oguxzta3xkeyxkfqcgdeqxvymtmxodk2otu_v1_sy1000_cr006751000_al_.jpeg
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/slider/js/n2-j.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:41fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee35da34ad87787d0ccd98bdf76bf87472440b4db131bb654ee488266e5cda97

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/slider/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100977
alt-svc: h3=":443"; ma=86400
content-length: 14364
last-modified: Wed, 11 Aug 2021 20:53:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2B8Yx7%2BrgsI4D%2ByvXOmAgrtYsZ%2F2MdNBYZ4ZNRe6dYwO3XhMj%2BPx6b%2FOv4GujSk6JZsdg4nEyLWHX98rmIq4H1rrefe1zdJ4jPNm4Ff7YsrJM7LrzTK8xHaiHGnvSRAI5I%2FRr1wgPtiz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=9646676
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857137bcad8b6aed-BUF
expires: Fri, 07 Jun 2024 09:20:11 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
203 B 43ms
37ms XHR
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=660448023&t=pageview&_s=1&dl=https%3A%2F%2Fhdhub4u.re%2F0.9177470730060231&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%E2%80%94&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1474334683&gjid=898867484&cid=1409589444.1708206330&tid=UA-89947843-1&_gid=1760992644.1708206330&_r=1&gtm=457e42e0za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=22636889

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hdhub4u.re/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:45:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hdhub4u.re
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 stattag.js Show response
tzegilo.com/ 19 KB
8 KB 117ms
37ms Script
application/javascript 2606:4700:3036::ac43:c134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tzegilo.com/stattag.js
Requested by: Host: bygliscortor.com
URL: https://bygliscortor.com/401/6981480
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Feb 2024 12:51:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4083
etag: W/"65c37cc1-4ac0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLjYGJ3CzSvGQQF%2FOv%2FfF49ZyNzd04piPglDn1r0qOQOMuHhKqjfKDcRlCgYZ8yFL4YFoX8QEuZHsXBN3DvzxdiEVF1uYTnaoamxQM0H7I84U3Qy68umVDQ3VcAH7ZqUtk445KP7Hi3%2BgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 857137be0a8f4bc1-BUF
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc: h3=":443"; ma=86400

GET
H2 200 6981480 Show response
bygliscortor.com/500/ 1 KB
2 KB 207ms
200ms XHR
application/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bygliscortor.com/500/6981480?excludes=&oaid=82a89e520dfe4cfc968b91da9bf8eacc&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Fhdhub4u.re%2F0.9177470730060231&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&js_build=8&sw_version=v1.320.0

Requested by

Host: bygliscortor.com
URL: https://bygliscortor.com/401/6981480

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

a7b68dc85c8d7f4e3fdcfd61c9c41e633638239cf071cae0c7c802ffcba2f1bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://hdhub4u.re/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 8e09ee7f0e7f5c85a47759cee4664af6
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://hdhub4u.re
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 6981480
bygliscortor.com/500/ Frame 0
0 305ms
99ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://hdhub4u.re
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://hdhub4u.re
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Sat, 17 Feb 2024 21:45:30 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 40ms
39ms Ping
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-QFVL8KLXT6&gtm=45je42e0v9104276498za200&_p=1708206329585&gcd=13l3l3l3l1&npa=0&dma=0&cid=1409589444.1708206330&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1708206330&sct=1&seg=0&dl=https%3A%2F%2Fhdhub4u.re%2F0.9177470730060231&dt=Page%20not%20found%20%E2%80%94&en=page_view&_fv=1&_ss=1&tfd=2291
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QFVL8KLXT6&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:45:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hdhub4u.re
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0D92 6 KB
3 KB 27ms
26ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdhub4u.re/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 21:45:29 GMT
expires: Sun, 16 Feb 2025 21:45:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9F74 6 KB
3 KB 32ms
23ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdhub4u.re/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 21:45:29 GMT
expires: Sun, 16 Feb 2025 21:45:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5D60 624 B
825 B 187ms
57ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxicu8yBAjAB&v=APEucNXem8D_oxI9O5P6qJMPXd4msn6I1O87Gs-xY-FXfd68Ty4sOQJseZRfhTlM7xUrsI9M_Q-OgIkeiGik1kBTL6S7amrM9A

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 21:45:30 GMT
expires: Sat, 17 Feb 2024 21:45:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B1F0 93 KB
33 KB 221ms
94ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 21:45:30 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame B1F0 3 KB
1 KB 159ms
28ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:24:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame B1F0 20 KB
8 KB 157ms
27ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 12:56:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31749
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 12:56:21 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/m202401250101/ Frame B1F0 205 KB
62 KB 154ms
30ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/m202401250101/ufs_web_display.js

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7235f7fbb2b5be1ce3b1ef0ca72f7e7b13b9634144966c70c041c52793a9926

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 08:44:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46861
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63253
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 16 Feb 2025 08:44:29 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B1F0 42 B
173 B 259ms
135ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DfTGI95tt0eSgJ2UaWaJ01mBYaJ0jKIX7bBgFSgoAT50cEPoF9dOksoNvEG2WvsMnF9--TD_M0QhWv-LiVzfRLFeHJaP1kxUw_r1nDOvgAl_p5chM

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:45:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK add Show response
fleraprt.com/log/ 12 B
480 B 349ms
104ms XHR
application/json 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=de70b24c-b71b-47bc-861a-6289d38a1f2a
Requested by: Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer: https://hdhub4u.re/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 17 Feb 2024 21:45:31 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://hdhub4u.re
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 12

GET
H2 200 z53H25eFgED0n3KBJnxoYTmv_eF1MZdIuiFkAJVrLWXcR9emOhpNbjflUzw9sjtpGCBl9JqoqBhkoLKP54iS_e1Y3-tRW7w6kD4vkYoWoobeO5E2Cz_zbfRDn_sjqawE4UjmiMcC4mEbD_WwUSacH1yY0uUmINmRU1RnluKhUpVhNiRqPiKjlQBHPjiubtJJpcF68...
coolserving.com/ 49 B
404 B 180ms
150ms Image
image/gif 2606:4700:3033::6815:3dfe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coolserving.com/z53H25eFgED0n3KBJnxoYTmv_eF1MZdIuiFkAJVrLWXcR9emOhpNbjflUzw9sjtpGCBl9JqoqBhkoLKP54iS_e1Y3-tRW7w6kD4vkYoWoobeO5E2Cz_zbfRDn_sjqawE4UjmiMcC4mEbD_WwUSacH1yY0uUmINmRU1RnluKhUpVhNiRqPiKjlQBHPjiubtJJpcF681sha8vAL7dbRSfa630f3pjR_dlqPKUeq44zbwync_Ec_Syozh5C3plLxGRf1FylKR_qVuaAQ0BTm5Zi32DqVRAIRVxE7qQAetRtKfn6Sw6eWt4xEaowXuEkX4chbtjEBTn3C-aYPm_WSmlgAF9RNbG51u54AlPxLaBMOpUEVRGA2PxrQzl6HKFkwghI9E2cQinP8rAQrxiTfQ6Q4KYk8gMVAsl4Vt3pXsgY8EryEaM16pxnv8ckFT7wFxEzz9zAxTgxJFUJwHWPdTsto9oYBZRG1FZEX7aM9xG5UetsqXSNotWjPJ_Vr-qlk?DC=HZ
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3dfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="CAO PSA OUR"
alt-svc: h3=":443"; ma=86400
content-length: 49
pragma: no-cache
last-modified: Tue, 12 Dec 2023 08:06:46 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
server: cloudflare
etag: W/"49-1702368406000"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9P%2BF7n04cNnCwuCw7ZrD%2B%2B1yTikSGur59Vv74AQ9XXKlyxy35NNhCypkAgATPJb6FzpAqOdDMl%2Bi%2BeXJ4tZ%2FVhezK%2FFJ%2BTte4wPVpNmqmFsMp%2F2YKeyqAGeK6MzXyVNkcd24VRvWpQwe3keJ1m4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
cf-ray: 857137bfe9104bcf-BUF
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9F74 4 KB
655 B 185ms
79ms Stylesheet
text/css 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
URL: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

662dbb2e9a1eaa62f25fd7d00eca3d78b8112c88f96f064a49aca4a6be2892d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 21:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 21:39:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 21:45:30 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 9F74 2 KB
902 B 62ms
42ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
URL: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 20:51:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 20:51:38 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 9F74 23 KB
9 KB 60ms
43ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
URL: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:24:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 9F74 3 KB
1 KB 60ms
44ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
URL: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:24:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 9F74 20 KB
8 KB 57ms
41ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
URL: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 12:56:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31749
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 12:56:21 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9F74 204 KB
62 KB 66ms
53ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
URL: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:01:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 22:01:35 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 9F74 36 KB
15 KB 133ms
33ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
URL: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 05:57:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 May 2024 02:53:57 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 181ms
91ms Fetch
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://hdhub4u.re/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 9F74 37 KB
38 KB 189ms
26ms Image
image/jpeg 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRaDraseMjROSJIBSMuocO14X3AdBv6h0KuvcbBbWYhVYt9ziCIYXWHvhAMKgM&usqp=CAI

Requested by

Host: f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
URL: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9428395c0fada5f1ccb62b0fd1adea2f73f873dd5eab81628ce6577ba978b13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 18:07:27 GMT
x-content-type-options: nosniff
age: 185884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38355
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 05:34:36 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 14 Feb 2025 18:07:27 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 9F74 27 KB
28 KB 259ms
97ms Image
image/jpeg 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSxNliDPCmbWnD3-wb7gQZBSj2fwFZE0L5gESTEiVLjnMo2Feyy3vUp06843sk&usqp=CAI

Requested by

Host: f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
URL: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd64f720549f0977fe1a6f83d6dca881907fb30f3d3332e2922fb6792a84d775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 15:38:11 GMT
x-content-type-options: nosniff
age: 194840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28085
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 07:21:47 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 14 Feb 2025 15:38:11 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 9F74 36 KB
36 KB 187ms
25ms Image
image/jpeg 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTjEeYkwySeXHqbeJklpLi8QsXiWzUMLcnk_ZFiC781GI11ZlCd98EiyaNm-g&usqp=CAI

Requested by

Host: f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
URL: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93e9c4aa408f50158ebaa4656ded2875a8afe01a48ee83d1dedb0e5052bb052a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:25:29 GMT
x-content-type-options: nosniff
age: 170402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36666
x-xss-protection: 0
last-modified: Sun, 04 Feb 2024 03:32:02 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 14 Feb 2025 22:25:29 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 9F74 34 KB
34 KB 238ms
76ms Image
image/jpeg 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTWhfIBj7alIRRoH5g9C7kznYe_8fVHK-Dd9SyTSyfvLBl1tVdr_8Tz3C0AMQ&usqp=CAI

Requested by

Host: f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
URL: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

639279e7330835e964fe232c0d17b238706946cde191eb87442c8645b2f7ba45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:55:55 GMT
x-content-type-options: nosniff
age: 154176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35193
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 06:02:04 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 15 Feb 2025 02:55:55 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 9F74 49 KB
49 KB 245ms
84ms Image
image/jpeg 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSwk4DhBwp4aKVs0mlarl7ybh40JhCUt5CS53FdMUjFxN7mSvXAeKt08lYKa4c&usqp=CAI

Requested by

Host: f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
URL: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f334ff8f384c4ddb0b5a8ad8fdbd49ba84407e57f8e04d2ec0b7d748df9f968c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 14:13:07 GMT
x-content-type-options: nosniff
age: 199944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49683
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 03:33:59 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 14 Feb 2025 14:13:07 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 9F74 27 KB
27 KB 214ms
53ms Image
image/jpeg 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTgKFu5NhQbdQshfamJiVeHscumQifSD7zaWTh1lXn-fnwb08kMd8SqO1HU37M&usqp=CAI

Requested by

Host: f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
URL: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8b1da1aa62079266d95a35c0fd3e6ce790021b8a32cc2a05b01ea268af3b233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 15:08:50 GMT
x-content-type-options: nosniff
age: 196601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27136
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 10:33:49 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 14 Feb 2025 15:08:50 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 9F74 31 KB
32 KB 214ms
54ms Image
image/jpeg 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcT-Fz53c4UUClqGbjOcZHjx5uSyqraZmap_Tsf1uIEQqNj_QfK-CMVyx6edUxc&usqp=CAI

Requested by

Host: f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
URL: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f016f74c5519e6ad911ce917ddd55bc0e0988b46f0142bc4752202f539c756da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 11:08:14 GMT
x-content-type-options: nosniff
age: 211037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32211
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 05:49:34 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 14 Feb 2025 11:08:14 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 9F74 8 KB
8 KB 198ms
27ms Image
image/jpeg 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTFuCNMq5RL8IaokHfP-YooZeQsF3HAXUKqz4SCtWbQV227SGLV&usqp=CAI

Requested by

Host: f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
URL: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7968c4563c67fc97327db7f574d75d4827ee3d2cf084a102d8bdbbc2ca1d7ce1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 19:34:46 GMT
x-content-type-options: nosniff
age: 180645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7838
x-xss-protection: 0
last-modified: Sun, 26 Sep 2021 01:32:40 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 14 Feb 2025 19:34:46 GMT

GET
H3

200

7516144864796486839
tpc.googlesyndication.com/simgad/ Frame 9F74
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCg1bX8fRCwCRiwCTIIRvRkT-fB35c
https://tpc.googlesyndication.com/simgad/7516144864796486839

62 KB
62 KB

55ms
54ms

Image
image/jpeg

2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7516144864796486839

Requested by

Host: f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
URL: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4ead68b8e468b10257a27f427deb77bf4247edea4ba9168cb5dae5768b8d7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 19:49:43 GMT
date: Thu, 15 Feb 2024 19:49:43 GMT
x-content-type-options: nosniff
age: 179747
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63684
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 20:37:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

Redirect headers

date: Fri, 16 Feb 2024 23:13:20 GMT
x-content-type-options: nosniff
server: cafe
age: 81130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/7516144864796486839
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 17 Mar 2024 23:13:20 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 5D60
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnyv6ByF9s4nWHfaNhsTo8&google_cver=1

43 B
342 B

55ms
54ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnyv6ByF9s4nWHfaNhsTo8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxicu8yBAjAB&v=APEucNXem8D_oxI9O5P6qJMPXd4msn6I1O87Gs-xY-FXfd68Ty4sOQJseZRfhTlM7xUrsI9M_Q-OgIkeiGik1kBTL6S7amrM9A
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:45:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLrcIrndbGYAT4D%2F%2F%2FlyjASc8DYiRYCBfZ4NiCPjc3lNEj7bHXK27hLrPIZy6vCbrqDCXpnBL%2FOvdxJ3Mk%2BM4IPA53ITjOYcVwINgzIj7NLilTuQ57egNgic0Ll6HmbxsENuYSup%2Bb4LIA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 857137c14af23a0a-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:45:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnyv6ByF9s4nWHfaNhsTo8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5D60
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdEo.0t3ud4AADPnAA61JwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnyv6ByF9s4nWHfaNhsTo8&google_cver=1&google_hm=2

43 B
766 B

63ms
63ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnyv6ByF9s4nWHfaNhsTo8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxicu8yBAjAB&v=APEucNXem8D_oxI9O5P6qJMPXd4msn6I1O87Gs-xY-FXfd68Ty4sOQJseZRfhTlM7xUrsI9M_Q-OgIkeiGik1kBTL6S7amrM9A
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:45:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbDtXPhyrQ8UHVIuAb7Zhd3pNrigitx2bD9CQpZ2fsYWoRyE1APXAFcmn57dbMoXH1X1h7zL4i3Z4%2F9T5KYq%2FmwTHuGlMMnFaTNa6P1VtJ7ynAfrpGDR0Lt9Z9pLHx8ADJiFcQKKZRCxIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 857137c29dd5a24a-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:45:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnyv6ByF9s4nWHfaNhsTo8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 5D60
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHhan6Rq0HtqgG1Az7Zn220&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHhan6Rq0HtqgG1Az7Zn220%26google_cver%3D1

43 B
1 KB

52ms
51ms

Image
image/gif

68.67.179.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHhan6Rq0HtqgG1Az7Zn220%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxicu8yBAjAB&v=APEucNXem8D_oxI9O5P6qJMPXd4msn6I1O87Gs-xY-FXfd68Ty4sOQJseZRfhTlM7xUrsI9M_Q-OgIkeiGik1kBTL6S7amrM9A

Protocol

Server

68.67.179.87 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:45:31 GMT
an-x-request-uuid: 5e1489e6-9e11-4e44-8dd0-209101822677
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.246.195; 96.9.246.195; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:45:31 GMT
an-x-request-uuid: fd372f5d-34ef-49f2-813c-65a009549382
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHhan6Rq0HtqgG1Az7Zn220%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.246.195; 96.9.246.195; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5D60
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkyODgxMDgyODYxNjQwMTcyMQ%3D%3D

170 B
243 B

50ms
49ms

Image
image/png

142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkyODgxMDgyODYxNjQwMTcyMQ%3D%3D

Requested by

Protocol

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:45:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:45:31 GMT
an-x-request-uuid: 0b88f3f3-95be-4842-868b-5c0971bbf9ca
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkyODgxMDgyODYxNjQwMTcyMQ%3D%3D
x-proxy-origin: 96.9.246.195; 96.9.246.195; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B1F0 0
20 B 115ms
93ms Ping
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8239703731618&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:45:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B1F0 0
20 B 103ms
93ms Ping
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8239703731618&version=m202401290101&ct=76&x=1&cor=12750311372594526000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:45:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B1F0 108 KB
42 KB 91ms
79ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B8qXjHr3jnX2PMnWEGz_JpsZVcIrDeUGqGs-qGNp6c0xpdKbIUuQqWybLopw8eanJRB59ZFs6ifxkDun64WHyczQzyf01yZQuz_7vPN5AAq94WiybWkRi_rEKKALbCmbtyA-4FS_qJgW7VJBnKtx47-h9rB68krvbUu91HjHDvUQ19lUI&dbm_d=AKAmf-B1OBJL3sU9yny4WrKrEfRtIJGS5xalFFyW9Ccr_cxbE8yvMSj4_CS3Rmttl4p9FV0AUdscCYLO6tEaPDTkKzFQUi7F9lqTfvGTTwMjU1NJIdMUEWmdMvHzEQWaPRUjErR2QgP5UewGw68E-p1Tlwq4mfkVUgfJMmHZ-r_uiJ5XBue3tjNotiTvuJkfq9SoeFnSXNqCHRq2_MwspuZgz2UKYIE9zbTmMCOCvd-Hg0YxnK3hD1Y0wjSClNjgheqLrYxt2G6QmzfQNoOPuq8h1BjPFgfkH_arY_YMSm57omoW_i3I-KUprPEQW0dUJJnAkDzpe_rcUTR8PC4G3WcaraGf8MVPGrM42oTipWFV9yPPVCEL7kZ-_aItAxNbjyloIb4oSv4jR441Foyb0dV9qxmWyCDhstyyO1PnYfZFdGvjSb2hJMt5XrDHliopodGcxfnwcaGPtbtW9VlM5JAelw65RbdaFpu4duh-lVbH6PRGLnzW89Jc7rd_G9_bxeg-EWW49nw8vbag_-92hY_Sq5ikTkPJznrMpoPqmCijBathOBq7--5M9p0wuSIv_w-13Ue-9f7-jNRXUAhOaHLqChLfE_Jut5FDKyQvkDPiGAFruvX_vI1WPIFkBlTlzIuVy3k6Wpdxk-_lyJ8qMutD7JVsf5gvcuBOdQ2t_rU8PJt5JVFYF-492bmurohLtzlniKN7QEO6MtoGo6JNg9M5uRFTk_Aew1owsJ5waVmzIpT1YA9LHeORUSh_Qz_58I1k3GXAZDax4pw1Fr7P1ld2rLTMglwTlpfe3rVYtGkbSuj-_H_-_BVGHSTAfnMQ6N7hzx6fMNI5bkk5gr7bUNcWAEUymI3cQFiCWZpILESJTAinwGCkdNIVb9OmkfmF07hXpJIAXb6kyOfKAjdMHVthDcI6Jt7z4vTdZTj8ME1s6Hg7vamsgvtc8uyJoHN7EEwAGebJOBSxM8o2KHAc_9zj1gQHpnkKW7l791ZABvm-56xYyRgrjKGFPNCDNi9y28dq785aL-DEBV2MPDuWudT-U7uBrhF3cBqurzHqUd6Lbf-Tp138kpWnYsY0mO8BUisj8uLCzOcdHnIKify7bLin7N-YjrN_7eB7uwuvCgihUs7cQDoofCWULJ86LCxaUobjm53abVBxdGnVYjI62jeVNf-rYhPfiQnFiCcZwMHRef4VrWO1G3icWTkVWT0g1khYDesT6-xBkgA3F0b0TTMOvJqloYBaCBOiwQdILSIYOcrSkfdcWmc6moR4YrWvQQmpBWNpW_W4IIOjrhUw0JxRvqL0h8iZaMUzZdc45-gbnAl_ztUdm_RKaoji9w92BTKqpkyscSIXGf_YMRsA9r7lVzCqVO_F_owd8WW1UjUK9d4kPXeGFqXLHB_U3qMaBOo5Z4zGgFrkpbmO3WsGcNR2WqRXG_5cEK6fwKdJUT2kAQlW_xhmGo4XVbZFdrhjEdtv_BmjD4xP243yWFwzfF7LqnZZGDytvyVYyw_HV79y-F7eAOP9qgPhB2LaESC_SfcKnl0z0RP-lUqyCwwFuI4xth_I85O1ZClDbmHtg-DobOCElGM4_QC7AUcDTLjBAZUkUu5IHPL1tK-jloxBQyvtQNXISw_YEjRt3h8vn1YKWhJJGmH0SRR7-TsRbUODxs27RP7_UP9diAjIOWJO0aWlWkWQvm4UJ01_bpvKiijEGJSYs0Nr_C0iA79JWALzTDYQYhqFX21V2cVutPfaKdpHSZcm8mHA7dp_FJhIsTnJ_rRzeig9yXdlcmoiLdXd-p1jRodxEOzaSvpeHc72vyBPdUFrD6f2rR1QtApP-s5IUpzGV8oDGj0AudE3w5H9_s4eNWcSxJkv6-HvmlMezTLLuONpoR7Zh4U9DAnQbYnc24GC0NGkOpiqlTWU28AIdEpzIj427sT_Xj3tkyrVk3CTavCcMJONKdAON9reNKuE6GOGUT6X8Km_v-CGgbUJI_JwjGD8LOsKzdQ7VZlXuGLVh7pC7U1azvbWonoRWgMhjoM_DDQMwCAVd6SfrgGECuiGSsOkYBrukOsIYqkdI0-SiXzR4S-zxwcmsQt8F-cDOeWporcg_QyyRwqWUc-txM-J4r7O4fPjbNWneqbOBlBU2Fx0V_JlPMD6k38bpRZ9h6OjmEAgUVJbD8lBzIEvW-DsUzsGmUc7-F3nGn8pseVnS9AT2CWYUjeVbYToV7NPOWg3S0ND2dqf9QeDBPr_kxDRxas49Vz5LlzKt5CUl4KQWWfLKhgoD5GNUb10Bnnla38WIaY6m9_Al_Fa7f2cR52lk2GfuH036wBZt3EPKnYYLD-hbo83kAT4NKAx2ROe9QeGjESK9eL3pdi2I8UH8oUoLwQ2wLxfhk3S0TgLsXxo1EWw9wYHEbsMauhPUpJyBOolQV9619Q1AgC8xN2LHzTVuAcdcT1d95PmfyBfmi6a2PXgBZwUmlOQq0RN5oq3alyAS7qk0aeSCNpk6waK2Qn5gva3ZDnOr2nBMxVPI-ERkt3aNmbfWae3iYp4stt5fenoStVqCJ7UONQsfWnWfA833g63sjAetUTN5DDPD1lGHrLYohFJ7Gx81jt5grDrE4IY98WFXtw-1K2wtmIqFHuKpJN0P4GMuztmhDkRG0etDxCCQa0V6oTxr-e9FG2p3VQnkI1zvNPfGQdrEHNn4c1zM592LrFReTERzkoC2CCryE6wsRcSHS5lw70Gu5Ff80rOzZNr77yYYriXDDpwcEJQNyTD8hnOcaz5gzFjDHZ7EvxexEmx4vJpIB5iaY30GMSCLZQSnjZJrGwMneYfxuXOofky2aA14lClFfVI1kEcKi8nSh9WScdqqKL9tJlD_J7eWenhTfiVn_1qNlsrvpAGKG0cL8N-DNWMVgkwoLCFiImdMYNAlWePWYArd6k8N18xztAJCOeFyzOFiODF4vnqabg5pflVTyRLF2Fk575IQfMvxHVCsvq8GjZwPWEyywclvvvf4DolNlnYtRvTA56jGNeCVz5y1ugEDYeZiNduTOOAodh8xu8XQn8DVGHkzRggvLp-s7WtFB8Hw1hp9QgMNqu-II8YfrglbOhKfaXhjRO-VkylduPh9N-MjaWVTR1UlFJVyOsTeYF77w4rYoc9zchVXxhi2xdKfab_12oo9CVvnirpUfa1ptr_FriqoCZ8xNDkH8EX5JOZ7T2q3S0AmOlTcv331JG68m1R2XByIcb6BZCZnad4HhkV8FfyoUL1H3-J5DI1Onx15i7UFBStpwn075Ls7ZnP4FJX9d7kuUxfU4cmePfRwvx2jnrPQlu2RHukSTM4tJiKrfkclk8OWRS6M_g_PT01UWVqUisOWBEMnlUVHOvJBm4XugAUaOWpoKfhIBBWkV9giQ1QasUCm58U2GYj_Uk1WkdOmZtBW3aoPP8TuPt1oYEelay4Ct3uS1DIS4GdmPXpwSeV1S3E2g88qjvxl7DgTH-1ji1kQVhk6ard_gS1loqt3RVD9WKQI4k7mOGcEbrqnnLCFIgoZ_c2WmM1x68YxSlBcmufSj_5cQHJynnU-d5K6pvphqM5evuO8i7qH9AQRc3xG7-H4CoYUHjkmPaUTqXpSARGs4bhvWD9jpSL_n25Gxpcu9NiDJfWEhIfbpXKmjoJ79XYZQ3fks2Ee5FMrPt0IdzDA7pzpEBPGqC_LUeC7LoysOiwS0hkzkdiGR2312xxorAALT3-NLGxH1dLQL6dFNK5PDQ2P5ydp-PjcsrOVWEQv63Q0M5GUDGzHJQ8PGIbwzayOiKxJTAd6IyIVhuboDaK4Ju7u-YKlYZjHcka3yaPOKF4l6627V1qzBShR0yVzKTjRtC6N2-r6lFflIA2NTtNKvFfaJmiKlnDiv4-7v9uPRRU-llmxxU&cid=CAQSTgAvHhf_9GPPeSf8VGDpHAJZks_yClVj1g-IG6FYNftCz8HMvZhzvtgGyOTssv6bZBp2AGnWbB2UF-W62FFz2mnBWqUkCG0oaRdiNOXnXxgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fhdhub4u.re%2F&ds=l&xdt=1&iif=1&cor=12750311372594526000&adk=2124396031&idt=266&cac=0&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee7c6b6d7a78b4b50c981939dded37e508a0f0d76b28b0f3c194058d3fce3a2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:45:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42673
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 9F74 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cd1322da1ea248aea3fd57240f1b33da880c24b3049656a514bb3760e95b378

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 0377052970676.png
static.ptoahaistais.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/ 2 KB
3 KB 366ms
101ms Image
image/png 139.45.197.154
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ptoahaistais.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/0377052970676.png
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.154 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: dfc621aca09ed0c1488b5131d842363a53b81589c81e60fd0de8d639f927acc6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:31 GMT
last-modified: Thu, 08 Apr 2021 14:22:06 GMT
server: nginx
etag: "606f118e-932"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 2354

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 9F74 21 KB
21 KB 45ms
24ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 04:08:02 GMT
x-content-type-options: nosniff
age: 236249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 04:08:02 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 9F74 20 KB
20 KB 45ms
26ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 16:45:02 GMT
x-content-type-options: nosniff
age: 190829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 16:45:02 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1885389/77498866/ Frame B1F0 271 KB
80 KB 532ms
46ms Script
application/javascript 54.84.238.155

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1885389/77498866/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015691919&ias_pubId=pub-2205121062140812&ias_chanId=1&ias_placementId=21013602907&bidurl=maxxfour.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0i9Ka4XmQjRYGQPd8GUiL2F
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.238.155 Ashburn, United States, ASN (),
Reverse DNS: ec2-54-84-238-155.compute-1.amazonaws.com
Software: /
Resource Hash: 4a156c87a0f185e2b8163a5cec7b799e5217da4df0599b030a195aef7b618d3e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:45:31 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame B1F0 111 KB
39 KB 108ms
25ms Script
text/javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
Origin: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 14:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27254
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Feb 2024 14:11:17 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame B1F0 12 KB
4 KB 30ms
25ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B8qXjHr3jnX2PMnWEGz_JpsZVcIrDeUGqGs-qGNp6c0xpdKbIUuQqWybLopw8eanJRB59ZFs6ifxkDun64WHyczQzyf01yZQuz_7vPN5AAq94WiybWkRi_rEKKALbCmbtyA-4FS_qJgW7VJBnKtx47-h9rB68krvbUu91HjHDvUQ19lUI&dbm_d=AKAmf-B1OBJL3sU9yny4WrKrEfRtIJGS5xalFFyW9Ccr_cxbE8yvMSj4_CS3Rmttl4p9FV0AUdscCYLO6tEaPDTkKzFQUi7F9lqTfvGTTwMjU1NJIdMUEWmdMvHzEQWaPRUjErR2QgP5UewGw68E-p1Tlwq4mfkVUgfJMmHZ-r_uiJ5XBue3tjNotiTvuJkfq9SoeFnSXNqCHRq2_MwspuZgz2UKYIE9zbTmMCOCvd-Hg0YxnK3hD1Y0wjSClNjgheqLrYxt2G6QmzfQNoOPuq8h1BjPFgfkH_arY_YMSm57omoW_i3I-KUprPEQW0dUJJnAkDzpe_rcUTR8PC4G3WcaraGf8MVPGrM42oTipWFV9yPPVCEL7kZ-_aItAxNbjyloIb4oSv4jR441Foyb0dV9qxmWyCDhstyyO1PnYfZFdGvjSb2hJMt5XrDHliopodGcxfnwcaGPtbtW9VlM5JAelw65RbdaFpu4duh-lVbH6PRGLnzW89Jc7rd_G9_bxeg-EWW49nw8vbag_-92hY_Sq5ikTkPJznrMpoPqmCijBathOBq7--5M9p0wuSIv_w-13Ue-9f7-jNRXUAhOaHLqChLfE_Jut5FDKyQvkDPiGAFruvX_vI1WPIFkBlTlzIuVy3k6Wpdxk-_lyJ8qMutD7JVsf5gvcuBOdQ2t_rU8PJt5JVFYF-492bmurohLtzlniKN7QEO6MtoGo6JNg9M5uRFTk_Aew1owsJ5waVmzIpT1YA9LHeORUSh_Qz_58I1k3GXAZDax4pw1Fr7P1ld2rLTMglwTlpfe3rVYtGkbSuj-_H_-_BVGHSTAfnMQ6N7hzx6fMNI5bkk5gr7bUNcWAEUymI3cQFiCWZpILESJTAinwGCkdNIVb9OmkfmF07hXpJIAXb6kyOfKAjdMHVthDcI6Jt7z4vTdZTj8ME1s6Hg7vamsgvtc8uyJoHN7EEwAGebJOBSxM8o2KHAc_9zj1gQHpnkKW7l791ZABvm-56xYyRgrjKGFPNCDNi9y28dq785aL-DEBV2MPDuWudT-U7uBrhF3cBqurzHqUd6Lbf-Tp138kpWnYsY0mO8BUisj8uLCzOcdHnIKify7bLin7N-YjrN_7eB7uwuvCgihUs7cQDoofCWULJ86LCxaUobjm53abVBxdGnVYjI62jeVNf-rYhPfiQnFiCcZwMHRef4VrWO1G3icWTkVWT0g1khYDesT6-xBkgA3F0b0TTMOvJqloYBaCBOiwQdILSIYOcrSkfdcWmc6moR4YrWvQQmpBWNpW_W4IIOjrhUw0JxRvqL0h8iZaMUzZdc45-gbnAl_ztUdm_RKaoji9w92BTKqpkyscSIXGf_YMRsA9r7lVzCqVO_F_owd8WW1UjUK9d4kPXeGFqXLHB_U3qMaBOo5Z4zGgFrkpbmO3WsGcNR2WqRXG_5cEK6fwKdJUT2kAQlW_xhmGo4XVbZFdrhjEdtv_BmjD4xP243yWFwzfF7LqnZZGDytvyVYyw_HV79y-F7eAOP9qgPhB2LaESC_SfcKnl0z0RP-lUqyCwwFuI4xth_I85O1ZClDbmHtg-DobOCElGM4_QC7AUcDTLjBAZUkUu5IHPL1tK-jloxBQyvtQNXISw_YEjRt3h8vn1YKWhJJGmH0SRR7-TsRbUODxs27RP7_UP9diAjIOWJO0aWlWkWQvm4UJ01_bpvKiijEGJSYs0Nr_C0iA79JWALzTDYQYhqFX21V2cVutPfaKdpHSZcm8mHA7dp_FJhIsTnJ_rRzeig9yXdlcmoiLdXd-p1jRodxEOzaSvpeHc72vyBPdUFrD6f2rR1QtApP-s5IUpzGV8oDGj0AudE3w5H9_s4eNWcSxJkv6-HvmlMezTLLuONpoR7Zh4U9DAnQbYnc24GC0NGkOpiqlTWU28AIdEpzIj427sT_Xj3tkyrVk3CTavCcMJONKdAON9reNKuE6GOGUT6X8Km_v-CGgbUJI_JwjGD8LOsKzdQ7VZlXuGLVh7pC7U1azvbWonoRWgMhjoM_DDQMwCAVd6SfrgGECuiGSsOkYBrukOsIYqkdI0-SiXzR4S-zxwcmsQt8F-cDOeWporcg_QyyRwqWUc-txM-J4r7O4fPjbNWneqbOBlBU2Fx0V_JlPMD6k38bpRZ9h6OjmEAgUVJbD8lBzIEvW-DsUzsGmUc7-F3nGn8pseVnS9AT2CWYUjeVbYToV7NPOWg3S0ND2dqf9QeDBPr_kxDRxas49Vz5LlzKt5CUl4KQWWfLKhgoD5GNUb10Bnnla38WIaY6m9_Al_Fa7f2cR52lk2GfuH036wBZt3EPKnYYLD-hbo83kAT4NKAx2ROe9QeGjESK9eL3pdi2I8UH8oUoLwQ2wLxfhk3S0TgLsXxo1EWw9wYHEbsMauhPUpJyBOolQV9619Q1AgC8xN2LHzTVuAcdcT1d95PmfyBfmi6a2PXgBZwUmlOQq0RN5oq3alyAS7qk0aeSCNpk6waK2Qn5gva3ZDnOr2nBMxVPI-ERkt3aNmbfWae3iYp4stt5fenoStVqCJ7UONQsfWnWfA833g63sjAetUTN5DDPD1lGHrLYohFJ7Gx81jt5grDrE4IY98WFXtw-1K2wtmIqFHuKpJN0P4GMuztmhDkRG0etDxCCQa0V6oTxr-e9FG2p3VQnkI1zvNPfGQdrEHNn4c1zM592LrFReTERzkoC2CCryE6wsRcSHS5lw70Gu5Ff80rOzZNr77yYYriXDDpwcEJQNyTD8hnOcaz5gzFjDHZ7EvxexEmx4vJpIB5iaY30GMSCLZQSnjZJrGwMneYfxuXOofky2aA14lClFfVI1kEcKi8nSh9WScdqqKL9tJlD_J7eWenhTfiVn_1qNlsrvpAGKG0cL8N-DNWMVgkwoLCFiImdMYNAlWePWYArd6k8N18xztAJCOeFyzOFiODF4vnqabg5pflVTyRLF2Fk575IQfMvxHVCsvq8GjZwPWEyywclvvvf4DolNlnYtRvTA56jGNeCVz5y1ugEDYeZiNduTOOAodh8xu8XQn8DVGHkzRggvLp-s7WtFB8Hw1hp9QgMNqu-II8YfrglbOhKfaXhjRO-VkylduPh9N-MjaWVTR1UlFJVyOsTeYF77w4rYoc9zchVXxhi2xdKfab_12oo9CVvnirpUfa1ptr_FriqoCZ8xNDkH8EX5JOZ7T2q3S0AmOlTcv331JG68m1R2XByIcb6BZCZnad4HhkV8FfyoUL1H3-J5DI1Onx15i7UFBStpwn075Ls7ZnP4FJX9d7kuUxfU4cmePfRwvx2jnrPQlu2RHukSTM4tJiKrfkclk8OWRS6M_g_PT01UWVqUisOWBEMnlUVHOvJBm4XugAUaOWpoKfhIBBWkV9giQ1QasUCm58U2GYj_Uk1WkdOmZtBW3aoPP8TuPt1oYEelay4Ct3uS1DIS4GdmPXpwSeV1S3E2g88qjvxl7DgTH-1ji1kQVhk6ard_gS1loqt3RVD9WKQI4k7mOGcEbrqnnLCFIgoZ_c2WmM1x68YxSlBcmufSj_5cQHJynnU-d5K6pvphqM5evuO8i7qH9AQRc3xG7-H4CoYUHjkmPaUTqXpSARGs4bhvWD9jpSL_n25Gxpcu9NiDJfWEhIfbpXKmjoJ79XYZQ3fks2Ee5FMrPt0IdzDA7pzpEBPGqC_LUeC7LoysOiwS0hkzkdiGR2312xxorAALT3-NLGxH1dLQL6dFNK5PDQ2P5ydp-PjcsrOVWEQv63Q0M5GUDGzHJQ8PGIbwzayOiKxJTAd6IyIVhuboDaK4Ju7u-YKlYZjHcka3yaPOKF4l6627V1qzBShR0yVzKTjRtC6N2-r6lFflIA2NTtNKvFfaJmiKlnDiv4-7v9uPRRU-llmxxU&cid=CAQSTgAvHhf_9GPPeSf8VGDpHAJZks_yClVj1g-IG6FYNftCz8HMvZhzvtgGyOTssv6bZBp2AGnWbB2UF-W62FFz2mnBWqUkCG0oaRdiNOXnXxgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fhdhub4u.re%2F&ds=l&xdt=1&iif=1&cor=12750311372594526000&adk=2124396031&idt=266&cac=0&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 17:02:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 17:02:15 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame B1F0 30 KB
11 KB 30ms
29ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:07:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2278
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11551
x-xss-protection: 0
server: cafe
etag: 12710720872123804752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 21:07:33 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame B1F0 41 KB
14 KB 32ms
31ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:42:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 266556
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 19:42:55 GMT

GET
DATA 200
OK truncated
/ Frame B1F0 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fa5db1a46791c1fde47ab7b36e73bc2975811ab8550f14ca5f5aa2abbd669cd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 B25285800.354971241;dc_trk_aid=545792033;dc_trk_cid=183816395;ord=2859653484;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N803256.134426GOOGLEDISPLAYNETWO/ Frame 0
0 117ms
40ms Preflight
text/html 142.251.40.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N803256.134426GOOGLEDISPLAYNETWO/B25285800.354971241;dc_trk_aid=545792033;dc_trk_cid=183816395;ord=2859653484;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2&nis=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.166 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 21:45:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET

B25285800.354971241;dc_pre=CKrj3Lyss4QDFboMaAgdAekMMA;dc_trk_aid=545792033;dc_trk_cid=183816395;ord=2859653484;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N803256.134426GOOGLEDISPLAYNETWO/ Frame 9F74
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N803256.134426GOOGLEDISPLAYNETWO/B25285800.354971241;dc_trk_aid=545792033;dc_trk_cid=183816395;ord=2859653484;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimp/N803256.134426GOOGLEDISPLAYNETWO/B25285800.354971241;dc_pre=CKrj3Lyss4QDFboMaAgdAekMMA;dc_trk_aid=545792033;dc_trk_cid=183816395;ord=2859653484;dc_lat=;dc_rd...

0
0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 9F74
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=Cw7TH-SjRZZ21OJj3zLUP3NqcOMLwqN11z_zUu_AQZBABILGT7Xlgye6Oi8CkjBCgAZvn4N8DyAEJ4AIAqAMByAPLBKoEvAJP0KSxEXdAREnLajxETbp8cMVTGzLA8pI7xweYpbB_kYj3...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x182b0c68371e14ed0000000000000000%22,%222%22:%220x333b654554435c8f0000000000000000%22,%223%22:%220xce8b72...

0
0

150ms
91ms

Fetch
text/css

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x182b0c68371e14ed0000000000000000%22,%222%22:%220x333b654554435c8f0000000000000000%22,%223%22:%220xce8b7218c0a42b3f0000000000000000%22,%224%22:%220x3a4fa55cd79048f80000000000000000%22,%225%22:%220x1d869b86453317e90000000000000000%22},%22debug_key%22:%228628857758726858980%22,%22debug_reporting%22:true,%22destination%22:%22https://ashleyfurniture.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221006121883%22],%2222%22:[%22true%22],%224%22:[%2202-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227728375144658435297%22}&andc=true

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:31 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x182b0c68371e14ed0000000000000000","2":"0x333b654554435c8f0000000000000000","3":"0xce8b7218c0a42b3f0000000000000000","4":"0x3a4fa55cd79048f80000000000000000","5":"0x1d869b86453317e90000000000000000"},"debug_key":"8628857758726858980","debug_reporting":true,"destination":"https://ashleyfurniture.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1006121883"],"22":["true"],"4":["02-17"],"6":["true"]},"priority":"500","source_event_id":"7728375144658435297"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Feb 2024 21:45:31 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Feb 2024 21:45:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x182b0c68371e14ed0000000000000000","2":"0x333b654554435c8f0000000000000000","3":"0xce8b7218c0a42b3f0000000000000000","4":"0x3a4fa55cd79048f80000000000000000","5":"0x1d869b86453317e90000000000000000"},"debug_key":"8628857758726858980","debug_reporting":true,"destination":"https://ashleyfurniture.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1006121883"],"22":["true"],"4":["02-17"],"6":["true"]},"priority":"500","source_event_id":"7728375144658435297"}&andc=true
access-control-allow-origin: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 95ms
94ms Preflight
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=Cw7TH-SjRZZ21OJj3zLUP3NqcOMLwqN11z_zUu_AQZBABILGT7Xlgye6Oi8CkjBCgAZvn4N8DyAEJ4AIAqAMByAPLBKoEvAJP0KSxEXdAREnLajxETbp8cMVTGzLA8pI7xweYpbB_kYj3Td9ZX-LBtdz7teC_2xge2l3l5s4BT1Y2ak6voA7NjHOXJfMOO8-AcQ63Y9LLMWTPNeUGEeCxfHpkhkXAo_1LBge45isL_ImgagknHRMlniZZd6_V-4IzdEzR7yZ0UxKAVTtP1LlWp4CPRHX58AklCFWc8BQR6BP5xxg1NZPU1PCP8ZZ3E0-KBCmEXsT1xk0S_ge96XLbn-BvKVG2r2313dXn6CNiGaslZxfiZyLQKR8q9IjZ1DgM7iH4ScyQJ3-EAmriiwkPVoq0xLPfNuRozp1aGCmTde3SJvgPbkVFpy5VkDCssd6Pyn6bQbfygLGIcjIEeBVMgtHCgQTXs_lbXUAEiYHLnv2bCSEDQHJgRoYL084R2gi3diFqwAT5rq7LkQTgBAGIBdix-8BHkgUECAQYAZIFBAgFGASgBi6AB8Kl1hCoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAemvhvYBwDyBwQQ19Ut0ggkCIBhEAEYHTICigI6CYBAgMCAgICACEi9_cE6WMzT_Luss4QDmgnrAmh0dHBzOi8vd3d3LmFzaGxleWZ1cm5pdHVyZS5jb20vP3V0bV9zb3VyY2U9ODQ1MDg1MXw0ODQyMzUxJnV0bV9tZWRpdW09ZGlzcGxheSZ1dG1fY2FtcGFpZ249MjUyODU4MDAmdXRtX3Rlcm09MzU0OTcxMjQxJnV0bV9jb250ZW50PTU0NTc5MjAzNnwwJm1ya2dhZGlkPTEmbXJrZ2VuPSZtcmtnYmZsYWc9Jm1ya2djYXQ9JiZhY2N0aWQ9MjE3MDAwMDAwMDE0OTc4OTQmZHNrZXl3b3JkaWQ9JiZkZXZpY2U9YyZuZXR3b3JrPWQmbWF0Y2h0eXBlPSZsb2NhdGlvbmlkPTkwMDU1MzImY3JlYXRpdmU9NjQxOTU4NTI3OTg2JnRhcmdldGlkPSZjYW1wYWlnbmlkPTE5MTk1MTU2Njk2JmFkZ3JvdXBpZD0xNDIxNjA0MDIyOTcmZ2Nsc3JjPWF3LmRzJoAKA8gLAdoMEQoLENDphsD6jsqatAESAgED4g0TCJGA_buss4QDFZg7swAdXC0HB9gTDYgUAtAVAYAXAbIXHgocCAASFHB1Yi05NjU1ODI0NTkzMzE1NjI1GILzcg&sigh=060BApGdXDI&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_pLnTFB_wbTJCX3OGTf0POB7Oa1V_1UjJA-vGVh1Zrk8ZfEot58XhtGMhVnU5LzVRA92vyjYPw2Zn1BLLVuiSJUYKIEllCbHWGhgB&template_id=494&cbvp=2&vis=1&nis=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 21:45:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js Show response
pagead2.googlesyndication.com/bg/ Frame 492C 51 KB
19 KB 26ms
26ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33197f40746917701227ed14258cbec6706787fb7ca85031327cafa8103a27e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 04:14:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 149465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19812
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 04:14:26 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012402060239000/ Frame 3103 196 KB
56 KB 304ms
26ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402060239000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a7c5cebbb6d6eff010530c59b73e9e423125219661ff9bc5866c55cd17a5607

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 15 Feb 2024 05:40:12 GMT
age: 230719
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56214
x-xss-protection: 0
server: sffe
etag: "51ebc873ede2e2f0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Feb 2025 05:40:12 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012402060239000/v0/ Frame 3103 15 KB
5 KB 364ms
87ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402060239000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2125b73ae211f46f82ee27eee87e5aa312c5bbf2aedca1b50b7d80f21fd3d5d2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 15 Feb 2024 12:46:32 GMT
age: 205139
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5214
x-xss-protection: 0
server: sffe
etag: "1e0d3e55ad08d21f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Feb 2025 12:46:32 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012402060239000/v0/ Frame 3103 95 KB
28 KB 347ms
70ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402060239000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70651252ddc3ae3cc902b7f374fb9037f0a27192fb31b66acbf5300441b45ad3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 15 Feb 2024 14:29:46 GMT
age: 198945
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29043
x-xss-protection: 0
server: sffe
etag: "f8b65ff06b47be2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Feb 2025 14:29:46 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012402060239000/v0/ Frame 3103 5 KB
2 KB 367ms
90ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402060239000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

288fd8ba8cb04967d8ffdb274e8828d79fe679e6991ceff828f0f48e04f315db

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 16 Feb 2024 09:03:26 GMT
age: 132125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "a50cf387c592e9af"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 15 Feb 2025 09:03:26 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012402060239000/v0/ Frame 3103 40 KB
13 KB 365ms
89ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402060239000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da80171367ccb86206235641cfa5efc267725e1870f5cc5c2a777dc57c7d5ebe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 15 Feb 2024 15:21:32 GMT
age: 195839
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12948
x-xss-protection: 0
server: sffe
etag: "cd1beca569c88c8d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Feb 2025 15:21:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3103 16 KB
2 KB 41ms
41ms Stylesheet
text/css 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C600%7COpen%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e196c67c978071827a3bd1fdb989d0d8ed850ba0cd61f1cb97952b7bd589981

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 21:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 21:35:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 21:45:31 GMT

GET
H3 200 en_tl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3103 2 KB
2 KB 29ms
29ms Image
image/png 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_tl.png

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4be294fb0b2af518c400655811766e73d1a31b62033ffe25aede8a1e4822b4ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 00:04:07 GMT
x-content-type-options: nosniff
server: cafe
age: 78084
etag: 17598104052742324596
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2475
x-xss-protection: 0
expires: Sun, 18 Feb 2024 00:04:07 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3103 295 B
319 B 28ms
28ms Image
image/png 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:52:22 GMT
x-content-type-options: nosniff
server: cafe
age: 17589
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sun, 18 Feb 2024 16:52:22 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/3955530507390589514/ Frame 3103 2 KB
2 KB 27ms
26ms Image
image/png 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3955530507390589514/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6302991cdd58335c1e30b915ead52707eb198b8077003ecbb062c0d4427c837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 18:08:17 GMT
date: Thu, 15 Feb 2024 18:08:17 GMT
x-content-type-options: nosniff
age: 185834
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1780
x-xss-protection: 0
last-modified: Sun, 26 Jun 2022 12:57:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/4735341855589656835/ Frame 3103 13 KB
13 KB 27ms
27ms Image
image/jpeg 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4735341855589656835/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

741a84c2526c31486966f06ae1d6703a96ee22b608207b9354c18892f6052df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 08:31:01 GMT
date: Thu, 15 Feb 2024 08:31:01 GMT
x-content-type-options: nosniff
age: 220470
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13076
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 17:41:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 3103 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca57a6228a90ac405d4412e31e9b745ea6c4faef37f7cedbaac3e1a9079e12fb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3103 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3103 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f725b93d38815b54ec311af30eb28ad959f1f41d49558ba22af6f814094a971

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 4F1B 38 KB
13 KB 44ms
24ms Document
text/html 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 141949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 06:19:42 GMT
expires: Sat, 15 Feb 2025 06:19:42 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6667214961386394198/ Frame 09F6 19 KB
5 KB 78ms
26ms Document
text/html 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6667214961386394198/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d95548f18d759c7b5a7186c9e70fa27867d5ab24e90b4b7cdf6cf83609907c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 212490
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4888
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 10:44:01 GMT
expires: Fri, 14 Feb 2025 10:44:01 GMT
last-modified: Fri, 22 Dec 2023 07:45:08 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B1F0 0
0 239ms
69ms Fetch
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3x_Ib26OdFYPE1GbE5ALM7fFzPQWLRlLlPK0KIRpUUqIJIWmVMYu29QruMNIipYU4qg7h3Q0sUNJlP1ZFTyogvd9O_Dc9D-wDMADCLYshC67cJqMCK5AyNgIl0812nUkPsIeywncIcQjvLZNaEAuBGzRp08sOGEtRm5hA7dqtR2-ED5ls3R1uWH6lPt7fePHxBWBUIz6Mhzt_nh7D4qKYDjxydi317g4lrV_j6Ury_m4nfgm5jbDP6OXtskbzy7LcBKpQ04zcn8dGqPW9faD66YFjl3tIcN5mKZriwCYg-fQFdfMYZ-Pfg88Bvoae0OIEryocuJgn2awHbAf-8eagri4_ADjEgRQuwpdTZSIsHJshfC6HsgkAvIUNhcn3RJYwNPUrA0drZ_jbb2MFGTx4fIG7tx66E58_tO1VobOgHJFgGXkoQ06ewx_9JFusIDmbxz7kVjBzlCsp9XntIg2bK5ZPTkvd8HI2ZDXsjZX_tLCIW6wiP5UdKkMdaktCOFEuqVAUpi12UP6QfOh4BIWxWAexb4l4L5YuY4_TDxw1ly67UECxcPFGfLKozfhrIn8zbLKaC6rRoNC3s5Q4YwZ6qvcRpFLtp8Y_FgFslZxSKQSiMJtl2rvjVVTRZyXadumdp622Sm_13GW7dAVvDuaYLEWICRYLDC6AhgJtA2sMPTvXSqxVJxj0OqKAJhELdNvLnosugqzraqdNKqwobzsu2rWL-9oimfRN7YMmCvpOSsPwlT3PoLbE-7zxTgyndbddrvrGHqiDOVp39SYD3e-lPOAIeaD1z6zMPunEcvGuQcemJptUe64GR8RTQBCvSRb69o6UiSFWDxiT09wDyu6k1kL27xcIowJgYi1AdsRNaKNHtJzYiiyltYEHTSkZ_uXcpT8ZzUoU25LT_pA-qx8qEcIuoa9iKtOj96jkKLmbxwKtlNHlNbyeq8jAQqQHKAI_lv8JJyX3Hw7nzMGT0AjhDVn-I9Omdi_qANJjfULbZ7igSt-4q9bME8Yf7hl461p4iyTKVRj4WfDiBx2zQd7LwfsZo3RVICYuik_49yrUSsW3d6gBker90EnLTMzqvVq_WGqdgoJ2RI-zhKkMlJ5g-QwF7lttm2AODYQb-2jCbXwcVSzvQPOmwL06MGZtwXq6ZnPKRzYGOpAq5bg3kIvEGTQI_mHN9YuuDUm6U0-mBdfo18oLqZSxUMrpPh-IBg2yysJY6h-KVIhYetGmKl1YNfFk9_6RNdi6c7KyNJ-DZT-TGCrPetXByfEf-ajylrhNi2_KYgCtZpH7s2WFryCXlvlSSXmoqyR0jFzwb6hhsqfcEI0oQHpfAZ69qpuCIookr5IrBWiq6P7H1xg-YMxF0Gcn4aIhyhYuVVsgIBtmeeh977FUXHiQzgh8quz4Fd5mK1fkZE9idcF-ZtKdxFDo6sWUFx-ZT3FBqr_mtCxxh1xWG7Ap8pBnzsPdF8wDNIjNJxwPh70VfcPM4Nksc74zAcXaHNDoqzad3cY1yx2nkJ6_wRvivrfwTPGtpIBHb56ULK7Til1FWXZWecUprjNO3P4v_iAN&sai=AMfl-YSLenNjZRbmHiol_MFTkU4-3gNh6gKa5sbqD2s_QUkQ5tuSxORloVGWKPWe4xSx6F8lKXoDj50qP6YnGdkdvoXrEWyDD9RJFVYZZ1slFjAeLqMlNEP0NCtU4V2gmTJwmHGOVpkGzIVHZF0DuRPxb7W_GlqRejJd197A93CN9_4sWjKFzCEKSrxGMFNUG6gLsNHYPKLVq67eMCY9OT3SpacjL0m_f-eHI53WkLJhk5XdiuJJ_fhOg_X5T9lYa0XmM5Fm052vtXz4MkggIIaKe_D8A6WfpGTpgTfa_aPsylcGpQnGtkO4dLuGvbVoXlPp&sig=Cg0ArKJSzIY5G5wYtn8sEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=307&cbvp=1&cstd=299&cisv=r20240215.42067&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Feb 2024 21:45:31 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 17 Feb 2024 21:45:31 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame 3103 47 KB
47 KB 26ms
25ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C600%7COpen%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hdhub4u.re
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 15:26:18 GMT
x-content-type-options: nosniff
age: 195553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 15:26:18 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 177ms
96ms Preflight
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 21:45:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 B25285800.354971241;dc_pre=CKrj3Lyss4QDFboMaAgdAekMMA;dc_trk_aid=545792033;dc_trk_cid=183816395;ord=2859653484;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N803256.134426GOOGLEDISPLAYNETWO/ Frame 0
0 40ms
39ms Preflight
text/html 142.251.40.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N803256.134426GOOGLEDISPLAYNETWO/B25285800.354971241;dc_pre=CKrj3Lyss4QDFboMaAgdAekMMA;dc_trk_aid=545792033;dc_trk_cid=183816395;ord=2859653484;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2&nis=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.166 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 21:45:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 4F1B 39 KB
15 KB 45ms
45ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 20:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Feb 2025 20:08:09 GMT

GET
H3 200 298cf7279560ac3a1e63a8de9ac263b0.js Show response
s0.2mdn.net/sadbundle/6667214961386394198/ Frame 09F6 118 KB
33 KB 40ms
40ms Script
application/x-javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6667214961386394198/298cf7279560ac3a1e63a8de9ac263b0.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6667214961386394198/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f81ea40c2dca55d5703b4c2b6e828dee820d1df4265b7f0fa0e810c34da5d762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6667214961386394198/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 18:07:23 GMT
date: Thu, 15 Feb 2024 18:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185888
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34218
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 07:45:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 en_tl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3103 2 KB
2 KB 24ms
24ms Image
image/png 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_tl.png

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4be294fb0b2af518c400655811766e73d1a31b62033ffe25aede8a1e4822b4ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 00:04:07 GMT
x-content-type-options: nosniff
server: cafe
age: 78084
etag: 17598104052742324596
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2475
x-xss-protection: 0
expires: Sun, 18 Feb 2024 00:04:07 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3103 295 B
319 B 26ms
26ms Image
image/png 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:52:22 GMT
x-content-type-options: nosniff
server: cafe
age: 17589
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sun, 18 Feb 2024 16:52:22 GMT

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame B1F0
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1885389/77498866/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015691919&ias_pubId=pub-2205121062140812&ias_chanId=1&ias_placementId=21013602907&bidurl=ma...
https://static.adsafeprotected.com/4a.js

2 KB
1 KB

25ms
24ms

Script
application/javascript

2600:9000:247b:2c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
URL: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:247b:2c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f10d5bdd8d60943848d514b3aa6e7d4d663e669069c8ed946ff4ed262a288a07

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 18:45:01 GMT
x-amz-version-id: mquyMYJqCoGbAXGMW2KDLOw2mw5xZIC.
content-encoding: gzip
via: 1.1 e2730004afe9197a527c2569a0e0d39a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
age: 442832
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 12 Feb 2024 18:45:00 GMT
server: AmazonS3
etag: W/"2105f244154aad4862ff53a961b1f1a4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: LuwtQONwgepBJNKtbgF4YUGvQGcmWX4DzXwZ-f9MshyrQLp31YZQYQ==

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:45:31 GMT
server: nginx
x-server-name: app83.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame EC0E 91 KB
23 KB 128ms
29ms Script
application/javascript 2600:9000:247b:2c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
URL: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:2c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 08:11:24 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 e2730004afe9197a527c2569a0e0d39a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
age: 3850448
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: c0l1JcLtLT7DFhIXmpFLJt3WBczF8NnVLgjxDrRl07QsQA3Lx-CtfQ==

GET
H3 200 baba1a3082b659968bc2e7ce4201a024.png
s0.2mdn.net/sadbundle/6667214961386394198/media/ Frame 09F6 1 KB
1 KB 30ms
28ms Image
image/png 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6667214961386394198/media/baba1a3082b659968bc2e7ce4201a024.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6667214961386394198/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d30fee41f2e79e1770d98350e1b06185e11c1c77504d79c20322704e6b0d78a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6667214961386394198/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 11:30:25 GMT
date: Thu, 15 Feb 2024 11:30:25 GMT
x-content-type-options: nosniff
age: 209706
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1365
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 07:45:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 6029cb0197791d2a34246a6563f1f3e9.svg
s0.2mdn.net/sadbundle/6667214961386394198/media/ Frame 09F6 2 KB
975 B 30ms
28ms Image
image/svg+xml 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6667214961386394198/media/6029cb0197791d2a34246a6563f1f3e9.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6667214961386394198/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6545b9b4223e59ab2afb9790ba86e47a0f937a3f73ca2a70b1087aa4ec617824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6667214961386394198/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sat, 15 Feb 2025 10:03:20 GMT
date: Fri, 16 Feb 2024 10:03:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128531
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 945
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 07:45:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 62654008d1fd75660b01f1a53cd2adfb.svg
s0.2mdn.net/sadbundle/6667214961386394198/media/ Frame 09F6 3 KB
1 KB 32ms
31ms Image
image/svg+xml 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6667214961386394198/media/62654008d1fd75660b01f1a53cd2adfb.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6667214961386394198/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f88365cee0608fb62b6154dab4be97766527391906720224b0684684b6454602

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6667214961386394198/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 20:25:41 GMT
date: Thu, 15 Feb 2024 20:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177590
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1149
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 07:45:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 acc5fd64bab7a6ae2346ad0e818e3f81.svg
s0.2mdn.net/sadbundle/6667214961386394198/media/ Frame 09F6 4 KB
1 KB 30ms
29ms Image
image/svg+xml 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6667214961386394198/media/acc5fd64bab7a6ae2346ad0e818e3f81.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6667214961386394198/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef098d286b8a030bbfc2ecd18e20319308060dcc2da2f562d3040a13786e8e35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6667214961386394198/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 11:00:04 GMT
date: Thu, 15 Feb 2024 11:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211527
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1463
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 07:45:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 df9260ced85e11716696106d19aac9ca.svg
s0.2mdn.net/sadbundle/6667214961386394198/media/ Frame 09F6 4 KB
1 KB 31ms
30ms Image
image/svg+xml 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6667214961386394198/media/df9260ced85e11716696106d19aac9ca.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6667214961386394198/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbc308fda8ad7bfe891ec474922977b14645d0768c4e6be28782046f8c052bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6667214961386394198/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 19:41:39 GMT
date: Thu, 15 Feb 2024 19:41:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180232
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1419
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 07:45:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 e7f4a8c561339025b713e374d1bf0f4d.svg
s0.2mdn.net/sadbundle/6667214961386394198/media/ Frame 09F6 3 KB
1 KB 30ms
29ms Image
image/svg+xml 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6667214961386394198/media/e7f4a8c561339025b713e374d1bf0f4d.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6667214961386394198/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96461ef2debeafc9d68f1892b86d8de5934802b6da9463c25f02515723791d9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6667214961386394198/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 17:17:13 GMT
date: Thu, 15 Feb 2024 17:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188898
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1221
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 07:45:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B1F0 43 B
215 B 306ms
93ms Image
image/gif 2600:1f13:800:7781:cbe6:a42e:55d7:3029
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1885389&asId=c28d7b1a-7240-f2bc-fadd-32902463de64&tv=%7Bc:4tGk3Q,pingTime:-3,time:115,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:40%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:115,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:40,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B101~0%5D,as:%5B101~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u4AbGtR+11%7C12%7C131*.1885389-77498866%7C1311%7C13121%7C1313%7C141%7C15,idMap:131*,rmeas:1,rend:0,renddet:na,siq:42%7D&br=c
Requested by: Host: f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
URL: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:cbe6:a42e:55d7:3029 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:45:32 GMT
server: nginx
x-server-name: dt26.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B1F0 43 B
216 B 298ms
88ms Image
image/gif 2600:1f13:800:7781:cbe6:a42e:55d7:3029
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1885389&asId=c28d7b1a-7240-f2bc-fadd-32902463de64&tv=%7Bc:4tGk3S,pingTime:-6,time:117,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:117,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:40,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B103~0%5D,as:%5B103~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u4AbGtR+11%7C12%7C131*.1885389-77498866%7C1311%7C13121%7C1313%7C141%7C15,idMap:131*,rmeas:1,rend:0,renddet:na,siq:42%7D&tpiLookup=ao:hdhub4u.re*%2Cf66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com*&br=c
Requested by: Host: f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
URL: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:cbe6:a42e:55d7:3029 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:45:32 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B1F0 43 B
215 B 210ms
89ms Image
image/gif 2600:1f13:800:7781:cbe6:a42e:55d7:3029
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1885389&asId=c28d7b1a-7240-f2bc-fadd-32902463de64&tv=%7Bc:4tGk5l,pingTime:-2,time:208,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1210,beZ:1213,mfA:1218,cmA:1221,inA:1221,inZ:1227,prA:1227,prZ:1243,si:1251,poA:1253,poZ:1288,cmZ:1288,mfZ:1288,loA:1326,loZ:1329,ltA:1417,ltZ:1417%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:40%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:208,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:40,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B194~0%5D,as:%5B194~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u4AbGtR+11%7C12%7C131*.1885389-77498866%7C1311%7C13121%7C1313%7C141%7C15,idMap:131*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:42,sinceFw:164,readyFired:true%7D&br=c
Requested by: Host: f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
URL: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:cbe6:a42e:55d7:3029 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:45:32 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 591e503099a13a95f232d586dc01ca8d.svg
s0.2mdn.net/sadbundle/6667214961386394198/media/ Frame 09F6 84 B
128 B 33ms
33ms Image
image/svg+xml 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6667214961386394198/media/591e503099a13a95f232d586dc01ca8d.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6667214961386394198/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

294e711c408b119da5f836e937f22417d890b278a55c69c38189f83517078c55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6667214961386394198/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 13 Feb 2025 17:00:05 GMT
date: Wed, 14 Feb 2024 17:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276327
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 07:45:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3103 0
0 98ms
96ms Image
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C3Urj-ijRZey7G8T6zLUP4umtgA_a07vmdN2Dt82iEufjor3AARABILGT7Xlgye6Oi8CkjBCgAeP_8sgDyAEB4AIAqAMByAMKqgS0Ak_QZNpZHAG6sT5nSsM2eea4hffgP1_5FuKi6ULTDSqzP7OPIMQR8_kXoOJM_rUfw0rHr5mgiebMd0yB0L4XY3IR3sqFQ0K_VQajqGhlmOP5sl-whk6Ca6tC2GdO7bPP5iph7P5PDLff9J7xLOW7iB9ETq-dPsGBtJHK0y9ZAbim92zEdEo3CC_Q_FneMFFrVLjY3NzIaRrVQ4RsvIAvQcCd6rSOyIzDI3sGuOo9cwVcPS28tYzHa8doQhUrznvulP1Kgm-pB-VqZxyhkL2ki1qRUYZgaxyHULt4761NQslLLW4PvgoEy5M1ZBu8oDFmn40yfzm_sh-h59KIarQCYxnSvqfvKy4CxoE1VktByI0NUzRW2HiyJcu9wh7ZjfT2F3YliaHkj8UYVMkHjJuJ_pMz7bmKwASc0b-KzwTgBAGIBYSImZVNoAYugAeFgI03qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwHyBwQQ7KII0ggkCIBhEAEYHTICigI6CYBAgMCAgICACEi9_cE6WLHV_Luss4QDmglLaHR0cHM6Ly93d3cuYWxveW9nYS5jb20vY29sbGVjdGlvbnMvY29sb3IvY29sb3ItZXNwcmVzc28tY29sb3I_Z2VuZGVyPVdvbWVugAoDyAsB2gwQCgoQkMGX5tSrqpFtEgIBA-INEwisiP27rLOEAxVEPbMAHeJ0C_DYEwOIFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItOTY1NTgyNDU5MzMxNTYyNRiC83I&sigh=ubtsWRm4rJg&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_WfNYmd1dk7bAhdukYdmoYhsUs2kWJj0HX4mvZqDOa8x1I8K5k89TirWlY0aPvuBC2XV4F0rE53KL8-McRFlWo0kE6GFn1rveDTUYAQ&template_id=5021&cbvp=2
Requested by: Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B1F0 0
0 62ms
61ms Fetch
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3x_Ib26OdFYPE1GbE5ALM7fFzPQWLRlLlPK0KIRpUUqIJIWmVMYu29QruMNIipYU4qg7h3Q0sUNJlP1ZFTyogvd9O_Dc9D-wDMADCLYshC67cJqMCK5AyNgIl0812nUkPsIeywncIcQjvLZNaEAuBGzRp08sOGEtRm5hA7dqtR2-ED5ls3R1uWH6lPt7fePHxBWBUIz6Mhzt_nh7D4qKYDjxydi317g4lrV_j6Ury_m4nfgm5jbDP6OXtskbzy7LcBKpQ04zcn8dGqPW9faD66YFjl3tIcN5mKZriwCYg-fQFdfMYZ-Pfg88Bvoae0OIEryocuJgn2awHbAf-8eagri4_ADjEgRQuwpdTZSIsHJshfC6HsgkAvIUNhcn3RJYwNPUrA0drZ_jbb2MFGTx4fIG7tx66E58_tO1VobOgHJFgGXkoQ06ewx_9JFusIDmbxz7kVjBzlCsp9XntIg2bK5ZPTkvd8HI2ZDXsjZX_tLCIW6wiP5UdKkMdaktCOFEuqVAUpi12UP6QfOh4BIWxWAexb4l4L5YuY4_TDxw1ly67UECxcPFGfLKozfhrIn8zbLKaC6rRoNC3s5Q4YwZ6qvcRpFLtp8Y_FgFslZxSKQSiMJtl2rvjVVTRZyXadumdp622Sm_13GW7dAVvDuaYLEWICRYLDC6AhgJtA2sMPTvXSqxVJxj0OqKAJhELdNvLnosugqzraqdNKqwobzsu2rWL-9oimfRN7YMmCvpOSsPwlT3PoLbE-7zxTgyndbddrvrGHqiDOVp39SYD3e-lPOAIeaD1z6zMPunEcvGuQcemJptUe64GR8RTQBCvSRb69o6UiSFWDxiT09wDyu6k1kL27xcIowJgYi1AdsRNaKNHtJzYiiyltYEHTSkZ_uXcpT8ZzUoU25LT_pA-qx8qEcIuoa9iKtOj96jkKLmbxwKtlNHlNbyeq8jAQqQHKAI_lv8JJyX3Hw7nzMGT0AjhDVn-I9Omdi_qANJjfULbZ7igSt-4q9bME8Yf7hl461p4iyTKVRj4WfDiBx2zQd7LwfsZo3RVICYuik_49yrUSsW3d6gBker90EnLTMzqvVq_WGqdgoJ2RI-zhKkMlJ5g-QwF7lttm2AODYQb-2jCbXwcVSzvQPOmwL06MGZtwXq6ZnPKRzYGOpAq5bg3kIvEGTQI_mHN9YuuDUm6U0-mBdfo18oLqZSxUMrpPh-IBg2yysJY6h-KVIhYetGmKl1YNfFk9_6RNdi6c7KyNJ-DZT-TGCrPetXByfEf-ajylrhNi2_KYgCtZpH7s2WFryCXlvlSSXmoqyR0jFzwb6hhsqfcEI0oQHpfAZ69qpuCIookr5IrBWiq6P7H1xg-YMxF0Gcn4aIhyhYuVVsgIBtmeeh977FUXHiQzgh8quz4Fd5mK1fkZE9idcF-ZtKdxFDo6sWUFx-ZT3FBqr_mtCxxh1xWG7Ap8pBnzsPdF8wDNIjNJxwPh70VfcPM4Nksc74zAcXaHNDoqzad3cY1yx2nkJ6_wRvivrfwTPGtpIBHb56ULK7Til1FWXZWecUprjNO3P4v_iAN&sai=AMfl-YSLenNjZRbmHiol_MFTkU4-3gNh6gKa5sbqD2s_QUkQ5tuSxORloVGWKPWe4xSx6F8lKXoDj50qP6YnGdkdvoXrEWyDD9RJFVYZZ1slFjAeLqMlNEP0NCtU4V2gmTJwmHGOVpkGzIVHZF0DuRPxb7W_GlqRejJd197A93CN9_4sWjKFzCEKSrxGMFNUG6gLsNHYPKLVq67eMCY9OT3SpacjL0m_f-eHI53WkLJhk5XdiuJJ_fhOg_X5T9lYa0XmM5Fm052vtXz4MkggIIaKe_D8A6WfpGTpgTfa_aPsylcGpQnGtkO4dLuGvbVoXlPp&sig=Cg0ArKJSzIY5G5wYtn8sEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=994&vt=11&dtpt=687&dett=3&cstd=299&cisv=r20240215.42067&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Feb 2024 21:45:32 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B1F0 0
63 B 60ms
59ms Ping
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFsVfmYFEVFx0skT0MZSyrPCag7LahFft6UK5dIVd8z225H-bkwB9mXvdehy9Xae1KwJrOhJgVVuI-8qFOAi5ZBJ7rQWAI3R9qp0N8umDnofFyTOImCIalaE9OdXFF_uyz_bV4T7Ze8iplhp_XfiYDqZeaOEJU8I5jDKZhBai0uxGWQPaSBr_a7Qvft9N_83_KwSomdOhfNmDFESNkgqzqECYhAu0Ym3_vw_o&sai=AMfl-YSD4faGt2dhKSU15IacTaIEgsy4-liowk7tEjGM94OJpC3YB2-TnK2_Nz1RmTPhiN4QBYEaC1KYehgTe6OzxXWhHjk1UYh1QaZub5XpbkiP1qzVGOWls2qbjsGoDg5pALh4E3tWYOiQCD7DCZ85-zp0Crc&sig=Cg0ArKJSzE4SAI3C9fHFEAE&uach_m=%5BUACH%5D&urlfix=1&vt=13&adurl=

Requested by

Host: hdhub4u.re
URL: https://hdhub4u.re/0.9177470730060231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 passback_300x250.js Show response
static.adsafeprotected.com/ Frame 5858 3 KB
2 KB 27ms
24ms Script
application/javascript 2600:9000:247b:2c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_300x250.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:2c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id: vr1Fa3eAVtG7AGe6kPa1Y0WAZAHvQkII
content-encoding: gzip
via: 1.1 e2730004afe9197a527c2569a0e0d39a.cloudfront.net (CloudFront)
date: Wed, 14 Feb 2024 07:46:58 GMT
x-amz-cf-pop: JFK52-P2
age: 309515
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:42 GMT
server: AmazonS3
etag: W/"44f0ac540dc9c11f94344414c879b658"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: es1ZyvKW-ARMDW9Dk7DVN_I_4GNf3IWyvyTlHZS9hynA7-71N91K4g==

GET
H2 200 IAS_PassbackAds_300x250.png
static.adsafeprotected.com/ Frame 5858 14 KB
14 KB 30ms
30ms Image
image/png 2600:9000:247b:2c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_300x250.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:2c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id: 5gVOAFoF.BCvnrybv6D.a4lGJXzJNSyO
date: Fri, 16 Feb 2024 08:09:42 GMT
via: 1.1 e2730004afe9197a527c2569a0e0d39a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
age: 135350
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 14233
last-modified: Fri, 18 Feb 2022 23:28:59 GMT
server: AmazonS3
etag: "65a8b98b798ce416d94c2847aca40c71"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: hrEBfeOPuzInqNms7T1on7yxrG7ZAWGB03WeXzoJcX3KkLtP5pGF6Q==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B1F0 42 B
64 B 93ms
93ms Fetch
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2oMKecrPqdE-Keo0C_uZX85jZlj2jWWAZnJhrwoCkien-hnVhfW7oBDE4K44UG1NozmXE166ftLS2trxQgMAUyQfQIy-9kIFBeN3ba_qwH8HC8AzJ2EmhtrZtxB7KfXBQ0AEe1HFFLvZzoCadrET-H7FXn7nNe6g&sai=AMfl-YTbEjdcKlKyeh2fyVU_z5Ji4tHz2fShZWifvu1_6cRvZ8CJ124GHhC0PvJWsWlhq8494Zib8RPwZUNtj9zOnBPAVu5Kae5uA3ZOK-if64SlvOdQn9bXSYmLEgjbbcJKYuX_h1uK6p6S4WLiqg89&sig=Cg0ArKJSzP5LPCYxzyOpEAE&cid=CAQSTgAvHhf_9GPPeSf8VGDpHAJZks_yClVj1g-IG6FYNftCz8HMvZhzvtgGyOTssv6bZBp2AGnWbB2UF-W62FFz2mnBWqUkCG0oaRdiNOXnXxgB&id=lidar2&mcvt=1003&p=0,0,250,300&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20240125&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4022176879&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170820633100&rst=1708206330643&rpt=576&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/m202401250101/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:45:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F1B 0
20 B 97ms
96ms Image
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BR8Hc-yjRZc_OArTRoPwP3JevEAAAAAA4AeAEAg&bg=!ERKlEl3NAAZN4L4YbeA7ADQBe5WfOLD6KgDHpcKOBCwjdUMG0WeoqqkPAexFGbWTR8QTbER0uwtgHpT_Vam03775UbJSAgAAAZJSAAAADGgBB5kDYI8zDCONzkOox-rHkpSlP8yGrEAQo5TCo0lny_9WgGCQ-9p8OELj_6yh_PNJBVGQ8X-EVX2oLG2cZ6p0B7BGF_ZWkcYlEt0vMIaTLL1b2b5JpZ29fZ_K1_dN_wYaNGl8fuzHlUxjgZtjEYMAXRgyksXxmbNc77P9EvSp4iCLSDqs77k1UyToFeQPk5A3-IMr9bt8AsYLsatzbJ318oyDLwtXylSr8M79qoz-mJQyOt5U4Y9GJmpMCh2rYxjRCx_PLDrJYDoKMZc-mRNF2K6IEtw4lbhffEjoJJCla2fpHULWqOB2s4HX0mCUBW1ZFHHzO-gzJDjb1oldMK2v-j9Kg7j-5DxGQ9DqKuSC04nNHUf-X7EOaSBI6evZwOVuOT6PQbL-VKIY8jpvIuhRlkzqCOH5uYvvxC1hsj39rz0RT3viUQQ2X2VW43OvX5F6GMwYePHAJ-N-ZxfPewg8nPcKW1LOAbUmkasI1tarLl9g7Bml5V83TQJp-fLSYOTzYZcbx-xYSfUoOtOnY10GDye071z9c_OhwKLhOiqTIY1X-9fz6m48662kXmk-BlW2W5eAjbjHv3nFQQQbGiLGTSvN046fMndzl3yM9gww-TwZ3c0eYVtnhv0b4WVrR0NS0S7J6SPjkvqGYs51O9rusZaHtaXuz1ct3Q99z0B6_tLWC33RRsLIUJqecM09UdbcISQgpml9TdWF76cwS1TAFW6japjnI0_zcjQv4IIUfgdBihMXyJ7N0Oj3klzTX4aDSpLbJriFvBxYnoM2B4T_xwfs2nUnk2eqUFSPkGrBYr-RbsiMpMfL1qIxKz8Fbh-g_lpF5SfIul0aRIG83rd-55mdoMPa3sfBbjbYkp0eS7kCvpkI5PFIEk4EvtKXF4nx2mFSFh34fswfJIpDTSRH3AoNSBMShM8aMnse6RlXiKvj4TkA_1Gt9PevQYI28RQG3GjuokNUrwcgIPlhFf_hWXBSvyB-cjfA8TaHKNQP_iqlPpgGkYpGK6D4GzKTzVxTbP_fCfe_B3X9L4pbH1UT7LRE91hvhm45Hua4nkKs2LzEYGcEtUTTIiaXY0A6P7-Alm_cm2KAYeL2D4B_iUOCH6M3OJUdcGf6oIfFXRLlyrDLpPKVgOATlU80LSypssIqm7AKag

Requested by

Host: f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
URL: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:45:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B1F0 43 B
215 B 92ms
92ms Image
image/gif 2600:1f13:800:7781:cbe6:a42e:55d7:3029
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1885389&asId=c28d7b1a-7240-f2bc-fadd-32902463de64&tv=%7Bc:4tGk8Z,time:434,type:e,im:%7Bpci:%7Btdr:250%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:434,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:40,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B422~0%5D,as:%5B422~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u4AbGtR+11%7C12%7C131*.1885389-77498866%7C1311%7C13121%7C1313%7C141%7C15,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:42,sis:304%7D&br=c
Requested by: Host: f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
URL: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:cbe6:a42e:55d7:3029 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:45:32 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9F74 42 B
64 B 92ms
91ms Fetch
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVAl23eGwtduWsH7HJU4j2maMIDXu3ePi4gIK8Kl8XKgfpBTptaQJECGKQCaSg3keuxkaHqlsarK3dSzwfoI0txy3s3lZph9sKol6uqLCS4B-P4X6vX8c4a3rGuIwE4feuIZx_aDSBKM8otSQIQTWHeqVwBfO_HDo&sai=AMfl-YRyidBzK3bN5lDIwtBcwZn7kIoNSLlzy02fpQ3M5I4gjX1RkWDDvHibS4SlnNxU-3329KI4EIydTMohFWatfbBJ_99zBbbPgTugYGyPZLB_UhZDt3v8GvTm6saly-cKLnxadvjxF9WPdx74mOWY&sig=Cg0ArKJSzDSLctnolYfOEAE&cid=CAQSTgAvHhf_pLnTFB_wbTJCX3OGTf0POB7Oa1V_1UjJA-vGVh1Zrk8ZfEot58XhtGMhVnU5LzVRA92vyjYPw2Zn1BLLVuiSJUYKIEllCbHWGhgB&id=lidar2&mcvt=1004&p=728,1155,1328,1455&mtos=0,1004,1004,1004,1004&tos=0,1004,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=0.79&if=1&vu=1&app=0&itpl=22&adk=919832463&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=413913100&rst=1708206330608&rpt=662&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:45:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 61ms
61ms XHR
application/json 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402130101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c18843ff56ff88502437523c8cbac2667896cd69802150767bbf545d5d396e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12617
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B1F0 43 B
215 B 93ms
92ms Image
image/gif 2600:1f13:800:7781:cbe6:a42e:55d7:3029
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1885389&asId=c28d7b1a-7240-f2bc-fadd-32902463de64&tv=%7Bc:4tGkbR,pingTime:-10,time:612,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw2MDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjEuMC42MTY3LjE4NCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1708206332463%7C%7C71b4c5da2e04cc292e0906d8cfc76c99%7C%7C1605e69839cb81a076535f1842285622%7C%7C5deece562c32c4cf47ee2ed84b64b4a5%7C%7Cf8ce6209fc9ecd6d353eff3e5fc3cfa1%7C%7Cd91c26e375255bf44653b91cf60caf78%7C%7Ce7f6ff9acce5f61dba642fa4e003999b%7C%7Ca4233239bcce91439958fcdf3ec834b9%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:cbe6:a42e:55d7:3029 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:45:32 GMT
server: nginx
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 51ms
51ms Script
text/javascript 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 21:45:32 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6D93 13 KB
5 KB 25ms
25ms Document
text/html 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdhub4u.re/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 178696
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 20:07:16 GMT
expires: Fri, 14 Feb 2025 20:07:16 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B578 829 B
1 KB 103ms
45ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ac084f9cd3ee8094827204eaf0046961fd44802c923124faa022f33f381bd64a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Wmx3RYyHDBp43p95xFAurA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hdhub4u.re/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Wmx3RYyHDBp43p95xFAurA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 21:45:32 GMT
expires: Sat, 17 Feb 2024 21:45:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D93 39 KB
15 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 20:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Feb 2025 20:08:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B578 0
0 88ms
87ms Image
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402130101&jk=675654944568816&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6D93 0
10 B 25ms
24ms Image
text/plain 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2nnMeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B1F0 0
20 B 87ms
86ms Ping
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8239703731618&version=m202401290101&ct=76&x=1&cor=12750311372594526000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:45:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 91ms
90ms Image
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402130101&jk=675654944568816&bg=!JiWlJWrNAAZN4L4YbeA7ADQBe5WfOJJ5fDA5G_MLD6-NsWKA89npwlqwGOiurXxqM_apsdZ1MNLhjLI2G6f3HPQX-KuEAgAAAJ9SAAAABGgBB5kCw_6CmTjTNEhJJgHL042eoNcEr6KhqUqOW8h5FgNpcJBikU0y_o1t6ZTn4kf4jvGztrohukkJ8IFaoWbFKemha_XK4in9HqoQigq2k0Yanwy7zyy8sxYE8nE8DdRT9hnkUR00YYc7hCjT2kaio6vDEWfYItsnIMGnxtqnoYRTC29gFLrP2rN6ouoVjN5ZyEjKzaDEooR4x_sgZqUZzO-cd2TDOpHSS33YhhACeY3aiHuETtx1JfbPXHF3Kp4nDR3oqK3V2UzxeaEG5Kt8OF9WryAYhl2J9T81cWCy63BQkFlbuhrBl2Ji3nVHQaX7JbheM2Nh9fGLZndu9fyesmI7m2A0xZX-d2N4LDeA03Zn0d4U5_glcbgzeGaga5iHEJ_ESJSSH6qPK_nOl9fDu4T5yxrLAgP2yRskFmTI5zzWJhoKay9SOrzbhK19UbhjO20VaBWH4TpzF8YA-3cJ3KT4avLxC3JKJCMDhfcwKu7ZrpjiklWYHwrwdSloDSpZynbF3kxmrz16-CeYU4r6Ts6FY2uKvsad5H1ugWZ5fWbEhcfPCyajVXXAw5a4jDzdAMyjikJBqvi1CSspavUBYdDAdDLG5QdJRJqkyeoP_vlBa4bJzyzZNE0jrfqAd0jyPhb7Hmm1GzJd3DXkEiVdM8trthxQwQGOt7G8_8KHspJsPAuEV12P1o3vwoNc-cZZJ_M8P3Zm2_ibvMmq9Nvmnm0GASw6juD48sywbk9fBcfLGquE449Xge_BLEetJCv6fsSnaGDoUjiouONB2WChWMNRHGcdFkS4sK1emt-4hJQfBkw4dR8JhVxs0IpEQIVDUHOvQyG5u6PkTv5gzMGBaf6FbUUadsv2inIgGuKIgUaRQhJRe7dVXaWAOJV5hGUhw3IUDFsZDRdIXUDBlgCmhtvLhm1IMwmZGzjudBtJusqqflVVfq0M
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2 200 FOUuWSlUGPv9SqTgDPXBLMGbbpmODCynTdO9eNOLYaegCP4F6lpI9885Lmlmf9kcyJXvHH0z8_0W74JeFxNr8mVSL8P0NPCfdP_UgVjj5RZfSl99ff52dEF4Wpyh0yZYz9Hz4PKRanVEd_By2Lr2-U4kP8EKgbGLM8h4eLjmG6u-n6VERMjeFq7JtZQXnavVNQbbN...
bygliscortor.com/impression/ 43 B
543 B 100ms
99ms Image
image/gif 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bygliscortor.com/impression/FOUuWSlUGPv9SqTgDPXBLMGbbpmODCynTdO9eNOLYaegCP4F6lpI9885Lmlmf9kcyJXvHH0z8_0W74JeFxNr8mVSL8P0NPCfdP_UgVjj5RZfSl99ff52dEF4Wpyh0yZYz9Hz4PKRanVEd_By2Lr2-U4kP8EKgbGLM8h4eLjmG6u-n6VERMjeFq7JtZQXnavVNQbbNQQ03ewG7nyEr21hOT4X51l2XosTLpmjAhcAa3JGjBVxOPuB5wgRlPaU2jYtrhueigZFzoMj7bzTX65BSMv3EUvRelZ-9ArhdHTMSdCpJb5uAC1SPKygvtc_UH0zDwXwis1fJ5pZdb3q2KxK1DJG7YW9YfGRoNAf6Vck2Os=?_z=6981480&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&pl=https%3A%2F%2Fhdhub4u.re%2F0.9177470730060231&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&js_build=8&sw_version=v1.320.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:35 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-length: 43
x-trace-id: 398e2376c2afa49575cb3dadccc51aad
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame E438 11 KB
848 B 39ms
39ms Stylesheet
text/css 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

Requested by

Host: bygliscortor.com
URL: https://bygliscortor.com/401/6981480

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

859bbc3840ddbfac2cbabd04217077fcab6f31a0e24a9f7ff1a2ee6246ba5319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 21:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 19:56:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 21:45:35 GMT

GET
H2 200 0377052970676.png
static.ptoahaistais.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/ Frame E438 2 KB
3 KB 100ms
100ms Image
image/png 139.45.197.154
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ptoahaistais.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/0377052970676.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.154 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: dfc621aca09ed0c1488b5131d842363a53b81589c81e60fd0de8d639f927acc6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:45:35 GMT
last-modified: Thu, 08 Apr 2021 14:22:06 GMT
server: nginx
etag: "606f118e-932"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 2354

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E438 15 KB
16 KB 25ms
25ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hdhub4u.re
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:25:26 GMT
x-content-type-options: nosniff
age: 166809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 23:25:26 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E438 15 KB
15 KB 25ms
24ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hdhub4u.re
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 15:37:10 GMT
x-content-type-options: nosniff
age: 194905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 15:37:10 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 39ms
38ms Ping
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-QFVL8KLXT6&gtm=45je42e0v9104276498za200&_p=1708206329585&gcd=13l3l3l3l1&npa=0&dma=0&cid=1409589444.1708206330&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1708206330&sct=1&seg=0&dl=https%3A%2F%2Fhdhub4u.re%2F0.9177470730060231&dt=Page%20not%20found%20%E2%80%94&en=scroll&epn.percent_scrolled=90&_et=8&tfd=7305
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QFVL8KLXT6&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hdhub4u.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:45:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hdhub4u.re
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Trebuchet+MS

Domain: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimp/N803256.134426GOOGLEDISPLAYNETWO/B25285800.354971241;dc_pre=CKrj3Lyss4QDFboMaAgdAekMMA;dc_trk_aid=545792033;dc_trk_cid=183816395;ord=2859653484;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2&nis=5

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
my.rtmark.net/	1970-01-21 03:15:42	Name: ID Value: 82a89e520dfe4cfc968b91da9bf8eacc
.hdhub4u.re/	1970-01-20 18:31:32	Name: _gid Value: GA1.2.1760992644.1708206330
.hdhub4u.re/	1970-01-20 18:30:06	Name: _gat_gtag_UA_89947843_1 Value: 1
.hdhub4u.re/	1970-01-21 04:06:06	Name: _ga Value: GA1.1.1409589444.1708206330
.hdhub4u.re/	1970-01-21 04:06:06	Name: _ga_QFVL8KLXT6 Value: GS1.1.1708206330.1.0.1708206330.0.0.0
.doubleclick.net/	1970-01-21 04:06:06	Name: IDE Value: AHWqTUngjuySbehGoBfeaVfKnrmyfOIRMczTmoaLChTCPkycE49e26f7qffWIalS
bygliscortor.com/	1970-01-21 03:15:42	Name: OAID Value: 82a89e520dfe4cfc968b91da9bf8eacc
.casalemedia.com/	1970-01-21 03:15:42	Name: CMID Value: ZdEo.0t3ud4AADPnAA61JwAA
.casalemedia.com/	1970-01-20 20:39:42	Name: CMPS Value: 1290
.casalemedia.com/	1970-01-20 20:39:42	Name: CMPRO Value: 1290
.adnxs.com/	1970-01-21 04:06:06	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-20 22:49:18	Name: APC Value: AfxxVi4sXg2iOBwQZGCYn_l5StKeQ_6-2Jvdvgf3SNZvC8ESIIX3QA
.doubleclick.net/	1970-01-20 22:49:18	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:39:42	Name: XANDR_PANID Value: HtGjd8_nNJMwTt4sXR_BWD1dgfbH2BaTmFXPEk4cAUXyUKgOHvTtpdWEGyUpFEba5HzAlqVgqfnoF8teycYNG1-WRg8y-nHPrhBuwvngShw.
.adnxs.com/	1970-01-20 20:39:42	Name: uuid2 Value: 4928810828616401721
.doubleclick.net/	1970-01-20 18:30:07	Name: test_cookie Value: CheckForPermission
.adnxs.com/	1970-01-20 20:39:42	Name: anj Value: dTM7k!M41.D>6NRF']wIg2IljIXcYO!@wnfH8K6pQK`!5=E<L5?%K/?MPv[9nBXYgP[ai)>dY1fU5[8nHGY/S@z0bpRzqF1`b`$P3lmB
.hdhub4u.re/	1970-01-21 03:51:42	Name: __gads Value: ID=d323003b61ae3bf6:T=1708206329:RT=1708206329:S=ALNI_MbY1ul48kuSQiGx5EanOdymXqR9gg
.hdhub4u.re/	1970-01-21 03:51:42	Name: __gpi Value: UID=00000dcad1e6e0bf:T=1708206329:RT=1708206329:S=ALNI_MYKLXMxdaZ9DrPdnTsgNNbz_JPb8Q
.hdhub4u.re/	1970-01-20 22:49:18	Name: __eoi Value: ID=0898d5388c18b69e:T=1708206329:RT=1708206329:S=AA-AfjZlPHfArG4qhxPcNU7TFj_y
.googleadservices.com/	1970-01-20 20:39:42	Name: ar_debug Value: 1

68 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://hdhub4u.re/0.9177470730060231 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://hdhub4u.re/0.9177470730060231(Line 942) Message: Access to link element resource at 'https://fonts.googleapis.com/css?family=Trebuchet+MS' from origin 'https://hdhub4u.re' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fonts.googleapis.com/css?family=Trebuchet+MS Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://bureauelderlydivine.com/api/posts?token=Lzk5LzEwLzM4Lzk5MTAzODQwNzBlOGFhYzYwMzE4NzAzNTczMjM0NzhjLmpz Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://monthcurrencybeam.com/4f/4b/6d/4f4b6d4c10533cebc108ea520a776cca.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Mixed Content: The page at 'https://hdhub4u.re/0.9177470730060231' was loaded over HTTPS, but requested an insecure element 'http://coolserving.com/z53H25eFgED0n3KBJnxoYTmv_eF1MZdIuiFkAJVrLWXcR9emOhpNbjflUzw9sjtpGCBl9JqoqBhkoLKP54iS_e1Y3-tRW7w6kD4vkYoWoobeO5E2Cz_zbfRDn_sjqawE4UjmiMcC4mEbD_WwUSacH1yY0uUmINmRU1RnluKhUpVhNiRqPiKjlQBHPjiubtJJpcF681sha8vAL7dbRSfa630f3pjR_dlqPKUeq44zbwync_Ec_Syozh5C3plLxGRf1FylKR_qVuaAQ0BTm5Zi32DqVRAIRVxE7qQAetRtKfn6Sw6eWt4xEaowXuEkX4chbtjEBTn3C-aYPm_WSmlgAF9RNbG51u54AlPxLaBMOpUEVRGA2PxrQzl6HKFkwghI9E2cQinP8rAQrxiTfQ6Q4KYk8gMVAsl4Vt3pXsgY8EryEaM16pxnv8ckFT7wFxEzz9zAxTgxJFUJwHWPdTsto9oYBZRG1FZEX7aM9xG5UetsqXSNotWjPJ_Vr-qlk?DC=HZ'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Message: Access to fetch at 'https://ad.doubleclick.net/ddm/trackimp/N803256.134426GOOGLEDISPLAYNETWO/B25285800.354971241;dc_pre=CKrj3Lyss4QDFboMaAgdAekMMA;dc_trk_aid=545792033;dc_trk_cid=183816395;ord=2859653484;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2&nis=5' (redirected from 'https://ad.doubleclick.net/ddm/trackimp/N803256.134426GOOGLEDISPLAYNETWO/B25285800.354971241;dc_trk_aid=545792033;dc_trk_cid=183816395;ord=2859653484;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2&nis=5') from origin 'https://f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://ad.doubleclick.net/ddm/trackimp/N803256.134426GOOGLEDISPLAYNETWO/B25285800.354971241;dc_pre=CKrj3Lyss4QDFboMaAgdAekMMA;dc_trk_aid=545792033;dc_trk_cid=183816395;ord=2859653484;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2&nis=5 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://hdhub4u.re/0.9177470730060231 Message: The resource https://fonts.googleapis.com/css?family=Trebuchet+MS was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ajax.googleapis.com
bureauelderlydivine.com
bygliscortor.com
catimages.org
cdn.ampproject.org
cdn77.coolserving.com
cm.g.doubleclick.net
coolserving.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
f66d62460a981707268d8d4d59142438.safeframe.googlesyndication.com
fleraprt.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hdhub4u-comments.disqus.com
hdhub4u.foo
hdhub4u.re
ib.adnxs.com
image.tmdb.org
monthcurrencybeam.com
my.rtmark.net
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.ptoahaistais.com
tpc.googlesyndication.com
tzegilo.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
ad.doubleclick.net
fonts.googleapis.com
104.18.36.155
139.45.195.254
139.45.195.8
139.45.197.154
139.45.197.242
142.250.65.194
142.251.35.162
142.251.40.166
142.251.40.98
172.240.108.68
192.243.59.12
199.232.192.134
2400:52e0:1a00::1068:1
2600:1f13:800:7781:cbe6:a42e:55d7:3029
2600:9000:247b:2c00:8:48e:53c0:93a1
2606:4700:3030::ac43:935e
2606:4700:3030::ac43:9df2
2606:4700:3032::6815:41fc
2606:4700:3033::6815:3dfe
2606:4700:3036::ac43:c134
2607:f8b0:4006:809::2001
2607:f8b0:4006:80a::200a
2607:f8b0:4006:80b::2006
2607:f8b0:4006:80c::2001
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::200e
2607:f8b0:4006:817::2003
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::200e
2607:f8b0:4006:820::2004
2607:f8b0:4006:820::2008
2607:f8b0:4006:824::200e
2a02:6ea0:c400::12
54.84.238.155
68.67.179.87
0115e2a546a748f5db2f68912db503dadda30b2e1f11516bb1c7e8c50bff8063
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0224d72c3d2cd8261d34f6c41289a401874af6464513b59b35d8c0d86b1583d9
0964e3486392c454c00143d8816a05843b79cff6b1de609c0b8d322f323b17f3
0a7c5cebbb6d6eff010530c59b73e9e423125219661ff9bc5866c55cd17a5607
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
0f5310930719be7ef701e73b540cdfe6d0eeb918d1a93484e2d1d2788f32577b
0fb566e2e6e4132f147ae593fdd61bdd7af5306880e8fcfe9e2c646d50758a5c
12fc4b10a91619c19bcf68ef2f722e067fe045b1d6f600688eb87930fb908506
13cb40fa8e632a4220e6d4bdd998c65b09d0467ce6981c658648ff2a322b6120
163978ac95e2e8c5929bea2a5a4722724582e05a2ed6aa5ecb424c1e9f871352
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
178330e83676d9a537c2ed6b2a6d7a2659968fa814b59ffa2c8e945a907c8d49
1fa3ff887375803e2e8235f882143bef7f2eb61f4046318e0b3cd478099ecb51
2125b73ae211f46f82ee27eee87e5aa312c5bbf2aedca1b50b7d80f21fd3d5d2
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
288fd8ba8cb04967d8ffdb274e8828d79fe679e6991ceff828f0f48e04f315db
294e711c408b119da5f836e937f22417d890b278a55c69c38189f83517078c55
29770f01b88052c400040d96ff5dd4711392581e245fc895fa3499be92fc72eb
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2e196c67c978071827a3bd1fdb989d0d8ed850ba0cd61f1cb97952b7bd589981
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30297e4399a5ed0c12ff07932159b316dea625365eb3d47b4c56e527c61623ca
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33197f40746917701227ed14258cbec6706787fb7ca85031327cafa8103a27e8
33e484423ef906a2b9ba964682e174bb252c3fed27676461a686dd2e21834c68
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
366df13410c07651ef230324c955c3c96735707a54dfa20c2f45b62238a5c95a
371081b3096d2f86467a072296b3f764ae833f59ac8d392f4b573e6d4eeeffde
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3c6d9094eb844f880f0c3920165d9a56d374d3524ea5fecf307a1c074f849b30
3c998dd8e91dd8207d8d2fdc223e58340c6f691bdd0164a8d87851d7ba64ce4f
3d30fee41f2e79e1770d98350e1b06185e11c1c77504d79c20322704e6b0d78a
3fca9545e7e6b4a6b6caa7cabda77e9f6a87cdfc32ed34c2e106bf9d1bb2f231
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42db956af3d163d55440d285487b7aa900ece14accfe222fbfe97f282d78a6ce
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43faccf52ac8ad0e0c7df42891fd7fffcab85881cde34fae91e2899363413c7a
44780344563fa14fe8664888dafa24e513299ee994ae2a6def74392183915f39
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a156c87a0f185e2b8163a5cec7b799e5217da4df0599b030a195aef7b618d3e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4be294fb0b2af518c400655811766e73d1a31b62033ffe25aede8a1e4822b4ea
4c048682d98b95d9e7b87863ae6cee20656084eeffbb7c3866e2cb35d72ac241
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4d837a0efb1c1037a22e43efaa347147392c289036b0f147e5607b830f9d921f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
588e2b076a5f4767c9d4e8afd7eb89b4498ec9cd250e81f86fbeb23c95911cb6
5ab35e657657777dfd6fe0bfdace38cd2e535dd11fefaea082ada8933e6f998d
5c76ddb42f2f4e3c85ae7458f64dc086ac7e810dc918066b14a2ee8d3e4b8d6d
5ce6f50be4985a39977529d614d8b0343bbc073c3b6cf8d3c801f125b677c327
5e1dbe30885c2e8640fc235a2a9917364536542bafd1b9e6b3e5f7c762a69d81
5fa5db1a46791c1fde47ab7b36e73bc2975811ab8550f14ca5f5aa2abbd669cd
5fbcf68ebb3b0f14fa80a9e4238d152e00fb4b3d8c453dd652db63ad4cbbf018
6001ad1261ff9a8c3a046338f797a47e670bb66af5d2cdb169907657a081d75c
6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f13c4f18340473ec8c90ac65969eefbae5d90ae8eaf36101fe2a64d88d3eed
639279e7330835e964fe232c0d17b238706946cde191eb87442c8645b2f7ba45
6545b9b4223e59ab2afb9790ba86e47a0f937a3f73ca2a70b1087aa4ec617824
662dbb2e9a1eaa62f25fd7d00eca3d78b8112c88f96f064a49aca4a6be2892d5
6669d81483d2b9e364300c9f223166c2e06a932fa7c6ef594f38498f3a9e3b39
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66d71454ac7b48566e394ff9d3b588ee9a1e31cd16d2e7c23d60dc0331f0b6cd
673398682a3d6453c12c65983f58ee4af23285984aa974f6778380d220a46b87
6a371516d364b42b9be530eff2fe670d63d522aa584ca47036aa4a359e8583c6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0e999014e6fcb85c8d78c040532ec0427b81c10b28689d5befff105c45d1a7
6c33b89f8f9654bd4773f3ffba902aa40ac78c8484bef37a96f885f919598d64
6ecad2d0f6a8937e4c51959157e67df59567085aa496b71276bf7b3ac844ab3a
6f413a963dad82bc5ceb5ff9478412d479b84ce9c4d33d91f6bcdd15b4132779
70651252ddc3ae3cc902b7f374fb9037f0a27192fb31b66acbf5300441b45ad3
719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d
741a84c2526c31486966f06ae1d6703a96ee22b608207b9354c18892f6052df4
76e581a4020cea86791076cab4b9f990adde0bdeff37e7e16027aa48ef988b55
7767a96aeebf335ae82554c07fa3bdd597cc69b3351c9ecfba037bdeca69c72a
7968c4563c67fc97327db7f574d75d4827ee3d2cf084a102d8bdbbc2ca1d7ce1
7ab386f71fceca28b3d1e7764a0d53f222fa3c8e727598b5d5802df79331d6bc
7bd567993d21b639dfb775bdc9fcb3591c712591af1650ff8f4aba823cc3bb4f
7d0038f40c8fdc05673f459191b1c800442d4dc946ba6742395a55904931528c
7e58cb050ecc9efa1dd9731d927771a31ab9067cc8854ef0a696361f3266a540
7f725b93d38815b54ec311af30eb28ad959f1f41d49558ba22af6f814094a971
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
859bbc3840ddbfac2cbabd04217077fcab6f31a0e24a9f7ff1a2ee6246ba5319
87353b4b2f3bf6ce0ef77bd3bc08f34e6a85aec3b9e7e5efb92d3bfa9d60a29d
8d95548f18d759c7b5a7186c9e70fa27867d5ab24e90b4b7cdf6cf83609907c8
8e591d2d8e9bb1257c872d85bc57b246a17a93e140722a82287026b1c92ce2c8
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
93aaac71b64ae7019823c8596b20637fed9988f1b4c10592186f6c6ebcc43fe9
93e9c4aa408f50158ebaa4656ded2875a8afe01a48ee83d1dedb0e5052bb052a
9428395c0fada5f1ccb62b0fd1adea2f73f873dd5eab81628ce6577ba978b13f
96461ef2debeafc9d68f1892b86d8de5934802b6da9463c25f02515723791d9e
97eb88015da141967b2879ea1f809c8588d4740b35508abf1330f4c309632d70
99e174a614d7cc5225fbc175fdd582b69e9e097d5111092bfe2f5f32370ada18
9cd1322da1ea248aea3fd57240f1b33da880c24b3049656a514bb3760e95b378
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1e569dfcd857b578795498cbb75f7bfb3efbe0f70207362b5b131b0c41a8c91
a271aedd228b5ed78d945bdfeaac6088830ef3e4192906f372ee6bebd44ca736
a624536b525c3135e4123b7b054ffd2482da762d79ff6501336c29c358bcb352
a6302991cdd58335c1e30b915ead52707eb198b8077003ecbb062c0d4427c837
a7b68dc85c8d7f4e3fdcfd61c9c41e633638239cf071cae0c7c802ffcba2f1bd
a7be6ddc62d5eb5ea25866362fbe27c380c01c1ccf68b56df10b306f26a23f8f
a824e11d139abab34c9c52c7c852aad98e675254fad5b4cb75102c0a4ed2e645
a8b1da1aa62079266d95a35c0fd3e6ce790021b8a32cc2a05b01ea268af3b233
abd62c83176e74def22fe39e4f60ec81b4141d4732faf02f1a16c471726d9a2b
ac084f9cd3ee8094827204eaf0046961fd44802c923124faa022f33f381bd64a
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad1fe51b75ad5579fa08cd59cefbd7ee3d6fe9de30a1a9871e6eb416cea9884c
afdeaaea9a3dffdc26c890fc6e90884319d9317c8df47e307f675d2f23684229
b085792cba4cacf7144409083b663be6d15686af10d7b3a1293aea5b7d9b3932
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b500a42d47c75fcc188c3605b3f7f80d2f18f8471e06d739783a2ec164f95dd8
b64eb664d568cf397ed278655d813f27ca95c336e53ea063f98ef13067170a86
b7235f7fbb2b5be1ce3b1ef0ca72f7e7b13b9634144966c70c041c52793a9926
b7e2931cbccea83b1b14c2a1586c19746e81e693f20b5c15f00922fbaedaa908
bbc308fda8ad7bfe891ec474922977b14645d0768c4e6be28782046f8c052bc2
bc364d7510f9b17a67ee3e9aedc57fca35db4abe6a783f0ffa6a79a1bc8ba13f
bd64f720549f0977fe1a6f83d6dca881907fb30f3d3332e2922fb6792a84d775
bd98ca66f57803c3c6d80762727e5ae866f26a95b88de9ab1fff17657de3345a
c18843ff56ff88502437523c8cbac2667896cd69802150767bbf545d5d396e7b
c26bd7f716f2de44336c5e63e51b42e1516a2e86a41dfcc08b64fc27eb53c0c1
c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4
c4ead68b8e468b10257a27f427deb77bf4247edea4ba9168cb5dae5768b8d7ee
c695ddd33411d4dba4b7cf4cd1c795d2f565a3a1dbbe2799620c4c70a401734e
c7d8e505ff6c9946a04f052c518d35e92fda3b29dac7f9b40e86b6dfb89adbab
c80409172faf270a61a46b3cafab276420371813d93a56b813d162d09eae5972
ca57a6228a90ac405d4412e31e9b745ea6c4faef37f7cedbaac3e1a9079e12fb
caffb92deb05a0d71b92c900b9e52d85c18df5e1491f641d9d7a186c56c6b1a5
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd94b2d7743016f51bc7f85580839e53c981d131ea369d5b1d2b71897b0e53a7
cf33799ff4d15ac1e42b6233ab8f3188bc340a9a2175f2cc261c5906ffe0660b
cfca96e6c73ec75b8ac3cbab97c20ca6ec467ca869617a80d1272f7544e7e1a5
d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f
d7a943fc1dcbef59beb6331eac82580cf03d8e6744dad4539f185649a73455d1
d8508848209758027adbbf1d665a08a5b603e5d154bdd755f03d01d3201879a7
d90a2e4411818a1398fb46fb9fc9d42b2476df6af7e05b568d7b56e79262e6e3
da80171367ccb86206235641cfa5efc267725e1870f5cc5c2a777dc57c7d5ebe
dc7162f7468f17842c20f6566409a3387bbe6b024b2f7348ed7071b4f6f1023a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfc621aca09ed0c1488b5131d842363a53b81589c81e60fd0de8d639f927acc6
e163f5de299bdc752f1e39c965cf5d6118d02d7a35fc3416440542b33c915738
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7074ed8d7df2c612fe5f7d4e6a8bc8b8d728107d91ff9aa3f8c32f8d2baef95
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
eaaf42c610c31466fdb5b8511ce57579d2a843ae696cd9b0e6dc930c1274efe9
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
edb3c01e1be23cd4ab06a59dd05ed00229349a2c70b703607ad37e618b6251d1
ee35da34ad87787d0ccd98bdf76bf87472440b4db131bb654ee488266e5cda97
ee7c6b6d7a78b4b50c981939dded37e508a0f0d76b28b0f3c194058d3fce3a2f
ef098d286b8a030bbfc2ecd18e20319308060dcc2da2f562d3040a13786e8e35
ef149f08bdd2ff09a4e2c8573476b7b0f3fbb15b623954ade59899e7175bedda
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f016f74c5519e6ad911ce917ddd55bc0e0988b46f0142bc4752202f539c756da
f0d9c5ca94a730775c9f13cdf91090eea353083ddbf5a71014ac0dae321df0cf
f10d5bdd8d60943848d514b3aa6e7d4d663e669069c8ed946ff4ed262a288a07
f1d5ce8ed2bdf5c3f4e75363b70253d2c5c0c1a7f5a09991c66ac928e8f65c66
f334ff8f384c4ddb0b5a8ad8fdbd49ba84407e57f8e04d2ec0b7d748df9f968c
f580e5cbe9df9ea790ef820f2898d545788a860266a3d2107721f85e3b846a50
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f62c574b96692be0cb94c3921894089946d678b08d7692d7cfacf5e1ffcf35cb
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2
f72dff2441fdd5731348f15ec6c819ccd192cdce11d922150b22f1d5134f9c75
f81ea40c2dca55d5703b4c2b6e828dee820d1df4265b7f0fa0e810c34da5d762
f88365cee0608fb62b6154dab4be97766527391906720224b0684684b6454602
fef06b6d4a00b4ec9befeacb638d08496460449c0b01920e7f2d4d3503e60ffd

hdhub4u.re Open in urlscan Pro 2606:4700:3032::6815:41fc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

214 Requests

96 %HTTPS

64 %IPv6

26 Domains

40 Subdomains

39 IPs

3 Countries

6426 kBTransfer

9838 kBSize

21 Cookies

0 Outgoing links

Page URL History

Redirected requests

214 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hdhub4u.re Open in urlscan Pro
2606:4700:3032::6815:41fc Public Scan

Screenshot
Live screenshot

Full Image

214
Requests

96 %
HTTPS

64 %
IPv6

26
Domains

40
Subdomains

39
IPs

3
Countries

6426 kB
Transfer

9838 kB
Size

21
Cookies

214 HTTP transactions
6 data transactions