urlscan.io logo urlscan.io
SecurityTrails logo

holdtoreset.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Submission: On December 20 via api from RU — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 104 IPs in 13 countries across 68 domains to perform 359 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is holdtoreset.com. The Cisco Umbrella rank of the primary domain is 758813.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2022. Valid for: a year.
This is the only time holdtoreset.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
33 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:214... 16509 (AMAZON-02)
1 2600:9000:214... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a04:fa87:fff... 2635 (AUTOMATTIC)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 52.55.166.244 14618 (AMAZON-AES)
9 2a00:1450:400... 15169 (GOOGLE)
5 3.232.245.134 14618 (AMAZON-AES)
1 2600:9000:211... 16509 (AMAZON-02)
1 65.9.66.74 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:206... 16509 (AMAZON-02)
1 52.216.109.227 16509 (AMAZON-02)
1 5 2606:4700:10:... 13335 (CLOUDFLAR...)
3 129.80.94.115 31898 (ORACLE-BM...)
1 2602:803:c004... 26667 (RUBICONPR...)
1 69.166.1.14 27630 (AS-XFERNET)
3 72.251.249.14 32475 (SINGLEHOP...)
5 34.149.20.76 15169 (GOOGLE)
1 18.158.142.172 16509 (AMAZON-02)
4 213.19.147.43 3356 (LEVEL3)
1 9 185.89.210.153 29990 (ASN-APPNEX)
6 104.18.33.19 13335 (CLOUDFLAR...)
1 2.18.232.7 16625 (AKAMAI-AS)
1 2 147.75.85.234 54825 (PACKET)
2 54.80.98.164 14618 (AMAZON-AES)
5 35.244.159.8 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 44.193.121.218 14618 (AMAZON-AES)
9 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 99.86.4.101 16509 (AMAZON-02)
1 143.204.215.76 16509 (AMAZON-02)
2 13.32.27.44 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.233.111.211 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 3.215.162.50 14618 (AMAZON-AES)
4 2600:9000:214... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 23.35.236.201 16625 (AKAMAI-AS)
2 3.228.46.33 14618 (AMAZON-AES)
1 3 3.126.56.137 16509 (AMAZON-02)
2 67.202.105.22 32748 (STEADFAST)
2 2 96.16.141.156 16625 (AKAMAI-AS)
6 23.37.42.132 16625 (AKAMAI-AS)
1 18.232.45.101 14618 (AMAZON-AES)
2 184.51.84.65 16625 (AKAMAI-AS)
2 52.58.171.208 16509 (AMAZON-02)
5 35.158.68.97 16509 (AMAZON-02)
1 34.237.159.44 14618 (AMAZON-AES)
1 2a02:2638::24 44788 (ASN-CRITE...)
2 185.86.138.16 201081 (SMARTADSE...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 162.210.196.208 30633 (LEASEWEB-...)
1 18.193.98.105 16509 (AMAZON-02)
18 2a00:1450:400... 15169 (GOOGLE)
2 3 52.95.122.74 16509 (AMAZON-02)
2 4 69.173.144.165 26667 (RUBICONPR...)
4 4 69.173.144.139 26667 (RUBICONPR...)
1 3 2a05:d018:d29... 16509 (AMAZON-02)
5 8 172.217.18.98 15169 (GOOGLE)
1 2620:1ec:21::14 8068 (MICROSOFT...)
4 3.33.220.150 16509 (AMAZON-02)
2 4 52.46.143.56 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
22 2a02:2638::3 44788 (ASN-CRITE...)
1 65.9.66.68 16509 (AMAZON-02)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
2 34.252.235.208 16509 (AMAZON-02)
3 141.95.33.111 16276 (OVH)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
2 2a02:2638::2 44788 (ASN-CRITE...)
2 2a02:2638:1::4 44788 (ASN-CRITE...)
3 13.48.34.46 16509 (AMAZON-02)
3 178.250.2.146 44788 (ASN-CRITE...)
2 178.250.2.148 44788 (ASN-CRITE...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
14 2a02:2638:1::8 44788 (ASN-CRITE...)
3 2a02:2638:1::17 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
3 14 185.80.39.216 27381 (CASALE-MEDIA)
4 104.18.36.94 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 23.35.236.188 16625 (AKAMAI-AS)
1 144.76.91.199 24940 (HETZNER-AS)
1 4 138.201.84.244 24940 (HETZNER-AS)
1 1 185.89.210.122 29990 (ASN-APPNEX)
1 1 193.0.160.128 54312 (ROCKETFUEL)
2 2 63.34.132.74 16509 (AMAZON-02)
2 2 135.125.160.77 16276 (OVH)
1 2 172.217.16.198 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 145.239.2.103 16276 (OVH)
1 2600:1901:0:8... 15169 (GOOGLE)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 76.223.111.18 16509 (AMAZON-02)
2 2 188.42.196.115 7979 (SERVERS-COM)
1 2606:2800:233... 15133 (EDGECAST)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 52.30.188.40 16509 (AMAZON-02)
1 1 185.29.132.241 30419 (MEDIAMATH...)
2 2 37.157.6.233 198622 (ADFORM)
1 1 35.204.158.49 396982 (GOOGLE-CL...)
1 72.251.241.206 32475 (SINGLEHOP...)
1 1 50.31.142.255 22075 (AS-OUTBRAIN)
1 69.173.151.100 26667 (RUBICONPR...)
359 104
33    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
holdtoreset.com
cdn.holdtoreset.com
3    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2600:9000:214f:dc00:1:4a30:d840:21 (United States)

ASN16509 (AMAZON-02, US)
d2nr2jos5slco1.cloudfront.net
1    2600:9000:214f:5a00:3:f434:dfc0:21 (United States)

ASN16509 (AMAZON-02, US)
d2f0uviei09pxb.cloudfront.net
4    2a00:1450:400d:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
2    2a02:26f0:3500:1c::1724:a36c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.avplayer.com
3    52.55.166.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-166-244.compute-1.amazonaws.com
track1.aniview.com
9    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
5    3.232.245.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-245-134.compute-1.amazonaws.com
geoip.insticator.com
event.insticator.com
1    2600:9000:211e:7600:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)
df80k0z3fi8zg.cloudfront.net
1    65.9.66.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-74.fra56.r.cloudfront.net
get.s-onetag.com
2    2606:4700::6812:116b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
2    2600:9000:206f:b000:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)
auth.instiengage.com
1    52.216.109.227 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
embedproduction.s3.amazonaws.com
5    2606:4700:10::6816:53d (United States)

ASN13335 (CLOUDFLARENET, US)
ex.ingage.tech
3    129.80.94.115 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
okodigital.technoratimedia.com
sync.technoratimedia.com
1    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    69.166.1.14 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
3    72.251.249.14 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
5    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    18.158.142.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-142-172.eu-central-1.compute.amazonaws.com
tlx.3lift.com
4    213.19.147.43 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.1rx.io
targeting.unrulymedia.com
9    185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
6    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
1    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
2    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    54.80.98.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-98-164.compute-1.amazonaws.com
hb.minutemedia-prebid.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
okodigital-d.openx.net
insticator-d.openx.net
google-bidout-d.openx.net
u.openx.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
6    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    44.193.121.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-121-218.compute-1.amazonaws.com
track1.avplayer.com
9    2a02:26f0:3500:58c::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
1    99.86.4.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-101.fra6.r.cloudfront.net
onetag-geo.s-onetag.com
1    143.204.215.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-76.fra53.r.cloudfront.net
signal-beacon.s-onetag.com
2    13.32.27.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-44.fra56.r.cloudfront.net
signal-segments.s-onetag.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    34.233.111.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-111-211.compute-1.amazonaws.com
go1.aniview.com
1    2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.nl
8    3.215.162.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-162-50.compute-1.amazonaws.com
dashboard.insticator.com
4    2600:9000:214f:be00:1c:f0ba:c200:21 (United States)

ASN16509 (AMAZON-02, US)
d2s3kjdp77ms5k.cloudfront.net
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
22    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
googleads.g.doubleclick.net
5    2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)
c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
1    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    3.228.46.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-46-33.compute-1.amazonaws.com
sync.aniview.com
3    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    67.202.105.22 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    96.16.141.156 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-141-156.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    18.232.45.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-45-101.compute-1.amazonaws.com
s2s.aniview.com
2    184.51.84.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-84-65.deploy.static.akamaitechnologies.com
video-ads.rubiconproject.com
2    52.58.171.208 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-171-208.eu-central-1.compute.amazonaws.com
x.bidswitch.net
5    35.158.68.97 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-68-97.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    34.237.159.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-159-44.compute-1.amazonaws.com
hb.yellowblue.io
1    2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    2a02:fa8:8806:13::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
3    162.210.196.208 (New Castle, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
sync.aralego.com
1    18.193.98.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-98-105.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
18    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    52.95.122.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    2a05:d018:d29:3601:c4b2:9469:8ead:7508 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
8    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
cm.g.doubleclick.net
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
22    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net
tags.crwdcntrl.net
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
2    34.252.235.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-235-208.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
id.crwdcntrl.net
3    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
2    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
3    13.48.34.46 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-48-34-46.eu-north-1.compute.amazonaws.com
protected-by.clarium.io
3    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
14    2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
pix.eu.criteo.net
3    2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
14    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
4    104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    144.76.91.199 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de
hal9000.redintelligence.net
4    138.201.84.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.84.201.138.clients.your-server.de
hal900026.redintelligence.net
1    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    63.34.132.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-132-74.eu-west-1.compute.amazonaws.com
pm.w55c.net
2    135.125.160.77 (France)

ASN16276 (OVH, FR)
PTR: ns3195934.ip-135-125-160.eu
gu.dyntrk.com
2    172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net
5994599.fls.doubleclick.net
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    145.239.2.103 (France)

ASN16276 (OVH, FR)
PTR: ns3082036.ip-145-239-2.eu
cdn.contentspread.net
1    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    2606:2800:233:f76:14f7:d635:25c4:c8d7 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    52.30.188.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-188-40.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
1    72.251.241.206 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    50.31.142.255 (Itasca, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
Apex Domain
Subdomains		 Transfer
39 criteo.net
static.criteo.net — Cisco Umbrella Rank: 637
pix.eu.criteo.net — Cisco Umbrella Rank: 7930
csm.eu.criteo.net — Cisco Umbrella Rank: 8005
890 KB
37 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
198 KB
33 holdtoreset.com
holdtoreset.com — Cisco Umbrella Rank: 758813
cdn.holdtoreset.com
572 KB
25 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 462
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 835
eus.rubiconproject.com — Cisco Umbrella Rank: 529
video-ads.rubiconproject.com — Cisco Umbrella Rank: 7542
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 894
pixel.rubiconproject.com — Cisco Umbrella Rank: 309
token.rubiconproject.com — Cisco Umbrella Rank: 563
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 957
61 KB
24 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 97453
228 KB
20 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 482
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 513
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419
16 KB
16 aniview.com
track1.aniview.com — Cisco Umbrella Rank: 1831
player.aniview.com — Cisco Umbrella Rank: 1838
go1.aniview.com — Cisco Umbrella Rank: 4882
sync.aniview.com — Cisco Umbrella Rank: 2273
s2s.aniview.com — Cisco Umbrella Rank: 2804
320 KB
14 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 713
gum.criteo.com — Cisco Umbrella Rank: 394
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14173
ads.eu.criteo.com — Cisco Umbrella Rank: 7675
mug.criteo.com — Cisco Umbrella Rank: 2835
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9848
114 KB
13 insticator.com
geoip.insticator.com — Cisco Umbrella Rank: 24579
event.insticator.com — Cisco Umbrella Rank: 20172
dashboard.insticator.com — Cisco Umbrella Rank: 46614 Failed
103 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
acdn.adnxs.com — Cisco Umbrella Rank: 576
secure.adnxs.com — Cisco Umbrella Rank: 414
44 KB
8 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1969
ssc-cms.33across.com — Cisco Umbrella Rank: 848
lexicon.33across.com — Cisco Umbrella Rank: 2050
1 KB
8 cloudfront.net
d2nr2jos5slco1.cloudfront.net
d2f0uviei09pxb.cloudfront.net
df80k0z3fi8zg.cloudfront.net
d2s3kjdp77ms5k.cloudfront.net
3 MB
7 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 912
s.amazon-adsystem.com — Cisco Umbrella Rank: 273
5 KB
7 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2623
www.google-analytics.com — Cisco Umbrella Rank: 29
99 KB
7 openx.net
okodigital-d.openx.net — Cisco Umbrella Rank: 112452
insticator-d.openx.net — Cisco Umbrella Rank: 21411
oajs.openx.net — Cisco Umbrella Rank: 2630
google-bidout-d.openx.net — Cisco Umbrella Rank: 2574
u.openx.net — Cisco Umbrella Rank: 653
1 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
47 KB
6 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 279
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408
2 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 72
2 KB
5 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 41585
hal900026.redintelligence.net — Cisco Umbrella Rank: 358773
11 KB
5 ingage.tech
ex.ingage.tech — Cisco Umbrella Rank: 8841
2 KB
5 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 3839
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4644
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 5046
signal-segments.s-onetag.com — Cisco Umbrella Rank: 8282
17 KB
5 avplayer.com
player.avplayer.com — Cisco Umbrella Rank: 8862
track1.avplayer.com — Cisco Umbrella Rank: 10004
218 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
imasdk.googleapis.com — Cisco Umbrella Rank: 405
ajax.googleapis.com — Cisco Umbrella Rank: 304
159 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 599
cdn.indexww.com — Cisco Umbrella Rank: 1485
4 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
187 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 958
id5-sync.com — Cisco Umbrella Rank: 413
19 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 315
1 KB
4 technoratimedia.com
okodigital.technoratimedia.com — Cisco Umbrella Rank: 192998
sync.technoratimedia.com — Cisco Umbrella Rank: 1274
ad-cdn.technoratimedia.com — Cisco Umbrella Rank: 2764
8 KB
3 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1366
1 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1230
bcp.crwdcntrl.net — Cisco Umbrella Rank: 881
id.crwdcntrl.net — Cisco Umbrella Rank: 1446
10 KB
3 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 18652
sync.aralego.com — Cisco Umbrella Rank: 2932
856 B
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 581
804 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
161 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 566
954 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1736
1 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 972
843 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 688
1 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 211
10 KB
2 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1528
1 KB
2 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 736
163 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 282
291 B
2 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3277
819 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 858
371 B
2 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1334
325 B
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 510
eb2.3lift.com — Cisco Umbrella Rank: 335
646 B
2 instiengage.com
auth.instiengage.com — Cisco Umbrella Rank: 18744
23 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1383
95 KB
2 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 1827
12 KB
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 522
309 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1303
283 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 759
626 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 434
660 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 480
433 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 710
425 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 802
252 B
1 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 65607
70 KB
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 707
759 B
1 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 10733
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2875
8 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 367
708 B
1 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 903
157 B
1 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2057
397 B
1 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 3033
434 B
1 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 481
66 KB
1 google.nl
www.google.nl — Cisco Umbrella Rank: 8983
501 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1377
389 B
1 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1452
881 B
1 amazonaws.com
embedproduction.s3.amazonaws.com — Cisco Umbrella Rank: 172366
1000 B
359 68
Domain Requested by
30 holdtoreset.com holdtoreset.com
22 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
18 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
holdtoreset.com
14 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
14 pix.eu.criteo.net ads.eu.criteo.com
14 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
pagead2.googlesyndication.com
holdtoreset.com
www.googletagservices.com
9 player.aniview.com player.avplayer.com
player.aniview.com
9 ib.adnxs.com 1 redirects holdtoreset.com
player.aniview.com
googleads.g.doubleclick.net
acdn.adnxs.com
9 securepubads.g.doubleclick.net holdtoreset.com
securepubads.g.doubleclick.net
8 cm.g.doubleclick.net 5 redirects googleads.g.doubleclick.net
8 dashboard.insticator.com d2f0uviei09pxb.cloudfront.net
dashboard.insticator.com
6 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
holdtoreset.com
ex.ingage.tech
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
dashboard.insticator.com
5 prebid-server.rubiconproject.com player.aniview.com
5 c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com securepubads.g.doubleclick.net
cdn.confiant-integrations.net
5 ssc.33across.com holdtoreset.com
5 ex.ingage.tech 1 redirects holdtoreset.com
4 hal900026.redintelligence.net 1 redirects c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
holdtoreset.com
hal900026.redintelligence.net
4 googleads.g.doubleclick.net c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
holdtoreset.com
4 www.googletagservices.com c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
holdtoreset.com
4 gum.criteo.com 2 redirects static.criteo.net
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
4 match.adsrvr.org ssum-sec.casalemedia.com
ads.pubmatic.com
holdtoreset.com
4 token.rubiconproject.com 4 redirects
4 pixel.rubiconproject.com 2 redirects
4 d2s3kjdp77ms5k.cloudfront.net
4 www.google.com 1 redirects holdtoreset.com
tpc.googlesyndication.com
c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
4 event.insticator.com d2f0uviei09pxb.cloudfront.net
4 fonts.gstatic.com fonts.googleapis.com
3 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
3 www.gstatic.com holdtoreset.com
c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
3 csm.eu.criteo.net ads.eu.criteo.com
3 mug.criteo.com
3 protected-by.clarium.io c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
3 id5-sync.com cdn.id5-sync.com
ads.pubmatic.com
holdtoreset.com
3 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
3 aax-eu.amazon-adsystem.com 2 redirects
3 ups.analytics.yahoo.com 1 redirects player.aniview.com
holdtoreset.com
3 track1.avplayer.com holdtoreset.com
3 htlb.casalemedia.com holdtoreset.com
player.aniview.com
3 ap.lijit.com holdtoreset.com
player.aniview.com
3 track1.aniview.com holdtoreset.com
player.aniview.com
3 cdn.holdtoreset.com holdtoreset.com
3 www.googletagmanager.com holdtoreset.com
www.googletagmanager.com
3 fonts.googleapis.com holdtoreset.com
c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
2 c1.adform.net 2 redirects
2 ads.betweendigital.com 2 redirects
2 5994599.fls.doubleclick.net 1 redirects holdtoreset.com
2 cdn.indexww.com ssum-sec.casalemedia.com
2 gu.dyntrk.com 2 redirects
2 pm.w55c.net 2 redirects
2 sync.aralego.com cdn.aralego.net
holdtoreset.com
2 u.openx.net player.aniview.com
holdtoreset.com
2 acdn.adnxs.com player.aniview.com
holdtoreset.com
2 js-sec.indexww.com player.aniview.com
holdtoreset.com
2 cdnjs.cloudflare.com ads.eu.criteo.com
2 cat.nl.eu.criteo.com ads.eu.criteo.com
2 ads.eu.criteo.com c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
2 rtb.fr.eu.criteo.com holdtoreset.com
2 oajs.openx.net 1 redirects
2 prg.smartadserver.com player.aniview.com
2 targeting.unrulymedia.com player.aniview.com
2 x.bidswitch.net
2 video-ads.rubiconproject.com player.aniview.com
2 secure-assets.rubiconproject.com 2 redirects
2 ssc-cms.33across.com player.aniview.com
holdtoreset.com
2 sync.aniview.com player.aniview.com
2 adservice.google.com securepubads.g.doubleclick.net
5994599.fls.doubleclick.net
2 signal-segments.s-onetag.com get.s-onetag.com
2 hb.minutemedia-prebid.com holdtoreset.com
player.aniview.com
2 prebid.a-mo.net 1 redirects holdtoreset.com
2 tag.1rx.io holdtoreset.com
player.aniview.com
2 okodigital.technoratimedia.com holdtoreset.com
2 auth.instiengage.com d2f0uviei09pxb.cloudfront.net
auth.instiengage.com
2 cdn.confiant-integrations.net d2f0uviei09pxb.cloudfront.net
cdn.confiant-integrations.net
2 player.avplayer.com d2nr2jos5slco1.cloudfront.net
holdtoreset.com
2 secure.gravatar.com holdtoreset.com
2 d2nr2jos5slco1.cloudfront.net holdtoreset.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 b1sync.zemanta.com 1 redirects
1 cm.adgrx.com ssum-sec.casalemedia.com
1 um.simpli.fi 1 redirects
1 sync.mathtag.com 1 redirects
1 match.prod.bidr.io ssum-sec.casalemedia.com
1 ad.turn.com 1 redirects
1 ad-cdn.technoratimedia.com holdtoreset.com
1 eb2.3lift.com holdtoreset.com
1 id.crwdcntrl.net ads.pubmatic.com
1 api.rlcdn.com ads.pubmatic.com
1 lexicon.33across.com ads.pubmatic.com
1 cdn.contentspread.net hal900026.redintelligence.net
1 ajax.googleapis.com hal900026.redintelligence.net
1 p.rfihub.com 1 redirects
1 secure.adnxs.com 1 redirects
1 hal9000.redintelligence.net holdtoreset.com
1 cdn.aralego.net player.aniview.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 px.ads.linkedin.com
1 btlr.sharethrough.com player.aniview.com
1 hb.aralego.com player.aniview.com
1 web.hb.ad.cpe.dotomi.com player.aniview.com
1 bidder.criteo.com player.aniview.com
1 hb.yellowblue.io player.aniview.com
1 insticator-d.openx.net player.aniview.com
1 s2s.aniview.com player.aniview.com
1 sync.technoratimedia.com player.aniview.com
1 ads.pubmatic.com player.aniview.com
1 www.google.nl holdtoreset.com
1 stats.g.doubleclick.net www.google-analytics.com
1 go1.aniview.com player.aniview.com
1 imasdk.googleapis.com player.aniview.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 region1.google-analytics.com www.googletagmanager.com
1 okodigital-d.openx.net holdtoreset.com
1 a.teads.tv holdtoreset.com
1 tlx.3lift.com holdtoreset.com
1 apex.go.sonobi.com holdtoreset.com
1 fastlane.rubiconproject.com holdtoreset.com
1 embedproduction.s3.amazonaws.com holdtoreset.com
1 get.s-onetag.com d2f0uviei09pxb.cloudfront.net
1 df80k0z3fi8zg.cloudfront.net d2f0uviei09pxb.cloudfront.net
1 geoip.insticator.com d2f0uviei09pxb.cloudfront.net
1 d2f0uviei09pxb.cloudfront.net holdtoreset.com
359 128
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-23 -
2023-12-24		 a year crt.sh
outstreamedia.com
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
*.aniview.com
Amazon		 2022-12-06 -
2024-01-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2022-07-27 -
2023-08-26		 a year crt.sh
*.s-onetag.com
Amazon		 2022-12-04 -
2024-01-02		 a year crt.sh
*.confiant-integrations.net
E1		 2022-11-24 -
2023-02-22		 3 months crt.sh
*.instiengage.com
Sectigo RSA Organization Validation Secure Server CA		 2022-05-24 -
2023-05-24		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2022-09-21 -
2023-08-26		 a year crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA		 2022-07-13 -
2023-08-11		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2022-11-11 -
2023-02-09		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.a-mo.net
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
hb.minutemedia-prebid.com
Amazon		 2022-02-03 -
2023-03-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
*.yellowblue.io
Amazon		 2022-04-23 -
2023-05-22		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-05-31 -
2023-07-02		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2022-12-02 -
2023-03-02		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-07 -
2023-03-12		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-14 -
2023-01-13		 3 months crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2022-04-10 -
2023-04-26		 a year crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-19 -
2023-03-24		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-01 -
2023-02-04		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
redintelligence.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
contentspread.net
R3		 2022-12-14 -
2023-03-14		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2022-10-24 -
2023-01-22		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh

This page contains 53 frames:

Primary Page: https://holdtoreset.com/nba-2k23-locker-codes/
Frame ID: 1C4408F373538505098EC3174AF232DA
Requests: 148 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: 96CB55072F65A02A97C38301FD7158EB
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Frame ID: 6F9E5FEE65CECB3E923B68E5560B4DF4
Requests: 12 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=holdtoreset.com
Frame ID: DAF5BE99B9CF9EBC81D5EE0BC57CEE08
Requests: 1 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=holdtoreset.com
Frame ID: 99638F1B7B4FC0D1AC80DACABBDBB8F0
Requests: 3 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=holdtoreset.com
Frame ID: 5697B206496A679E4EB38CC048AD1FF0
Requests: 1 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=holdtoreset.com
Frame ID: 35063FEFDCE49E4595BEA5E7D8642560
Requests: 3 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=728x90&siteURL=holdtoreset.com
Frame ID: BAAFD60908F778E5BE7AA78B36BED55F
Requests: 1 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=728x90&siteURL=holdtoreset.com
Frame ID: 8F28DC7547697E1D6586B0DDDDF6FB69
Requests: 3 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x600&siteURL=holdtoreset.com
Frame ID: E2BC5ED3412FB1B90F319D8BE9A1AB10
Requests: 1 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x600&siteURL=holdtoreset.com
Frame ID: C77FDC28CE1E9B82D29EA1022A52B826
Requests: 3 HTTP requests in this frame

Frame: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4FDFF07FE90495677BAC570ADCE738A6
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1671573163124-950045864517-007216-003-008701&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671573163124-950045864517-007216-003-008701%26biddername%3D3%26key%3D%5BUSER_ID%5D
Frame ID: 884BBB523D5DCEC35B28141E1521DE22
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1671573163124-950045864517-007216-003-008701&biddername=155&pid=5d8ccec528a0617cae5a0755&key=INSTUID
Frame ID: BA52B5AB09AA8F6361D222F5A766DD55
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1671573163124-950045864517-007216-003-008701&biddername=105&pid=5d8ccec528a0617cae5a0755&key=3b505f93-2cc3-41bc-80c1-25341c07d64d&gdpr=1&gdpr_consent=&us_privacy=
Frame ID: 33913EA1B7C1589A58125429494F445B
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: 053A84051F33A740702465D3A01D6D19
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00001rrPUnAAM&us_privacy=1---&ru=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671573163124-950045864517-007216-003-008701%26biddername%3D104%26pid%3D5d8ccec528a0617cae5a0755%26key%3D33XUSERID33X
Frame ID: FDDD4FD42CDED2D0597271E5928BCCDB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
Frame ID: E1C5D5F345D37C43AEAAA1478581212E
Requests: 10 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671573163124-950045864517-007216-003-008701%26biddername%3D18%26key%3D%24UID
Frame ID: F2DDBB03438B3CE9911F309CF56D421B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CDCAF0A4A3842884849C14AE7CDAF36B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 282C0326010F19C1DE266DF218D979E4
Requests: 2 HTTP requests in this frame

Frame: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 37D87E77F652F0AE6CFA7D9DB1D3CBE8
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=holdtoreset.com
Frame ID: FC30F1A64F3D028C29415B7FABD05E35
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA&u=%7C5SmpTJBaS6heQT1VNn4lJXf5wkwPoJkzvmIitlb%2BWHU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTqGB52-m_f3Zk99PJzF_uGqte41jayckPb0Z7K2Lr0N_2OBBOs_5CoLi0jxKcAjXX38qr96O-2zsR9iJbQkAkRc3c6dIrx2-N70VEKnzLnFZrEJC85A7STMhTpSKmjjt3rYmeX24Tpr7NvphedfakfPN2JG4KgkQ-zcX7UKho1QJP2KgCnmUPLkgzcbtzbbiIFC1fgI_9VWIk_U0WWtW1r2AHhKAHI12OTv6flWn8PlCtdComoITpVyNnYQi54lz_SqXr2eAqZEtq-7wsBDKBnwPVpwDdIpdxCtvZYEhFginyqNLwc0jnU8ctRvvEmKqq7vNBg6wsfK6_Ic2KQqqHQdK2Ce5P2j6YDnyN5u3USm0beIwF1i6OizmOIZnkdj1l3IdYZxk15W7GYX9EqmtVwO-dM5uky1lOTeieH16QcWiJWf92u-JBapF5mUqJdsBzebrhSIUPW1yGgXXqUNofW96lfyWZ3JieBxWjDe2xR8EUVQCIS7mKTGreJ-fTnVOD2lMe79FgOSk3nbenrodxQN4W1gwM4w0Esg51Q3W4WaKKyMVHhDM3yA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCny33qy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIwCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxZoChz19yFmzwYed7JnDY_50L1-WW1iEOeDNvm0-MV23HiocsC_6AhIduAEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2IBt0Q472KUo1Dk-FxNyigKlbyXQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Frame ID: 102B65191E4AD536ACD4CBA56B32D81D
Requests: 26 HTTP requests in this frame

Frame: https://video-ads.rubiconproject.com/video/bridge-31050.js
Frame ID: 37F52D1D1434B2975F76D9716FC23ADD
Requests: 1 HTTP requests in this frame

Frame: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FAB5F2B9FF4E24C7860AB18675AEA05C
Requests: 5 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 062F02AED5EEC650C0A9639761CAE2D5
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 742AE80045D8A783B043797764DE271E
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8D6657355D0ACC8142F86D7BD76CD39A
Requests: 2 HTTP requests in this frame

Frame: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2BE521E3147201B25F316E506A80CE5E
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiQrrvGATAB&v=APEucNUNc6tM2PVtEDcHn2XDDVP8gFZ3OEFm4INW4EqPK1wOj_FwHmHwcGTmsoF5SDGvIu_BFmzmCLANAm3wOdaa0ssK_5y_JPZV0M3vw4TBTvSzIIAZkU0O7jeETHuTW9aBg_dN_7x-Ow2zSfrwQEwSYixPDhyE_qkPM6RBFhDi4QYmS2Vt1JU
Frame ID: 8D54A4ECC2FD4E6D89A8E006DC13A9C9
Requests: 5 HTTP requests in this frame

Frame: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1E570A53D8255CAA155F79980913A5ED
Requests: 9 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 74FD5A8EBD94D5373B264525292D1E63
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: 8D16F3FEE047FF60796DD4924C9DD8FB
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CB391EF7AA1FCD80AEA4091E11B998A7
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 23D352008AB2258B944BD4DA2DFFEAEF
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IurAACm_4Iu-XDAAasfbcuP06Nhm39MnXJOg&u=%7COPrpa1iqH2ZxI59tfAWF4xNDZHlf2AyV2lcQsOp0R0g%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVcoTCBkKm8eoAVQZmKhBqJGVagvgQVKlPFFw5c7MH2G6am22hd-jUY6qqG8BXXPeCN9_N-7C4mlq7p5uTP4W8nYcEeIGmvGaGYAslue3IL08qUvymxyG2AvS9Qlxyykf2HseZ5spXMsXXZxvbRx9fHz3PPl-YSUJwt5BX3M88QrBeuqsdTs0v8htPJ-aqep-AaCvoza4IqpSrFOdz1lzuTjIhAqn_yxBczvYcyZw4gQvBoWevCVnTGJXx1LqGy6mqY4-SHBPvuY39DJK39Zk-sIbKWyBFvsGLZ7rTvLR0Pu67i-HIsyUGpn7hCJTxD4gldECRoTxOU-3j46QKA2Rf05j-zVgsbREgvRDJ9o8IMRfbP_kvjgtkPv-ne5SQLFaYVG5HY4iMoJWiYp7ZZt-syu8fjv20unitGuFfrob4hQcmTGlrYXIijf8ITxwVR92R0XEyvG9Lr-y4chmP5Qcn3nmoVPIfP54GXim2VaEBEJTC84TkSxITvF9VrtKVnAqsZ57WdUi9cS60G82CxejpxKGxyux5Y5Q-P4WQj1e96CEPsbIv0Ua-sY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG58trC6iY_63CsPL7_UP_diasArJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBI0CT9CcOX4bbr5YIpIAOMGvknU89DGxW6tWhAoKpR_BJmS_i88agB8_E5QQeVYsowBKAsODmqUPO3woLYNQQKvCEECAVeZHg4ZsldXIjMjnr1t5H8UARrX-48vpPZU-na3D_oXCR2F-vl2ELMPdTkJ9ad_IKPktsNRvaSEqsYgTEsYstBOO6l8AY3pxNYFwVUtcfIUqVhfOksKtlmg9nzkdwEonw8GIj3tpI-gLhfOvmLMQKvc5rYW68kys0kfmPiFLJMUOme_WsH0pSnoMYpAUvegfvdthTIGMuAOO6U5iuEFdmzCOpAlvq4okXiQr1hiRUIsfgtBBfueIWje9LX4Mz8ZtYbMyaqcs-xOr4GzgBAGABq3rsJv8mO_VmwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NTY0MTY2ODI5OTExNzQz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CIR_0w7zN8VMWxI_Ci_g9At4YzQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Frame ID: B2BB089C7872AC1949B3483172085C9D
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Frame ID: 2CA4CD860C80E60DE35EA702F2D683C8
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fholdtoreset.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: E9FC4622F6F2A878AF861BA899AB609A
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 271726E95517043A166B2DD511EE9944
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLjU46WXifwCFX9GkQUdyW0AeA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9769511143142.895
Frame ID: C17F03EF78D8590AA4D083A276860425
Requests: 2 HTTP requests in this frame

Frame: https://hal900026.redintelligence.net/request_content.php?s=39522900151741704444454012179026&a=bf1b0936
Frame ID: 7B2ABEEB5C840F2E18D53AB70A107270
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B612132EDCF347E4ADB33E997570C0EC
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 697B369104FE6A19DDCF4B382A69F2DE
Requests: 1 HTTP requests in this frame

Frame: https://sync.aralego.com/idSync/?ucf_nid=par-BE7E7ADB8D34EE2BF7BBD2899BB62A77&gdpr=0&redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fucfunnel%2F3bd2b988-9111-4986-b873-fc4758e2fbef%3Fuid%3DUCFUID
Frame ID: B46DEAED12CB9EA457059166FC0ADDBA
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F76E6DC0294D15DAB2D98A524D93BCFD
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cS_MBCmB8r7ikhrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined
Frame ID: BF5CAB1F25DC79513C604226BD25FCD5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0B1109D1C18A4230EF16B5B23508FB6C
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: D35958970DDBB921D57E7594ACC3E5B1
Requests: 1 HTTP requests in this frame

Frame: https://ex.ingage.tech/v1/sync/betweenx/3bd2b988-9111-4986-b873-fc4758e2fbef?uid=89120140-a736-5263-bab3-1b1ed91135b0
Frame ID: 280E7575C576C40AC277C0841BBA139E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Frame ID: F9F5D571D3A56A70E1CC7B5552C9657F
Requests: 4 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_6.29.0
Frame ID: A13EA28A70338211B2A34DDB821CC07C
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fholdtoreset.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 99F770304DCF27677C3836DA7E68B2A7
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NBA 2K23 Locker Codes – Hold To Reset

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

359
Requests

91 %
HTTPS

38 %
IPv6

68
Domains

128
Subdomains

104
IPs

13
Countries

6729 kB
Transfer

12326 kB
Size

65
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 122
  • https://ex.ingage.tech/v1/syncPage/aniview?to=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671573163124-950045864517-007216-003-008701%26biddername%3D155%26pid%3D5d8ccec528a0617cae5a0755%26key%3DINSTUID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1671573163124-950045864517-007216-003-008701&biddername=155&pid=5d8ccec528a0617cae5a0755&key=INSTUID
Request Chain 123
  • https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671573163124-950045864517-007216-003-008701%26biddername%3D105%26pid%3D5d8ccec528a0617cae5a0755%26key%3D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1671573163124-950045864517-007216-003-008701&biddername=105&pid=5d8ccec528a0617cae5a0755&key=3b505f93-2cc3-41bc-80c1-25341c07d64d&gdpr=1&gdpr_consent=&us_privacy=
Request Chain 126
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
Request Chain 175
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IXoixJ-qRkyYCyBlS_o7Hg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IXoixJ-qRkyYCyBlS_o7Hg
Request Chain 176
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/_gJZyehpXncr8_a1DJDXNA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-jbMwy6FE2oIUd19yDJID2mNKNp2wr8DsK.srXA--~A
Request Chain 177
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Nzk3ZjIwZTgzYWYwM2ViNzQzN2JhMzY3M2VkMmJhYzM5OGZmYjYyNQ
Request Chain 178
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJegg7mVpNzzxpkoF2WkmWs&google_cver=1
Request Chain 179
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBWRI2RY-1K-QTV
Request Chain 180
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJXUkkyUlktMUstUVRW
Request Chain 182
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=l56DvLkTRuWXHN8S4GsBew&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=l56DvLkTRuWXHN8S4GsBew
Request Chain 189
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F&rid=esp&cc=1
Request Chain 202
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=holdtoreset.com&sn=ChromeSyncframe&so=0&topUrl=holdtoreset.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=wNwzG3x1dTlsbDk3aHZGdTRkZzIzdzBhejVQL0JIbFp4MDlwdXhSbW9VZFAzaXlWNjZacmgxbmlBUnliSlV0MUJHdGhLczhPdEkrcVZ5NHJFRUdhQkdoWm5qaDRlbFN2aFFaVGRFOWV2Tis0bUMrSTN2RmVVajNMU3BVZjluTTJ5RWZHZVF3ZllPYXVpSUlOUWdMblhKdnRTeTMrSlNhTFNlWWdDSFNLeVdUc05aU0pyNmZCT3hTUW1NM0xnYTY5OVIxTkFWU2lITWZlVkpldkZaZU5VSjNKb0tJMmVMVlNlNFFsd3FPd29abkgycVcyTVlVcDVSNUNBbTBIcUJIcFl4QWR0V3hhSmxrOFBSSFRQc0tmUFAxbWNhbTl1dGRWclcvb09Zcko5NlFKRUFkWT18&cppv=2
Request Chain 253
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 254
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKfoFR0Z45woWypL2lvXxsI&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKfoFR0Z45woWypL2lvXxsI&google_cver=1&C=1
Request Chain 255
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y6IurOSakhxL-nrq6D4RewAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKfoFR0Z45woWypL2lvXxsI&google_cver=1
Request Chain 256
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDybdSTyEinWMdwCyQzSmS8&google_cver=1
Request Chain 257
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk5MDYzODYxOTMwNDU4NDMzNw%3D%3D
Request Chain 288
  • https://hal900026.redintelligence.net/request.php?zone=gjjhz7cdztxo&nw=20&renderingType=javascript&namespace=3b5b830b08&subid=&uid=b6dc39e3b02c85e6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-7knqy6iY5qMOo3-7_UPssWfyArM-Yagaeu7x__3D_AuEAEgsMjAIWCRBMgBCakCfVfsGzTOsT6oAwGqBPIBT9BH8xO2CijPTvpgtxVCwwH6nOmcCl7JBXe72aXkxp2iZz_d7TxzMa2lkBwxo481Az1_oqHnfPk42PD5UlwoVMM6nDKfnRm2t8le-89oyF2qM4mNIFdB3A0iUDdg-zRFNIMdxhqozZWRtQICue-Zh4gKnh9bx1awIzfdU8u6GRcYATil_RMC1ASPc_uoj0O-byIfWqQ5apSynfAxqQRfvFRVkbmAzzU8zPfikvNb5yRbf0Q2F3aWYc40F6z0V3vs4GOApnfuuB03ssEUEcolXwikk-iVYZ8F4E8PJVLKDhbOssjuzaq9R_ZbSMg14pNJFWLABOrrzKPkA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi02NTY0MTY2ODI5OTExNzQzgAoDmAsByAsBgAwBsBPgm80O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPwDq26N9E-h_-GY6O7uj9FDSJueRzMKZ0ia6fREoxuJ1KCJCIPryOXebFw96-6lakQ2ce0VnXIyvdkomdh-7NhgBIBM%26sig%3DAOD64_3c4Z6u0zTOHwK1S2xToMv5-p1AVw%26client%3Dca-pub-2697679518515886%26dbm_c%3DAKAmf-BRLk8FqdGHA8eBXfoLAbHb-IXPSOYx8kSJx-4sF2OCpCll6WaJpGTElccf0VhcYUjagCeLZbBafyEkQ3mRz_DQCGDsClSB_DKInlpqMuq64KUsBhVLf8uH8DmAZuvQsWgLjnTRKU2vLjyjSsByf3U69kpMP5ZpZBHzE4VY6ybHsYaMrFU%26cry%3D1%26dbm_d%3DAKAmf-DuU0f4UVLI10Jx-kfwd8nCKq2TZMw8YUXuamaVLDm4_4GXE-VtO4whBTcQGldc8xOhckwuLpT4nZshxOMYy14H1M5LiO1W_191dWzeDS0Ckc-br9opsM56V-BM5aYx__yyoGDw4lNmZfYZxkdHO1EKuju8ArUE924xaYPZdGoexZe9XHbrJL8ShPMH93JLlH-xsbRoTzw4V4K9GKck2wYSi6FIgOXPyWuIbYGelQvVTKZHaxXocVuvjVxR-KGEaItPPfjRxssG4jdgQYDrVuavBZfboCxsG6vLOunWGq8zDylmBneuchoyocsscq3rmmAUJbh84ompDdLkBkzaBt6HMs4hnVi8R0C30h_35DtGH6wgJ1R85an6F06dhk3SUdBRezBtl9Xg1WYijACyvaoAPF6x4ewfaqetWbilFvLzPlMsrYwP2mWCunJBWBPPJdxs9hWcCkwdBlcx_P7ETgaFraFbVXhzZjk6uT64-PPyrjBOeHap1_6darvtkTykSSID6HO1Ye2REAC4p_Mlh7HjGofCKmy4uVMtnK81e9ABoG9W01PQ_05H8KvJ0QD-zClIea4i%26adurl%3D&documentReferer=https%3A%2F%2Fholdtoreset.com%2F&ancestorOrigins=https%3A%2F%2Fholdtoreset.com&random=6995985741532&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
  • https://hal900026.redintelligence.net/request.php?zone=gjjhz7cdztxo&nw=20&renderingType=javascript&namespace=3b5b830b08&subid=&uid=b6dc39e3b02c85e6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-7knqy6iY5qMOo3-7_UPssWfyArM-Yagaeu7x__3D_AuEAEgsMjAIWCRBMgBCakCfVfsGzTOsT6oAwGqBPIBT9BH8xO2CijPTvpgtxVCwwH6nOmcCl7JBXe72aXkxp2iZz_d7TxzMa2lkBwxo481Az1_oqHnfPk42PD5UlwoVMM6nDKfnRm2t8le-89oyF2qM4mNIFdB3A0iUDdg-zRFNIMdxhqozZWRtQICue-Zh4gKnh9bx1awIzfdU8u6GRcYATil_RMC1ASPc_uoj0O-byIfWqQ5apSynfAxqQRfvFRVkbmAzzU8zPfikvNb5yRbf0Q2F3aWYc40F6z0V3vs4GOApnfuuB03ssEUEcolXwikk-iVYZ8F4E8PJVLKDhbOssjuzaq9R_ZbSMg14pNJFWLABOrrzKPkA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi02NTY0MTY2ODI5OTExNzQzgAoDmAsByAsBgAwBsBPgm80O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPwDq26N9E-h_-GY6O7uj9FDSJueRzMKZ0ia6fREoxuJ1KCJCIPryOXebFw96-6lakQ2ce0VnXIyvdkomdh-7NhgBIBM%26sig%3DAOD64_3c4Z6u0zTOHwK1S2xToMv5-p1AVw%26client%3Dca-pub-2697679518515886%26dbm_c%3DAKAmf-BRLk8FqdGHA8eBXfoLAbHb-IXPSOYx8kSJx-4sF2OCpCll6WaJpGTElccf0VhcYUjagCeLZbBafyEkQ3mRz_DQCGDsClSB_DKInlpqMuq64KUsBhVLf8uH8DmAZuvQsWgLjnTRKU2vLjyjSsByf3U69kpMP5ZpZBHzE4VY6ybHsYaMrFU%26cry%3D1%26dbm_d%3DAKAmf-DuU0f4UVLI10Jx-kfwd8nCKq2TZMw8YUXuamaVLDm4_4GXE-VtO4whBTcQGldc8xOhckwuLpT4nZshxOMYy14H1M5LiO1W_191dWzeDS0Ckc-br9opsM56V-BM5aYx__yyoGDw4lNmZfYZxkdHO1EKuju8ArUE924xaYPZdGoexZe9XHbrJL8ShPMH93JLlH-xsbRoTzw4V4K9GKck2wYSi6FIgOXPyWuIbYGelQvVTKZHaxXocVuvjVxR-KGEaItPPfjRxssG4jdgQYDrVuavBZfboCxsG6vLOunWGq8zDylmBneuchoyocsscq3rmmAUJbh84ompDdLkBkzaBt6HMs4hnVi8R0C30h_35DtGH6wgJ1R85an6F06dhk3SUdBRezBtl9Xg1WYijACyvaoAPF6x4ewfaqetWbilFvLzPlMsrYwP2mWCunJBWBPPJdxs9hWcCkwdBlcx_P7ETgaFraFbVXhzZjk6uT64-PPyrjBOeHap1_6darvtkTykSSID6HO1Ye2REAC4p_Mlh7HjGofCKmy4uVMtnK81e9ABoG9W01PQ_05H8KvJ0QD-zClIea4i%26adurl%3D&documentReferer=https%3A%2F%2Fholdtoreset.com%2F&ancestorOrigins=https%3A%2F%2Fholdtoreset.com&random=6995985741532&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Request Chain 301
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6IurOSakhxL_nrq6D4RewAADJAAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJdHwiHkPtiJRHSqJbdZ42I&google_cver=1
Request Chain 304
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5990638619304584337
Request Chain 305
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6IurOSakhxL_nrq6D4RewAADJAAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6IurOSakhxL_nrq6D4RewAADJAAAAAB
Request Chain 306
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559725568131227
Request Chain 307
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=18ZdZlJq1P7Kxu5
Request Chain 308
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 312
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9769511143142.895 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CLjU46WXifwCFX9GkQUdyW0AeA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9769511143142.895
Request Chain 323
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fholdtoreset.com%2F&domain=holdtoreset.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=6_oh63xqTlBQZHphRlpjQmtpdFNYdWJtbXhvdHA4RlpWdzUxRXlLYU1lREE1cXBnUTZiZy93Mmt3b2VrM0lYMHFLZEVkZXNCOEdvVDFPL3VPRnZxWHlkOW0xYk1XNHhDZjFyeDU5NlA3WmxlaFFGRThHanc0NVdzMFZDVVFtWlYzckRnbk5WWURteWMrRUE5TE1LYmVQR0J2WVhmczUzU2NwdEN4cmd1elNWeTZPRElUekZtdUw5QlZDWTFoM0hVREtiR2dIWUthWDAzZkhmM3JTUEhMY2hvOFZUNE1RY2psdldpT3JQN0dlUEtMSkFDdVBRMXlQMlB1VGlVam00UTJXM3dzend4ZHF4MDNVUkdKN09aYUxxZ0x2QT09fA&cppv=2
Request Chain 340
  • https://ads.betweendigital.com/match?bidder_id=43907&gdpr=0&callback_url=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fbetweenx%2F3bd2b988-9111-4986-b873-fc4758e2fbef%3Fuid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43907&gdpr=0&callback_url=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fbetweenx%2F3bd2b988-9111-4986-b873-fc4758e2fbef%3Fuid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://ex.ingage.tech/v1/sync/betweenx/3bd2b988-9111-4986-b873-fc4758e2fbef?uid=89120140-a736-5263-bab3-1b1ed91135b0
Request Chain 347
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3900186492792356753
Request Chain 349
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=414663a2-2eae-4500-a108-bd0b5e1ce5c1
Request Chain 350
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3124465297036076095&expiration=1672782765
Request Chain 351
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=1EF0D74A73FA4717A847B76AC604BBDD
Request Chain 353
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 355
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator HTTP 301
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator

359 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
holdtoreset.com/nba-2k23-locker-codes/ 		96 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.13
Resource Hash
57b609b4cb4abf45feef12a5299bd7dbf2d6cd869094aa2e4495bce85c18e441

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
https://cdn.holdtoreset.com https://holdtoreset.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77cb9b3ccd7b9bb6-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 20 Dec 2022 21:52:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5L6fhzw%2FJ5GZqXQS6D1nT8%2BeuCDFEAVfoDRaX%2Bq2vmSWxDYjXR%2Fu%2Fge34qWwcwmJ9PPn%2FMyQm435%2FMRcXb%2FZQx7VZue9Q0XvYbngl2cK9YDzZ5kyeediNrRsgXtX%2BLwL7O7EagA41AdmW2zMdY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.2.13
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700&subset=latin-ext&display=swap
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7e44d592889d9f5915ae6254f0a68a71196a5bc2540db9620b81effd976eba5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Dec 2022 21:52:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Dec 2022 20:47:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Dec 2022 21:52:41 GMT
style.min.css
holdtoreset.com/wp-includes/css/dist/block-library/ 		93 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/nba-2k23-locker-codes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:41 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 15 Nov 2022 21:18:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6374022a-172a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r3C5OlQAdMrTikqy%2BAVPrZOjb87B7hwwkg9Gi52TrbI0ihVd4ZFvZ%2B7i0ZMR2J%2BOmtvA%2FWnIjBjtfmk50D%2FWKmmgkA5pq%2B%2F9N2mY42%2BHnOjyzb77X%2FmOQtRlH3tfEDkFVPV9oKmTxrU00HI%2Bjnk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
77cb9b4219119bb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
classic-themes.min.css
holdtoreset.com/wp-includes/css/ 		217 B
524 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-includes/css/classic-themes.min.css
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/nba-2k23-locker-codes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:41 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 07 Nov 2022 22:19:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6369846f-d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0W7GLg6DMPo6XEi4zJfWM9wD5IyIHRVY6CvJU6an6TLmngIq%2Fn%2B8LdDop9HJinS0G0Lnmoc3MdmWYeCOGHA8QpNPW56JT%2B7bbJIbFIKKy2e%2BW5Ga%2F7RDCOgQZrMGyUvhOcULivCOH8AzOkcR3s%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
77cb9b4219169bb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ai-aos.css
holdtoreset.com/wp-content/cache/min/1/wp-content/plugins/ad-inserter-pro/includes/aos/ 		32 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-content/cache/min/1/wp-content/plugins/ad-inserter-pro/includes/aos/ai-aos.css?ver=1671559755
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7cab4493bc1ff75fa363ddbde019fb2518088299dc626f99c3f16f8c037eed2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/nba-2k23-locker-codes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Dec 2022 18:09:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5593
etag
W/"63a1fa4b-8173"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jppeFIi5P%2FQfYyFcKN7Fv0LL729GARTIaW%2Fu%2FDWTE27qASPlbwElmYI9tnuQjhW6Hklxt1ILHzMi8BCd455jgBi%2BI%2Fq9bU6w69OEDL1b91Wl%2BL49zFLFQ%2BrXj60JISjKhw4v2tPT%2Fx4tmgGsKXU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
77cb9b4219189bb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
admin-bar.css
holdtoreset.com/wp-content/cache/min/1/wp-content/plugins/anti-spam/assets/css/ 		1 KB
712 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-content/cache/min/1/wp-content/plugins/anti-spam/assets/css/admin-bar.css?ver=1671559755
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04fe2272736e39ca3e66c23f630e44e7ed2f8d94bf06bcb4b72a47059f0e38f4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/nba-2k23-locker-codes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Dec 2022 18:09:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5593
etag
W/"63a1fa4b-436"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcZQNi56JVbqdJfDkw3aZM6e3gb1tLjbp4TfmBWSOooEQM3SvU936bh7RcWAHXgl4vRprNziWta2aGBnbx7hY4lIPKgbUaL2W1UFYuhZWzln2%2FOpxWsAL8pGVvqtjCj1l%2FHRbZXyPBj1hkxXwRY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
77cb9b42191a9bb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
swipebox.min.css
holdtoreset.com/wp-content/plugins/responsive-lightbox/assets/swipebox/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-content/plugins/responsive-lightbox/assets/swipebox/swipebox.min.css
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d49c9ad378618e0a0eb8e6fca04c13f6005e13badf79e0c977d76d851f7aa60a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/nba-2k23-locker-codes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:41 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 15 Dec 2022 00:29:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"639a6a76-113b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8FkrBRdM8rbvkuM1YzBWaqErWzGWeQ7%2BLeVzTRLjN9kfy8nSG4T8vQAO6AQLJpqhI9uyU9VXtcFwc1X0na6QK27%2FOOZYYjO1Jfoe9F1K0NtvZyigEyWzRbSvHf%2FOyjbRmh5De1bo%2BzR2iSBDGg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
77cb9b42191b9bb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
holdtoreset.com/wp-content/cache/min/1/wp-content/themes/childthemehuemen/ 		2 KB
862 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-content/cache/min/1/wp-content/themes/childthemehuemen/style.css?ver=1671559755
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e9e4955b68eb7f76303c6915409683827b32c6a18290cccaa35f3594ba917b2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/nba-2k23-locker-codes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Dec 2022 18:09:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5593
etag
W/"63a1fa4b-916"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVVTrOJnmoDsZsYqQccRB2BnqWUNYjV4fY7o3m3mYivzi3dUSAnoEwmyv9waZbmfRZa%2B3IPhSSUqpb3FF2ISKSK7%2BsxzfTGiY%2F6%2B3SsDST9tWtFz4%2FqfEBpjSd4miFrWgtER4gu3llthOX2p6ck%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
77cb9b42191c9bb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
main.min.css
holdtoreset.com/wp-content/themes/hueman/assets/front/css/ 		92 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-content/themes/hueman/assets/front/css/main.min.css
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d39b765a83700d723062c2030cad7c7358d7e6305c11b64b81fd4381a75da5ae

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/nba-2k23-locker-codes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:41 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 14 Sep 2022 20:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63223b4c-17060"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yG%2BsXRo%2BpxBAxdZ938XZ3Ve1C6a8jJzvcnY0Rmo1yplUCflOBITfEK2JJ89Eh%2B5dGw3ki5CuhuPcl0khyiYRdnHLkHRF8rBq5nue4d6hfgtNEx6E19Am6%2F9hJmSCqQy4LbsYl8hn7FJ7c60ZZAo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
77cb9b42191d9bb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
holdtoreset.com/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-includes/js/jquery/jquery.min.js
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/nba-2k23-locker-codes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 07 Nov 2022 22:19:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7026
etag
W/"6369846f-15e54"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lv84vwNvbhaI92wai1omxCzJ0PbisXXAfn4BWwbT4UxsoI64mwkDy6TN59bB1qF35beVS6uyQS5lM7WVDfpM8%2BPcADg2G1uBiE8rmfeCbvlai4FViZ8H3fqRn1BMsmMgm1%2FdMJDRJj6p6Kk3YcM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
https://cdn.holdtoreset.com https://holdtoreset.com
cache-control
max-age=14400
cf-ray
77cb9b466f1d9b71-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-migrate.min.js
holdtoreset.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/nba-2k23-locker-codes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 26 Mar 2021 21:04:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7027
etag
W/"605e4c6b-2bd8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7J4V9ba6RM1kMuRom07wSwUeXxhAQG%2BOypXDG%2F7XbOETPCDZ%2BiY8nfHt30J8Sp2QyUSa5Z%2F%2FxrhD1L9az2R1ubC8dBQh6V9PLQ6OvefF%2BBbbsNaMLVwHq6Yk6aK14RGBy8iFJuGFck2VgpYWbOs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
https://cdn.holdtoreset.com https://holdtoreset.com
cache-control
max-age=14400
cf-ray
77cb9b467f3c9b71-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ai-jquery.js
holdtoreset.com/wp-content/cache/min/1/wp-content/plugins/ad-inserter-pro/includes/js/ 		11 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-content/cache/min/1/wp-content/plugins/ad-inserter-pro/includes/js/ai-jquery.js?ver=1671559755
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f496aaad6178532142bcfd5e0a741579c7af17ed88d20b12b831b6a2d3eecdb7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/nba-2k23-locker-codes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5594
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11
last-modified
Tue, 20 Dec 2022 18:09:15 GMT
server
cloudflare
etag
"63a1fa4b-b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBZqFs9RpMDusF1VlHgWurqvrs1eJvoa5b3Il2r0qPZ3JksiupQbvq41opWGnBy6eQJUUmdNdEQGTXSqkG7iA41DfU8Xsha1xyupPRGNn6feiCQF4lS3CChROGU3fMlnPOnLf0h80Md5V4HtfrE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
https://cdn.holdtoreset.com https://holdtoreset.com
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77cb9b467f489b71-FRA
jquery.swipebox.min.js
holdtoreset.com/wp-content/plugins/responsive-lightbox/assets/swipebox/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b875bead01dfa1b02a553e8efda0f3a65d39da24f19ad37af95f06795eee76dc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/nba-2k23-locker-codes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Dec 2022 00:29:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7027
etag
W/"639a6a76-32da"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zG4zwp0Q97NjaTBeaws5s3w8VAyZJzZa2KmwLaEtQpaJ9KZXHDnEID37bfeKHGkn9D38LlQrI8ygW%2Bx8kwnKZghBugqAvHTycYtLiMFZA82eq2XpfwUekbU1mxgj6MirWqVsOmpXj7smlyXcEg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
https://cdn.holdtoreset.com https://holdtoreset.com
cache-control
max-age=14400
cf-ray
77cb9b467f4b9b71-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
underscore.min.js
holdtoreset.com/wp-includes/js/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-includes/js/underscore.min.js
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/nba-2k23-locker-codes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 07 Nov 2022 22:19:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7027
etag
W/"6369846f-4991"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCqOhRo5kh3UguTg%2BoiNvCBWg1t4VfnPYIGT0E3dKbVzDI41%2BUYTZqptjb0liAxqlaqaSi7jLznv1ewun3xbxr9ZkYtjF1MsVwedk6f7NvgVrugmPFNjM8LMutdreFdPgeT0c7%2BBV8rOu0oI8vc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
https://cdn.holdtoreset.com https://holdtoreset.com
cache-control
max-age=14400
cf-ray
77cb9b467f4d9b71-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
infinite-scroll.pkgd.min.js
holdtoreset.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
095834cc86bd018fdb4a9e31c99f9f96904b819be2b9dc16b3390383288d4d90

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/nba-2k23-locker-codes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Dec 2022 00:29:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7027
etag
W/"639a6a76-581b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iBToT%2B9P8W%2F6642YIqLq0xW4YC7%2BAvFo4LgJOha24uYMkvP7iwfK8Gp4cQdX0afuF6CHPt%2B5gTD66OyeTXvLo%2Buq651ybd2bxg1hDYSfVeCaFRQROczKwaHsO%2BvOWrZolCW0zens3Pty8c5%2FLLc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
https://cdn.holdtoreset.com https://holdtoreset.com
cache-control
max-age=14400
cf-ray
77cb9b467f519b71-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
front.js
holdtoreset.com/wp-content/cache/min/1/wp-content/plugins/responsive-lightbox/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-content/cache/min/1/wp-content/plugins/responsive-lightbox/js/front.js?ver=1671559755
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8334dc904cb6607715458fae8da83ab377335280db0e0dd239c4f76e47cb8eee

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/nba-2k23-locker-codes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Dec 2022 18:09:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5594
etag
W/"63a1fa4b-4585"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X55OMvm%2BMDyfAhKrzNxvW%2FMUiG7nk1GNRNGE7CCjUzh9dNqJVM2MuDZkffoqMIJt72pQgaaxRaCJnGTcOGY2lAvwuHLKMNrllM%2BXsX7R%2BLk1Z3QmlWDbT5NHzz5P7SkVyL1BNoVfqi8tx%2BrKPss%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
https://cdn.holdtoreset.com https://holdtoreset.com
cache-control
max-age=14400
cf-ray
77cb9b467f559b71-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mobile-detect.min.js
holdtoreset.com/wp-content/themes/hueman/assets/front/js/libs/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-content/themes/hueman/assets/front/js/libs/mobile-detect.min.js
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6df968e65ed4801aeaf8c0633eeeea07d7639f9048302b29d87359730e76c869

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/nba-2k23-locker-codes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Sep 2022 20:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7027
etag
W/"63223b4c-9820"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Mvwyx%2FQRH4JtQLnkAw6JMC0AqrwkF1Kik5mXswbM8RHWdDVFjLUoGfkWopvTfEhsUiL4yBOLNMwE5WEm2dOsuiWhrm3L1HBtnbebgZTeXrm1say8qPwMT2R7bePzc1b0a1%2FJLuZnuGzsv9lIZo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
https://cdn.holdtoreset.com https://holdtoreset.com
cache-control
max-age=14400
cf-ray
77cb9b467f589b71-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fa-brands-400.woff2
holdtoreset.com/wp-content/themes/hueman/assets/front/webfonts/ 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-content/themes/hueman/assets/front/webfonts/fa-brands-400.woff2?v=5.15.2
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
529d0a7b3944929222155bca3272ba1a87acc2faa09b2ed26a713872b7ff8794

Request headers

Referer
https://holdtoreset.com/nba-2k23-locker-codes/
Origin
https://holdtoreset.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:41 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 14 Sep 2022 20:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63223b4c-13288"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QRLDuFBxY3bsrLcJsP5MiL3cWfU9bEcmSMe8e6qdkvLmRPYAHt0N8ijkl0Z0dpTDCiPM4vjraTC%2B5IX%2BdVXz%2BcxK2EuFQK3ED4iGY9rg%2FI59GLhn0OU8OJnTNhqiPRiZOCqx45UMe%2FXRjJk2xUQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77cb9b42191e9bb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78472
fa-regular-400.woff2
holdtoreset.com/wp-content/themes/hueman/assets/front/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-content/themes/hueman/assets/front/webfonts/fa-regular-400.woff2?v=5.15.2
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61

Request headers

Referer
https://holdtoreset.com/nba-2k23-locker-codes/
Origin
https://holdtoreset.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:41 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 14 Sep 2022 20:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63223b4c-3514"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yaW6fEymvnRDnIWiW4h9IVui1E0o4kui%2FKG26d0LpmZyKsbWMsXUp5smZNPrFwxLJW1DIkmcvo1MyJ7ZkLOYd1MweLwUKQFpLwPwZCyWpdSdRqcvFjVepvUprKtus9JtwPytko5fkZnUkfcsoQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77cb9b4219219bb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13588
fa-solid-900.woff2
holdtoreset.com/wp-content/themes/hueman/assets/front/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-content/themes/hueman/assets/front/webfonts/fa-solid-900.woff2?v=5.15.2
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2

Request headers

Referer
https://holdtoreset.com/nba-2k23-locker-codes/
Origin
https://holdtoreset.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:41 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 14 Sep 2022 20:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63223b4c-1397c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJIIR2t%2F9%2BKv4YZ8S6nDXCSP%2ByHC2GjRygV1vgguvYGqKWuNkpsHrpeVE%2FPw%2BXW5tCdl%2BNNAkGH28uYpmw79GKy1PVsnjLjvAWsHwybOUGErYcpQhvEuvdxgZ73JicCQkxyPOvSSO2CvYqMaMFM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77cb9b4219239bb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80252
gpt.js
holdtoreset.com/wp-content/cache/min/1/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-content/cache/min/1/tag/js/gpt.js?ver=1671559755
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6196398d56db0643b253b6117f1901bff2fda3bf2364432b0c87db0142fe59c1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/nba-2k23-locker-codes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Dec 2022 18:09:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5594
etag
W/"63a1fa4b-142fa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRVmgvim8ncrCl66HEllXNsiqyP%2FIFHLz4KvkRcrAT7ra7kvurfBAuCzwpujFt%2BGgbFjp1hWPqEwT%2B6bCvHpeZqg5GzPkVqvn9X78uOfjowofa%2BL7z%2Bc4e6%2ByTqhW5vnixIvC5uoZUkWb2jgclU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
https://cdn.holdtoreset.com https://holdtoreset.com
cache-control
max-age=14400
cf-ray
77cb9b467f5a9b71-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1e57d553-2491-4060-9445-311910c2acb4.js
holdtoreset.com/wp-content/cache/min/1/files/instibid/ 		323 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d7e13126c244d70c1e555c51a7db39b55fecf487697710c1841b951bdb5f707

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/nba-2k23-locker-codes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Dec 2022 18:09:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5594
etag
W/"63a1fa4c-50aae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikmMEShV689BaKN0QMEQCizfXXdnvZ34n%2BBch1aGP22cXUfdXGVOjQLv46sGib6JsajCFclFZQTs%2F40cDVFHftVjFqV7CEg92pOKtAbi2dstCtFGCHUbZP4BVreVWf2Yl4oCseQiG2SJecAVDbY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
https://cdn.holdtoreset.com https://holdtoreset.com
cache-control
max-age=14400
cf-ray
77cb9b467f609b71-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-72398024-1
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4eff82ad6b195383f313cffdc9d03367fc1e2312989f3dbe5b3bef673e949614
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43618
x-xss-protection
0
last-modified
Tue, 20 Dec 2022 21:17:12 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 20 Dec 2022 21:52:42 GMT
js
www.googletagmanager.com/gtag/ 		215 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FPFFZVF5SC
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8dff9242236a8556ee505f407ad4e5da9495cb4780ef9b04fc0134eace60f6ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76777
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 20 Dec 2022 21:52:42 GMT
holdtoreset.com_instream_floating.js
d2nr2jos5slco1.cloudfront.net/aniview-script/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2nr2jos5slco1.cloudfront.net/aniview-script/holdtoreset.com_instream_floating.js
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:dc00:1:4a30:d840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a6fa05546489536c79111e39e330cf4c6faec07c1ae6e5144a3f51748251d72

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
Vth6XHVG8mS83WpNuj26ewfs8ohC9CXy
content-encoding
br
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
date
Mon, 19 Dec 2022 23:42:22 GMT
last-modified
Wed, 07 Dec 2022 14:26:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
79821
etag
W/"c4ca7df2c1a5b7ce8e9170948e3f9097"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
ITzZbnPEYfc1qY8avlbsORa66Z69blQCIylGhAHTdMRCuOdJIyhY-Q==
nba-2k23-locker-code-750x422.jpg
cdn.holdtoreset.com/wp-content/uploads/2022/09/09094110/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.holdtoreset.com/wp-content/uploads/2022/09/09094110/nba-2k23-locker-code-750x422.jpg
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aad375aec81dc3b7a06ba52fe740de3ee4a0edca4858e70945782b881e637d2b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CVQ3S82X86WG2J9C
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54301
x-amz-id-2
t1buhfgfJ2L76gD8mNbUgpU0oTfwbB35xdEG1y4NreZBX27IWcF4GHTUW6uemTnQRAScQNjvVGA=
last-modified
Fri, 09 Sep 2022 15:41:11 GMT
server
cloudflare
etag
"2884db36a014c868c81053c76779ef92"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hyfvK%2Bcn4qbqDkSaHdGAvRMn2Z8j%2Fx5YJHLFhkFUUIZOkhLYqG3noTUYkZ082VxQcNZH%2FOabPn3ZOC7hIQXuELfK7If9%2Bi6Tdc%2FRn7dqphrR%2FRG3Q7yAbh963l4gOHL8ZwK65lR3JCyf0KUgI8sQfgxs"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
77cb9b469ab29bb6-FRA
email-decode.min.js
holdtoreset.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/nba-2k23-locker-codes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Dec 2022 12:21:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6399bfb7-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WEk5Yd9IbrcRuFTddmfb7BkSWyiAoNyl7C94cuXFuQWfcTvI2ubsrjInQxtl6Qln2QlWCsXwOlZnqvfVm%2Bi1XTFDXBh%2F4Rq02ai%2BddZcKr3UENc7x2w67YTkrh3e2FQLRrJE2jTYaPYgf%2FCVwJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
77cb9b466f119b71-FRA
expires
Thu, 22 Dec 2022 21:52:41 GMT
aos.js
holdtoreset.com/wp-content/cache/min/1/wp-content/plugins/ad-inserter-pro/includes/aos/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-content/cache/min/1/wp-content/plugins/ad-inserter-pro/includes/aos/aos.js?ver=1671559756
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99ac91aa65f4009660b03f7c185e8745eb185fbc9e0053bf1ac2f81dc9b32966

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/nba-2k23-locker-codes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Dec 2022 18:09:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5594
etag
W/"63a1fa4c-3783"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZd2k5RWCwVlwAQY%2FiCxM6KJZJ5%2BzCUmrCgpj0ytSuywlwd3tHIiEsvcl4db1C03IeozRNvZh6OixGOaydZK6VwvyL1D6sArx3aUtp6dn9RNQmHE2ozWWvuUn3st7azhwh%2FaGnHd%2FI5otAFEJHk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
https://cdn.holdtoreset.com https://holdtoreset.com
cache-control
max-age=14400
cf-ray
77cb9b467f629b71-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
anti-spam.js
holdtoreset.com/wp-content/cache/min/1/wp-content/plugins/anti-spam/assets/js/ 		723 B
806 B 		Script
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-content/cache/min/1/wp-content/plugins/anti-spam/assets/js/anti-spam.js?ver=1671559756
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
289308e2bbb4f6730ae64f5e292f57e52feec7a1923eb49f91a86a3597aa4b2b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/nba-2k23-locker-codes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Dec 2022 18:09:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5594
etag
W/"63a1fa4c-2d3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ts%2FeifOhX5WB0syqLvcf%2Fk%2Fzu5MhyAM7l9oVrgg5j3y7NxtjTwUHol7eodhhJTtMs6ygf5o7V2Pp4LilzHmc78edQEE%2B1OrHCdsxCInimNRivCjzRdYHNRSbuTKxVe5OQrcJyz1JivYVtdcd4VA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
https://cdn.holdtoreset.com https://holdtoreset.com
cache-control
max-age=14400
cf-ray
77cb9b467f639b71-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hu-init.min.js
holdtoreset.com/wp-content/themes/hueman/assets/front/js/ 		641 B
873 B 		Script
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-content/themes/hueman/assets/front/js/hu-init.min.js
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d1714057127e8cd32d3d493eae000981b88d6b1906b4592b96f3776b4f077ba

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/nba-2k23-locker-codes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Sep 2022 20:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7027
etag
W/"63223b4c-281"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fp9EOpWApnam4U6vykKgb7bRF5OOYdKm7umoJ1AX9i4d9CTxaW3mX6MMm8C3ylKHQGbHQ6Et031GLydYJG4cwuzhYkVckDZ6FhMxbPLil88MhBUBNXfJaBeLr7x1yyh3pTaMSykQyK%2B5DYf1kYg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
https://cdn.holdtoreset.com https://holdtoreset.com
cache-control
max-age=14400
cf-ray
77cb9b467f689b71-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
comment-reply.min.js
holdtoreset.com/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-includes/js/comment-reply.min.js
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/nba-2k23-locker-codes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 May 2022 21:07:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6206
etag
W/"628e9a9a-ba5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKWRwK%2B0VgDN7vcNKrRnFA%2BEu1gtUjOQJvjhESKjJe66s0IFNqcuftVe4jHqJLJpELzWoUfOuTKL%2BGbZAlHPccUp6Fdxd7ST3CuFc4jXVSCa5OSJko2QIFhb4srVyPGI0aAFl3xzRYQAMS82tNg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
https://cdn.holdtoreset.com https://holdtoreset.com
cache-control
max-age=14400
cf-ray
77cb9b467f6b9b71-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1e57d553-2491-4060-9445-311910c2acb4.js
d2f0uviei09pxb.cloudfront.net/ads-code/ 		445 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2f0uviei09pxb.cloudfront.net/ads-code/1e57d553-2491-4060-9445-311910c2acb4.js
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:5a00:3:f434:dfc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75eba55d370b89931d3d2a5a12689c27170bc9ee565970d7b6be75d2fd0f491a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
Zvwo1QMHE.MdfY8byNKUGnLi8JtymXW6
content-encoding
br
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
date
Tue, 20 Dec 2022 21:52:42 GMT
last-modified
Tue, 20 Dec 2022 17:06:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
10
etag
W/"26670358d91be046f613f28bc2a9f0ab"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=60
x-amz-cf-id
4USsp6tYQmu9BHkBGgEdNjSgxooOL7y4MyMkEmqRxtVvpKTCBzdtqA==
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://holdtoreset.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 22:20:50 GMT
x-content-type-options
nosniff
age
430312
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 22:20:50 GMT
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://holdtoreset.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 08:32:21 GMT
x-content-type-options
nosniff
age
48021
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Dec 2023 08:32:21 GMT
holdtoreset-circles-logo-april-20.png
cdn.holdtoreset.com/wp-content/uploads/2022/04/19123233/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.holdtoreset.com/wp-content/uploads/2022/04/19123233/holdtoreset-circles-logo-april-20.png
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70293a9596d24be8780039a1118cf8fe4efc32534e1f8feabf3ea5711190d2bb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
S95VN0HP5VSVMW4E
age
21179451
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9339
x-amz-id-2
gVOTR0Z9piLi64wboqdPNIndk4rhD8DKKMJcTGtoGSSRNpx64+U5gStPicIeV9n0DfsAubLIpj4=
last-modified
Tue, 19 Apr 2022 18:32:34 GMT
server
cloudflare
etag
"b450f5bff1baff9853efbf10cfb5c3da"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KbAqxIOUNBJqLITHMEn3L5Q1SUtGxZjNsy1mT%2BECYGvepljzqp2l9BHcDSee9D0AYMm3TTJqDRDgRGV6ThP6xSMsS%2FKzEq4lMBZjUgLM7IaIX1a7XelIdhPAkp%2Fx%2F%2FHtSsDSzOmmRhJbFIoMRn8LbC2S"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
77cb9b469ab59bb6-FRA
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://holdtoreset.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 15:59:12 GMT
x-content-type-options
nosniff
age
107610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 15:59:12 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://holdtoreset.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:19:38 GMT
x-content-type-options
nosniff
age
484384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 07:19:38 GMT
nba-2k23-locker-codes-input-750x422.jpg
cdn.holdtoreset.com/wp-content/uploads/2022/09/09130801/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.holdtoreset.com/wp-content/uploads/2022/09/09130801/nba-2k23-locker-codes-input-750x422.jpg
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20cebcb3fc8b5ae2c62e931b7126da9422ac5dc57502c3c3da2f95ce49494ea4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CVQCQMP7JEPB0B7Z
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32938
x-amz-id-2
l3Od5l+Re9Kmb63QpvT9LmkJeq/FbeaTVw434TityS+009UIYs0F1jKPkpL4fM2pXO4w/ytAj90=
last-modified
Fri, 09 Sep 2022 19:08:03 GMT
server
cloudflare
etag
"1ac85e813beaa876b41eebb929dc920f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDey08DXgbJyBkZqcYQ02ZXmSNBJfAxfYoX8QSwrzQrQ%2BPafET5g6pGakkqYvb%2BAK8MzBTbXmEoQCS1Z6IerNkV946mcahd3s3%2FeGj16Ivt%2FR97ybg0iwZz2MJWCPTXlnZtspoVTuhGAY4zvgvkk%2FhkB"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
77cb9b46bae89bb6-FRA
8209e88508876c0e81b85ecfb1025eed
secure.gravatar.com/avatar/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/8209e88508876c0e81b85ecfb1025eed?s=128&d=mm&r=pg
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2333db8fd856a0398e65b4e12f8424252646a94cb38edb8dd6bf5e5fcc10c491

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
HIT ams 4
date
Tue, 20 Dec 2022 21:52:42 GMT
last-modified
Thu, 30 Nov 2017 23:46:02 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="8209e88508876c0e81b85ecfb1025eed.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/8209e88508876c0e81b85ecfb1025eed?s=128&d=mm&r=pg>; rel="canonical"
content-length
10424
expires
Tue, 20 Dec 2022 21:57:42 GMT
1c54e817b3e0e91e50a18f58f4dec73f
secure.gravatar.com/avatar/ 		1021 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/1c54e817b3e0e91e50a18f58f4dec73f?s=48&d=mm&r=pg
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3e3e6358df951436d7c4e597f61f7bb0dcbfa9b99385c14a7016bd5475cd7d07

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
HIT ams 4
date
Tue, 20 Dec 2022 21:52:42 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="1c54e817b3e0e91e50a18f58f4dec73f.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/1c54e817b3e0e91e50a18f58f4dec73f?s=48&d=mm&r=pg>; rel="canonical"
content-length
1021
expires
Tue, 20 Dec 2022 21:57:42 GMT
avcplayer.js
player.avplayer.com/script/8/v/ 		688 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/8/v/avcplayer.js
Requested by
Host: d2nr2jos5slco1.cloudfront.net
URL: https://d2nr2jos5slco1.cloudfront.net/aniview-script/holdtoreset.com_instream_floating.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:1c::1724:a36c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
735958e162947ba5a865bf5e44c430ef29c9798a4bbbffc06916547fccaa44d4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdusdfqoVxgUIhiC_QnuiTPyYS_nXjfLMKFnNRO342mtrUSgIaaIRMDbryIKtbhEXO3flzZYz0qOTKXe63W0NPcYNUkeF6nh
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
185302
last-modified
Thu, 08 Dec 2022 13:47:31 GMT
server
UploadServer
etag
"8703f57a9eff209e3e119fe042254bfd"
vary
Accept-Encoding
x-goog-generation
1670507251338156
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=HfwZ2Q==, md5=hwP1ep7/IJ4+EZ/gQiVL/Q==
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
185302
accept-ranges
bytes
expires
Tue, 20 Dec 2022 21:57:42 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5d8ccec528a0617cae5a0755&cid=5df8053d28a0611f852c7c55&cb=1671573162078&r=holdtoreset.com&stagid=63232173bcb765491c092304&stplid=632320ab5cba855d4c352e16&d35=&d65=&d66=8&e=playerLoaded
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.166.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-166-244.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
pubads_impl_2022120701.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/tag/js/gpt.js?ver=1671559755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2f8c7997f52d388163a69b8832524663fd4b607f83cdb13ed9c6e928ad71fac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 14:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
285383
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132289
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 09:34:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 17 Dec 2023 14:36:19 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		73 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=holdtoreset.com
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/tag/js/gpt.js?ver=1671559755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a6b5985bc0e2dd700048b7bb9a250d37a1bad8de140de7e307610eb250d788b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55
x-xss-protection
0
expires
Tue, 20 Dec 2022 21:52:42 GMT
/
geoip.insticator.com/json/ 		227 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d2f0uviei09pxb.cloudfront.net
URL: https://d2f0uviei09pxb.cloudfront.net/ads-code/1e57d553-2491-4060-9445-311910c2acb4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.245.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-245-134.compute-1.amazonaws.com
Software
/
Resource Hash
2796480dee836b236d23c88fc44286184b74be5b5ea8c042017204792bb87b66

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://holdtoreset.com
date
Tue, 20 Dec 2022 21:52:42 GMT
access-control-allow-credentials
true
x-database-date
Tue, 20 Dec 2022 20:52:11 GMT
content-length
227
vary
Origin
content-type
application/json
3422aece-5698-4654-adb7-bac44f385306.js
df80k0z3fi8zg.cloudfront.net/files/instibid/1e57d553-2491-4060-9445-311910c2acb4/ 		323 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/1e57d553-2491-4060-9445-311910c2acb4/3422aece-5698-4654-adb7-bac44f385306.js
Requested by
Host: d2f0uviei09pxb.cloudfront.net
URL: https://d2f0uviei09pxb.cloudfront.net/ads-code/1e57d553-2491-4060-9445-311910c2acb4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:7600:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8305abf54ad51c3e40a0514847f2d8a4bfa39cffa09077bb593f3c33e592b5e0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:59:24 GMT
x-amz-version-id
W6OoRIDYlsZTxTZ2PP7BWa7MvYNA0.Vc
content-encoding
br
last-modified
Tue, 20 Dec 2022 17:08:54 GMT
server
AmazonS3
via
1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
etag
W/"a91042f46d00946c0acb2c1654b635d2"
age
10399
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
jG2ulvnM9ichh3bFBlqvr7u4U8bbkYFyWbhDu6keH79U-hO7tBbptw==
tag.min.js
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by
Host: d2f0uviei09pxb.cloudfront.net
URL: https://d2f0uviei09pxb.cloudfront.net/ads-code/1e57d553-2491-4060-9445-311910c2acb4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cbff952e8c47bf976906662ac210c3ae9aaf8e10820d404e8f760bc273bcb4fb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 02:17:29 GMT
content-encoding
gzip
via
1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-version-id
MzFJp_hCplumN12v7na.JL4ToSqQ7M.M
last-modified
Mon, 30 May 2022 15:16:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
70514
etag
W/"32357f1c0de69779f4fedf3aeb29d83e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
ZBsdJKXincgnieYxsQcx2NOHeelRQ3WMvFDY8-IToqDT3UVUuQN5iw==
config.js
cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ 		127 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d2f0uviei09pxb.cloudfront.net
URL: https://d2f0uviei09pxb.cloudfront.net/ads-code/1e57d553-2491-4060-9445-311910c2acb4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3936e01b1a4a324b9deefc093c09855a5edcd306abb82819f8ec6422435cd5e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Dec 2022 21:50:40 GMT
server
cloudflare
x-amz-request-id
D2F7RCMDRKBQZFQB
age
103
etag
W/"247b44c0d106486a6e5161777212deca"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
77cb9b47d8385b80-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Ovi3bEYzo2WeYR6wFa5ymY+EeOOZHkx1yptGXjJLe10d2SmCvwWDcDXs3fFbR0XaVtLHLKrmRAc=
index.html
auth.instiengage.com/auth/ Frame 96CB 		75 B
478 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: d2f0uviei09pxb.cloudfront.net
URL: https://d2f0uviei09pxb.cloudfront.net/ads-code/1e57d553-2491-4060-9445-311910c2acb4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b000:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32dcb7b5d0e79583353a56225e4d8097e004103102d584e245d1b96547f9948d

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
173
cache-control
max-age=300
content-length
75
content-type
text/html
date
Tue, 20 Dec 2022 21:50:03 GMT
etag
"2e3d17ce9023be2c1313c02113f5c568"
last-modified
Thu, 15 Dec 2022 19:04:38 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
x-amz-cf-id
zpVEczvMSpck0hGlmsysl4eNfgwegib7QXAh85oyOnmnOy58W-Mohg==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
0B8BOtRm3TjXkbLwwelDKjJGGmWGWjpp
x-cache
Hit from cloudfront
event
event.insticator.com/v1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d2f0uviei09pxb.cloudfront.net
URL: https://d2f0uviei09pxb.cloudfront.net/ads-code/1e57d553-2491-4060-9445-311910c2acb4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.245.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-245-134.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://holdtoreset.com
date
Tue, 20 Dec 2022 21:52:42 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.245.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-245-134.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type
Access-Control-Request-Method
POST
Origin
https://holdtoreset.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-origin
https://holdtoreset.com
access-control-max-age
3600
content-length
0
date
Tue, 20 Dec 2022 21:52:42 GMT
vary
Origin
close-btn.png
embedproduction.s3.amazonaws.com/files/images/ 		592 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embedproduction.s3.amazonaws.com/files/images/close-btn.png
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.109.227 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 21:52:43 GMT
x-amz-version-id
.AkIXgBEyCWDe8DX4oIvcL6LAIAooFgY
Last-Modified
Tue, 26 Nov 2019 16:29:04 GMT
Server
AmazonS3
x-amz-request-id
CVQ9JV22CJW20AZD
ETag
"2298668a0d4b08e7d3e9726cf42696e9"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
592
x-amz-id-2
/UFUyqjLUn2R6L1//cl7Q6qHGeQTO7+Dm/4E64DxRNYSrBrL+YxWSv+iMZp4dXameOyV+GeCZGw=
openrtb
ex.ingage.tech/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:53d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://holdtoreset.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://holdtoreset.com
access-control-max-age
3600
cf-cache-status
DYNAMIC
cf-ray
77cb9b489f6c695e-FRA
content-length
0
date
Tue, 20 Dec 2022 21:52:42 GMT
server
cloudflare
vary
Origin, Access-Control-Request-Headers
okodigital
okodigital.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://okodigital.technoratimedia.com/openrtb/bids/okodigital?src=prebid_prebid_6.29.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.80.94.115 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://holdtoreset.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://holdtoreset.com
date
Tue, 20 Dec 2022 21:52:42 GMT
server
nginx
fastlane.json
fastlane.rubiconproject.com/a/api/ 		765 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17974&site_id=387578&zone_id=2160386&size_id=15%3B15%3B15%3B2%3B2&alt_size_ids=%3B%3B%3B%3B1&rp_schain=1.0,1!oko.uk,550-HTR,1,,,&eid_pubcid.org=a99db70c-50d5-42be-b643-edb02bd0360a%5E1&rf=https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F&tg_i.pbadslot=holdtoreset.com-div-insticator-ad-16%3Bholdtoreset.com-div-insticator-ad-11%3Bholdtoreset.com-div-insticator-ad-15%3Bholdtoreset.com-div-insticator-ad-3%3Bholdtoreset.com-div-insticator-ad-bottom-anchor&tk_flint=pbjs_lite_v6.29.0&x_source.tid=0ba6a186-cdca-4cca-9aa8-23e311bfb1f9%3B78e7e248-c634-4ee5-beb9-546ad86d16b0%3B9a7922e9-fe18-4a16-8d01-71dae01f335d%3Bcdb962c9-b314-4c45-92d1-001e00a2cd08%3Bb7534571-8300-4666-a729-41ea240974a0&l_pb_bid_id=2cf05386edd963%3B3886f730baa65b%3B4a68183c3d7d66%3B5faba2ba8a9987%3B64700f63676e0f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=holdtoreset.com-div-insticator-ad-16%3Bholdtoreset.com-div-insticator-ad-11%3Bholdtoreset.com-div-insticator-ad-15%3Bholdtoreset.com-div-insticator-ad-3%3Bholdtoreset.com-div-insticator-ad-bottom-anchor&slots=5&rand=0.0893910720495894
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8159d3d0e7df5496376f113055b84d40c88f255c6d4851e6065bc010a4138a91

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:42 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://holdtoreset.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ 		177 B
881 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%228ebd919618f6f3%22%3A%22b9f7ff2cb584c183c1c1%7C300x250%7Cgpid%3Dholdtoreset.com-div-insticator-ad-16%22%2C%2292d9e8bb4b3389%22%3A%22b9f7ff2cb584c183c1c1%7C300x250%7Cgpid%3Dholdtoreset.com-div-insticator-ad-11%22%2C%2210de4874301f0b9%22%3A%22b9f7ff2cb584c183c1c1%7C300x250%7Cgpid%3Dholdtoreset.com-div-insticator-ad-15%22%2C%2211521387438a023%22%3A%22b9f7ff2cb584c183c1c1%7C728x90%7Cgpid%3Dholdtoreset.com-div-insticator-ad-3%22%2C%22126f4a93c6224d1%22%3A%22b9f7ff2cb584c183c1c1%7C728x90%7Cgpid%3Dholdtoreset.com-div-insticator-ad-bottom-anchor%22%7D&ref=https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F&s=1bb24196-1050-4672-b867-a3b4df7b0db1&pv=17cfe1dc-96a4-4a3a-be35-fcd32b502778&vp=desktop&lib_name=prebid&lib_v=6.29.0&us=50&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22oko.uk%22%2C%22sid%22%3A%22550-HTR%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22a99db70c-50d5-42be-b643-edb02bd0360a%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22a99db70c-50d5-42be-b643-edb02bd0360a%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
6876935c9752a629f3eadd17397f5533a422461a4ceabd5a8f3bb680e3270ebd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:42 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-175
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://holdtoreset.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
155
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.0
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
dbad0593413619c798276de1c95b829e0613b70aa6e342fcc2e98aab9ad605e8

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Dec 2022 21:52:42 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://holdtoreset.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
hb
ssc.33across.com/api/v1/ 		87 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cS_MBCmB8r7ikhrkHcnnVW
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
91725c64e5da498f4cfb75da7848e9c66d8a0e21a0cf1cff3e119b0f8ce954d8

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://holdtoreset.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		87 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cS_MBCmB8r7ikhrkHcnnVW
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
91725c64e5da498f4cfb75da7848e9c66d8a0e21a0cf1cff3e119b0f8ce954d8

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://holdtoreset.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cS_MBCmB8r7ikhrkHcnnVW
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
91725c64e5da498f4cfb75da7848e9c66d8a0e21a0cf1cff3e119b0f8ce954d8

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://holdtoreset.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cS_MBCmB8r7ikhrkHcnnVW
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
91725c64e5da498f4cfb75da7848e9c66d8a0e21a0cf1cff3e119b0f8ce954d8

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://holdtoreset.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		87 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cS_MBCmB8r7ikhrkHcnnVW
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
91725c64e5da498f4cfb75da7848e9c66d8a0e21a0cf1cff3e119b0f8ce954d8

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://holdtoreset.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
auction
tlx.3lift.com/header/ 		19 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.0&referrer=https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F&tmax=3000
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.142.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-142-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:42 GMT
accept-ch
sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt
content-type
application/json; charset=utf-8
access-control-allow-origin
https://holdtoreset.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
mvo
tag.1rx.io/rmp/238349/0/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/238349/0/mvo?z=1r&hbv=6.29,2.1
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://holdtoreset.com
pragma
no-cache
date
Tue, 20 Dec 2022 21:52:42 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
openrtb
ex.ingage.tech/v1/ 		1 KB
764 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:53d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dd33bd7a204c970cedcd69579d8ec7b49cae9354fc7f1b4d41aceac20cedb90

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://holdtoreset.com
access-control-allow-credentials
true
cf-ray
77cb9b49cf3d92bd-FRA
prebid
ib.adnxs.com/ut/v3/ 		588 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
64fcc726f66ef9fc6d30fff8b3f17ba98f28da1ce3ad49ee347f8e84bc4c4202
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Dec 2022 21:52:42 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
95.211.95.247; 95.211.95.247; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f7e93ecc-e8df-4bc0-bb51-5ad8a33480d2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://holdtoreset.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=754648&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2249102c9792cea8%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22500fc500a2c5ad1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22754648%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22holdtoreset.com-div-insticator-ad-16%22%7D%7D%2C%7B%22id%22%3A%2251f58ebe8b03484%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22754648%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22holdtoreset.com-div-insticator-ad-11%22%7D%7D%2C%7B%22id%22%3A%2252ffc4efbf12d5e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22754648%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22holdtoreset.com-div-insticator-ad-15%22%7D%7D%2C%7B%22id%22%3A%225357fd0cbb6eb12%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22754648%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22holdtoreset.com-div-insticator-ad-3%22%7D%7D%2C%7B%22id%22%3A%22547f1467ae5ba14%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22754648%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22holdtoreset.com-div-insticator-ad-bottom-anchor%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22oko.uk%22%2C%22sid%22%3A%22550-HTR%22%2C%22hp%22%3A1%2C%22rid%22%3A%2237522204ba4657f%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22a99db70c-50d5-42be-b643-edb02bd0360a%22%7D%5D%7D%5D%7D%7D
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f46c179bf80ff8374132a327a1e1c94edd67373aaeabc85663efdeb617f797e

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4wWM6X4FtFZ7D5TAbCNx48AKR2D22vyvBX14C9txWKBNDvozzTDJqWN9tP5kZCKWQ3PIggW58WldrIPLuJUvmifTu6a4HPt4%2F1tvQ0dQF8LliPBg%2Bz8QPk6ku4rzF0Sa6YXmuVj"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://holdtoreset.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77cb9b489abb9960-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
bid-request
a.teads.tv/hb/ 		16 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://holdtoreset.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 20 Dec 2022 21:52:42 GMT
c
prebid.a-mo.net/a/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 20 Dec 2022 21:52:41 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://holdtoreset.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.98.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-98-164.compute-1.amazonaws.com
Software
/
Resource Hash
d6e641c854dd713bc5cf6161044b4ce21d2b0f523c82b0e37f1900759671de8d

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://holdtoreset.com
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
arj
okodigital-d.openx.net/w/1.0/ 		73 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://okodigital-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d097819a-330d-49d0-82dd-b5efd4b696e7%2C72324530-8d2e-460e-a348-d7820178e182%2Cdadd2d41-2d79-40da-aa0d-f9db1263e100%2Cb6253002-91d4-46b1-85a3-d3f0e08e893c%2C00252583-f88d-4d5f-9c6b-3650036800e7&nocache=1671573162277&pubcid=a99db70c-50d5-42be-b643-edb02bd0360a&schain=1.0%2C1!oko.uk%2C550-HTR%2C1%2C37522204ba4657f%2C%2C&aus=300x250%7C300x250%7C300x250%7C728x90%7C728x90&divids=div-insticator-ad-16%2Cdiv-insticator-ad-11%2Cdiv-insticator-ad-15%2Cdiv-insticator-ad-3%2Cdiv-insticator-ad-bottom-anchor&aucs=holdtoreset.com-div-insticator-ad-16%2Choldtoreset.com-div-insticator-ad-11%2Choldtoreset.com-div-insticator-ad-15%2Choldtoreset.com-div-insticator-ad-3%2Choldtoreset.com-div-insticator-ad-bottom-anchor&auid=545673688%2C545673688%2C545673688%2C545673689%2C545673689
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ade81a40aecd1c72726bc58b1b8c858755e5fe1c30903f7056cc3357ca53d927

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://holdtoreset.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
okodigital
okodigital.technoratimedia.com/openrtb/bids/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://okodigital.technoratimedia.com/openrtb/bids/okodigital?src=prebid_prebid_6.29.0
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.80.94.115 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
173772584
access-control-allow-origin
https://holdtoreset.com
access-control-allow-credentials
true
scripts.min.js
holdtoreset.com/wp-content/themes/hueman/assets/front/js/ 		74 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-content/themes/hueman/assets/front/js/scripts.min.js?3.7.23
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/themes/hueman/assets/front/js/hu-init.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1891b054a7cf74a81590ee3ea25baa920520a70de1e1ab716a8fe2639b827e00

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/nba-2k23-locker-codes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Sep 2022 20:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6206
etag
W/"63223b4c-1295c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bxqIUW5jLi08fcrmNEsdEXw%2FOGqr7Lb%2BUk%2B6wjDdUmiiyNujcao1i8PgKYN4NpIyVTIisBL%2FPNApz93PPkFMv919t6gKKDdAv1CFLXjEkOPDFKo%2BDDO3OY0718Uw4q9jZf1msy7RSEyPw076dtE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
https://cdn.holdtoreset.com https://holdtoreset.com
cache-control
max-age=14400
cf-ray
77cb9b48cd129b71-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-72398024-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FPFFZVF5SC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
696d7a4435b0ec4e6d59586c09fa126d22d3e168fd2dccb452081b813da77f82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43636
x-xss-protection
0
last-modified
Tue, 20 Dec 2022 21:17:12 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 20 Dec 2022 21:52:42 GMT
collect
region1.google-analytics.com/g/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FPFFZVF5SC&gtm=2oebu0&_p=1191982308&cid=2080067451.1671573162&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671573162&sct=1&seg=0&dl=https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F&dt=NBA%202K23%20Locker%20Codes%20%E2%80%93%20Hold%20To%20Reset&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FPFFZVF5SC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://holdtoreset.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
authIframe.js
auth.instiengage.com/auth/ Frame 96CB 		65 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/authIframe.js?v=1
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b000:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1d05642e23866a6d7fb1b165615355e7c01fffaf89c61e9c14c0beecb96ae23

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
5t0c70ij2yH4_3abcxf5deINM.AIH7.i
content-encoding
gzip
via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
date
Tue, 20 Dec 2022 21:49:48 GMT
last-modified
Thu, 15 Dec 2022 19:04:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
176
etag
W/"e0bffec4a3929b23d4347f914449f5cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300
x-amz-cf-id
3B7h5whuD29KEmUYILgW5vjr7hz5nXSxJK0Gm2IdCFELmQoRffCM1g==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-72398024-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 20 Dec 2022 21:24:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1685
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 20 Dec 2022 23:24:37 GMT
d23a0edf71fe026ab53f.woff
player.avplayer.com/script/8/v/assets/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/8/v/assets/d23a0edf71fe026ab53f.woff
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:1c::1724:a36c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
cbb4b075550bdbd2c0a81e9abf04b677b820432084a1e13a088a790be8d906f4

Request headers

Referer
https://holdtoreset.com/
Origin
https://holdtoreset.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdt87FPYB_DNnSLIF_OFOAVn7B5OWxEhHUnb-sBj-hKO_ocvGWp-NOM7ycw_KS59N7zcckLA3VUic52tSnlD2XXkbff1yJy7
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
36338
last-modified
Thu, 08 Dec 2022 13:47:32 GMT
server
UploadServer
etag
"da53b08eebe91671b634e1dc4167f571"
vary
Accept-Encoding
x-goog-generation
1670507251899350
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=Ym5bOQ==, md5=2lOwjuvpFnG2NOHcQWf1cQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
36338
accept-ranges
bytes
expires
Tue, 20 Dec 2022 21:57:42 GMT
ctrack
track1.avplayer.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.avplayer.com/ctrack?pid=5d8ccec528a0617cae5a0755&cid=5df8053d28a0611f852c7c55&r=holdtoreset.com&sn=&cd1=&cd2=&cd3=&app=&test=&pt=2&cmid=&cwid=&d66=8.2.6&stplid=632320ab5cba855d4c352e16&stagid=63232173bcb765491c092304&cb=1671573162576&e=cpll&cvid=&cpid=&str=external&vi=-1&wi=640&he=360&d66=8.2.6
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.121.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-121-218.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
AVmanager.js
player.aniview.com/script/6.1/ Frame 6F9E 		427 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8/v/avcplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
58c78ea24a54d81cd6af405447977e90b5dee6e0a862c1af9d79cd35c7f3c420

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduw1FiojDHTkymvpPep_03QW00aHBlIQ0Bll1NQVQ7bdCakjNcbclXQ9mIl_0xgMBsSCPhumKysRXkDCpGFNzK9SdzkYRm6
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
116981
last-modified
Tue, 13 Dec 2022 08:13:32 GMT
server
UploadServer
etag
"cd25de2ec0c4a951c47404fd1d56f1fb"
vary
Accept-Encoding
x-goog-generation
1670919212449657
x-goog-hash
crc32c=Uhd+iA==, md5=zSXeLsDEqVHEdAT9HVbx+w==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
116981
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 20 Dec 2022 22:02:42 GMT
/
onetag-geo.s-onetag.com/ 		555 B
969 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-101.fra6.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:47:45 GMT
via
1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront), 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6, FRA6-C1
age
11097
x-amzn-requestid
47e24d95-8b4a-43a7-89e9-f11591f19ec3
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
ddV0xHqgCYcFhuw=
content-length
555
x-amz-cf-id
w2KeYqnpWwFzAxrn6sWuOYrq9YBkmjU7g8huXopxnBihCLsmJ0H7GA==
beacon.min.js
signal-beacon.s-onetag.com/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-76.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93975ae1d8cef7cb7a8c05ef392abe1b4d080b570b19cab279a208afe7d36cf9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
SQDb2i9Q5YZSPn9JZMj9axyuCi9GAOZD
content-encoding
gzip
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
date
Tue, 20 Dec 2022 01:02:00 GMT
last-modified
Wed, 10 Aug 2022 09:56:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
75043
x-amz-server-side-encryption
AES256
etag
W/"588a5c88fba4ca02dace48040384e257"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
SCynq-Xqwib_T1Em9mpRl_S67dH39mmCNH1jwREKNhlb4LaeLXXmbg==
%2Fnba-2k23-locker-codes%2F
signal-segments.s-onetag.com/desktop/holdtoreset.com/ 		4 KB
634 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/holdtoreset.com/%2Fnba-2k23-locker-codes%2F
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-44.fra56.r.cloudfront.net
Software
/
Resource Hash
760f52ebdec27ef9d5d9645659c01fc4ac3950f141ab4800558d23d9572060d1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
gzip
via
1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amz-cf-id
-9HRoNczJhxGCjH61HO7_F7UWsY3t66z6LtZgUrYB9Nqj5oK22K65w==
apigw-requestid
ddw6tg4giYcEJRQ=
holdtoreset.com
signal-segments.s-onetag.com/desktop/ 		4 KB
644 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/holdtoreset.com
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-44.fra56.r.cloudfront.net
Software
/
Resource Hash
760f52ebdec27ef9d5d9645659c01fc4ac3950f141ab4800558d23d9572060d1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 02:15:55 GMT
content-encoding
gzip
via
1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
70607
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amz-cf-id
IFZd2DOQDYhxrMpFM1Hdacw4OfnL5qJKLPCjmrUM3oACxzuYK5az2A==
apigw-requestid
dbEiSiJPiYcEZyg=
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202212121148/ 		210 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202212121148/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4287c42dfa851c2d08b8fb73a4e43f11b7ba2cb30c924e70f52b5db171ec1edf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Dec 2022 16:50:50 GMT
server
cloudflare
x-amz-request-id
VGBCVX0ZBNJ54G0Y
age
702011
etag
W/"a295e934190c6de7fe47fed7fbac382f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
77cb9b4a9c299220-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
bVi0tzrOy/SUvhR43rk+AeX8ILdUXeUZ1XVp6oX3QdRhjASjkRQhyR5aEHvwvKpa/w6gZmyG70noWoqF1HTRfQ==
video_holdtoreset.com_1.mp4
d2nr2jos5slco1.cloudfront.net/Aniview-Content/ 		0
0
video_holdtoreset.com_1.mp4
d2nr2jos5slco1.cloudfront.net/Aniview-Content/ 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://d2nr2jos5slco1.cloudfront.net/Aniview-Content/video_holdtoreset.com_1.mp4
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:dc00:1:4a30:d840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
277647d15edf7f8b5214c2474176bcecbf765b45917c46331d0627e04c57302f

Request headers

Referer
https://holdtoreset.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
Kq4mvJ2kKxjUv3gSZlgB4.GxCZBT0B0G
date
Tue, 20 Dec 2022 21:52:42 GMT
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Tue, 04 Oct 2022 08:49:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
2951
etag
"9aaf3deb37b0601c53efbc2f5420d19b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 0-2864448/2864449
accept-ranges
bytes
x-amz-cf-id
2jk-pLnVewzEnv5Q19Pnzj4OWO7Q_9adZOq7hZ8HjqVmISXK2iO-yw==
Content-Length
2864449
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1191982308&t=pageview&_s=1&dl=https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F&ul=en-us&de=UTF-8&dt=NBA%202K23%20Locker%20Codes%20%E2%80%93%20Hold%20To%20Reset&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=334032506&gjid=187601617&cid=2080067451.1671573162&tid=UA-72398024-1&_gid=1880643562.1671573163&_r=1&gtm=2oubu0&z=623276118
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://holdtoreset.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
font-awesome.min.css
holdtoreset.com/wp-content/themes/hueman/assets/front/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-content/themes/hueman/assets/front/css/font-awesome.min.css?3.7.23
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/themes/hueman/assets/front/js/scripts.min.js?3.7.23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c76cae4aabc1d4236da2fecf8fcae818a2cf95406446774ccf9db5ca14d4b59

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/nba-2k23-locker-codes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Sep 2022 20:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3603
etag
W/"63223b4c-e877"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHaLCCHI5fZS15VNmH2N%2BZV8wiavwV7fNRvOS5nF9TunxnjCKdbSRWuVLAQwI9HKJJilljx2ao7yvGx9oGRWqMiY6a%2FrzA4lQLsnLnzpYbN1J6nhIOWrgA4sBZOu8nXjiB75p5UlWiL98lBgp7k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
77cb9b4b7c519b71-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 6F9E 		372 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126857
x-xss-protection
0
expires
Tue, 20 Dec 2022 21:52:42 GMT
avpb7.12.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 6F9E 		174 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
cb03fcc9956e8131df0a0a936e702552d0be3539e1a2abbdb999d20a72de57f8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdutFCHZrZzZOmwuOKhQw2Yvg7LqBbPW-WqJzjpqALFod3uM94cNFc9z-OA2fXsIuHwHTPqM5yNE_Bc20pT5BXYkgA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
55951
last-modified
Tue, 13 Dec 2022 08:13:33 GMT
server
UploadServer
etag
"848612c9b5fc41ff4495ce51cdc24e14"
vary
Accept-Encoding
x-goog-generation
1670919212995289
x-goog-hash
crc32c=fdkd8w==, md5=hIYSybX8Qf9Elc5RzcJOFA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
55951
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 20 Dec 2022 22:02:42 GMT
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
go1.aniview.com/api/adserver/tag/ 		42 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_VIDEOURL=https%3A%2F%2Fd2nr2jos5slco1.cloudfront.net%2FAniview-Content%2Fvideo_holdtoreset.com_1.mp4&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F&AV_PUBLISHERID=5d8ccec528a0617cae5a0755&AV_CHANNELID=5df8053d28a0611f852c7c55&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=holdtoreset.com&AV_DADPOS=1&AV_TAG=63232173bcb765491c092304&AV_TEMPLATE=632320ab5cba855d4c352e16&d36=6.2.68&responsive=1&sver=3&avtoken=162839&omv=1.0.1&AV_D66=8.2.6&clsid=a29320fe-9954-4ca0-bc60-2530a7667f5e&rando=47&AV_WIDTH=640&AV_HEIGHT=360&AV_DNT=0&cb=1671573162842&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.111.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-111-211.compute-1.amazonaws.com
Software
/
Resource Hash
be61b36122e31b36b60cac2f823b50ea426f46d1abdf137e9c57c160a75796c9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://holdtoreset.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Fri, 09 Dec 2022 08:06:03 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=holdtoreset.com&sn=&ic=0&tgt=0&app=&wi=640&he=360&test=&d36=6.2.68&apppkg=&fv=1&proto=https&d66=8.2.6&clsid=a29320fe-9954-4ca0-bc60-2530a7667f5e&rando=47&pid=5d8ccec528a0617cae5a0755&cid=5df8053d28a0611f852c7c55&stagid=63232173bcb765491c092304&stplid=632320ab5cba855d4c352e16&e=inventory&vi=100&cb=1671573162841
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.166.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-166-244.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-72398024-1&cid=2080067451.1671573162&jid=334032506&gjid=187601617&_gid=1880643562.1671573163&_u=YADAAUAAAAAAACAAI~&z=1634610
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 20 Dec 2022 21:52:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://holdtoreset.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ctrack
track1.avplayer.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.avplayer.com/ctrack?pid=5d8ccec528a0617cae5a0755&cid=5df8053d28a0611f852c7c55&r=holdtoreset.com&sn=&cd1=&cd2=&cd3=&app=&test=&pt=2&cmid=&cwid=&d66=8.2.6&stplid=632320ab5cba855d4c352e16&stagid=63232173bcb765491c092304&cb=1671573162875&e=cpst&cvid=&cpid=&str=viewable&vi=100&wi=640&he=360&d66=8.2.6
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.121.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-121-218.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ctrack
track1.avplayer.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.avplayer.com/ctrack?pid=5d8ccec528a0617cae5a0755&cid=5df8053d28a0611f852c7c55&r=holdtoreset.com&sn=&cd1=&cd2=&cd3=&app=&test=&pt=2&cmid=&cwid=&d66=8.2.6&stplid=632320ab5cba855d4c352e16&stagid=63232173bcb765491c092304&cb=1671573162875&e=cply&cvid=&cpid=&str=viewable&vi=100&wi=640&he=360&d66=8.2.6
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.121.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-121-218.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-72398024-1&cid=2080067451.1671573162&jid=334032506&_u=YADAAUAAAAAAACAAI~&z=614862175
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-72398024-1&cid=2080067451.1671573162&jid=334032506&_u=YADAAUAAAAAAACAAI~&z=614862175
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.245.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-245-134.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://holdtoreset.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://holdtoreset.com
access-control-max-age
3600
content-length
0
date
Tue, 20 Dec 2022 21:52:43 GMT
vary
Origin
event
event.insticator.com/v1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Requested by
Host: d2f0uviei09pxb.cloudfront.net
URL: https://d2f0uviei09pxb.cloudfront.net/ads-code/1e57d553-2491-4060-9445-311910c2acb4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.245.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-245-134.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://holdtoreset.com
date
Tue, 20 Dec 2022 21:52:43 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
backfillad
dashboard.insticator.com/embeds/ Frame DAF5 		0
0
backfillad
dashboard.insticator.com/embeds/ Frame 9963 		1 KB
842 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=holdtoreset.com
Requested by
Host: d2f0uviei09pxb.cloudfront.net
URL: https://d2f0uviei09pxb.cloudfront.net/ads-code/1e57d553-2491-4060-9445-311910c2acb4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.162.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-162-50.compute-1.amazonaws.com
Software
/
Resource Hash
1fd432aff8ad7653ea949bf9ed7f0bc16c65f0d5fa2b62d4df6dbdcb30379b8a

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
public, max-age=10800
content-encoding
gzip
content-length
703
content-type
text/html; charset=utf-8
date
Tue, 20 Dec 2022 21:52:43 GMT
vary
Accept-Encoding
backfillad
dashboard.insticator.com/embeds/ Frame 5697 		0
0
backfillad
dashboard.insticator.com/embeds/ Frame 3506 		1 KB
843 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=holdtoreset.com
Requested by
Host: d2f0uviei09pxb.cloudfront.net
URL: https://d2f0uviei09pxb.cloudfront.net/ads-code/1e57d553-2491-4060-9445-311910c2acb4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.162.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-162-50.compute-1.amazonaws.com
Software
/
Resource Hash
713d862202431dddb66372117e1cf9e085d1d8761a9b8015385ee07c91ed474c

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
public, max-age=10800
content-encoding
gzip
content-length
703
content-type
text/html; charset=utf-8
date
Tue, 20 Dec 2022 21:52:43 GMT
vary
Accept-Encoding
backfillad
dashboard.insticator.com/embeds/ Frame BAAF 		0
0
backfillad
dashboard.insticator.com/embeds/ Frame 8F28 		1 KB
841 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dashboard.insticator.com/embeds/backfillad?dimension=728x90&siteURL=holdtoreset.com
Requested by
Host: d2f0uviei09pxb.cloudfront.net
URL: https://d2f0uviei09pxb.cloudfront.net/ads-code/1e57d553-2491-4060-9445-311910c2acb4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.162.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-162-50.compute-1.amazonaws.com
Software
/
Resource Hash
8d6976aa4fde8b605397b7fa962b9024048247cb4e6b095aac4e73f50c9567f7

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
public, max-age=10800
content-encoding
gzip
content-length
702
content-type
text/html; charset=utf-8
date
Tue, 20 Dec 2022 21:52:43 GMT
vary
Accept-Encoding
backfillad
dashboard.insticator.com/embeds/ Frame E2BC 		0
0
backfillad
dashboard.insticator.com/embeds/ Frame C77F 		1 KB
841 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x600&siteURL=holdtoreset.com
Requested by
Host: d2f0uviei09pxb.cloudfront.net
URL: https://d2f0uviei09pxb.cloudfront.net/ads-code/1e57d553-2491-4060-9445-311910c2acb4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.162.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-162-50.compute-1.amazonaws.com
Software
/
Resource Hash
2e3ddbb194051e38dcfe38fc05d502c531f5e457aeeba50a1d15a6871b0b02b3

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
public, max-age=10800
content-encoding
gzip
content-length
702
content-type
text/html; charset=utf-8
date
Tue, 20 Dec 2022 21:52:43 GMT
vary
Accept-Encoding
pixel.gif
d2s3kjdp77ms5k.cloudfront.net/ 		35 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s3kjdp77ms5k.cloudfront.net/pixel.gif?timestamp=1671573163211&site_uuid=1e57d553-2491-4060-9445-311910c2acb4&hostname=holdtoreset.com&ad_unit=holdtoreset.com_Web_300x250_6&impression_type=il&device=desktop&country_code=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:be00:1c:f0ba:c200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 06:07:31 GMT
via
1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
56735
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
M8iC7kCA8J59j8Mq-tnSAFoPJz6YE-JXvyykhe-C-bEuUKFpnFpCmA==
pixel.gif
d2s3kjdp77ms5k.cloudfront.net/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s3kjdp77ms5k.cloudfront.net/pixel.gif?timestamp=1671573163218&site_uuid=1e57d553-2491-4060-9445-311910c2acb4&hostname=holdtoreset.com&ad_unit=holdtoreset.com_Web_300x250_9&impression_type=il&device=desktop&country_code=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:be00:1c:f0ba:c200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 06:07:31 GMT
via
1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
56735
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
U5T5FtmMdedasQQsjfvTkK3fR4K7HXe9_2Zj8bxsiDslsBfoUyAYiQ==
pixel.gif
d2s3kjdp77ms5k.cloudfront.net/ 		35 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s3kjdp77ms5k.cloudfront.net/pixel.gif?timestamp=1671573163228&site_uuid=1e57d553-2491-4060-9445-311910c2acb4&hostname=holdtoreset.com&ad_unit=holdtoreset.com-desktop-bottom-anchor&impression_type=il&device=desktop&country_code=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:be00:1c:f0ba:c200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 06:07:31 GMT
via
1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
56735
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
8KhpGTzaCC9mTAZ_G4TVh5XPJ05VOBnlpgFTdWvY6hHDHzgrwIgYyA==
pixel.gif
d2s3kjdp77ms5k.cloudfront.net/ 		35 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s3kjdp77ms5k.cloudfront.net/pixel.gif?timestamp=1671573163235&site_uuid=1e57d553-2491-4060-9445-311910c2acb4&hostname=holdtoreset.com&ad_unit=holdtoreset.com_Web_300x600_1&impression_type=il&device=desktop&country_code=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:be00:1c:f0ba:c200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 06:07:31 GMT
via
1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
56735
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
ZUBVkey5D2i4kEVN29lzoY3x3nINOVoc35L5Rr5A529aO_61yaz42g==
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=holdtoreset.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3025002463432866&correlator=2199729768120867&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fif&iu_parts=2507246%3A22426007791%2Choldtoreset.com_Web_300x250_10&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=659589737&sfv=1-0-40&prev_scp=h%3D21%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dholdtoreset.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&cust_params=ip%3D0%26he%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1671573163260&lmt=1671573163&dlt=1671573161269&idt=1154&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F&frm=20&vis=1&psz=0x0&msz=0x-1&fws=128&ohw=0&ga_vid=2080067451.1671573162&ga_sid=1671573163&ga_hid=1191982308&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2dd39b350bb363de7ab1dbfdfd42c2c64447939ec914f8769f8d51f4f4ab0fa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8097
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://holdtoreset.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3025002463432866&correlator=2199729768120867&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fif&iu_parts=2507246%3A22426007791%2Choldtoreset.com_Web_728x90_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&adks=2498728089&sfv=1-0-40&prev_scp=h%3D21%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dholdtoreset.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&cust_params=ip%3D0%26he%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1671573163267&lmt=1671573163&dlt=1671573161269&idt=1154&adxs=380&adys=4146&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F&frm=20&vis=1&psz=840x90&msz=728x-1&fws=0&ohw=0&ga_vid=2080067451.1671573162&ga_sid=1671573163&ga_hid=1191982308&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d4660015b1605602ea873bb89028fb173f9f1fa9f33123e765e98dfd9fb8aeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10230
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://holdtoreset.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3025002463432866&correlator=2199729768120867&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fif&iu_parts=2507246%3A22426007791%2Choldtoreset.com_Web_300x250_8&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&adks=1328246047&sfv=1-0-40&prev_scp=h%3D21%26shb%3D1%26tg%3D0%26at%3D1%26hostname%3Dholdtoreset.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&cust_params=ip%3D0%26he%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1671573163269&lmt=1671573163&dlt=1671573161269&idt=1154&adxs=1260&adys=100&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F&frm=20&vis=1&psz=336x-1&msz=336x-1&fws=512&ohw=0&ga_vid=2080067451.1671573162&ga_sid=1671573163&ga_hid=1191982308&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb96b061a9c2b82ad94ff5a6fade4d547d7649e8310b6168bb1f4b2f3e419f3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10250
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://holdtoreset.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		143 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3025002463432866&correlator=2199729768120867&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fif&iu_parts=2507246%3A22426007791%2Choldtoreset.com-interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&adks=208426061&sfv=1-0-40&ists=1&fas=8&cust_params=ip%3D0%26he%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1671573163271&lmt=1671573163&dlt=1671573161269&idt=1154&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=2080067451.1671573162&ga_sid=1671573163&ga_hid=1191982308&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0acaa59424a2c78e757669691ab82bf94ecb4d81d4d28962220925fd6c0a467e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42913
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://holdtoreset.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11ed45137d40bf098873b40a76eb2ed6a6b1ed17225982f744da6129c1f659a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11099
x-xss-protection
0
container.html
c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4FDF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 21:52:43 GMT
expires
Wed, 20 Dec 2023 21:52:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022120701.js
securepubads.g.doubleclick.net/gpt/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022120701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d20eb026b8bb497a6588b444a4c71fda05c0f4c39d5d679d8e0b3527d87af31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 11:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
555662
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14015
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 09:34:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Dec 2023 11:31:41 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/95054/6114/ Frame 6F9E 		214 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/95054/6114/pwt.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7e46e9a27382f87ed191c79c9a361b4c44f871ca0ccd86b29593f10a017a34a2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
gzip
last-modified
Mon, 17 Oct 2022 22:40:08 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=124404
accept-ranges
bytes
content-length
66720
expires
Thu, 22 Dec 2022 08:26:07 GMT
services
sync.technoratimedia.com/ Frame 884B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1671573163124-950045864517-007216-003-008701&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671573163124-950045864517-007216-003-008701%26biddername%3D3%26key%3D%5BUSER_ID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.80.94.115 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://holdtoreset.com/
age
0
date
Tue, 20 Dec 2022 21:52:43 GMT
server
nginx
via
1.1 varnish
x-varnish
158509762
cookiesyncendpoint
sync.aniview.com/ Frame BA52
Redirect Chain
  • https://ex.ingage.tech/v1/syncPage/aniview?to=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671573163124-950045864517-007216-003-008701%26biddername%3D155%26pid%3D5d8ccec528a0617cae...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1671573163124-950045864517-007216-003-008701&biddername=155&pid=5d8ccec528a0617cae5a0755&key=INSTUID
0
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1671573163124-950045864517-007216-003-008701&biddername=155&pid=5d8ccec528a0617cae5a0755&key=INSTUID
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.46.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-46-33.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-length
0
date
Tue, 20 Dec 2022 21:52:43 GMT

Redirect headers

access-control-allow-credentials
true
cf-cache-status
DYNAMIC
cf-ray
77cb9b4e9f9392bd-FRA
content-length
0
date
Tue, 20 Dec 2022 21:52:43 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1671573163124-950045864517-007216-003-008701&biddername=155&pid=5d8ccec528a0617cae5a0755&key=INSTUID
server
cloudflare
vary
Origin
cookiesyncendpoint
sync.aniview.com/ Frame 3391
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671573163124-950045864517-007216-003-008701%26biddername%3D105%26pid%3D5d8ccec...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1671573163124-950045864517-007216-003-008701&biddername=105&pid=5d8ccec528a0617cae5a0755&key=3b505f93-2cc3-41bc-80c1-25341c07d64d&gdpr=1&gdpr_consen...
0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1671573163124-950045864517-007216-003-008701&biddername=105&pid=5d8ccec528a0617cae5a0755&key=3b505f93-2cc3-41bc-80c1-25341c07d64d&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.46.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-46-33.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-length
0
date
Tue, 20 Dec 2022 21:52:43 GMT

Redirect headers

cache-control
max-age=0, private, must-revalidate
content-length
0
date
Tue, 20 Dec 2022 21:52:42 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1671573163124-950045864517-007216-003-008701&biddername=105&pid=5d8ccec528a0617cae5a0755&key=3b505f93-2cc3-41bc-80c1-25341c07d64d&gdpr=1&gdpr_consent=&us_privacy=
server
envoy
x-envoy-upstream-service-time
1
occ
ups.analytics.yahoo.com/ups/58543/ Frame 053A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
0
date
Tue, 20 Dec 2022 21:52:43 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
/
ssc-cms.33across.com/ps/ Frame FDDD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00001rrPUnAAM&us_privacy=1---&ru=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671573163124-950045864517-007216-003-008701%26biddername%3D104%26pid%3D5d8ccec528a0617cae5a0755%26key%3D33XUSERID33X
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP006 /
Resource Hash

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
server
33XP006
x-33x-status
2000208
usync.html
eus.rubiconproject.com/ Frame E1C5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 20 Dec 2022 21:52:43 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 20 Dec 2022 21:52:43 GMT
location
https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
server
AkamaiGHost
pixel
ap.lijit.com/ Frame F2DD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671573163124-950045864517-007216-003-008701%26biddername%3D18%26key%3D%24UID
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Tue, 20 Dec 2022 21:52:43 GMT
X-Sovrn-Pod
ad_ap1ams1
avpb7.12.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame 6F9E 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
255eef079d3f18e253c2b3288b4ed0d621b1266c2845679b66af9db6d8faea2e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdultleqjIWPilsD-wES2slq04ovHvcXHBHjM2lZJgXpnVjIVrPpILpPkZa1Y2LEdN3O4E0bTnwY9Mi2gIhsNTaR
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20450
last-modified
Tue, 13 Dec 2022 08:13:33 GMT
server
UploadServer
etag
"4fef592811250ddfa401ef802ab64cfc"
vary
Accept-Encoding
x-goog-generation
1670919213139487
x-goog-hash
crc32c=w7Xe4w==, md5=T+9ZKBElDd+kAe+AKrZM/A==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
20450
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 20 Dec 2022 22:02:43 GMT
avpb7.12.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 6F9E 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
88512810d8338e837273ffd5f6e896fac568468af72ad38192cd16b0b5408f52

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsCmdp79R5nRbput-zI3qKbBKzWeW0tX5BDNnYoUSEN6IwR0mrbTOZ480zkrZcS6Yg_TTGROBWVx7BA1dntYw6M1g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
23786
last-modified
Tue, 13 Dec 2022 08:13:33 GMT
server
UploadServer
etag
"184ae6096b78d4ce4cd94aedb1f69c16"
vary
Accept-Encoding
x-goog-generation
1670919213113768
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=OTsKUg==, md5=GErmCWt41M5M2UrtsfacFg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
23786
accept-ranges
bytes
expires
Tue, 20 Dec 2022 22:02:43 GMT
avpb7.12.0a4.js
player.aniview.com/script/6.1/libs/prebid/ Frame 6F9E 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a4.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
c44be4b987d3b9a0394a04ecca2176548dee3a9282afd93aae45cfc3b03c82b4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdugCxNKyxkjDr1Pwra9p8nnkKDXzvO0MJEvaDrmbZq0lVO-cF2gSXxO-i8FxK5a_3vniQMgw3ZRiPqGHoeTCv8QYg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
21043
last-modified
Tue, 13 Dec 2022 08:13:33 GMT
server
UploadServer
etag
"c52def2f96d7b36e7501e42af915c142"
vary
Accept-Encoding
x-goog-generation
1670919213158738
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=KFSPhQ==, md5=xS3vL5bXs251AeQq+RXBQg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
21043
accept-ranges
bytes
expires
Tue, 20 Dec 2022 22:02:43 GMT
avpb7.12.0a7.js
player.aniview.com/script/6.1/libs/prebid/ Frame 6F9E 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a7.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
f08e45b5a5473b835f1959f5f427efb577c595b38e04dac76ed50f1883bb4f2e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsW92jAheStywJJrltQFQf7x_rGuhC_Warks16-0DgA07W6b5aKInnlcFTu_MsICVFMtcV-aYqmvWfPOyMtFtft9g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20636
last-modified
Tue, 13 Dec 2022 08:13:33 GMT
server
UploadServer
etag
"b117567dfa844bd39bcfdb2ac29a6b09"
vary
Accept-Encoding
x-goog-generation
1670919213163079
x-goog-hash
crc32c=p90/Vg==, md5=sRdWffqES9Obz9sqwpprCQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
20636
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 20 Dec 2022 22:02:43 GMT
avpb7.12.0a6.js
player.aniview.com/script/6.1/libs/prebid/ Frame 6F9E 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a6.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
4d2d2f2900b4534d42501a7ba6a4d94f110c1c4d0dcfd5ff3da9d88c9382c0f4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtWYr7KAhQ5KLrNp5SicLx6tg5nCfxIMxFb4txCL66QcQKEh7-drFjCx1fiiA2BLhFaBQhH56nwIw6SyVn3XES4j_C20XTq
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
16350
last-modified
Tue, 13 Dec 2022 08:13:33 GMT
server
UploadServer
etag
"256e8682fd7d45dc3a00f7e20a84c9c5"
vary
Accept-Encoding
x-goog-generation
1670919213164376
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=AREPMg==, md5=JW6Ggv19Rdw6APfiCoTJxQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
16350
accept-ranges
bytes
expires
Tue, 20 Dec 2022 22:02:43 GMT
avpb7.12.0a3.js
player.aniview.com/script/6.1/libs/prebid/ Frame 6F9E 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0688c689d53abf96083b536daceff19a6e0d73b041089128cdd65e01b4f93aa7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvVFWksxl9-hZjPUUomgWbFQIL1UbroNKbvvLSnci77Kf3Ex_mWe7KKWuvNcL7d5ScSqM1rDoPxpYg5LRuzBry4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
19946
last-modified
Tue, 13 Dec 2022 08:13:33 GMT
server
UploadServer
etag
"ea5079fb324a9fca5b90cc5736a24a65"
vary
Accept-Encoding
x-goog-generation
1670919213149417
x-goog-hash
crc32c=66HeZw==, md5=6lB5+zJKn8pbkMxXNqJKZQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
19946
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 20 Dec 2022 22:02:43 GMT
avpb7.12.0a2.js
player.aniview.com/script/6.1/libs/prebid/ Frame 6F9E 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a2.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
80e7aefdd09a701b2862f1f26113eef8d612f7b56ff9a26930898d47364c9a74

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduJEoUMK-rcHQbsxQiHLNJ1Mc-ebl4hRRw4Eb_dPAL7U9bJr-eoxNGP5NSxvC6usLmHFNnAVcaZfdZgiF1sNHf5zcNzHfL7
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20304
last-modified
Tue, 13 Dec 2022 08:13:33 GMT
server
UploadServer
etag
"d430af5c86237ffd02658c7632f57bac"
vary
Accept-Encoding
x-goog-generation
1670919213147339
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=d8g48g==, md5=1DCvXIYjf/0CZYx2MvV7rA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
20304
accept-ranges
bytes
expires
Tue, 20 Dec 2022 22:02:43 GMT
s2s
s2s.aniview.com/api/adserver/ 		1 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=c0ef55d4bddc40619d90ad7c24ed4b7c&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1671573163124-950045864517-007216-003-008701&AV_VIDEOURL=https%3A%2F%2Fd2nr2jos5slco1.cloudfront.net%2FAniview-Content%2Fvideo_holdtoreset.com_1.mp4&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F&AV_PUBLISHERID=5d8ccec528a0617cae5a0755&AV_CHANNELID=5df8053d28a0611f852c7c55&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=holdtoreset.com&AV_DADPOS=1&AV_TAG=63232173bcb765491c092304&AV_TEMPLATE=632320ab5cba855d4c352e16&d36=6.2.68&responsive=1&sver=3&avtoken=162839&omv=1.0.1&AV_D66=8.2.6&clsid=a29320fe-9954-4ca0-bc60-2530a7667f5e&rando=47&AV_WIDTH=640&AV_HEIGHT=360&AV_DNT=0&cb=1573163292&wfc=1&tgt=0&&AV_VI=100&AV_VID=0&d4=1&d5=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.45.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-45-101.compute-1.amazonaws.com
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://holdtoreset.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Fri, 09 Dec 2022 08:06:03 GMT
vast.xml
video-ads.rubiconproject.com/video/17062/153310/1184988/201/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/17062/153310/1184988/201/vast.xml?tg_i.site=https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.84.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-84-65.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash
31e7dd9e916c20af6b8b09ad84211d1c268355d40f7dfad41ec57be2feaee4d3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:43 GMT
Content-Encoding
gzip
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/xml
Access-Control-Allow-Origin
https://holdtoreset.com
Cache-Control
public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
952
Expires
Tue, 20 Dec 2022 21:52:43 GMT
sync
x.bidswitch.net/ 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=insticator&user_id=1671573163124-950045864517-007216-003-008701&gdpr=1&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.171.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-171-208.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671573163124-950045864517-007216-003-008701%26biddername%3D24%26pid%3D5d8ccec528a0617cae5a0755%26key%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671573163124-950045864517-007216-003-008701%26biddername%3D24%26pid%3D5d8ccec528a0617cae5a0755%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.171.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-171-208.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://holdtoreset.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://holdtoreset.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 20 Dec 2022 21:52:43 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.68.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-68-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f62d1f16cc0eeaec6f056814fa73e720fd5aeec0f132c5cb31846ac6a6ac2ad9

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://holdtoreset.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
avjp
insticator-d.openx.net/v/1.0/ 		106 B
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6828d769-26fc-4182-a148-33eb45ad44af&nocache=1671573163425&schain=1.0%2C1!insticator.com%2C550-HTR%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A640%2C%22h%22%3A360%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=544066969&vwd=640&vht=360&aumfs=1150
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:43 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://holdtoreset.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=634955&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%225a604550518ebe%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F%22%2C%22page%22%3A%22https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%225e85c1410c9fb95bb72aeb97%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226f5805708a501c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22634955%22%2C%22tid%22%3A%228e183849-408b-4807-a979-ec408de2cfe8%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22placement%22%3A1%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A600%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B640%2C360%5D%5D%2C%22w%22%3A640%2C%22h%22%3A360%7D%2C%22bidfloor%22%3A1.15%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%22550-HTR%22%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bb8245674d0f66f12040e4565ac38c6d9598ad73530379f67d545fa74b0ac0d

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcSEczctM6QPkMs4Msep8r%2Blxsl4P4LhOrTjRmp5nInd9Vx1EKTTjBz6qqO%2Buh2UJBi4rqRv09pRSY1hGAs%2BzNXV0QpPq3oh0r%2FMv1y2amGMTfeB%2BeEiZgT0xTk77yLD5wh6%2BnGx"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://holdtoreset.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77cb9b4f9f228fef-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
bid
ap.lijit.com/rtb/ 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e9968e7e23c0aacf5295e9dd757a0d177050e463a3187263c6c726120748882e

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Dec 2022 21:52:43 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://holdtoreset.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.68.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-68-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f055a9db0e538caa5d54354dc992d7050e9130e5fdb6e91100bcade3c092d5c5

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://holdtoreset.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
hb
hb.yellowblue.io/ 		129 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb?auction_start=1671573163430&ad_unit_code=6155e016102aed613d5a078a&tmax=8000&width=640&height=360&publisher_id=6124caed9c7adb0001c028d8&floor_price=1.15&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&bid_id=1206611d03e8531&bidder_request_id=11d25dc9dae5fdc&transaction_id=0f8d6a76-e64e-4e83-8670-26c4b768b88f&session_id=b3d0e95a-bda9-4fc8-b9e5-ba0ace6c5ff5&is_wrapper=false&publisher_name=holdtoreset.com&site_domain=holdtoreset.com&bidder_version=4.0.0&cs_method=iframe&schain=1.0%2C1!insticator.com%2C550-HTR%2C%2C%2C%2C&referrer=undefined&page_url=https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.159.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-159-44.compute-1.amazonaws.com
Software
/
Resource Hash
fc1eb0b6f3864982cf399d2a8b45edbd29b503ee704ff94490dea92bbff6b3a8

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://holdtoreset.com
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
129
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=92492116939&lsavail=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Dec 2022 21:52:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://holdtoreset.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.98.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-98-164.compute-1.amazonaws.com
Software
/
Resource Hash
121750985ac8baac2215dd6a4cee21ef53810e7e8fd77c1410dfa8eed633fa07

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://holdtoreset.com
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.68.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-68-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44ee1641dc785f26d656ebe376aa24c7a6be3871772dd80ea1f454697a98e9bd

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://holdtoreset.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
v1
prg.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:42 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://holdtoreset.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		139 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c9fb87c5c2596cbf5dbd68d2a9d340c21f02ba74cb40922b9060584caa4f86a1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:43 GMT
AN-X-Request-Uuid
e36f4fdc-6e3e-4e00-aba7-2fb13303c095
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://holdtoreset.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
95.211.95.247; 95.211.95.247; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://holdtoreset.com
pragma
no-cache
date
Tue, 20 Dec 2022 21:52:43 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.68.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-68-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
7a2e74761b6b7b72852f669be6afecf86abefcbf568d2b2a0a79942bed24801c

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://holdtoreset.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
v1
prg.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://holdtoreset.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/107/0/ 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/107/0/mvo?z=1r&hbv=7.12,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://holdtoreset.com
pragma
no-cache
date
Tue, 20 Dec 2022 21:52:43 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		213 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
cfef2f865db882bb86bd53b03163fcad800b2ca0b6346487846e1df342343a7d

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:43 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://holdtoreset.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
213
expires
0
header
hb.aralego.com/ 		0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-D23E6B4DE48A442EFB993884368ED94&tdid=&schain=1.0%2C1!insticator.com%2C550-HTR%2C1%2C%2C%2C&fp=1.15&eids=&u=https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F&host=holdtoreset.com&xr=0&ao=https%3A%2F%2Fholdtoreset.com&w=640&h=360&atype=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://holdtoreset.com
date
Tue, 20 Dec 2022 21:52:43 GMT
access-control-allow-credentials
true
connection
close
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.98.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-98-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://holdtoreset.com
date
Tue, 20 Dec 2022 21:52:43 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.68.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-68-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bcef1839366966d4aa8b0c748fcebd34b32803efca2c4228c19e02a964c507fe

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://holdtoreset.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=651754&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2239cea770624577%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F%22%2C%22page%22%3A%22https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22603fcf85f4fb3b248f3456f9%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2240cfc4c908da569%22%2C%22ext%22%3A%7B%22siteID%22%3A%22651754%22%2C%22tid%22%3A%220f1b6343-16f1-4132-ba1f-803ef0d7272f%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22placement%22%3A3%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B640%2C360%5D%5D%2C%22w%22%3A640%2C%22h%22%3A360%7D%2C%22bidfloor%22%3A1.15%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%22550-HTR%22%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de46f6cd41958b3be7f7e7edff99642634ca277245ce30217d912b20e5e79fd8

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FtPcJ1fHDTjC1jswIjTWNjE37AkVD%2F7RevbdWjdjY%2BQhaUjw6bndWTF4AVe4j7l5F1TOqpqB9TdlLsTf9SQchIxqxTD5LcCUKzmoabRvRHtScfuQ5xEitWj0HqAlGPgizW7fQ0QT"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://holdtoreset.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77cb9b4f9f248fef-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9dfeef1565775dec56fb94b3ed7eedee04076a7c642160d23867c070498819ab
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:43 GMT
AN-X-Request-Uuid
d294ffd7-19ac-4985-b931-eac81bc86d32
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://holdtoreset.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
95.211.95.247; 95.211.95.247; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Dec 2022 21:52:43 GMT
usync.js
eus.rubiconproject.com/ Frame E1C5 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9d34431790fcddd9edf82c97a3c06863de64f7ad5b6752968a5e88a5526cda13

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 21:52:43 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Dec 2022 20:26:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81249
Connection
keep-alive
Content-Length
10067
Expires
Wed, 21 Dec 2022 20:26:52 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CDCA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
1174
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 21:33:09 GMT
expires
Wed, 20 Dec 2023 21:33:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 282C 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b82d3ebe1d68923d7607f2fb2f52dba2378e8bb19968035d1d4a09514bbe1219
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-M4d7SIWbujsIZjSSYMkMvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-M4d7SIWbujsIZjSSYMkMvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 21:52:43 GMT
expires
Tue, 20 Dec 2022 21:52:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
c5d26e53d9d3243a25799e2b768bfe1d-3.png
dashboard.insticator.com/vassets/images/hotlink-ok/300x250/ Frame 3506 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.insticator.com/vassets/images/hotlink-ok/300x250/c5d26e53d9d3243a25799e2b768bfe1d-3.png
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=holdtoreset.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.162.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-162-50.compute-1.amazonaws.com
Software
/
Resource Hash
aa40ab4f89a7c52dd9cb78a8b5a293e16d06595c62ed13db9bacc8e45353b61a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=holdtoreset.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
gzip
last-modified
Thu, 15 Dec 2022 16:44:02 GMT
etag
c5d26e53d9d3243a25799e2b768bfe1d
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
content-length
11468
92bfdbc0f786f8bbe5a813fbb590933d-3.png
dashboard.insticator.com/vassets/images/hotlink-ok/728x90/ Frame 8F28 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.insticator.com/vassets/images/hotlink-ok/728x90/92bfdbc0f786f8bbe5a813fbb590933d-3.png
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=728x90&siteURL=holdtoreset.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.162.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-162-50.compute-1.amazonaws.com
Software
/
Resource Hash
744ff524d1ce233b0d7f09c86d6ef081fd162cd6187c8cc9df59af32f26d6081

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dashboard.insticator.com/embeds/backfillad?dimension=728x90&siteURL=holdtoreset.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
gzip
last-modified
Thu, 15 Dec 2022 16:44:02 GMT
etag
92bfdbc0f786f8bbe5a813fbb590933d
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
content-length
11818
4920d8201547a5353954c565acf67a80-1.png
dashboard.insticator.com/vassets/images/hotlink-ok/300x250/ Frame 9963 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.insticator.com/vassets/images/hotlink-ok/300x250/4920d8201547a5353954c565acf67a80-1.png
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=holdtoreset.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.162.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-162-50.compute-1.amazonaws.com
Software
/
Resource Hash
a99ec5984ec0d266d89c0325a074ebe5c5a141dc5be84e85f22a853dd9c1f32a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=holdtoreset.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
gzip
last-modified
Thu, 15 Dec 2022 16:44:02 GMT
etag
4920d8201547a5353954c565acf67a80
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
content-length
17054
f490d011d62aba330a95ed452d7e0c53-3.png
dashboard.insticator.com/vassets/images/hotlink-ok/300x600/ Frame C77F 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.insticator.com/vassets/images/hotlink-ok/300x600/f490d011d62aba330a95ed452d7e0c53-3.png
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x600&siteURL=holdtoreset.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.162.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-162-50.compute-1.amazonaws.com
Software
/
Resource Hash
fc78be1f61e788ae25af79b0b83548acf1082cfb07edae63850fd685884093db

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dashboard.insticator.com/embeds/backfillad?dimension=300x600&siteURL=holdtoreset.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
gzip
last-modified
Thu, 15 Dec 2022 16:44:02 GMT
etag
f490d011d62aba330a95ed452d7e0c53
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
content-length
60294
admin-ajax.php
holdtoreset.com/wp-admin/ 		0
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-admin/admin-ajax.php
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-includes/js/jquery/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.13
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://holdtoreset.com/nba-2k23-locker-codes/
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.2.13
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://holdtoreset.com, https://cdn.holdtoreset.com https://holdtoreset.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gUyH6UY9krfVIA2FdQGUYBND7pZ3qZjqzmeD90WGYQ1FhA%2BxxW68Xq13ThHbYvVk9HnY6JRRnTv5J2lQebI2wi08fSKZUt9oS9XyHWGHpQp%2F8QXhA4EzWYL43Jfrfvx8j0F3f%2FLfEZ%2FvkSh16k%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
cf-ray
77cb9b508f369b71-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
admin-ajax.php
holdtoreset.com/wp-admin/ 		0
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://holdtoreset.com/wp-admin/admin-ajax.php
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-includes/js/jquery/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.13
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://holdtoreset.com/nba-2k23-locker-codes/
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.2.13
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://holdtoreset.com, https://cdn.holdtoreset.com https://holdtoreset.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohQi%2BSqYU2kLUkUph3xXDX4Dbh%2BhQaDoZ8dljdW8id6b%2BsryXfeiRl9jDBeV3nnwc3MpUv%2BU8d1PZ4zoFMmA4VBnxgHqXhNI5kUfbFYwqZg0KNlVXxY5699tOpK38jUuifIlDoAiAi1Kpv31ZBI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
cf-ray
77cb9b508f3f9b71-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
analytics.js
www.google-analytics.com/ Frame 3506 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=holdtoreset.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dashboard.insticator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 20 Dec 2022 21:24:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1686
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 20 Dec 2022 23:24:37 GMT
analytics.js
www.google-analytics.com/ Frame 8F28 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=728x90&siteURL=holdtoreset.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dashboard.insticator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 20 Dec 2022 21:24:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1686
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 20 Dec 2022 23:24:37 GMT
analytics.js
www.google-analytics.com/ Frame 9963 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=holdtoreset.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dashboard.insticator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 20 Dec 2022 21:24:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1686
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 20 Dec 2022 23:24:37 GMT
analytics.js
www.google-analytics.com/ Frame C77F 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x600&siteURL=holdtoreset.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dashboard.insticator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 20 Dec 2022 21:24:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1686
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 20 Dec 2022 23:24:37 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame E1C5
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IXoixJ-qRkyYCyBlS_o7Hg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IXoixJ-qRkyYCyBlS_o7Hg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IXoixJ-qRkyYCyBlS_o7Hg
Protocol
HTTP/1.1
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:44 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AC1C8RJBTQFQQS3X218D
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IXoixJ-qRkyYCyBlS_o7Hg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame E1C5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/_gJZyehpXncr8_a1DJDXNA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-jbMwy6FE2oIUd19yDJID2mNKNp2wr8DsK.srXA--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-jbMwy6FE2oIUd19yDJID2mNKNp2wr8DsK.srXA--~A
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 20 Dec 2022 21:52:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-jbMwy6FE2oIUd19yDJID2mNKNp2wr8DsK.srXA--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame E1C5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Nzk3ZjIwZTgzYWYwM2ViNzQzN2JhMzY3M2VkMmJhYzM5OGZmYjYyNQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Nzk3ZjIwZTgzYWYwM2ViNzQzN2JhMzY3M2VkMmJhYzM5OGZmYjYyNQ
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Nzk3ZjIwZTgzYWYwM2ViNzQzN2JhMzY3M2VkMmJhYzM5OGZmYjYyNQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame E1C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJegg7mVpNzzxpkoF2WkmWs&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJegg7mVpNzzxpkoF2WkmWs&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJegg7mVpNzzxpkoF2WkmWs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame E1C5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBWRI2RY-1K-QTV
0
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBWRI2RY-1K-QTV
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: C3CBAAA36471491DA13F313334363B11 Ref B: AMS04EDGE2511 Ref C: 2022-12-20T21:52:43Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXwSXSlWJsQhqwntylSJQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBWRI2RY-1K-QTV
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame E1C5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJXUkkyUlktMUstUVRW
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJXUkkyUlktMUstUVRW
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJXUkkyUlktMUstUVRW
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame E1C5 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 20 Dec 2022 21:52:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
s.amazon-adsystem.com/ Frame E1C5
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=l56DvLkTRuWXHN8S4GsBew&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=l56DvLkTRuWXHN8S4GsBew
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=l56DvLkTRuWXHN8S4GsBew
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:44 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AEAB9D8JN2636RF20G3T
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=l56DvLkTRuWXHN8S4GsBew
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 06:12:03 GMT
content-encoding
gzip
age
2216440
x-guploader-uploadid
ADPycdsaYuUgcs1WyTu83f1PVMVtp4MG2XDBuJ3b8jqrkpRO0tYw63jZMtFtmSvXoqlHW8qMpXQmjo7dUCMTyGyjoV6bKptKGlnE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 25 Nov 2023 06:12:03 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
AS623DQBY0CG4WQ2
age
2610
etag
W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
77cb9b511902910c-FRA
x-amz-id-2
opH3n6Ss4TlDtfyjukoygT4YC9ks6ezIdzU29iyaBzEnETZcFBMAM6rnMr/Jv2PsgS8/3mqoHZ4=
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-9c1f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 21 Dec 2022 21:52:43 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66a8dfcc4572e000bf5b4351bae2a763b3357a65ed373ff27a7e7b38ec9486ae

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 06:30:00 GMT
content-encoding
gzip
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 18:55:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
55364
x-amz-server-side-encryption
AES256
etag
W/"2c5f4a319c3d99310927955777b5abe3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
-OrzHgMIsQfKJusTh0DFk4j0Ms4iM7UI2BfRlvP_gzLzS4iLY1UxqQ==
container.html
c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 37D8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212121148/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 21:52:43 GMT
expires
Wed, 20 Dec 2023 21:52:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame CDCA 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 20:48:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3828
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 20:48:55 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F&rid=esp&cc=1
85 B
103 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F&rid=esp&cc=1
Protocol
H3
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
aed7e43c5a7b7ebb10d2073d171d00f6eb48fe93ee95e39601c961bfb342738f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-m3XmmY7mzNfib0OQUAMvHzV5CSM"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://holdtoreset.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Tue, 20 Dec 2022 21:52:43 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://holdtoreset.com
location
/esp?url=https%3A%2F%2Fholdtoreset.com%2Fnba-2k23-locker-codes%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sodar
pagead2.googlesyndication.com/pagead/ Frame 282C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120701&jk=3025002463432866&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
map
bcp.crwdcntrl.net/6/ 		60 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.235.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-235-208.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
9907d985f690fe3ee40482938e7ac3b91fa4dea20bf43fac6ed8b676722c7b6f

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:43 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://holdtoreset.com
cache-control
no-cache
x-server
10.45.14.70
access-control-allow-credentials
true
content-length
60
expires
0
increment
id5-sync.com/api/esp/ 		0
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://holdtoreset.com
date
Tue, 20 Dec 2022 21:52:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
syncframe
gum.criteo.com/ Frame FC30 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=holdtoreset.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 21:52:43 GMT
server
Kestrel
server-processing-duration-in-ticks
919040
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
adview
securepubads.g.doubleclick.net/pagead/ Frame 37D8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQWKdqy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIkCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxYqCD1ncK763LmCYxG3MCkB2al072dMCGU3_sQSCnpo8GAt2ESsV-AEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDOACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjY5NzY3OTUxODUxNTg4NhjUxAw&sigh=H6rzC8rVna0&uach_m=[UACH]&cid=CAQSTADq26N9Vsv6UMxLkcIP5yVWVwsxy-fUf52itoxjZOsaYbScQC9JCZKTjwAk3Fb2sn3UqMojfKTcVR81oH347VKq9rOYZPq_ps6BVvQYASAT
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 37D8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kNf2Ee9BrAL6AZ2DYgICAAAAJ1y8J-rGe64Qqi6iY1-eM2jyh1EKL9FHABIAAA&wp=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
292896
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 102B 		212 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA&u=%7C5SmpTJBaS6heQT1VNn4lJXf5wkwPoJkzvmIitlb%2BWHU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTqGB52-m_f3Zk99PJzF_uGqte41jayckPb0Z7K2Lr0N_2OBBOs_5CoLi0jxKcAjXX38qr96O-2zsR9iJbQkAkRc3c6dIrx2-N70VEKnzLnFZrEJC85A7STMhTpSKmjjt3rYmeX24Tpr7NvphedfakfPN2JG4KgkQ-zcX7UKho1QJP2KgCnmUPLkgzcbtzbbiIFC1fgI_9VWIk_U0WWtW1r2AHhKAHI12OTv6flWn8PlCtdComoITpVyNnYQi54lz_SqXr2eAqZEtq-7wsBDKBnwPVpwDdIpdxCtvZYEhFginyqNLwc0jnU8ctRvvEmKqq7vNBg6wsfK6_Ic2KQqqHQdK2Ce5P2j6YDnyN5u3USm0beIwF1i6OizmOIZnkdj1l3IdYZxk15W7GYX9EqmtVwO-dM5uky1lOTeieH16QcWiJWf92u-JBapF5mUqJdsBzebrhSIUPW1yGgXXqUNofW96lfyWZ3JieBxWjDe2xR8EUVQCIS7mKTGreJ-fTnVOD2lMe79FgOSk3nbenrodxQN4W1gwM4w0Esg51Q3W4WaKKyMVHhDM3yA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCny33qy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIwCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxZoChz19yFmzwYed7JnDY_50L1-WW1iEOeDNvm0-MV23HiocsC_6AhIduAEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2IBt0Q472KUo1Dk-FxNyigKlbyXQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9e2f0b1b15300dc964124da7e876a10b6aa4e40c25956c6eed44a637540d26e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 21:52:43 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=aSEI9cLIow_TvZs0Qo_u-1uGdG5DJ_E2OGFC7cqL4IHZZOcgIkcomYh5XSuTseo8trcky1LZ8HatTtg4yXz_XRxFTZ-x-0O9yQSQC6kcX0ek_xMcJcSwlz1Fv7NC2TTMfwpw9D_rzIWam-Wbl8d3z3EYZDDcXoVmxbg6faJ8AyN3EQsgIHlmJD6JI-qZEGHaKyXgZX44ustTksgWVO33f8DSfgabcKJKr8EZmR0g-kvE-jpXIvOv-gQIoJWS_kwzlLKvzw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
102264207
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 37D8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 20:42:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
4200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Jan 2023 20:42:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 37D8 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 10:07:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
42311
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Jan 2023 10:07:32 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 37D8 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 15:15:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
283049
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 17 Dec 2023 15:15:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 37D8 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Dec 2022 21:52:43 GMT
pixel
protected-by.clarium.io/ Frame 37D8 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0LzI4OTYyMTcyNDA6MzAweDI1MA==&v=5&s=v31gkoocjp4&id=eyJkZnAiOnsiYWQiOjQ5NzM3Mzc2LCJjIjpudWxsLCJsIjowLCJvIjoyODk2MjE3MjQwLCJBIjoiLzI1MDcyNDYsMjI0MjYwMDc3OTEvaG9sZHRvcmVzZXQuY29tX1dlYl8zMDB4MjUwXzgiLCJ5IjozMzA0MDQsImNvIjowLCJzIjoiZGl2LWluc3RpY2F0b3ItYWQtMTMifSwidHBfY3JpZCI6bnVsbH0%3D&sb=undefined&cb=5383307&h=holdtoreset.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEx6STRPVFl5TVRjeU5EQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyODk2MjE3MjQwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.48.34.46 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-48-34-46.eu-north-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:43 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sid
mug.criteo.com/ Frame FC30
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=holdtoreset.com&sn=ChromeSyncframe&so=0&topUrl=holdtoreset.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=wNwzG3x1dTlsbDk3aHZGdTRkZzIzdzBhejVQL0JIbFp4MDlwdXhSbW9VZFAzaXlWNjZacmgxbmlBUnliSlV0MUJHdGhLczhPdEkrcVZ5NHJFRUdhQkdoWm5qaDRlbFN2aFFaVGRFOWV2Tis0bUMrSTN2RmVVajNMU3BVZj...
428 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=wNwzG3x1dTlsbDk3aHZGdTRkZzIzdzBhejVQL0JIbFp4MDlwdXhSbW9VZFAzaXlWNjZacmgxbmlBUnliSlV0MUJHdGhLczhPdEkrcVZ5NHJFRUdhQkdoWm5qaDRlbFN2aFFaVGRFOWV2Tis0bUMrSTN2RmVVajNMU3BVZjluTTJ5RWZHZVF3ZllPYXVpSUlOUWdMblhKdnRTeTMrSlNhTFNlWWdDSFNLeVdUc05aU0pyNmZCT3hTUW1NM0xnYTY5OVIxTkFWU2lITWZlVkpldkZaZU5VSjNKb0tJMmVMVlNlNFFsd3FPd29abkgycVcyTVlVcDVSNUNBbTBIcUJIcFl4QWR0V3hhSmxrOFBSSFRQc0tmUFAxbWNhbTl1dGRWclcvb09Zcko5NlFKRUFkWT18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c13794a8a1420ffe10d498c2b42e4877c5ac67cd06135282b96eab1533e41e44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:43 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1361842
expires
0

Redirect headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:43 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=wNwzG3x1dTlsbDk3aHZGdTRkZzIzdzBhejVQL0JIbFp4MDlwdXhSbW9VZFAzaXlWNjZacmgxbmlBUnliSlV0MUJHdGhLczhPdEkrcVZ5NHJFRUdhQkdoWm5qaDRlbFN2aFFaVGRFOWV2Tis0bUMrSTN2RmVVajNMU3BVZjluTTJ5RWZHZVF3ZllPYXVpSUlOUWdMblhKdnRTeTMrSlNhTFNlWWdDSFNLeVdUc05aU0pyNmZCT3hTUW1NM0xnYTY5OVIxTkFWU2lITWZlVkpldkZaZU5VSjNKb0tJMmVMVlNlNFFsd3FPd29abkgycVcyTVlVcDVSNUNBbTBIcUJIcFl4QWR0V3hhSmxrOFBSSFRQc0tmUFAxbWNhbTl1dGRWclcvb09Zcko5NlFKRUFkWT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
333502
content-length
0
expires
0
truncated
/ Frame 37D8 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9263ddb5fb9a4ee8db38e276e12f6ffc10d22c512294acc467b6cae8ab68e0f9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
bridge-31050.js
video-ads.rubiconproject.com/video/ Frame 37F5 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/bridge-31050.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.84.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-84-65.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
c002b1b4f4aacc0c7e2bf806a9efa9263fb5f34826500f0ffb0417238cc7cceb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 21:52:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Nov 2022 16:05:35 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
ETag
"10253-5ed1ff17fb1c0-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
20231
generate_204
tpc.googlesyndication.com/ Frame CDCA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?8hmzlg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 102B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA&u=%7C5SmpTJBaS6heQT1VNn4lJXf5wkwPoJkzvmIitlb%2BWHU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTqGB52-m_f3Zk99PJzF_uGqte41jayckPb0Z7K2Lr0N_2OBBOs_5CoLi0jxKcAjXX38qr96O-2zsR9iJbQkAkRc3c6dIrx2-N70VEKnzLnFZrEJC85A7STMhTpSKmjjt3rYmeX24Tpr7NvphedfakfPN2JG4KgkQ-zcX7UKho1QJP2KgCnmUPLkgzcbtzbbiIFC1fgI_9VWIk_U0WWtW1r2AHhKAHI12OTv6flWn8PlCtdComoITpVyNnYQi54lz_SqXr2eAqZEtq-7wsBDKBnwPVpwDdIpdxCtvZYEhFginyqNLwc0jnU8ctRvvEmKqq7vNBg6wsfK6_Ic2KQqqHQdK2Ce5P2j6YDnyN5u3USm0beIwF1i6OizmOIZnkdj1l3IdYZxk15W7GYX9EqmtVwO-dM5uky1lOTeieH16QcWiJWf92u-JBapF5mUqJdsBzebrhSIUPW1yGgXXqUNofW96lfyWZ3JieBxWjDe2xR8EUVQCIS7mKTGreJ-fTnVOD2lMe79FgOSk3nbenrodxQN4W1gwM4w0Esg51Q3W4WaKKyMVHhDM3yA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCny33qy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIwCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxZoChz19yFmzwYed7JnDY_50L1-WW1iEOeDNvm0-MV23HiocsC_6AhIduAEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2IBt0Q472KUo1Dk-FxNyigKlbyXQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Dec 2023 21:52:44 GMT
adchoices_nl.svg
static.criteo.net/flash/icon/ Frame 102B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_nl.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA&u=%7C5SmpTJBaS6heQT1VNn4lJXf5wkwPoJkzvmIitlb%2BWHU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTqGB52-m_f3Zk99PJzF_uGqte41jayckPb0Z7K2Lr0N_2OBBOs_5CoLi0jxKcAjXX38qr96O-2zsR9iJbQkAkRc3c6dIrx2-N70VEKnzLnFZrEJC85A7STMhTpSKmjjt3rYmeX24Tpr7NvphedfakfPN2JG4KgkQ-zcX7UKho1QJP2KgCnmUPLkgzcbtzbbiIFC1fgI_9VWIk_U0WWtW1r2AHhKAHI12OTv6flWn8PlCtdComoITpVyNnYQi54lz_SqXr2eAqZEtq-7wsBDKBnwPVpwDdIpdxCtvZYEhFginyqNLwc0jnU8ctRvvEmKqq7vNBg6wsfK6_Ic2KQqqHQdK2Ce5P2j6YDnyN5u3USm0beIwF1i6OizmOIZnkdj1l3IdYZxk15W7GYX9EqmtVwO-dM5uky1lOTeieH16QcWiJWf92u-JBapF5mUqJdsBzebrhSIUPW1yGgXXqUNofW96lfyWZ3JieBxWjDe2xR8EUVQCIS7mKTGreJ-fTnVOD2lMe79FgOSk3nbenrodxQN4W1gwM4w0Esg51Q3W4WaKKyMVHhDM3yA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCny33qy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIwCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxZoChz19yFmzwYed7JnDY_50L1-WW1iEOeDNvm0-MV23HiocsC_6AhIduAEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2IBt0Q472KUo1Dk-FxNyigKlbyXQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-754"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Dec 2023 21:52:44 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 102B 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA&u=%7C5SmpTJBaS6heQT1VNn4lJXf5wkwPoJkzvmIitlb%2BWHU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTqGB52-m_f3Zk99PJzF_uGqte41jayckPb0Z7K2Lr0N_2OBBOs_5CoLi0jxKcAjXX38qr96O-2zsR9iJbQkAkRc3c6dIrx2-N70VEKnzLnFZrEJC85A7STMhTpSKmjjt3rYmeX24Tpr7NvphedfakfPN2JG4KgkQ-zcX7UKho1QJP2KgCnmUPLkgzcbtzbbiIFC1fgI_9VWIk_U0WWtW1r2AHhKAHI12OTv6flWn8PlCtdComoITpVyNnYQi54lz_SqXr2eAqZEtq-7wsBDKBnwPVpwDdIpdxCtvZYEhFginyqNLwc0jnU8ctRvvEmKqq7vNBg6wsfK6_Ic2KQqqHQdK2Ce5P2j6YDnyN5u3USm0beIwF1i6OizmOIZnkdj1l3IdYZxk15W7GYX9EqmtVwO-dM5uky1lOTeieH16QcWiJWf92u-JBapF5mUqJdsBzebrhSIUPW1yGgXXqUNofW96lfyWZ3JieBxWjDe2xR8EUVQCIS7mKTGreJ-fTnVOD2lMe79FgOSk3nbenrodxQN4W1gwM4w0Esg51Q3W4WaKKyMVHhDM3yA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCny33qy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIwCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxZoChz19yFmzwYed7JnDY_50L1-WW1iEOeDNvm0-MV23HiocsC_6AhIduAEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2IBt0Q472KUo1Dk-FxNyigKlbyXQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 15 Dec 2023 21:52:44 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 102B 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA&u=%7C5SmpTJBaS6heQT1VNn4lJXf5wkwPoJkzvmIitlb%2BWHU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTqGB52-m_f3Zk99PJzF_uGqte41jayckPb0Z7K2Lr0N_2OBBOs_5CoLi0jxKcAjXX38qr96O-2zsR9iJbQkAkRc3c6dIrx2-N70VEKnzLnFZrEJC85A7STMhTpSKmjjt3rYmeX24Tpr7NvphedfakfPN2JG4KgkQ-zcX7UKho1QJP2KgCnmUPLkgzcbtzbbiIFC1fgI_9VWIk_U0WWtW1r2AHhKAHI12OTv6flWn8PlCtdComoITpVyNnYQi54lz_SqXr2eAqZEtq-7wsBDKBnwPVpwDdIpdxCtvZYEhFginyqNLwc0jnU8ctRvvEmKqq7vNBg6wsfK6_Ic2KQqqHQdK2Ce5P2j6YDnyN5u3USm0beIwF1i6OizmOIZnkdj1l3IdYZxk15W7GYX9EqmtVwO-dM5uky1lOTeieH16QcWiJWf92u-JBapF5mUqJdsBzebrhSIUPW1yGgXXqUNofW96lfyWZ3JieBxWjDe2xR8EUVQCIS7mKTGreJ-fTnVOD2lMe79FgOSk3nbenrodxQN4W1gwM4w0Esg51Q3W4WaKKyMVHhDM3yA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCny33qy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIwCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxZoChz19yFmzwYed7JnDY_50L1-WW1iEOeDNvm0-MV23HiocsC_6AhIduAEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2IBt0Q472KUo1Dk-FxNyigKlbyXQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 15 Dec 2023 21:52:44 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 102B 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=xg2jDeoz7-c6r-c3wbZBddw9Zbu9Soj9rAxRTPshWtz_890eGnkF7UgI0s_NcEe3FBzkCZ_-8knbxNaPSOyNqDP7nqZkf8P81ifjNPF9kjxFMldGX33T-hyLx9nPrYBafbFqaDjHrWIINt2xstR-QyElA2I8ikYOdzG07R_8P7lCudTZzTcupdJYiXdkACp2_Z769gDAHger9sGlbATLZXgWK_OqQi2EYCC-Sv6JbqK5N88PNLqH5srTBFhq1cZlNJih4dvmsvVOF4_W3XHhSQT25GKZ6unakbAEP-dBltI8cfIYdO6M4sTsRGtLfnUj-OnqpW31uwJqTQ5FRU8PpdBf_uzOC8mrY1haozkZekl815KzlWoD4qgSPON3a0yaPBsqXFXfWXSBXYmyqdCiCXuJSfdekW7YFfay15CKsFoIauE0ce1XeIupj7kAFDycuHZTsQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA&u=%7C5SmpTJBaS6heQT1VNn4lJXf5wkwPoJkzvmIitlb%2BWHU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTqGB52-m_f3Zk99PJzF_uGqte41jayckPb0Z7K2Lr0N_2OBBOs_5CoLi0jxKcAjXX38qr96O-2zsR9iJbQkAkRc3c6dIrx2-N70VEKnzLnFZrEJC85A7STMhTpSKmjjt3rYmeX24Tpr7NvphedfakfPN2JG4KgkQ-zcX7UKho1QJP2KgCnmUPLkgzcbtzbbiIFC1fgI_9VWIk_U0WWtW1r2AHhKAHI12OTv6flWn8PlCtdComoITpVyNnYQi54lz_SqXr2eAqZEtq-7wsBDKBnwPVpwDdIpdxCtvZYEhFginyqNLwc0jnU8ctRvvEmKqq7vNBg6wsfK6_Ic2KQqqHQdK2Ce5P2j6YDnyN5u3USm0beIwF1i6OizmOIZnkdj1l3IdYZxk15W7GYX9EqmtVwO-dM5uky1lOTeieH16QcWiJWf92u-JBapF5mUqJdsBzebrhSIUPW1yGgXXqUNofW96lfyWZ3JieBxWjDe2xR8EUVQCIS7mKTGreJ-fTnVOD2lMe79FgOSk3nbenrodxQN4W1gwM4w0Esg51Q3W4WaKKyMVHhDM3yA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCny33qy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIwCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxZoChz19yFmzwYed7JnDY_50L1-WW1iEOeDNvm0-MV23HiocsC_6AhIduAEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2IBt0Q472KUo1Dk-FxNyigKlbyXQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:43 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4702256
expires
Mon, 26 Jul 1997 05:00:00 GMT
container.html
c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FAB5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 21:52:43 GMT
expires
Wed, 20 Dec 2023 21:52:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 062F 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 20 Dec 2022 21:52:44 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 102B 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA&u=%7C5SmpTJBaS6heQT1VNn4lJXf5wkwPoJkzvmIitlb%2BWHU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTqGB52-m_f3Zk99PJzF_uGqte41jayckPb0Z7K2Lr0N_2OBBOs_5CoLi0jxKcAjXX38qr96O-2zsR9iJbQkAkRc3c6dIrx2-N70VEKnzLnFZrEJC85A7STMhTpSKmjjt3rYmeX24Tpr7NvphedfakfPN2JG4KgkQ-zcX7UKho1QJP2KgCnmUPLkgzcbtzbbiIFC1fgI_9VWIk_U0WWtW1r2AHhKAHI12OTv6flWn8PlCtdComoITpVyNnYQi54lz_SqXr2eAqZEtq-7wsBDKBnwPVpwDdIpdxCtvZYEhFginyqNLwc0jnU8ctRvvEmKqq7vNBg6wsfK6_Ic2KQqqHQdK2Ce5P2j6YDnyN5u3USm0beIwF1i6OizmOIZnkdj1l3IdYZxk15W7GYX9EqmtVwO-dM5uky1lOTeieH16QcWiJWf92u-JBapF5mUqJdsBzebrhSIUPW1yGgXXqUNofW96lfyWZ3JieBxWjDe2xR8EUVQCIS7mKTGreJ-fTnVOD2lMe79FgOSk3nbenrodxQN4W1gwM4w0Esg51Q3W4WaKKyMVHhDM3yA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCny33qy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIwCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxZoChz19yFmzwYed7JnDY_50L1-WW1iEOeDNvm0-MV23HiocsC_6AhIduAEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2IBt0Q472KUo1Dk-FxNyigKlbyXQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
441217
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZW9bpKg7zzanSidIR3n6w8DDggA3mVA7%2FvZT5bH7szx%2F251HTlJfr6LF93AfVqY4i6rKNT7fZ%2Fb0xWeYXld67EgWX%2FfgiyIsbcHSFxNpXR1NCWFINkYnb5CTqswpALcbvCqW9T5aKN56%2F3Vo88nhvX4P"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77cb9b53dc855b8c-FRA
expires
Sun, 10 Dec 2023 21:52:44 GMT
animejs.js
static.criteo.net/animejs/ Frame 102B 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA&u=%7C5SmpTJBaS6heQT1VNn4lJXf5wkwPoJkzvmIitlb%2BWHU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTqGB52-m_f3Zk99PJzF_uGqte41jayckPb0Z7K2Lr0N_2OBBOs_5CoLi0jxKcAjXX38qr96O-2zsR9iJbQkAkRc3c6dIrx2-N70VEKnzLnFZrEJC85A7STMhTpSKmjjt3rYmeX24Tpr7NvphedfakfPN2JG4KgkQ-zcX7UKho1QJP2KgCnmUPLkgzcbtzbbiIFC1fgI_9VWIk_U0WWtW1r2AHhKAHI12OTv6flWn8PlCtdComoITpVyNnYQi54lz_SqXr2eAqZEtq-7wsBDKBnwPVpwDdIpdxCtvZYEhFginyqNLwc0jnU8ctRvvEmKqq7vNBg6wsfK6_Ic2KQqqHQdK2Ce5P2j6YDnyN5u3USm0beIwF1i6OizmOIZnkdj1l3IdYZxk15W7GYX9EqmtVwO-dM5uky1lOTeieH16QcWiJWf92u-JBapF5mUqJdsBzebrhSIUPW1yGgXXqUNofW96lfyWZ3JieBxWjDe2xR8EUVQCIS7mKTGreJ-fTnVOD2lMe79FgOSk3nbenrodxQN4W1gwM4w0Esg51Q3W4WaKKyMVHhDM3yA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCny33qy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIwCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxZoChz19yFmzwYed7JnDY_50L1-WW1iEOeDNvm0-MV23HiocsC_6AhIduAEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2IBt0Q472KUo1Dk-FxNyigKlbyXQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Dec 2023 21:52:44 GMT
abac96499b784162a1732d4787adb801_hermes-maia-t4-tab-bold.woff
static.criteo.net/design/dt/ Frame 102B 		56 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/abac96499b784162a1732d4787adb801_hermes-maia-t4-tab-bold.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA&u=%7C5SmpTJBaS6heQT1VNn4lJXf5wkwPoJkzvmIitlb%2BWHU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTqGB52-m_f3Zk99PJzF_uGqte41jayckPb0Z7K2Lr0N_2OBBOs_5CoLi0jxKcAjXX38qr96O-2zsR9iJbQkAkRc3c6dIrx2-N70VEKnzLnFZrEJC85A7STMhTpSKmjjt3rYmeX24Tpr7NvphedfakfPN2JG4KgkQ-zcX7UKho1QJP2KgCnmUPLkgzcbtzbbiIFC1fgI_9VWIk_U0WWtW1r2AHhKAHI12OTv6flWn8PlCtdComoITpVyNnYQi54lz_SqXr2eAqZEtq-7wsBDKBnwPVpwDdIpdxCtvZYEhFginyqNLwc0jnU8ctRvvEmKqq7vNBg6wsfK6_Ic2KQqqHQdK2Ce5P2j6YDnyN5u3USm0beIwF1i6OizmOIZnkdj1l3IdYZxk15W7GYX9EqmtVwO-dM5uky1lOTeieH16QcWiJWf92u-JBapF5mUqJdsBzebrhSIUPW1yGgXXqUNofW96lfyWZ3JieBxWjDe2xR8EUVQCIS7mKTGreJ-fTnVOD2lMe79FgOSk3nbenrodxQN4W1gwM4w0Esg51Q3W4WaKKyMVHhDM3yA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCny33qy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIwCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxZoChz19yFmzwYed7JnDY_50L1-WW1iEOeDNvm0-MV23HiocsC_6AhIduAEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2IBt0Q472KUo1Dk-FxNyigKlbyXQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
792a550de403d732be95775e8722929ff8ed97f4d3fe4cf93223ecd878b89573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 28 Feb 2020 11:37:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e58fb7c-e13c"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Dec 2023 21:52:44 GMT
d2bb1a269635402fa3d31e432bca0874_hermes-maia-t4-bold.woff
static.criteo.net/design/dt/ Frame 102B 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/d2bb1a269635402fa3d31e432bca0874_hermes-maia-t4-bold.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA&u=%7C5SmpTJBaS6heQT1VNn4lJXf5wkwPoJkzvmIitlb%2BWHU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTqGB52-m_f3Zk99PJzF_uGqte41jayckPb0Z7K2Lr0N_2OBBOs_5CoLi0jxKcAjXX38qr96O-2zsR9iJbQkAkRc3c6dIrx2-N70VEKnzLnFZrEJC85A7STMhTpSKmjjt3rYmeX24Tpr7NvphedfakfPN2JG4KgkQ-zcX7UKho1QJP2KgCnmUPLkgzcbtzbbiIFC1fgI_9VWIk_U0WWtW1r2AHhKAHI12OTv6flWn8PlCtdComoITpVyNnYQi54lz_SqXr2eAqZEtq-7wsBDKBnwPVpwDdIpdxCtvZYEhFginyqNLwc0jnU8ctRvvEmKqq7vNBg6wsfK6_Ic2KQqqHQdK2Ce5P2j6YDnyN5u3USm0beIwF1i6OizmOIZnkdj1l3IdYZxk15W7GYX9EqmtVwO-dM5uky1lOTeieH16QcWiJWf92u-JBapF5mUqJdsBzebrhSIUPW1yGgXXqUNofW96lfyWZ3JieBxWjDe2xR8EUVQCIS7mKTGreJ-fTnVOD2lMe79FgOSk3nbenrodxQN4W1gwM4w0Esg51Q3W4WaKKyMVHhDM3yA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCny33qy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIwCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxZoChz19yFmzwYed7JnDY_50L1-WW1iEOeDNvm0-MV23HiocsC_6AhIduAEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2IBt0Q472KUo1Dk-FxNyigKlbyXQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
43d568ecd3b26f05a839c869119066d3f671cbc707d002e4816bcc0d0803bfae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 28 Feb 2020 11:37:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e58fb7c-97b0"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Dec 2023 21:52:44 GMT
44367467495e4504a4eb099502323fd4_cpn_300x250_1.png
static.criteo.net/design/dt/5887/221212/ Frame 102B 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/5887/221212/44367467495e4504a4eb099502323fd4_cpn_300x250_1.png
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA&u=%7C5SmpTJBaS6heQT1VNn4lJXf5wkwPoJkzvmIitlb%2BWHU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTqGB52-m_f3Zk99PJzF_uGqte41jayckPb0Z7K2Lr0N_2OBBOs_5CoLi0jxKcAjXX38qr96O-2zsR9iJbQkAkRc3c6dIrx2-N70VEKnzLnFZrEJC85A7STMhTpSKmjjt3rYmeX24Tpr7NvphedfakfPN2JG4KgkQ-zcX7UKho1QJP2KgCnmUPLkgzcbtzbbiIFC1fgI_9VWIk_U0WWtW1r2AHhKAHI12OTv6flWn8PlCtdComoITpVyNnYQi54lz_SqXr2eAqZEtq-7wsBDKBnwPVpwDdIpdxCtvZYEhFginyqNLwc0jnU8ctRvvEmKqq7vNBg6wsfK6_Ic2KQqqHQdK2Ce5P2j6YDnyN5u3USm0beIwF1i6OizmOIZnkdj1l3IdYZxk15W7GYX9EqmtVwO-dM5uky1lOTeieH16QcWiJWf92u-JBapF5mUqJdsBzebrhSIUPW1yGgXXqUNofW96lfyWZ3JieBxWjDe2xR8EUVQCIS7mKTGreJ-fTnVOD2lMe79FgOSk3nbenrodxQN4W1gwM4w0Esg51Q3W4WaKKyMVHhDM3yA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCny33qy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIwCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxZoChz19yFmzwYed7JnDY_50L1-WW1iEOeDNvm0-MV23HiocsC_6AhIduAEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2IBt0Q472KUo1Dk-FxNyigKlbyXQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
853530465a7d0b9dcec4a5279d08ec06c6bc795818508dba18b26656d483ed5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 12 Dec 2022 20:43:52 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"63979288-2b91"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
11153
expires
Fri, 15 Dec 2023 21:52:44 GMT
img
pix.eu.criteo.net/img/ Frame 102B 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=76&m=0&partner=5887&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5887%2F200529%2F05d132c9508b4d72b38f4693371fd40d_prusvuasset_1.png&v=3&w=596&s=TNYa0G7ahmlEFxvKgHZvynO9
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA&u=%7C5SmpTJBaS6heQT1VNn4lJXf5wkwPoJkzvmIitlb%2BWHU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTqGB52-m_f3Zk99PJzF_uGqte41jayckPb0Z7K2Lr0N_2OBBOs_5CoLi0jxKcAjXX38qr96O-2zsR9iJbQkAkRc3c6dIrx2-N70VEKnzLnFZrEJC85A7STMhTpSKmjjt3rYmeX24Tpr7NvphedfakfPN2JG4KgkQ-zcX7UKho1QJP2KgCnmUPLkgzcbtzbbiIFC1fgI_9VWIk_U0WWtW1r2AHhKAHI12OTv6flWn8PlCtdComoITpVyNnYQi54lz_SqXr2eAqZEtq-7wsBDKBnwPVpwDdIpdxCtvZYEhFginyqNLwc0jnU8ctRvvEmKqq7vNBg6wsfK6_Ic2KQqqHQdK2Ce5P2j6YDnyN5u3USm0beIwF1i6OizmOIZnkdj1l3IdYZxk15W7GYX9EqmtVwO-dM5uky1lOTeieH16QcWiJWf92u-JBapF5mUqJdsBzebrhSIUPW1yGgXXqUNofW96lfyWZ3JieBxWjDe2xR8EUVQCIS7mKTGreJ-fTnVOD2lMe79FgOSk3nbenrodxQN4W1gwM4w0Esg51Q3W4WaKKyMVHhDM3yA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCny33qy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIwCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxZoChz19yFmzwYed7JnDY_50L1-WW1iEOeDNvm0-MV23HiocsC_6AhIduAEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2IBt0Q472KUo1Dk-FxNyigKlbyXQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
35666281a375809a335a03ef8f1140ad824118d2627dd335773a426a3acf4578
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31042073
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10364
expires
Fri, 15 Dec 2023 04:40:38 GMT
img
pix.eu.criteo.net/img/ Frame 102B 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5887&q=80&r=2&u=https%3A%2F%2Fobjectstore.true.nl%2Fprijsvrij%3Aaccommodations%2F626x416%2FQDMDF4YVYTECXFZ6BN0PKYRD3QZY9NIVLMMDNMUU.jpg&v=3&w=400&s=rbDQ_24DdBax0haAICvPwIz7&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA&u=%7C5SmpTJBaS6heQT1VNn4lJXf5wkwPoJkzvmIitlb%2BWHU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTqGB52-m_f3Zk99PJzF_uGqte41jayckPb0Z7K2Lr0N_2OBBOs_5CoLi0jxKcAjXX38qr96O-2zsR9iJbQkAkRc3c6dIrx2-N70VEKnzLnFZrEJC85A7STMhTpSKmjjt3rYmeX24Tpr7NvphedfakfPN2JG4KgkQ-zcX7UKho1QJP2KgCnmUPLkgzcbtzbbiIFC1fgI_9VWIk_U0WWtW1r2AHhKAHI12OTv6flWn8PlCtdComoITpVyNnYQi54lz_SqXr2eAqZEtq-7wsBDKBnwPVpwDdIpdxCtvZYEhFginyqNLwc0jnU8ctRvvEmKqq7vNBg6wsfK6_Ic2KQqqHQdK2Ce5P2j6YDnyN5u3USm0beIwF1i6OizmOIZnkdj1l3IdYZxk15W7GYX9EqmtVwO-dM5uky1lOTeieH16QcWiJWf92u-JBapF5mUqJdsBzebrhSIUPW1yGgXXqUNofW96lfyWZ3JieBxWjDe2xR8EUVQCIS7mKTGreJ-fTnVOD2lMe79FgOSk3nbenrodxQN4W1gwM4w0Esg51Q3W4WaKKyMVHhDM3yA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCny33qy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIwCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxZoChz19yFmzwYed7JnDY_50L1-WW1iEOeDNvm0-MV23HiocsC_6AhIduAEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2IBt0Q472KUo1Dk-FxNyigKlbyXQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
62eb625b521f2666ad304adb404172b036433db191105cdd2a32a7739c865066
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
70412
expires
Fri, 15 Dec 2023 21:52:44 GMT
42a1d623174543c0b211bb2115f9027d_sw3_all_large_out.png
static.criteo.net/design/dt/5887/200529/ Frame 102B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/5887/200529/42a1d623174543c0b211bb2115f9027d_sw3_all_large_out.png
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA&u=%7C5SmpTJBaS6heQT1VNn4lJXf5wkwPoJkzvmIitlb%2BWHU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTqGB52-m_f3Zk99PJzF_uGqte41jayckPb0Z7K2Lr0N_2OBBOs_5CoLi0jxKcAjXX38qr96O-2zsR9iJbQkAkRc3c6dIrx2-N70VEKnzLnFZrEJC85A7STMhTpSKmjjt3rYmeX24Tpr7NvphedfakfPN2JG4KgkQ-zcX7UKho1QJP2KgCnmUPLkgzcbtzbbiIFC1fgI_9VWIk_U0WWtW1r2AHhKAHI12OTv6flWn8PlCtdComoITpVyNnYQi54lz_SqXr2eAqZEtq-7wsBDKBnwPVpwDdIpdxCtvZYEhFginyqNLwc0jnU8ctRvvEmKqq7vNBg6wsfK6_Ic2KQqqHQdK2Ce5P2j6YDnyN5u3USm0beIwF1i6OizmOIZnkdj1l3IdYZxk15W7GYX9EqmtVwO-dM5uky1lOTeieH16QcWiJWf92u-JBapF5mUqJdsBzebrhSIUPW1yGgXXqUNofW96lfyWZ3JieBxWjDe2xR8EUVQCIS7mKTGreJ-fTnVOD2lMe79FgOSk3nbenrodxQN4W1gwM4w0Esg51Q3W4WaKKyMVHhDM3yA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCny33qy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIwCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxZoChz19yFmzwYed7JnDY_50L1-WW1iEOeDNvm0-MV23HiocsC_6AhIduAEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2IBt0Q472KUo1Dk-FxNyigKlbyXQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b6ec333744296a0e9dd84eb3a3380c415317cb226cfe017126c925d0d2a489f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 29 May 2020 13:12:10 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5ed10a2a-a43"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
2627
expires
Fri, 15 Dec 2023 21:52:44 GMT
img
pix.eu.criteo.net/img/ Frame 102B 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5887&q=80&r=2&u=https%3A%2F%2Fobjectstore.true.nl%2Fprijsvrij%3Aaccommodations%2F626x416%2F9LY9HEKFSJ3OM10TMYVXFUFVWI0X09RH9ZEJSNZY.jpg&v=3&w=400&s=u9GaVHRQGppR_T7bA9Bn1moY&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA&u=%7C5SmpTJBaS6heQT1VNn4lJXf5wkwPoJkzvmIitlb%2BWHU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTqGB52-m_f3Zk99PJzF_uGqte41jayckPb0Z7K2Lr0N_2OBBOs_5CoLi0jxKcAjXX38qr96O-2zsR9iJbQkAkRc3c6dIrx2-N70VEKnzLnFZrEJC85A7STMhTpSKmjjt3rYmeX24Tpr7NvphedfakfPN2JG4KgkQ-zcX7UKho1QJP2KgCnmUPLkgzcbtzbbiIFC1fgI_9VWIk_U0WWtW1r2AHhKAHI12OTv6flWn8PlCtdComoITpVyNnYQi54lz_SqXr2eAqZEtq-7wsBDKBnwPVpwDdIpdxCtvZYEhFginyqNLwc0jnU8ctRvvEmKqq7vNBg6wsfK6_Ic2KQqqHQdK2Ce5P2j6YDnyN5u3USm0beIwF1i6OizmOIZnkdj1l3IdYZxk15W7GYX9EqmtVwO-dM5uky1lOTeieH16QcWiJWf92u-JBapF5mUqJdsBzebrhSIUPW1yGgXXqUNofW96lfyWZ3JieBxWjDe2xR8EUVQCIS7mKTGreJ-fTnVOD2lMe79FgOSk3nbenrodxQN4W1gwM4w0Esg51Q3W4WaKKyMVHhDM3yA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCny33qy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIwCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxZoChz19yFmzwYed7JnDY_50L1-WW1iEOeDNvm0-MV23HiocsC_6AhIduAEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2IBt0Q472KUo1Dk-FxNyigKlbyXQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
570c41b7b8aa2afa3417b4882f2a6cbd5594a73a56462c973f03e578f097608d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28042
expires
Fri, 15 Dec 2023 21:52:44 GMT
img
pix.eu.criteo.net/img/ Frame 102B 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5887&q=80&r=2&u=https%3A%2F%2Fobjectstore.true.nl%2Fprijsvrij%3Aaccommodations%2F626x416%2F0A4HGWLGKSZKL8037S7J1EN960LMSHTYHTV1RAH7.jpg&v=3&w=400&s=KSFUuVQr7TGN-5sK5a1YubTf&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA&u=%7C5SmpTJBaS6heQT1VNn4lJXf5wkwPoJkzvmIitlb%2BWHU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTqGB52-m_f3Zk99PJzF_uGqte41jayckPb0Z7K2Lr0N_2OBBOs_5CoLi0jxKcAjXX38qr96O-2zsR9iJbQkAkRc3c6dIrx2-N70VEKnzLnFZrEJC85A7STMhTpSKmjjt3rYmeX24Tpr7NvphedfakfPN2JG4KgkQ-zcX7UKho1QJP2KgCnmUPLkgzcbtzbbiIFC1fgI_9VWIk_U0WWtW1r2AHhKAHI12OTv6flWn8PlCtdComoITpVyNnYQi54lz_SqXr2eAqZEtq-7wsBDKBnwPVpwDdIpdxCtvZYEhFginyqNLwc0jnU8ctRvvEmKqq7vNBg6wsfK6_Ic2KQqqHQdK2Ce5P2j6YDnyN5u3USm0beIwF1i6OizmOIZnkdj1l3IdYZxk15W7GYX9EqmtVwO-dM5uky1lOTeieH16QcWiJWf92u-JBapF5mUqJdsBzebrhSIUPW1yGgXXqUNofW96lfyWZ3JieBxWjDe2xR8EUVQCIS7mKTGreJ-fTnVOD2lMe79FgOSk3nbenrodxQN4W1gwM4w0Esg51Q3W4WaKKyMVHhDM3yA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCny33qy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIwCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxZoChz19yFmzwYed7JnDY_50L1-WW1iEOeDNvm0-MV23HiocsC_6AhIduAEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2IBt0Q472KUo1Dk-FxNyigKlbyXQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
a7842c0861159a91866347785d7c69224cb5c512b80352b437f2c6a5e7a77ff0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
70662
expires
Fri, 15 Dec 2023 21:52:44 GMT
img
pix.eu.criteo.net/img/ Frame 102B 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5887&q=80&r=2&u=https%3A%2F%2Fobjectstore.true.nl%2Fprijsvrij%3Aaccommodations%2F626x416%2FA4AD4F6G4XG3QAZFRNT0Y9LYUPZ1N21UNSA4ILV7.jpg&v=3&w=400&s=xPLT8IKjA-54OSaBe6XKyE-0&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA&u=%7C5SmpTJBaS6heQT1VNn4lJXf5wkwPoJkzvmIitlb%2BWHU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTqGB52-m_f3Zk99PJzF_uGqte41jayckPb0Z7K2Lr0N_2OBBOs_5CoLi0jxKcAjXX38qr96O-2zsR9iJbQkAkRc3c6dIrx2-N70VEKnzLnFZrEJC85A7STMhTpSKmjjt3rYmeX24Tpr7NvphedfakfPN2JG4KgkQ-zcX7UKho1QJP2KgCnmUPLkgzcbtzbbiIFC1fgI_9VWIk_U0WWtW1r2AHhKAHI12OTv6flWn8PlCtdComoITpVyNnYQi54lz_SqXr2eAqZEtq-7wsBDKBnwPVpwDdIpdxCtvZYEhFginyqNLwc0jnU8ctRvvEmKqq7vNBg6wsfK6_Ic2KQqqHQdK2Ce5P2j6YDnyN5u3USm0beIwF1i6OizmOIZnkdj1l3IdYZxk15W7GYX9EqmtVwO-dM5uky1lOTeieH16QcWiJWf92u-JBapF5mUqJdsBzebrhSIUPW1yGgXXqUNofW96lfyWZ3JieBxWjDe2xR8EUVQCIS7mKTGreJ-fTnVOD2lMe79FgOSk3nbenrodxQN4W1gwM4w0Esg51Q3W4WaKKyMVHhDM3yA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCny33qy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIwCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxZoChz19yFmzwYed7JnDY_50L1-WW1iEOeDNvm0-MV23HiocsC_6AhIduAEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2IBt0Q472KUo1Dk-FxNyigKlbyXQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
35a68c84d8a3e407b6e0f5fcb94fe486afbf0ecccb209119639394e661620e02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
53350
expires
Fri, 15 Dec 2023 21:52:44 GMT
img
pix.eu.criteo.net/img/ Frame 102B 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5887&q=80&r=2&u=https%3A%2F%2Fobjectstore.true.nl%2Fprijsvrij%3Aaccommodations%2F626x416%2F4414CWG0GNDB5DMGJAF5N2TE38XGVN8OL6H9NE9A.jpg&v=3&w=400&s=b7M_QTLrCaMRHUcMOBO_iCZK&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA&u=%7C5SmpTJBaS6heQT1VNn4lJXf5wkwPoJkzvmIitlb%2BWHU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTqGB52-m_f3Zk99PJzF_uGqte41jayckPb0Z7K2Lr0N_2OBBOs_5CoLi0jxKcAjXX38qr96O-2zsR9iJbQkAkRc3c6dIrx2-N70VEKnzLnFZrEJC85A7STMhTpSKmjjt3rYmeX24Tpr7NvphedfakfPN2JG4KgkQ-zcX7UKho1QJP2KgCnmUPLkgzcbtzbbiIFC1fgI_9VWIk_U0WWtW1r2AHhKAHI12OTv6flWn8PlCtdComoITpVyNnYQi54lz_SqXr2eAqZEtq-7wsBDKBnwPVpwDdIpdxCtvZYEhFginyqNLwc0jnU8ctRvvEmKqq7vNBg6wsfK6_Ic2KQqqHQdK2Ce5P2j6YDnyN5u3USm0beIwF1i6OizmOIZnkdj1l3IdYZxk15W7GYX9EqmtVwO-dM5uky1lOTeieH16QcWiJWf92u-JBapF5mUqJdsBzebrhSIUPW1yGgXXqUNofW96lfyWZ3JieBxWjDe2xR8EUVQCIS7mKTGreJ-fTnVOD2lMe79FgOSk3nbenrodxQN4W1gwM4w0Esg51Q3W4WaKKyMVHhDM3yA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCny33qy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIwCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxZoChz19yFmzwYed7JnDY_50L1-WW1iEOeDNvm0-MV23HiocsC_6AhIduAEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2IBt0Q472KUo1Dk-FxNyigKlbyXQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
7045b569f5a9b9088ea08679182c211e1d8c9cbfd2d1c29438eba2e643038c62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
47020
expires
Fri, 15 Dec 2023 21:52:44 GMT
img
pix.eu.criteo.net/img/ Frame 102B 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5887&q=80&r=2&u=https%3A%2F%2Fobjectstore.true.nl%2Fprijsvrij%3Aaccommodations%2F626x416%2FKGFDVWWGPA23J4AMLHU4DQHCXRAN31S2L6NJ9LS8.jpg&v=3&w=400&s=NuuaW21LREoXHJKDRk4iTxVD&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA&u=%7C5SmpTJBaS6heQT1VNn4lJXf5wkwPoJkzvmIitlb%2BWHU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTqGB52-m_f3Zk99PJzF_uGqte41jayckPb0Z7K2Lr0N_2OBBOs_5CoLi0jxKcAjXX38qr96O-2zsR9iJbQkAkRc3c6dIrx2-N70VEKnzLnFZrEJC85A7STMhTpSKmjjt3rYmeX24Tpr7NvphedfakfPN2JG4KgkQ-zcX7UKho1QJP2KgCnmUPLkgzcbtzbbiIFC1fgI_9VWIk_U0WWtW1r2AHhKAHI12OTv6flWn8PlCtdComoITpVyNnYQi54lz_SqXr2eAqZEtq-7wsBDKBnwPVpwDdIpdxCtvZYEhFginyqNLwc0jnU8ctRvvEmKqq7vNBg6wsfK6_Ic2KQqqHQdK2Ce5P2j6YDnyN5u3USm0beIwF1i6OizmOIZnkdj1l3IdYZxk15W7GYX9EqmtVwO-dM5uky1lOTeieH16QcWiJWf92u-JBapF5mUqJdsBzebrhSIUPW1yGgXXqUNofW96lfyWZ3JieBxWjDe2xR8EUVQCIS7mKTGreJ-fTnVOD2lMe79FgOSk3nbenrodxQN4W1gwM4w0Esg51Q3W4WaKKyMVHhDM3yA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCny33qy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIwCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxZoChz19yFmzwYed7JnDY_50L1-WW1iEOeDNvm0-MV23HiocsC_6AhIduAEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2IBt0Q472KUo1Dk-FxNyigKlbyXQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
f43360ec59264dc4dda1c36b31c556ba1562f94a9895afc17a0b9be40cc75ea9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
51428
expires
Fri, 15 Dec 2023 21:52:44 GMT
img
pix.eu.criteo.net/img/ Frame 102B 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5887&q=80&r=2&u=https%3A%2F%2Fobjectstore.true.nl%2Fprijsvrij%3Aaccommodations%2F626x416%2F0KSLO7B1S3X6JV7RJQGHDE9YVL2822WKA9P5WC29.jpg&v=3&w=400&s=F0wHyfjdIvzvBRnkRyc5BXWb&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA&u=%7C5SmpTJBaS6heQT1VNn4lJXf5wkwPoJkzvmIitlb%2BWHU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTqGB52-m_f3Zk99PJzF_uGqte41jayckPb0Z7K2Lr0N_2OBBOs_5CoLi0jxKcAjXX38qr96O-2zsR9iJbQkAkRc3c6dIrx2-N70VEKnzLnFZrEJC85A7STMhTpSKmjjt3rYmeX24Tpr7NvphedfakfPN2JG4KgkQ-zcX7UKho1QJP2KgCnmUPLkgzcbtzbbiIFC1fgI_9VWIk_U0WWtW1r2AHhKAHI12OTv6flWn8PlCtdComoITpVyNnYQi54lz_SqXr2eAqZEtq-7wsBDKBnwPVpwDdIpdxCtvZYEhFginyqNLwc0jnU8ctRvvEmKqq7vNBg6wsfK6_Ic2KQqqHQdK2Ce5P2j6YDnyN5u3USm0beIwF1i6OizmOIZnkdj1l3IdYZxk15W7GYX9EqmtVwO-dM5uky1lOTeieH16QcWiJWf92u-JBapF5mUqJdsBzebrhSIUPW1yGgXXqUNofW96lfyWZ3JieBxWjDe2xR8EUVQCIS7mKTGreJ-fTnVOD2lMe79FgOSk3nbenrodxQN4W1gwM4w0Esg51Q3W4WaKKyMVHhDM3yA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCny33qy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIwCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxZoChz19yFmzwYed7JnDY_50L1-WW1iEOeDNvm0-MV23HiocsC_6AhIduAEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2IBt0Q472KUo1Dk-FxNyigKlbyXQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e39b0961c64cf345e25f1202ce7580a0994cffdc1b2813c20116c238038074c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
41006
expires
Fri, 15 Dec 2023 21:52:44 GMT
img
pix.eu.criteo.net/img/ Frame 102B 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5887&q=80&r=2&u=https%3A%2F%2Fobjectstore.true.nl%2Fprijsvrij%3Aaccommodations%2F626x416%2FO7BVC5URLNPPD7T7N0SDALSGNMUYWKF3YERFVUEV.jpg&v=3&w=400&s=SpGKBe-e26nuq5KsyItMKRQ_&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA&u=%7C5SmpTJBaS6heQT1VNn4lJXf5wkwPoJkzvmIitlb%2BWHU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTqGB52-m_f3Zk99PJzF_uGqte41jayckPb0Z7K2Lr0N_2OBBOs_5CoLi0jxKcAjXX38qr96O-2zsR9iJbQkAkRc3c6dIrx2-N70VEKnzLnFZrEJC85A7STMhTpSKmjjt3rYmeX24Tpr7NvphedfakfPN2JG4KgkQ-zcX7UKho1QJP2KgCnmUPLkgzcbtzbbiIFC1fgI_9VWIk_U0WWtW1r2AHhKAHI12OTv6flWn8PlCtdComoITpVyNnYQi54lz_SqXr2eAqZEtq-7wsBDKBnwPVpwDdIpdxCtvZYEhFginyqNLwc0jnU8ctRvvEmKqq7vNBg6wsfK6_Ic2KQqqHQdK2Ce5P2j6YDnyN5u3USm0beIwF1i6OizmOIZnkdj1l3IdYZxk15W7GYX9EqmtVwO-dM5uky1lOTeieH16QcWiJWf92u-JBapF5mUqJdsBzebrhSIUPW1yGgXXqUNofW96lfyWZ3JieBxWjDe2xR8EUVQCIS7mKTGreJ-fTnVOD2lMe79FgOSk3nbenrodxQN4W1gwM4w0Esg51Q3W4WaKKyMVHhDM3yA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCny33qy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIwCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxZoChz19yFmzwYed7JnDY_50L1-WW1iEOeDNvm0-MV23HiocsC_6AhIduAEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2IBt0Q472KUo1Dk-FxNyigKlbyXQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
0cd24171011edea4117118dbd8ab00470db26a136eb84c05cef6904774e78e2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
39306
expires
Fri, 15 Dec 2023 21:52:44 GMT
img
pix.eu.criteo.net/img/ Frame 102B 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5887&q=80&r=2&u=https%3A%2F%2Fobjectstore.true.nl%2Fprijsvrij%3Aaccommodations%2F626x416%2FCA6C39XQBZQC2QUS4TOL9298TUXV366YGWT6AFRB.jpg&v=3&w=400&s=MkJUxng3tYttIzRZO0aThyDl&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA&u=%7C5SmpTJBaS6heQT1VNn4lJXf5wkwPoJkzvmIitlb%2BWHU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTqGB52-m_f3Zk99PJzF_uGqte41jayckPb0Z7K2Lr0N_2OBBOs_5CoLi0jxKcAjXX38qr96O-2zsR9iJbQkAkRc3c6dIrx2-N70VEKnzLnFZrEJC85A7STMhTpSKmjjt3rYmeX24Tpr7NvphedfakfPN2JG4KgkQ-zcX7UKho1QJP2KgCnmUPLkgzcbtzbbiIFC1fgI_9VWIk_U0WWtW1r2AHhKAHI12OTv6flWn8PlCtdComoITpVyNnYQi54lz_SqXr2eAqZEtq-7wsBDKBnwPVpwDdIpdxCtvZYEhFginyqNLwc0jnU8ctRvvEmKqq7vNBg6wsfK6_Ic2KQqqHQdK2Ce5P2j6YDnyN5u3USm0beIwF1i6OizmOIZnkdj1l3IdYZxk15W7GYX9EqmtVwO-dM5uky1lOTeieH16QcWiJWf92u-JBapF5mUqJdsBzebrhSIUPW1yGgXXqUNofW96lfyWZ3JieBxWjDe2xR8EUVQCIS7mKTGreJ-fTnVOD2lMe79FgOSk3nbenrodxQN4W1gwM4w0Esg51Q3W4WaKKyMVHhDM3yA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCny33qy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIwCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxZoChz19yFmzwYed7JnDY_50L1-WW1iEOeDNvm0-MV23HiocsC_6AhIduAEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2IBt0Q472KUo1Dk-FxNyigKlbyXQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
071129a7e079a95ea022c80a014cfd795934552170b11d3b0edb8fcdfb0eac81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
49668
expires
Fri, 15 Dec 2023 21:52:44 GMT
all
csm.eu.criteo.net/ Frame 102B 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=aSEI9cLIow_TvZs0Qo_u-1uGdG5DJ_E2OGFC7cqL4IHZZOcgIkcomYh5XSuTseo8trcky1LZ8HatTtg4yXz_XRxFTZ-x-0O9yQSQC6kcX0ek_xMcJcSwlz1Fv7NC2TTMfwpw9D_rzIWam-Wbl8d3z3EYZDDcXoVmxbg6faJ8AyN3EQsgIHlmJD6JI-qZEGHaKyXgZX44ustTksgWVO33f8DSfgabcKJKr8EZmR0g-kvE-jpXIvOv-gQIoJWS_kwzlLKvzw&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA&u=%7C5SmpTJBaS6heQT1VNn4lJXf5wkwPoJkzvmIitlb%2BWHU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTqGB52-m_f3Zk99PJzF_uGqte41jayckPb0Z7K2Lr0N_2OBBOs_5CoLi0jxKcAjXX38qr96O-2zsR9iJbQkAkRc3c6dIrx2-N70VEKnzLnFZrEJC85A7STMhTpSKmjjt3rYmeX24Tpr7NvphedfakfPN2JG4KgkQ-zcX7UKho1QJP2KgCnmUPLkgzcbtzbbiIFC1fgI_9VWIk_U0WWtW1r2AHhKAHI12OTv6flWn8PlCtdComoITpVyNnYQi54lz_SqXr2eAqZEtq-7wsBDKBnwPVpwDdIpdxCtvZYEhFginyqNLwc0jnU8ctRvvEmKqq7vNBg6wsfK6_Ic2KQqqHQdK2Ce5P2j6YDnyN5u3USm0beIwF1i6OizmOIZnkdj1l3IdYZxk15W7GYX9EqmtVwO-dM5uky1lOTeieH16QcWiJWf92u-JBapF5mUqJdsBzebrhSIUPW1yGgXXqUNofW96lfyWZ3JieBxWjDe2xR8EUVQCIS7mKTGreJ-fTnVOD2lMe79FgOSk3nbenrodxQN4W1gwM4w0Esg51Q3W4WaKKyMVHhDM3yA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCny33qy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIwCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxZoChz19yFmzwYed7JnDY_50L1-WW1iEOeDNvm0-MV23HiocsC_6AhIduAEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2IBt0Q472KUo1Dk-FxNyigKlbyXQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 20 Dec 2022 21:52:43 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
privacy.svg
static.criteo.net/flash/icon/ Frame 102B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA&u=%7C5SmpTJBaS6heQT1VNn4lJXf5wkwPoJkzvmIitlb%2BWHU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTqGB52-m_f3Zk99PJzF_uGqte41jayckPb0Z7K2Lr0N_2OBBOs_5CoLi0jxKcAjXX38qr96O-2zsR9iJbQkAkRc3c6dIrx2-N70VEKnzLnFZrEJC85A7STMhTpSKmjjt3rYmeX24Tpr7NvphedfakfPN2JG4KgkQ-zcX7UKho1QJP2KgCnmUPLkgzcbtzbbiIFC1fgI_9VWIk_U0WWtW1r2AHhKAHI12OTv6flWn8PlCtdComoITpVyNnYQi54lz_SqXr2eAqZEtq-7wsBDKBnwPVpwDdIpdxCtvZYEhFginyqNLwc0jnU8ctRvvEmKqq7vNBg6wsfK6_Ic2KQqqHQdK2Ce5P2j6YDnyN5u3USm0beIwF1i6OizmOIZnkdj1l3IdYZxk15W7GYX9EqmtVwO-dM5uky1lOTeieH16QcWiJWf92u-JBapF5mUqJdsBzebrhSIUPW1yGgXXqUNofW96lfyWZ3JieBxWjDe2xR8EUVQCIS7mKTGreJ-fTnVOD2lMe79FgOSk3nbenrodxQN4W1gwM4w0Esg51Q3W4WaKKyMVHhDM3yA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCny33qy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIwCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxZoChz19yFmzwYed7JnDY_50L1-WW1iEOeDNvm0-MV23HiocsC_6AhIduAEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2IBt0Q472KUo1Dk-FxNyigKlbyXQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Dec 2023 21:52:44 GMT
css2
fonts.googleapis.com/ Frame FAB5 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Dec 2022 21:52:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Dec 2022 20:58:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Dec 2022 21:52:44 GMT
css
fonts.googleapis.com/ Frame 742A 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Dec 2022 21:52:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Dec 2022 20:59:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Dec 2022 21:52:44 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 742A 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 10:07:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
42312
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Jan 2023 10:07:32 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 742A 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 10:07:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
42312
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Jan 2023 10:07:32 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 742A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 20:42:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
4201
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Jan 2023 20:42:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 742A 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 10:07:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
42312
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Jan 2023 10:07:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 742A 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Dec 2022 21:52:44 GMT
5abbe811e7745ada511aeaa994a13f9f.js
www.gstatic.com/mysidia/ Frame 742A 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 09:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
305214
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14213
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 23:34:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 17 Mar 2023 09:05:50 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame FAB5 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 06:12:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
56386
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8084
x-xss-protection
0
server
cafe
etag
2222875591315018765
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Jan 2023 06:12:58 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FAB5 		205 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 02:54:53 GMT
x-content-type-options
nosniff
age
68271
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 20 Dec 2023 02:54:53 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FAB5 		604 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 20:08:49 GMT
x-content-type-options
nosniff
age
6235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 20 Dec 2023 20:08:49 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8D66 		143 B
295 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
2717
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 21:07:27 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
container.html
c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2BE5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212121148/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 21:52:43 GMT
expires
Wed, 20 Dec 2023 21:52:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8D54 		624 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiQrrvGATAB&v=APEucNUNc6tM2PVtEDcHn2XDDVP8gFZ3OEFm4INW4EqPK1wOj_FwHmHwcGTmsoF5SDGvIu_BFmzmCLANAm3wOdaa0ssK_5y_JPZV0M3vw4TBTvSzIIAZkU0O7jeETHuTW9aBg_dN_7x-Ow2zSfrwQEwSYixPDhyE_qkPM6RBFhDi4QYmS2Vt1JU
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 21:52:44 GMT
expires
Tue, 20 Dec 2022 21:52:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 2BE5 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def1424f4f259a4cf927fe1f7ea7ec24bdc2fc78edca55fdb593cc0c293dbec5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27387
x-xss-protection
0
server
cafe
etag
15442950961169408521
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 21:52:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2BE5 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B66tXV1os9suZii-eu9BvXIBT-54ge8arVb6genwwz6K5-RyERJ_jdUfQiXFhXwfEuOD-m63tE3eRkz4P6sJWA7MxPNGqwtBjDLNxLuR9M6_kgiyQ
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2BE5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13099733716217244840&x=1&ct=77
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2BE5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 20:42:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
4201
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Jan 2023 20:42:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2BE5 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 10:07:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
42312
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Jan 2023 10:07:32 GMT
l
www.google.com/ads/measurement/ Frame 2BE5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSQ2dOziEnLsEb0rQl1wx_mm6Ba1hUzsleLZOVTNj34UJ4uQ9G4xfzhVdsROEsg-gWKnEy2-OFs3QsZV2fuRqMD8Kn7EA
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2BE5 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Dec 2022 21:52:44 GMT
pixel
protected-by.clarium.io/ Frame 2BE5 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0LzI4OTYyMTcyNDA6MzAweDI1MA==&v=5&s=v31gkoock95&id=eyJkZnAiOnsiYWQiOjQ5NzM3Mzc2LCJjIjpudWxsLCJsIjowLCJvIjoyODk2MjE3MjQwLCJBIjoiLzI1MDcyNDYsMjI0MjYwMDc3OTEvaG9sZHRvcmVzZXQuY29tX1dlYl8zMDB4MjUwXzEwIiwieSI6MzMwNDA0LCJjbyI6MCwicyI6ImRpdi1pbnN0aWNhdG9yLWFkLTE2In0sInRwX2NyaWQiOm51bGx9&sb=undefined&cb=1440312&h=holdtoreset.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEx6STRPVFl5TVRjeU5EQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyODk2MjE3MjQwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.48.34.46 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-48-34-46.eu-north-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:44 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8D66
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 21:52:44 GMT
expires
Tue, 20 Dec 2022 21:52:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 21:52:44 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 8D54
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKfoFR0Z45woWypL2lvXxsI&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKfoFR0Z45woWypL2lvXxsI&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKfoFR0Z45woWypL2lvXxsI&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiQrrvGATAB&v=APEucNUNc6tM2PVtEDcHn2XDDVP8gFZ3OEFm4INW4EqPK1wOj_FwHmHwcGTmsoF5SDGvIu_BFmzmCLANAm3wOdaa0ssK_5y_JPZV0M3vw4TBTvSzIIAZkU0O7jeETHuTW9aBg_dN_7x-Ow2zSfrwQEwSYixPDhyE_qkPM6RBFhDi4QYmS2Vt1JU
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEKfoFR0Z45woWypL2lvXxsI&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 8D54
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y6IurOSakhxL-nrq6D4RewAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKfoFR0Z45woWypL2lvXxsI&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKfoFR0Z45woWypL2lvXxsI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiQrrvGATAB&v=APEucNUNc6tM2PVtEDcHn2XDDVP8gFZ3OEFm4INW4EqPK1wOj_FwHmHwcGTmsoF5SDGvIu_BFmzmCLANAm3wOdaa0ssK_5y_JPZV0M3vw4TBTvSzIIAZkU0O7jeETHuTW9aBg_dN_7x-Ow2zSfrwQEwSYixPDhyE_qkPM6RBFhDi4QYmS2Vt1JU
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKfoFR0Z45woWypL2lvXxsI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 8D54
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDybdSTyEinWMdwCyQzSmS8&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDybdSTyEinWMdwCyQzSmS8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiQrrvGATAB&v=APEucNUNc6tM2PVtEDcHn2XDDVP8gFZ3OEFm4INW4EqPK1wOj_FwHmHwcGTmsoF5SDGvIu_BFmzmCLANAm3wOdaa0ssK_5y_JPZV0M3vw4TBTvSzIIAZkU0O7jeETHuTW9aBg_dN_7x-Ow2zSfrwQEwSYixPDhyE_qkPM6RBFhDi4QYmS2Vt1JU
Protocol
HTTP/1.1
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:44 GMT
AN-X-Request-Uuid
e2b831e0-48b7-4ef9-b8e5-e3a8095813b3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
95.211.95.247; 95.211.95.247; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDybdSTyEinWMdwCyQzSmS8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8D54
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk5MDYzODYxOTMwNDU4NDMzNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk5MDYzODYxOTMwNDU4NDMzNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiQrrvGATAB&v=APEucNUNc6tM2PVtEDcHn2XDDVP8gFZ3OEFm4INW4EqPK1wOj_FwHmHwcGTmsoF5SDGvIu_BFmzmCLANAm3wOdaa0ssK_5y_JPZV0M3vw4TBTvSzIIAZkU0O7jeETHuTW9aBg_dN_7x-Ow2zSfrwQEwSYixPDhyE_qkPM6RBFhDi4QYmS2Vt1JU
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 20 Dec 2022 21:52:44 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
95.211.95.247; 95.211.95.247; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
00662b61-dc0e-46e1-b853-d3fc04d12397
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk5MDYzODYxOTMwNDU4NDMzNw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
container.html
c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1E57 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212121148/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 21:52:43 GMT
expires
Wed, 20 Dec 2023 21:52:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ixmatch.html
js-sec.indexww.com/um/ Frame 74FD 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
961
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77cb9b561f596934-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 20 Dec 2022 21:52:44 GMT
expires
Wed, 21 Dec 2022 01:52:44 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync.html
cdn.aralego.net/ucfad/cookie/ Frame 8D16 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
age
2025
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
77cb9b561c4292a8-FRA
content-encoding
br
content-type
text/html
date
Tue, 20 Dec 2022 21:52:44 GMT
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tljmz60%2FwuG0Ry%2BmRjFfPqKiVQ2QYfX80C8BnojeERq4wwnb0G2smh8dglM%2FmnJXF9PnlpSvxGZOOEFrn0rq2ciznBYeyDcKFHRd3maP7LSzffjzOiQW9xkTkUnl45hrIRXg%2Fub%2BWlRKknvXiw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame CB39 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 20 Dec 2022 21:52:44 GMT
ETag
"623de86a-cf34"
Expires
Wed, 21 Dec 2022 21:52:46 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 23D3 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 20 Dec 2022 21:52:44 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2BE5 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5389875557645&version=m202209210101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2BE5 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5389875557645&version=m202209210101&ct=77&x=1&cor=13099733716217246000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 2BE5 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsRhcbrDgrszj93rm5qtTU513FJ-3dvudKy3qPq62PBS97_FvPjj6YPq17mrGfc30LCb37qULp4BfQ6GiiUbINtwDQTZ3e0FkyBxAlUIq1DfQD1L4lSthK64z7ZmK71s5pnRmr6spo7FHPFcspGBmoMmfVrbKmeAKgAmNFAMz1h16s_HQ&cry=1&dbm_d=AKAmf-CiWwQGmg2H4Pop8A0qy83lf-KUd3SHatPbdHJ7AkcgkBKWJK1FAW4qxcZ3R_yALK_MJjBYdliwjx5_08SPGdD9wneLls9-gZovo6j7FqldNDbhqcQkj_P9mQHKGhMnEQhzJPizjiJI6JCCecorQHQMXl87VanR3PBbdIh1kLp8tQYqCXsri6e8RlOolgmg6-y9KneUG34CVQRRX2ffGQ_H22-UjsllQXxSSyZJyv5mEU1yT9EEWGBiX5jNpgFg7m4owXeWJY6db1-vBhSZdAzxlwXCM0LgVYnML2TjiD3Oiyc97k43l1hDQXiqfLK_Jwnf44cBoUkAPoJ_2O8-ix9wjfebFqvZO1utkImbSzgskfQ-w4z-8ZCJJEtO85Cap85s3hHK-PC2P39w_oW0B7_uaN-YBeRFCPwnvf_f3aa-UCm2dGQ-f2IpvzHDvNip6YHCR4ny3repx8vfdYOZfiCy-Bb0Bcx_d0jQm738FDtPyTSTPdRkEo8FChS05xYTJgSkZyFnB9oKeFI1XqvDUYN-xHoai6UxIZW2lWS9uMHByJxLs-MwOv6vmORiBIMQ1Z-7fN6WvqhbTuUaV4utw6kVr-acm6D4JxnhGGwcnfadO5E1OXjiFgK7uLEGD-RkkKXB0kVtJpyR7AkUB59-JStnmBGuug_DuREAxVQhhEL2dfAowMPX7Fi9bHrEoW8uJi-gz082tyMPdpzYJgydRSGxAPANPjOkY6DmchSa-rDLqWhu8fwAUCOOdYvSvoN6N4t7WH9aUuet7UZPY-Uiu-OapLEPzYXjt4zVdw4yNR0hb7U7-hvIrowHNwVknWl6jVEKot6qWfIXzHVBzstQDbsZpjs2wKXRDAhNp2Yr7LcCzU5SWOA6CfyZXJgEuHF2bH874TqHM8brYdroWKGjEIzrgyHAodFGIlsxaf-G1f9ymJzJqlMZ7fDkOkwLJvTYH6a2KevgQ52SzcH5DGNa8kzTEvfx0SI_ST68Qbdl62swGqLmK48e8EAUeWt64rtp6IOy9qXZgFfmTkI3qfooQ6zlSPe-maiNTdgFoaWVs1PbDj09dciiUo0sAqgNNzWelMF05GP5q9kVBOU35tp5wnvB9pP5VBYHP4z3Xq9oWeXVo6g_2YV6bzwrIv5EQ8P_7KMF34J6Mn3m38lKv_ixfiiNvpK28xC2G8-h9yx3aZHHahDMTq_sPH1l3XNWOuhNvgDH2WP_UpALdTst_zVD2lBUwHKv7l8ndyFvfUm5RPhfgt03MUMnAgUenALdTYX3fdTpm3eLyZqACxFBuCxDr5Sj-y1BozvCKsHRR1cKjVlwm9QyxEJu9NLmf7wtUO4mDZkCRfJsaQaEYfkrragGmCSImNabcuO4i-PT3BRMLbvWrgeUPjeJqErMDrmOj6uH0E2VSec9o-bId6fouRklUX86jBhDYZ0PrY2jS7OL_wcBHkTsWtA_ytXjdQqyjTdXdN7lPHHAl_5ocoJO5pAklQc4VDcuudUyq5_T1n0CgeZ5VEevyV1j4JAC_SLhLSxCJtMLAmjYIN2ncCsuxYAQR37AxVMXtG70FD5k-JqO1KPeRUAWlpVWKVHsmWUP1ryunm4_s4v9scfIjUbNMdnMSodpLr-l_L_SZTzFmuQ_Kk5pHtNC1bzP06DuL_LMi68WpnVi4cFqRvfPfaVNutwBWS3Jx0HJwjJSwA7UUmGIkKm9ZG1TNT3lBdRLGU0XmbVhBW3qO9K0qkrqXhKUyIhCIDJqsO8vfiKl7vcat3bMGNRCa0IcQt1eebO1UphqLnX7amCPTEFOWJjPVIZNkwvrEQOjcx8Q_5dnivWGDZCsTd1pW4-fHehLfqLlgTbqsQ6YQN1xl-A6h8SViyWk3sy_H4kS2EjVI0t7ZxhviHkIzDI33roxs-sdG-089Hzz3VjXawxCg6YvnaCHoLeYyLqIkOulXqrf0-p_4AbHaD4j0tIeOuqHCmnAJ7XzCSwRswHxam4DIWw6XJWSvyEaVeNmrnpuQ7iYO9wCvJxZE0So8Qiv1Q94T0c61rgrl5FFv4t4JMT2ILAqj2bSfRwpuhBDkY1mCRJ8impp0ote8xF91yCUsgpCypKnk9pRjcRyxcQjlHQlyUqmQPh8Qz3W3ODnZ-Kbk5YX6jAyYXsroff0iPpHYz_9wa2O6KxhnwfTx5jv8ijUYVXOgE61lZW4xICFSyU8n2THeb4YWffF7u89-CEZmjtq6uwl87t5CPJFKiUrXp9fxfnHeNaj57v07XiSLWyhN9mDB_FcTdhnFWoQHD1pv1yA7ij_0kiVLFbLCdHEusDZv8Qectgz-0QfHHM22xrRIb_89pgwbC5Oagzgs9cwwUc1haZQr9rEV0vRqYA-MR9m8M9-s3_aAvv5zwm5q7_a-IdgLeUdD9avGebPeyIkhenoFo3GWjye5eZgyD2WUgd7xjotHl2ze3q8wrmk7whIqFMmWNZwiG-e1M1PpEtqCYV6WvhQUVUhxdO8Pr0me74ouKnOQ3an5Aybrlq-hqXoc9KVUxB52jnk5UR12d9rpI-C0555NzBM1cZCuAkvIeHZ_xYRr2PF-V1bTEYByTvX_TzKKfNU3B8exI0X1UadrlOMBfh_C9tEw9rfhU9kDy2ZeM99GPMROpplZ1B8YSQlSUfQeZLSR6B0qBuyPhgcVkD2MHEa6kvd0rx09oddtDsf0MvWvWsvLXjJsLYxe3GskFfCbd1e9cKpvgxYSxzZUcod7tWYbaQbhwCvQKznqTcNRxSzDm6hkHHPrfCBG9XGj-5jcS1aw8meouQx5rA6WTxJaR05U51TpM5RJ8esfOXG7PmbP0q-qBvE7fdFDs5uqyiyrZxNUlWJPu9huvNzhCLVc6j9CngSy3FOvzt14eX4tMU4RitpT5OJxgMcu-NZR9q66hrXrNrVnpSL59MzZf8RDX9mMnvG7Ps9dPte2USH45gccwwxdHqt7-NZxUyIuASjbstidTnJZBPHrq-5L_MplqADHZ4gixYG5jvUhYWKRSW1UsuVdz6y6enpN2y0LeZzdQQA60IF17PIUh2XqUNinaeNcDoOTEpMqkUs8z7s8EbpH5aZDwG3v8v8cnRzHX8J36KYJK-aqITNREvdXaaINvNOfomx7VA34FIxb7qmeu83prxANQ0XQDMoOBbzsIKSDm1FhMtdQhjc4LxLIyo6Jdjqs9WSu83KZPSpQ9Be-wfh_8GUBiQOVIiOrp-LjnXPkxy7B1TOoKBk6Hr8YQdxD5_dMeTv30KkKHh_OI_NL53-0-SBdltWOCLhkt20ZLE76RGCcnsOXg4OixZEIu2ZOM8DTkN7WbrvGa5LukC8JkgjyDc_CiajH0vjxQFtxCy5WSbPfYmdlr9f9WBw7njT0sHiKyaYUI40q0H3vf6Rg47lXmXkpv5iBaf7xiUEt0fp-k2EtL3AZihmOUggcC_x9LnMGesvrzApDvEcfWBLtBezNnXxd23qchp1rP1_1Ks6h1i4q41S3Qrg5Of_KDIns7NVnddqi2_cVXhhEiPO19AoxAWwhAxnjPkH4qaRCfvBE9cGDDtHW8GxIV7CWI_d2cc&cid=CAQSPwDq26N9E-h_-GY6O7uj9FDSJueRzMKZ0ia6fREoxuJ1KCJCIPryOXebFw96-6lakQ2ce0VnXIyvdkomdh-7NhgBIBM&dv3_ver=m202209210101&rfl=https%3A%2F%2Fholdtoreset.com%2F&ds=l&xdt=1&iif=1&cor=13099733716217246000&adk=3661671305&idt=75&cac=0&dtd=19
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
31c2de7c45d9964fcce532884d12a7816e0bbb003890a10752d452b9f5749f68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1E57 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cq0pcrC6iY_63CsPL7_UP_diasArJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIoCT9CcOX4bbr5YIpIAOMGvknU89DGxW6tWhAoKpR_BJmS_i88agB8_E5QQeVYsowBKAsODmqUPO3woLYNQQKvCEECAVeZHg4ZsldXIjMjnr1t5H8UARrX-48vpPZU-na3D_oXCR2F-vl2ELMPdTkJ9ad_IKPktsNRvaSEqsYgTEsYstBOO6l8AY3pxNYFwVUtcfIUqVhfOksKtlmg9nzkdwEonw8GIj3tpI-gLhfOvmLMQKvc5rYW68kys0kfmPiFLJMUOme_WsH0pSnoMYpAUvegfvdthTIGMuAOO6U5iuEFdmzCO5gtOOQ2rwjeUSgwygLa5etlVdFGCdC8_mbYxaTTSf58q7w2o6KzgBAGABq3rsJv8mO_VmwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NTY0MTY2ODI5OTExNzQzgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTI2OTc2Nzk1MTg1MTU4ODYY1MQM&sigh=7XYj7d5fZuE&uach_m=[UACH]&cid=CAQSSwDq26N9CqIldJRjjG3Byo-K-nVKcgpoHDffhyRUwbcGEttkUlF45wu-mQnt8oGmhFcNpzUTOiTChJ8UWs_yUCTC5QI5ufFJERXubxgBIBM
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 1E57 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kNf2EfBB2AVanYNiAgIAAAAnXLwn6sZ7rhCsLqJj0K9fvhc7ZcUqvwIAEgAA&wp=Y6IurAACm_4Iu-XDAAasfbcuP06Nhm39MnXJOg
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
213885
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame B2BB 		136 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IurAACm_4Iu-XDAAasfbcuP06Nhm39MnXJOg&u=%7COPrpa1iqH2ZxI59tfAWF4xNDZHlf2AyV2lcQsOp0R0g%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVcoTCBkKm8eoAVQZmKhBqJGVagvgQVKlPFFw5c7MH2G6am22hd-jUY6qqG8BXXPeCN9_N-7C4mlq7p5uTP4W8nYcEeIGmvGaGYAslue3IL08qUvymxyG2AvS9Qlxyykf2HseZ5spXMsXXZxvbRx9fHz3PPl-YSUJwt5BX3M88QrBeuqsdTs0v8htPJ-aqep-AaCvoza4IqpSrFOdz1lzuTjIhAqn_yxBczvYcyZw4gQvBoWevCVnTGJXx1LqGy6mqY4-SHBPvuY39DJK39Zk-sIbKWyBFvsGLZ7rTvLR0Pu67i-HIsyUGpn7hCJTxD4gldECRoTxOU-3j46QKA2Rf05j-zVgsbREgvRDJ9o8IMRfbP_kvjgtkPv-ne5SQLFaYVG5HY4iMoJWiYp7ZZt-syu8fjv20unitGuFfrob4hQcmTGlrYXIijf8ITxwVR92R0XEyvG9Lr-y4chmP5Qcn3nmoVPIfP54GXim2VaEBEJTC84TkSxITvF9VrtKVnAqsZ57WdUi9cS60G82CxejpxKGxyux5Y5Q-P4WQj1e96CEPsbIv0Ua-sY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG58trC6iY_63CsPL7_UP_diasArJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBI0CT9CcOX4bbr5YIpIAOMGvknU89DGxW6tWhAoKpR_BJmS_i88agB8_E5QQeVYsowBKAsODmqUPO3woLYNQQKvCEECAVeZHg4ZsldXIjMjnr1t5H8UARrX-48vpPZU-na3D_oXCR2F-vl2ELMPdTkJ9ad_IKPktsNRvaSEqsYgTEsYstBOO6l8AY3pxNYFwVUtcfIUqVhfOksKtlmg9nzkdwEonw8GIj3tpI-gLhfOvmLMQKvc5rYW68kys0kfmPiFLJMUOme_WsH0pSnoMYpAUvegfvdthTIGMuAOO6U5iuEFdmzCOpAlvq4okXiQr1hiRUIsfgtBBfueIWje9LX4Mz8ZtYbMyaqcs-xOr4GzgBAGABq3rsJv8mO_VmwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NTY0MTY2ODI5OTExNzQz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CIR_0w7zN8VMWxI_Ci_g9At4YzQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
34d0522ad3462b68618e0b7292b3c0fadcb001544fe05a3226627beb576a5580
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 21:52:44 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=r64Y3sLIow_TvZs0nAKs9lJ_qP9Ij2YeK33k51V82Ch6sp_u3688wI6DvChHzkeQ4IQ4LZwe9_-0naYDzQiFA0PtFJu7BlVuFD59yi6BGvQjBK6_SV6SDQa9qpQ4x2bAAjwLxYG6HYGFNu4EIu-oLmrfiuKGpeq8W6oe-1sCPfype6VTYzG98PkflaN7r14-R5Rda9kZkhWV_dkJ4GxWmU0gwednn_bHPJFnZFg54X0HXf3-WEZpOaJsJgU"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
60297774
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1E57 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 20:42:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
4201
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Jan 2023 20:42:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1E57 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 10:07:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
42312
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Jan 2023 10:07:32 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1E57 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 15:15:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
283050
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 17 Dec 2023 15:15:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1E57 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Dec 2022 21:52:44 GMT
pixel
protected-by.clarium.io/ Frame 1E57 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0LzI4OTYyMTcyNDA6NzI4eDkw&v=5&s=v31gkoockfl&id=eyJkZnAiOnsiYWQiOjQ5NzM3Mzc2LCJjIjpudWxsLCJsIjowLCJvIjoyODk2MjE3MjQwLCJBIjoiLzI1MDcyNDYsMjI0MjYwMDc3OTEvaG9sZHRvcmVzZXQuY29tX1dlYl83Mjh4OTBfMiIsInkiOjMzMDQwNCwiY28iOjAsInMiOiJkaXYtaW5zdGljYXRvci1hZC0zIn0sInRwX2NyaWQiOm51bGx9&sb=undefined&cb=4168035&h=holdtoreset.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEx6STRPVFl5TVRjeU5EQTZOekk0ZURrdyIsIndkIjp7Im8iOjI4OTYyMTcyNDAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.48.34.46 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-48-34-46.eu-north-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:44 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame 2CA4 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 20:48:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3829
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 20:48:55 GMT
usermatch
ssum-sec.casalemedia.com/ Frame E9FC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fholdtoreset.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4ef988f09c6650e9b588431850d832057426a9120a8b661930a07eb6598f420

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77cb9b5718479213-FRA
content-encoding
br
content-type
text/html
date
Tue, 20 Dec 2022 21:52:44 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfAkfD1MMn2%2B2nm0lTngoaaeoTT4MCnPc%2BJAKA7RKQ6LLPj8h9osjEm0UsITIjc%2BT8BllAXX0qwGgirnpSyRDdqhiHRdImW%2FjtRhgeEWZ74Zc8%2FdchZhP9VjMc%2BV14ZiaTei%2FxIiuiZj8g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ Frame 8D16 		35 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
connection
close
content-length
35
content-type
image/gif
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2BE5 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 13:31:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
202864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Dec 2023 13:31:40 GMT
async_usersync
ib.adnxs.com/ Frame CB39 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:44 GMT
AN-X-Request-Uuid
a0efbf8c-2313-4473-91e7-96c3371dbd34
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
95.211.95.247; 95.211.95.247; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120701&jk=3025002463432866&bg=!fX6lfjrNAAYgquz3AKo7ACkAdvg8WklmgN8VHD4DewpXerHeFrLWb9qdWj5IeVcOk7VO3d6bZr5jnQIAAAB7UgAAAAJoAQcKAFJ1WVdfvjPHZjPW6u0sX93tQmxIofZpBxTCyg29DbAJ2LLCoACTqFnMfVRkNjj87oDG2nTr-SazX0Jmw-ZZlzSjElvUtTjwzDJJFj7Yx-NxkarhmQLYbyz5WxbVfBxm2RbuAfZ70Cx0sVUBANk80-w18R100BDpY8XAZB0lge2WnXf8BpnJocfl45ta-Z6votd66v5_4q11CmAWBKPC1w4NHOPnz0SAqdkFju6lwuTkTmDDjIiDHtR2rQJE0DJJaNA-dsweqYH8rPHekt0tX2bCOyd3ZT76CcFKVqq3f_ir7L5L0wehHmxau4GjMv2si8Gj9-a-1CYjq4aWTEhEMznm3PoJpBsMYRZeMvw5KkZPSecasp8FQAr6J-LvTXEmt9Azs7OiH3LwaVHWOmxJv2WZPm0Eh_JV02tGSysir-qnVnJ9bXWh5w4XQLR29Vxgxfy8rlTczu-rGIeZdvYJxJx6HoFLgpV0q2Dg_4a8--Jauf9s4Boo5HtrxVmlDPoIsilhAk6RtJ-8GUcodfPVPFddTKvsVEUCN0J-2TxEvqlQa1DF4gpAjMh2dTty5-V1gSPs1vPxQSy0K86rpuUnUIvxoftygkcsLCGe6uexmyppYpzlAUn_VHBu_UiUOfu-U7x5i7znh8XNjTWNFpSMVZnJgPwQQ8lR4I1XDIlHCCW9pkc311HABJ96r4Ex21-AwjlFWslGvqVnU2ItWHqr6gSsYYzQzhSWj0qD0-omBf4-VN-fzdlB1DB5JP6sEH9PsG6xVN2SGtGxaIgC-f1lyN9IY-PJeWXGW2QZWvNv8qx0OJC3tkr3PKSKUHDdLuUwQE1FBTLVoQucCRpAarJTo0pDPqKVsJ409Cl4UkxwCTkMEiom_gU6J9VLd4V9eS6e3_2Aa_bKla6OCDCB328yWz14Cdx5LQs6YFoAIWJw0qJlY_g2BUZvnR37avsjXhHfMxfDKFvhP7sdxjkT6gkljuyP-OkF00JN6DlcAv9pCfyHOjbJ9UfpU96lz5-UITOm0HNgl7Ag6Zhfy-7AWFRE5qKrDDYU02bK5-G6ypYwKpThBTNSgXAM7SwjUGSEwYA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
gjjhz7cdztxo
hal9000.redintelligence.net/zone/ Frame 2BE5 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/gjjhz7cdztxo?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-7knqy6iY5qMOo3-7_UPssWfyArM-Yagaeu7x__3D_AuEAEgsMjAIWCRBMgBCakCfVfsGzTOsT6oAwGqBPIBT9BH8xO2CijPTvpgtxVCwwH6nOmcCl7JBXe72aXkxp2iZz_d7TxzMa2lkBwxo481Az1_oqHnfPk42PD5UlwoVMM6nDKfnRm2t8le-89oyF2qM4mNIFdB3A0iUDdg-zRFNIMdxhqozZWRtQICue-Zh4gKnh9bx1awIzfdU8u6GRcYATil_RMC1ASPc_uoj0O-byIfWqQ5apSynfAxqQRfvFRVkbmAzzU8zPfikvNb5yRbf0Q2F3aWYc40F6z0V3vs4GOApnfuuB03ssEUEcolXwikk-iVYZ8F4E8PJVLKDhbOssjuzaq9R_ZbSMg14pNJFWLABOrrzKPkA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi02NTY0MTY2ODI5OTExNzQzgAoDmAsByAsBgAwBsBPgm80O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPwDq26N9E-h_-GY6O7uj9FDSJueRzMKZ0ia6fREoxuJ1KCJCIPryOXebFw96-6lakQ2ce0VnXIyvdkomdh-7NhgBIBM%26sig%3DAOD64_3c4Z6u0zTOHwK1S2xToMv5-p1AVw%26client%3Dca-pub-2697679518515886%26dbm_c%3DAKAmf-BRLk8FqdGHA8eBXfoLAbHb-IXPSOYx8kSJx-4sF2OCpCll6WaJpGTElccf0VhcYUjagCeLZbBafyEkQ3mRz_DQCGDsClSB_DKInlpqMuq64KUsBhVLf8uH8DmAZuvQsWgLjnTRKU2vLjyjSsByf3U69kpMP5ZpZBHzE4VY6ybHsYaMrFU%26cry%3D1%26dbm_d%3DAKAmf-DuU0f4UVLI10Jx-kfwd8nCKq2TZMw8YUXuamaVLDm4_4GXE-VtO4whBTcQGldc8xOhckwuLpT4nZshxOMYy14H1M5LiO1W_191dWzeDS0Ckc-br9opsM56V-BM5aYx__yyoGDw4lNmZfYZxkdHO1EKuju8ArUE924xaYPZdGoexZe9XHbrJL8ShPMH93JLlH-xsbRoTzw4V4K9GKck2wYSi6FIgOXPyWuIbYGelQvVTKZHaxXocVuvjVxR-KGEaItPPfjRxssG4jdgQYDrVuavBZfboCxsG6vLOunWGq8zDylmBneuchoyocsscq3rmmAUJbh84ompDdLkBkzaBt6HMs4hnVi8R0C30h_35DtGH6wgJ1R85an6F06dhk3SUdBRezBtl9Xg1WYijACyvaoAPF6x4ewfaqetWbilFvLzPlMsrYwP2mWCunJBWBPPJdxs9hWcCkwdBlcx_P7ETgaFraFbVXhzZjk6uT64-PPyrjBOeHap1_6darvtkTykSSID6HO1Ye2REAC4p_Mlh7HjGofCKmy4uVMtnK81e9ABoG9W01PQ_05H8KvJ0QD-zClIea4i%26adurl%3D
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
2af469d349556c4828c0fdee37079efacbeaa1f27ec5cce6724f189cf6737983

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 21:52:44 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4129
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 1E57 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9fa20886c42169be9594e2287996bdf2a613aaa5b89a6c8b32568bc511344bc2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame B2BB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IurAACm_4Iu-XDAAasfbcuP06Nhm39MnXJOg&u=%7COPrpa1iqH2ZxI59tfAWF4xNDZHlf2AyV2lcQsOp0R0g%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVcoTCBkKm8eoAVQZmKhBqJGVagvgQVKlPFFw5c7MH2G6am22hd-jUY6qqG8BXXPeCN9_N-7C4mlq7p5uTP4W8nYcEeIGmvGaGYAslue3IL08qUvymxyG2AvS9Qlxyykf2HseZ5spXMsXXZxvbRx9fHz3PPl-YSUJwt5BX3M88QrBeuqsdTs0v8htPJ-aqep-AaCvoza4IqpSrFOdz1lzuTjIhAqn_yxBczvYcyZw4gQvBoWevCVnTGJXx1LqGy6mqY4-SHBPvuY39DJK39Zk-sIbKWyBFvsGLZ7rTvLR0Pu67i-HIsyUGpn7hCJTxD4gldECRoTxOU-3j46QKA2Rf05j-zVgsbREgvRDJ9o8IMRfbP_kvjgtkPv-ne5SQLFaYVG5HY4iMoJWiYp7ZZt-syu8fjv20unitGuFfrob4hQcmTGlrYXIijf8ITxwVR92R0XEyvG9Lr-y4chmP5Qcn3nmoVPIfP54GXim2VaEBEJTC84TkSxITvF9VrtKVnAqsZ57WdUi9cS60G82CxejpxKGxyux5Y5Q-P4WQj1e96CEPsbIv0Ua-sY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG58trC6iY_63CsPL7_UP_diasArJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBI0CT9CcOX4bbr5YIpIAOMGvknU89DGxW6tWhAoKpR_BJmS_i88agB8_E5QQeVYsowBKAsODmqUPO3woLYNQQKvCEECAVeZHg4ZsldXIjMjnr1t5H8UARrX-48vpPZU-na3D_oXCR2F-vl2ELMPdTkJ9ad_IKPktsNRvaSEqsYgTEsYstBOO6l8AY3pxNYFwVUtcfIUqVhfOksKtlmg9nzkdwEonw8GIj3tpI-gLhfOvmLMQKvc5rYW68kys0kfmPiFLJMUOme_WsH0pSnoMYpAUvegfvdthTIGMuAOO6U5iuEFdmzCOpAlvq4okXiQr1hiRUIsfgtBBfueIWje9LX4Mz8ZtYbMyaqcs-xOr4GzgBAGABq3rsJv8mO_VmwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NTY0MTY2ODI5OTExNzQz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CIR_0w7zN8VMWxI_Ci_g9At4YzQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Dec 2023 21:52:44 GMT
adchoices_nl.svg
static.criteo.net/flash/icon/ Frame B2BB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_nl.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IurAACm_4Iu-XDAAasfbcuP06Nhm39MnXJOg&u=%7COPrpa1iqH2ZxI59tfAWF4xNDZHlf2AyV2lcQsOp0R0g%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVcoTCBkKm8eoAVQZmKhBqJGVagvgQVKlPFFw5c7MH2G6am22hd-jUY6qqG8BXXPeCN9_N-7C4mlq7p5uTP4W8nYcEeIGmvGaGYAslue3IL08qUvymxyG2AvS9Qlxyykf2HseZ5spXMsXXZxvbRx9fHz3PPl-YSUJwt5BX3M88QrBeuqsdTs0v8htPJ-aqep-AaCvoza4IqpSrFOdz1lzuTjIhAqn_yxBczvYcyZw4gQvBoWevCVnTGJXx1LqGy6mqY4-SHBPvuY39DJK39Zk-sIbKWyBFvsGLZ7rTvLR0Pu67i-HIsyUGpn7hCJTxD4gldECRoTxOU-3j46QKA2Rf05j-zVgsbREgvRDJ9o8IMRfbP_kvjgtkPv-ne5SQLFaYVG5HY4iMoJWiYp7ZZt-syu8fjv20unitGuFfrob4hQcmTGlrYXIijf8ITxwVR92R0XEyvG9Lr-y4chmP5Qcn3nmoVPIfP54GXim2VaEBEJTC84TkSxITvF9VrtKVnAqsZ57WdUi9cS60G82CxejpxKGxyux5Y5Q-P4WQj1e96CEPsbIv0Ua-sY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG58trC6iY_63CsPL7_UP_diasArJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBI0CT9CcOX4bbr5YIpIAOMGvknU89DGxW6tWhAoKpR_BJmS_i88agB8_E5QQeVYsowBKAsODmqUPO3woLYNQQKvCEECAVeZHg4ZsldXIjMjnr1t5H8UARrX-48vpPZU-na3D_oXCR2F-vl2ELMPdTkJ9ad_IKPktsNRvaSEqsYgTEsYstBOO6l8AY3pxNYFwVUtcfIUqVhfOksKtlmg9nzkdwEonw8GIj3tpI-gLhfOvmLMQKvc5rYW68kys0kfmPiFLJMUOme_WsH0pSnoMYpAUvegfvdthTIGMuAOO6U5iuEFdmzCOpAlvq4okXiQr1hiRUIsfgtBBfueIWje9LX4Mz8ZtYbMyaqcs-xOr4GzgBAGABq3rsJv8mO_VmwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NTY0MTY2ODI5OTExNzQz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CIR_0w7zN8VMWxI_Ci_g9At4YzQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-754"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Dec 2023 21:52:44 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame B2BB 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IurAACm_4Iu-XDAAasfbcuP06Nhm39MnXJOg&u=%7COPrpa1iqH2ZxI59tfAWF4xNDZHlf2AyV2lcQsOp0R0g%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVcoTCBkKm8eoAVQZmKhBqJGVagvgQVKlPFFw5c7MH2G6am22hd-jUY6qqG8BXXPeCN9_N-7C4mlq7p5uTP4W8nYcEeIGmvGaGYAslue3IL08qUvymxyG2AvS9Qlxyykf2HseZ5spXMsXXZxvbRx9fHz3PPl-YSUJwt5BX3M88QrBeuqsdTs0v8htPJ-aqep-AaCvoza4IqpSrFOdz1lzuTjIhAqn_yxBczvYcyZw4gQvBoWevCVnTGJXx1LqGy6mqY4-SHBPvuY39DJK39Zk-sIbKWyBFvsGLZ7rTvLR0Pu67i-HIsyUGpn7hCJTxD4gldECRoTxOU-3j46QKA2Rf05j-zVgsbREgvRDJ9o8IMRfbP_kvjgtkPv-ne5SQLFaYVG5HY4iMoJWiYp7ZZt-syu8fjv20unitGuFfrob4hQcmTGlrYXIijf8ITxwVR92R0XEyvG9Lr-y4chmP5Qcn3nmoVPIfP54GXim2VaEBEJTC84TkSxITvF9VrtKVnAqsZ57WdUi9cS60G82CxejpxKGxyux5Y5Q-P4WQj1e96CEPsbIv0Ua-sY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG58trC6iY_63CsPL7_UP_diasArJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBI0CT9CcOX4bbr5YIpIAOMGvknU89DGxW6tWhAoKpR_BJmS_i88agB8_E5QQeVYsowBKAsODmqUPO3woLYNQQKvCEECAVeZHg4ZsldXIjMjnr1t5H8UARrX-48vpPZU-na3D_oXCR2F-vl2ELMPdTkJ9ad_IKPktsNRvaSEqsYgTEsYstBOO6l8AY3pxNYFwVUtcfIUqVhfOksKtlmg9nzkdwEonw8GIj3tpI-gLhfOvmLMQKvc5rYW68kys0kfmPiFLJMUOme_WsH0pSnoMYpAUvegfvdthTIGMuAOO6U5iuEFdmzCOpAlvq4okXiQr1hiRUIsfgtBBfueIWje9LX4Mz8ZtYbMyaqcs-xOr4GzgBAGABq3rsJv8mO_VmwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NTY0MTY2ODI5OTExNzQz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CIR_0w7zN8VMWxI_Ci_g9At4YzQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 15 Dec 2023 21:52:44 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame B2BB 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IurAACm_4Iu-XDAAasfbcuP06Nhm39MnXJOg&u=%7COPrpa1iqH2ZxI59tfAWF4xNDZHlf2AyV2lcQsOp0R0g%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVcoTCBkKm8eoAVQZmKhBqJGVagvgQVKlPFFw5c7MH2G6am22hd-jUY6qqG8BXXPeCN9_N-7C4mlq7p5uTP4W8nYcEeIGmvGaGYAslue3IL08qUvymxyG2AvS9Qlxyykf2HseZ5spXMsXXZxvbRx9fHz3PPl-YSUJwt5BX3M88QrBeuqsdTs0v8htPJ-aqep-AaCvoza4IqpSrFOdz1lzuTjIhAqn_yxBczvYcyZw4gQvBoWevCVnTGJXx1LqGy6mqY4-SHBPvuY39DJK39Zk-sIbKWyBFvsGLZ7rTvLR0Pu67i-HIsyUGpn7hCJTxD4gldECRoTxOU-3j46QKA2Rf05j-zVgsbREgvRDJ9o8IMRfbP_kvjgtkPv-ne5SQLFaYVG5HY4iMoJWiYp7ZZt-syu8fjv20unitGuFfrob4hQcmTGlrYXIijf8ITxwVR92R0XEyvG9Lr-y4chmP5Qcn3nmoVPIfP54GXim2VaEBEJTC84TkSxITvF9VrtKVnAqsZ57WdUi9cS60G82CxejpxKGxyux5Y5Q-P4WQj1e96CEPsbIv0Ua-sY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG58trC6iY_63CsPL7_UP_diasArJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBI0CT9CcOX4bbr5YIpIAOMGvknU89DGxW6tWhAoKpR_BJmS_i88agB8_E5QQeVYsowBKAsODmqUPO3woLYNQQKvCEECAVeZHg4ZsldXIjMjnr1t5H8UARrX-48vpPZU-na3D_oXCR2F-vl2ELMPdTkJ9ad_IKPktsNRvaSEqsYgTEsYstBOO6l8AY3pxNYFwVUtcfIUqVhfOksKtlmg9nzkdwEonw8GIj3tpI-gLhfOvmLMQKvc5rYW68kys0kfmPiFLJMUOme_WsH0pSnoMYpAUvegfvdthTIGMuAOO6U5iuEFdmzCOpAlvq4okXiQr1hiRUIsfgtBBfueIWje9LX4Mz8ZtYbMyaqcs-xOr4GzgBAGABq3rsJv8mO_VmwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NTY0MTY2ODI5OTExNzQz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CIR_0w7zN8VMWxI_Ci_g9At4YzQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 15 Dec 2023 21:52:44 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame B2BB 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ksx-zGKhuXXElvfSgTXJzrWWt7ok1JSvZSEeRzvJX4LnIHrEQph4WoAkMMCFdyoYdtTm5nTWbgRA-mVbjsdmRAtWkyEalBf5UgcyD0UhrO-UB4hnHUuxAe6pQDyFo4PPg1HFWwjtg43dLnNicpx03PwGwSOhRYiw83PF0d-4kTv1BrCI92vra-Sz12mwme-8tlPz0D00g6o49CkpPQtpZc-RhDjRwjmRJ-4t6OKWVGvf0JssJ6zdpIBXRXjz3mUDnITF5SCvNhI2LNQSNpznTH_JlvhAWetEmcKC7Q-LbeztRTnprJMuUIQ8_DB9n3oP6jRhKBzbrno-fsdYXFuY_x1vabRHb1zI72CbZ9LIsiVnTkGY_5u2Cxuf0ZOIqxYfOymnOsJ1zvJvZ3p4oWZ9TxbhqCdOUO1F4ltA7fjWAftkN8stnNvsUC_1Os5dxp8_YCnPnQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IurAACm_4Iu-XDAAasfbcuP06Nhm39MnXJOg&u=%7COPrpa1iqH2ZxI59tfAWF4xNDZHlf2AyV2lcQsOp0R0g%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVcoTCBkKm8eoAVQZmKhBqJGVagvgQVKlPFFw5c7MH2G6am22hd-jUY6qqG8BXXPeCN9_N-7C4mlq7p5uTP4W8nYcEeIGmvGaGYAslue3IL08qUvymxyG2AvS9Qlxyykf2HseZ5spXMsXXZxvbRx9fHz3PPl-YSUJwt5BX3M88QrBeuqsdTs0v8htPJ-aqep-AaCvoza4IqpSrFOdz1lzuTjIhAqn_yxBczvYcyZw4gQvBoWevCVnTGJXx1LqGy6mqY4-SHBPvuY39DJK39Zk-sIbKWyBFvsGLZ7rTvLR0Pu67i-HIsyUGpn7hCJTxD4gldECRoTxOU-3j46QKA2Rf05j-zVgsbREgvRDJ9o8IMRfbP_kvjgtkPv-ne5SQLFaYVG5HY4iMoJWiYp7ZZt-syu8fjv20unitGuFfrob4hQcmTGlrYXIijf8ITxwVR92R0XEyvG9Lr-y4chmP5Qcn3nmoVPIfP54GXim2VaEBEJTC84TkSxITvF9VrtKVnAqsZ57WdUi9cS60G82CxejpxKGxyux5Y5Q-P4WQj1e96CEPsbIv0Ua-sY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG58trC6iY_63CsPL7_UP_diasArJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBI0CT9CcOX4bbr5YIpIAOMGvknU89DGxW6tWhAoKpR_BJmS_i88agB8_E5QQeVYsowBKAsODmqUPO3woLYNQQKvCEECAVeZHg4ZsldXIjMjnr1t5H8UARrX-48vpPZU-na3D_oXCR2F-vl2ELMPdTkJ9ad_IKPktsNRvaSEqsYgTEsYstBOO6l8AY3pxNYFwVUtcfIUqVhfOksKtlmg9nzkdwEonw8GIj3tpI-gLhfOvmLMQKvc5rYW68kys0kfmPiFLJMUOme_WsH0pSnoMYpAUvegfvdthTIGMuAOO6U5iuEFdmzCOpAlvq4okXiQr1hiRUIsfgtBBfueIWje9LX4Mz8ZtYbMyaqcs-xOr4GzgBAGABq3rsJv8mO_VmwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NTY0MTY2ODI5OTExNzQz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CIR_0w7zN8VMWxI_Ci_g9At4YzQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:44 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4118488
expires
Mon, 26 Jul 1997 05:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2717 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
225259
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Dec 2022 07:18:25 GMT
expires
Mon, 18 Dec 2023 07:18:25 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
request.php
hal900026.redintelligence.net/ Frame 2BE5
Redirect Chain
  • https://hal900026.redintelligence.net/request.php?zone=gjjhz7cdztxo&nw=20&renderingType=javascript&namespace=3b5b830b08&subid=&uid=b6dc39e3b02c85e6&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900026.redintelligence.net/request.php?zone=gjjhz7cdztxo&nw=20&renderingType=javascript&namespace=3b5b830b08&subid=&uid=b6dc39e3b02c85e6&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/request.php?zone=gjjhz7cdztxo&nw=20&renderingType=javascript&namespace=3b5b830b08&subid=&uid=b6dc39e3b02c85e6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-7knqy6iY5qMOo3-7_UPssWfyArM-Yagaeu7x__3D_AuEAEgsMjAIWCRBMgBCakCfVfsGzTOsT6oAwGqBPIBT9BH8xO2CijPTvpgtxVCwwH6nOmcCl7JBXe72aXkxp2iZz_d7TxzMa2lkBwxo481Az1_oqHnfPk42PD5UlwoVMM6nDKfnRm2t8le-89oyF2qM4mNIFdB3A0iUDdg-zRFNIMdxhqozZWRtQICue-Zh4gKnh9bx1awIzfdU8u6GRcYATil_RMC1ASPc_uoj0O-byIfWqQ5apSynfAxqQRfvFRVkbmAzzU8zPfikvNb5yRbf0Q2F3aWYc40F6z0V3vs4GOApnfuuB03ssEUEcolXwikk-iVYZ8F4E8PJVLKDhbOssjuzaq9R_ZbSMg14pNJFWLABOrrzKPkA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi02NTY0MTY2ODI5OTExNzQzgAoDmAsByAsBgAwBsBPgm80O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPwDq26N9E-h_-GY6O7uj9FDSJueRzMKZ0ia6fREoxuJ1KCJCIPryOXebFw96-6lakQ2ce0VnXIyvdkomdh-7NhgBIBM%26sig%3DAOD64_3c4Z6u0zTOHwK1S2xToMv5-p1AVw%26client%3Dca-pub-2697679518515886%26dbm_c%3DAKAmf-BRLk8FqdGHA8eBXfoLAbHb-IXPSOYx8kSJx-4sF2OCpCll6WaJpGTElccf0VhcYUjagCeLZbBafyEkQ3mRz_DQCGDsClSB_DKInlpqMuq64KUsBhVLf8uH8DmAZuvQsWgLjnTRKU2vLjyjSsByf3U69kpMP5ZpZBHzE4VY6ybHsYaMrFU%26cry%3D1%26dbm_d%3DAKAmf-DuU0f4UVLI10Jx-kfwd8nCKq2TZMw8YUXuamaVLDm4_4GXE-VtO4whBTcQGldc8xOhckwuLpT4nZshxOMYy14H1M5LiO1W_191dWzeDS0Ckc-br9opsM56V-BM5aYx__yyoGDw4lNmZfYZxkdHO1EKuju8ArUE924xaYPZdGoexZe9XHbrJL8ShPMH93JLlH-xsbRoTzw4V4K9GKck2wYSi6FIgOXPyWuIbYGelQvVTKZHaxXocVuvjVxR-KGEaItPPfjRxssG4jdgQYDrVuavBZfboCxsG6vLOunWGq8zDylmBneuchoyocsscq3rmmAUJbh84ompDdLkBkzaBt6HMs4hnVi8R0C30h_35DtGH6wgJ1R85an6F06dhk3SUdBRezBtl9Xg1WYijACyvaoAPF6x4ewfaqetWbilFvLzPlMsrYwP2mWCunJBWBPPJdxs9hWcCkwdBlcx_P7ETgaFraFbVXhzZjk6uT64-PPyrjBOeHap1_6darvtkTykSSID6HO1Ye2REAC4p_Mlh7HjGofCKmy4uVMtnK81e9ABoG9W01PQ_05H8KvJ0QD-zClIea4i%26adurl%3D&documentReferer=https%3A%2F%2Fholdtoreset.com%2F&ancestorOrigins=https%3A%2F%2Fholdtoreset.com&random=6995985741532&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
11e4f273302f904e258ded2b755bb49c7a3fc7d1d5346863fda7c1ef2bb1f895

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:44 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
39522900151741704444454012179026
Connection
close
Content-Length
895
Expires
Tue, 20 Dec 2022 21:52:44 +0100

Redirect headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:44 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=gjjhz7cdztxo&nw=20&renderingType=javascript&namespace=3b5b830b08&subid=&uid=b6dc39e3b02c85e6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-7knqy6iY5qMOo3-7_UPssWfyArM-Yagaeu7x__3D_AuEAEgsMjAIWCRBMgBCakCfVfsGzTOsT6oAwGqBPIBT9BH8xO2CijPTvpgtxVCwwH6nOmcCl7JBXe72aXkxp2iZz_d7TxzMa2lkBwxo481Az1_oqHnfPk42PD5UlwoVMM6nDKfnRm2t8le-89oyF2qM4mNIFdB3A0iUDdg-zRFNIMdxhqozZWRtQICue-Zh4gKnh9bx1awIzfdU8u6GRcYATil_RMC1ASPc_uoj0O-byIfWqQ5apSynfAxqQRfvFRVkbmAzzU8zPfikvNb5yRbf0Q2F3aWYc40F6z0V3vs4GOApnfuuB03ssEUEcolXwikk-iVYZ8F4E8PJVLKDhbOssjuzaq9R_ZbSMg14pNJFWLABOrrzKPkA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi02NTY0MTY2ODI5OTExNzQzgAoDmAsByAsBgAwBsBPgm80O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPwDq26N9E-h_-GY6O7uj9FDSJueRzMKZ0ia6fREoxuJ1KCJCIPryOXebFw96-6lakQ2ce0VnXIyvdkomdh-7NhgBIBM%26sig%3DAOD64_3c4Z6u0zTOHwK1S2xToMv5-p1AVw%26client%3Dca-pub-2697679518515886%26dbm_c%3DAKAmf-BRLk8FqdGHA8eBXfoLAbHb-IXPSOYx8kSJx-4sF2OCpCll6WaJpGTElccf0VhcYUjagCeLZbBafyEkQ3mRz_DQCGDsClSB_DKInlpqMuq64KUsBhVLf8uH8DmAZuvQsWgLjnTRKU2vLjyjSsByf3U69kpMP5ZpZBHzE4VY6ybHsYaMrFU%26cry%3D1%26dbm_d%3DAKAmf-DuU0f4UVLI10Jx-kfwd8nCKq2TZMw8YUXuamaVLDm4_4GXE-VtO4whBTcQGldc8xOhckwuLpT4nZshxOMYy14H1M5LiO1W_191dWzeDS0Ckc-br9opsM56V-BM5aYx__yyoGDw4lNmZfYZxkdHO1EKuju8ArUE924xaYPZdGoexZe9XHbrJL8ShPMH93JLlH-xsbRoTzw4V4K9GKck2wYSi6FIgOXPyWuIbYGelQvVTKZHaxXocVuvjVxR-KGEaItPPfjRxssG4jdgQYDrVuavBZfboCxsG6vLOunWGq8zDylmBneuchoyocsscq3rmmAUJbh84ompDdLkBkzaBt6HMs4hnVi8R0C30h_35DtGH6wgJ1R85an6F06dhk3SUdBRezBtl9Xg1WYijACyvaoAPF6x4ewfaqetWbilFvLzPlMsrYwP2mWCunJBWBPPJdxs9hWcCkwdBlcx_P7ETgaFraFbVXhzZjk6uT64-PPyrjBOeHap1_6darvtkTykSSID6HO1Ye2REAC4p_Mlh7HjGofCKmy4uVMtnK81e9ABoG9W01PQ_05H8KvJ0QD-zClIea4i%26adurl%3D&documentReferer=https%3A%2F%2Fholdtoreset.com%2F&ancestorOrigins=https%3A%2F%2Fholdtoreset.com&random=6995985741532&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Tue, 20 Dec 2022 21:52:44 +0100
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame B2BB 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IurAACm_4Iu-XDAAasfbcuP06Nhm39MnXJOg&u=%7COPrpa1iqH2ZxI59tfAWF4xNDZHlf2AyV2lcQsOp0R0g%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVcoTCBkKm8eoAVQZmKhBqJGVagvgQVKlPFFw5c7MH2G6am22hd-jUY6qqG8BXXPeCN9_N-7C4mlq7p5uTP4W8nYcEeIGmvGaGYAslue3IL08qUvymxyG2AvS9Qlxyykf2HseZ5spXMsXXZxvbRx9fHz3PPl-YSUJwt5BX3M88QrBeuqsdTs0v8htPJ-aqep-AaCvoza4IqpSrFOdz1lzuTjIhAqn_yxBczvYcyZw4gQvBoWevCVnTGJXx1LqGy6mqY4-SHBPvuY39DJK39Zk-sIbKWyBFvsGLZ7rTvLR0Pu67i-HIsyUGpn7hCJTxD4gldECRoTxOU-3j46QKA2Rf05j-zVgsbREgvRDJ9o8IMRfbP_kvjgtkPv-ne5SQLFaYVG5HY4iMoJWiYp7ZZt-syu8fjv20unitGuFfrob4hQcmTGlrYXIijf8ITxwVR92R0XEyvG9Lr-y4chmP5Qcn3nmoVPIfP54GXim2VaEBEJTC84TkSxITvF9VrtKVnAqsZ57WdUi9cS60G82CxejpxKGxyux5Y5Q-P4WQj1e96CEPsbIv0Ua-sY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG58trC6iY_63CsPL7_UP_diasArJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBI0CT9CcOX4bbr5YIpIAOMGvknU89DGxW6tWhAoKpR_BJmS_i88agB8_E5QQeVYsowBKAsODmqUPO3woLYNQQKvCEECAVeZHg4ZsldXIjMjnr1t5H8UARrX-48vpPZU-na3D_oXCR2F-vl2ELMPdTkJ9ad_IKPktsNRvaSEqsYgTEsYstBOO6l8AY3pxNYFwVUtcfIUqVhfOksKtlmg9nzkdwEonw8GIj3tpI-gLhfOvmLMQKvc5rYW68kys0kfmPiFLJMUOme_WsH0pSnoMYpAUvegfvdthTIGMuAOO6U5iuEFdmzCOpAlvq4okXiQr1hiRUIsfgtBBfueIWje9LX4Mz8ZtYbMyaqcs-xOr4GzgBAGABq3rsJv8mO_VmwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NTY0MTY2ODI5OTExNzQz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CIR_0w7zN8VMWxI_Ci_g9At4YzQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
441369
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qaS1agETKYk0BZLtO1JTMFkvmwxJcuSsjmEDmiNR7VVdSkSc7dT7nEoHdrf4wfHAGhwIAOhntUy5fTIIcSY5hFiKq%2Fhofj8FLTlAWPDYjDTUtYi5RDGU5PlbKxMXLEnQROPclvS%2BaOtaZ8Xu7GSTK0dW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77cb9b57ca1e8fe9-FRA
expires
Sun, 10 Dec 2023 21:52:44 GMT
animejs.js
static.criteo.net/animejs/ Frame B2BB 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IurAACm_4Iu-XDAAasfbcuP06Nhm39MnXJOg&u=%7COPrpa1iqH2ZxI59tfAWF4xNDZHlf2AyV2lcQsOp0R0g%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVcoTCBkKm8eoAVQZmKhBqJGVagvgQVKlPFFw5c7MH2G6am22hd-jUY6qqG8BXXPeCN9_N-7C4mlq7p5uTP4W8nYcEeIGmvGaGYAslue3IL08qUvymxyG2AvS9Qlxyykf2HseZ5spXMsXXZxvbRx9fHz3PPl-YSUJwt5BX3M88QrBeuqsdTs0v8htPJ-aqep-AaCvoza4IqpSrFOdz1lzuTjIhAqn_yxBczvYcyZw4gQvBoWevCVnTGJXx1LqGy6mqY4-SHBPvuY39DJK39Zk-sIbKWyBFvsGLZ7rTvLR0Pu67i-HIsyUGpn7hCJTxD4gldECRoTxOU-3j46QKA2Rf05j-zVgsbREgvRDJ9o8IMRfbP_kvjgtkPv-ne5SQLFaYVG5HY4iMoJWiYp7ZZt-syu8fjv20unitGuFfrob4hQcmTGlrYXIijf8ITxwVR92R0XEyvG9Lr-y4chmP5Qcn3nmoVPIfP54GXim2VaEBEJTC84TkSxITvF9VrtKVnAqsZ57WdUi9cS60G82CxejpxKGxyux5Y5Q-P4WQj1e96CEPsbIv0Ua-sY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG58trC6iY_63CsPL7_UP_diasArJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBI0CT9CcOX4bbr5YIpIAOMGvknU89DGxW6tWhAoKpR_BJmS_i88agB8_E5QQeVYsowBKAsODmqUPO3woLYNQQKvCEECAVeZHg4ZsldXIjMjnr1t5H8UARrX-48vpPZU-na3D_oXCR2F-vl2ELMPdTkJ9ad_IKPktsNRvaSEqsYgTEsYstBOO6l8AY3pxNYFwVUtcfIUqVhfOksKtlmg9nzkdwEonw8GIj3tpI-gLhfOvmLMQKvc5rYW68kys0kfmPiFLJMUOme_WsH0pSnoMYpAUvegfvdthTIGMuAOO6U5iuEFdmzCOpAlvq4okXiQr1hiRUIsfgtBBfueIWje9LX4Mz8ZtYbMyaqcs-xOr4GzgBAGABq3rsJv8mO_VmwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NTY0MTY2ODI5OTExNzQz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CIR_0w7zN8VMWxI_Ci_g9At4YzQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Dec 2023 21:52:44 GMT
abac96499b784162a1732d4787adb801_hermes-maia-t4-tab-bold.woff
static.criteo.net/design/dt/ Frame B2BB 		56 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/abac96499b784162a1732d4787adb801_hermes-maia-t4-tab-bold.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IurAACm_4Iu-XDAAasfbcuP06Nhm39MnXJOg&u=%7COPrpa1iqH2ZxI59tfAWF4xNDZHlf2AyV2lcQsOp0R0g%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVcoTCBkKm8eoAVQZmKhBqJGVagvgQVKlPFFw5c7MH2G6am22hd-jUY6qqG8BXXPeCN9_N-7C4mlq7p5uTP4W8nYcEeIGmvGaGYAslue3IL08qUvymxyG2AvS9Qlxyykf2HseZ5spXMsXXZxvbRx9fHz3PPl-YSUJwt5BX3M88QrBeuqsdTs0v8htPJ-aqep-AaCvoza4IqpSrFOdz1lzuTjIhAqn_yxBczvYcyZw4gQvBoWevCVnTGJXx1LqGy6mqY4-SHBPvuY39DJK39Zk-sIbKWyBFvsGLZ7rTvLR0Pu67i-HIsyUGpn7hCJTxD4gldECRoTxOU-3j46QKA2Rf05j-zVgsbREgvRDJ9o8IMRfbP_kvjgtkPv-ne5SQLFaYVG5HY4iMoJWiYp7ZZt-syu8fjv20unitGuFfrob4hQcmTGlrYXIijf8ITxwVR92R0XEyvG9Lr-y4chmP5Qcn3nmoVPIfP54GXim2VaEBEJTC84TkSxITvF9VrtKVnAqsZ57WdUi9cS60G82CxejpxKGxyux5Y5Q-P4WQj1e96CEPsbIv0Ua-sY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG58trC6iY_63CsPL7_UP_diasArJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBI0CT9CcOX4bbr5YIpIAOMGvknU89DGxW6tWhAoKpR_BJmS_i88agB8_E5QQeVYsowBKAsODmqUPO3woLYNQQKvCEECAVeZHg4ZsldXIjMjnr1t5H8UARrX-48vpPZU-na3D_oXCR2F-vl2ELMPdTkJ9ad_IKPktsNRvaSEqsYgTEsYstBOO6l8AY3pxNYFwVUtcfIUqVhfOksKtlmg9nzkdwEonw8GIj3tpI-gLhfOvmLMQKvc5rYW68kys0kfmPiFLJMUOme_WsH0pSnoMYpAUvegfvdthTIGMuAOO6U5iuEFdmzCOpAlvq4okXiQr1hiRUIsfgtBBfueIWje9LX4Mz8ZtYbMyaqcs-xOr4GzgBAGABq3rsJv8mO_VmwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NTY0MTY2ODI5OTExNzQz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CIR_0w7zN8VMWxI_Ci_g9At4YzQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
792a550de403d732be95775e8722929ff8ed97f4d3fe4cf93223ecd878b89573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 28 Feb 2020 11:37:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e58fb7c-e13c"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Dec 2023 21:52:44 GMT
d2bb1a269635402fa3d31e432bca0874_hermes-maia-t4-bold.woff
static.criteo.net/design/dt/ Frame B2BB 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/d2bb1a269635402fa3d31e432bca0874_hermes-maia-t4-bold.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IurAACm_4Iu-XDAAasfbcuP06Nhm39MnXJOg&u=%7COPrpa1iqH2ZxI59tfAWF4xNDZHlf2AyV2lcQsOp0R0g%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVcoTCBkKm8eoAVQZmKhBqJGVagvgQVKlPFFw5c7MH2G6am22hd-jUY6qqG8BXXPeCN9_N-7C4mlq7p5uTP4W8nYcEeIGmvGaGYAslue3IL08qUvymxyG2AvS9Qlxyykf2HseZ5spXMsXXZxvbRx9fHz3PPl-YSUJwt5BX3M88QrBeuqsdTs0v8htPJ-aqep-AaCvoza4IqpSrFOdz1lzuTjIhAqn_yxBczvYcyZw4gQvBoWevCVnTGJXx1LqGy6mqY4-SHBPvuY39DJK39Zk-sIbKWyBFvsGLZ7rTvLR0Pu67i-HIsyUGpn7hCJTxD4gldECRoTxOU-3j46QKA2Rf05j-zVgsbREgvRDJ9o8IMRfbP_kvjgtkPv-ne5SQLFaYVG5HY4iMoJWiYp7ZZt-syu8fjv20unitGuFfrob4hQcmTGlrYXIijf8ITxwVR92R0XEyvG9Lr-y4chmP5Qcn3nmoVPIfP54GXim2VaEBEJTC84TkSxITvF9VrtKVnAqsZ57WdUi9cS60G82CxejpxKGxyux5Y5Q-P4WQj1e96CEPsbIv0Ua-sY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG58trC6iY_63CsPL7_UP_diasArJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBI0CT9CcOX4bbr5YIpIAOMGvknU89DGxW6tWhAoKpR_BJmS_i88agB8_E5QQeVYsowBKAsODmqUPO3woLYNQQKvCEECAVeZHg4ZsldXIjMjnr1t5H8UARrX-48vpPZU-na3D_oXCR2F-vl2ELMPdTkJ9ad_IKPktsNRvaSEqsYgTEsYstBOO6l8AY3pxNYFwVUtcfIUqVhfOksKtlmg9nzkdwEonw8GIj3tpI-gLhfOvmLMQKvc5rYW68kys0kfmPiFLJMUOme_WsH0pSnoMYpAUvegfvdthTIGMuAOO6U5iuEFdmzCOpAlvq4okXiQr1hiRUIsfgtBBfueIWje9LX4Mz8ZtYbMyaqcs-xOr4GzgBAGABq3rsJv8mO_VmwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NTY0MTY2ODI5OTExNzQz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CIR_0w7zN8VMWxI_Ci_g9At4YzQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
43d568ecd3b26f05a839c869119066d3f671cbc707d002e4816bcc0d0803bfae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 28 Feb 2020 11:37:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e58fb7c-97b0"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Dec 2023 21:52:44 GMT
img
pix.eu.criteo.net/img/ Frame B2BB 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5887&q=80&r=2&u=https%3A%2F%2Fobjectstore.true.nl%2Fprijsvrij%3Aaccommodations%2F626x416%2F0A4HGWLGKSZKL8037S7J1EN960LMSHTYHTV1RAH7.jpg&v=3&w=400&s=KSFUuVQr7TGN-5sK5a1YubTf&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IurAACm_4Iu-XDAAasfbcuP06Nhm39MnXJOg&u=%7COPrpa1iqH2ZxI59tfAWF4xNDZHlf2AyV2lcQsOp0R0g%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVcoTCBkKm8eoAVQZmKhBqJGVagvgQVKlPFFw5c7MH2G6am22hd-jUY6qqG8BXXPeCN9_N-7C4mlq7p5uTP4W8nYcEeIGmvGaGYAslue3IL08qUvymxyG2AvS9Qlxyykf2HseZ5spXMsXXZxvbRx9fHz3PPl-YSUJwt5BX3M88QrBeuqsdTs0v8htPJ-aqep-AaCvoza4IqpSrFOdz1lzuTjIhAqn_yxBczvYcyZw4gQvBoWevCVnTGJXx1LqGy6mqY4-SHBPvuY39DJK39Zk-sIbKWyBFvsGLZ7rTvLR0Pu67i-HIsyUGpn7hCJTxD4gldECRoTxOU-3j46QKA2Rf05j-zVgsbREgvRDJ9o8IMRfbP_kvjgtkPv-ne5SQLFaYVG5HY4iMoJWiYp7ZZt-syu8fjv20unitGuFfrob4hQcmTGlrYXIijf8ITxwVR92R0XEyvG9Lr-y4chmP5Qcn3nmoVPIfP54GXim2VaEBEJTC84TkSxITvF9VrtKVnAqsZ57WdUi9cS60G82CxejpxKGxyux5Y5Q-P4WQj1e96CEPsbIv0Ua-sY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG58trC6iY_63CsPL7_UP_diasArJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBI0CT9CcOX4bbr5YIpIAOMGvknU89DGxW6tWhAoKpR_BJmS_i88agB8_E5QQeVYsowBKAsODmqUPO3woLYNQQKvCEECAVeZHg4ZsldXIjMjnr1t5H8UARrX-48vpPZU-na3D_oXCR2F-vl2ELMPdTkJ9ad_IKPktsNRvaSEqsYgTEsYstBOO6l8AY3pxNYFwVUtcfIUqVhfOksKtlmg9nzkdwEonw8GIj3tpI-gLhfOvmLMQKvc5rYW68kys0kfmPiFLJMUOme_WsH0pSnoMYpAUvegfvdthTIGMuAOO6U5iuEFdmzCOpAlvq4okXiQr1hiRUIsfgtBBfueIWje9LX4Mz8ZtYbMyaqcs-xOr4GzgBAGABq3rsJv8mO_VmwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NTY0MTY2ODI5OTExNzQz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CIR_0w7zN8VMWxI_Ci_g9At4YzQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
a7842c0861159a91866347785d7c69224cb5c512b80352b437f2c6a5e7a77ff0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
70662
expires
Fri, 15 Dec 2023 21:52:44 GMT
1e7ceb27896c4e4a948cc9f62e635a83_cpn_728x90_1.png
static.criteo.net/design/dt/5887/221212/ Frame B2BB 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/5887/221212/1e7ceb27896c4e4a948cc9f62e635a83_cpn_728x90_1.png
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IurAACm_4Iu-XDAAasfbcuP06Nhm39MnXJOg&u=%7COPrpa1iqH2ZxI59tfAWF4xNDZHlf2AyV2lcQsOp0R0g%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVcoTCBkKm8eoAVQZmKhBqJGVagvgQVKlPFFw5c7MH2G6am22hd-jUY6qqG8BXXPeCN9_N-7C4mlq7p5uTP4W8nYcEeIGmvGaGYAslue3IL08qUvymxyG2AvS9Qlxyykf2HseZ5spXMsXXZxvbRx9fHz3PPl-YSUJwt5BX3M88QrBeuqsdTs0v8htPJ-aqep-AaCvoza4IqpSrFOdz1lzuTjIhAqn_yxBczvYcyZw4gQvBoWevCVnTGJXx1LqGy6mqY4-SHBPvuY39DJK39Zk-sIbKWyBFvsGLZ7rTvLR0Pu67i-HIsyUGpn7hCJTxD4gldECRoTxOU-3j46QKA2Rf05j-zVgsbREgvRDJ9o8IMRfbP_kvjgtkPv-ne5SQLFaYVG5HY4iMoJWiYp7ZZt-syu8fjv20unitGuFfrob4hQcmTGlrYXIijf8ITxwVR92R0XEyvG9Lr-y4chmP5Qcn3nmoVPIfP54GXim2VaEBEJTC84TkSxITvF9VrtKVnAqsZ57WdUi9cS60G82CxejpxKGxyux5Y5Q-P4WQj1e96CEPsbIv0Ua-sY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG58trC6iY_63CsPL7_UP_diasArJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBI0CT9CcOX4bbr5YIpIAOMGvknU89DGxW6tWhAoKpR_BJmS_i88agB8_E5QQeVYsowBKAsODmqUPO3woLYNQQKvCEECAVeZHg4ZsldXIjMjnr1t5H8UARrX-48vpPZU-na3D_oXCR2F-vl2ELMPdTkJ9ad_IKPktsNRvaSEqsYgTEsYstBOO6l8AY3pxNYFwVUtcfIUqVhfOksKtlmg9nzkdwEonw8GIj3tpI-gLhfOvmLMQKvc5rYW68kys0kfmPiFLJMUOme_WsH0pSnoMYpAUvegfvdthTIGMuAOO6U5iuEFdmzCOpAlvq4okXiQr1hiRUIsfgtBBfueIWje9LX4Mz8ZtYbMyaqcs-xOr4GzgBAGABq3rsJv8mO_VmwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NTY0MTY2ODI5OTExNzQz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CIR_0w7zN8VMWxI_Ci_g9At4YzQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
79a7b82887e1a8925ad2867420274ebd34ba292f66da433d0a3dcfcfb05bc40b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 12 Dec 2022 20:43:52 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"63979288-3ebf"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
16063
expires
Fri, 15 Dec 2023 21:52:44 GMT
img
pix.eu.criteo.net/img/ Frame B2BB 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=176&m=0&partner=5887&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5887%2F200529%2F05d132c9508b4d72b38f4693371fd40d_prusvuasset_1.png&v=3&w=256&s=AC_Plqt4RoyYKsj_AWENfJXj
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IurAACm_4Iu-XDAAasfbcuP06Nhm39MnXJOg&u=%7COPrpa1iqH2ZxI59tfAWF4xNDZHlf2AyV2lcQsOp0R0g%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVcoTCBkKm8eoAVQZmKhBqJGVagvgQVKlPFFw5c7MH2G6am22hd-jUY6qqG8BXXPeCN9_N-7C4mlq7p5uTP4W8nYcEeIGmvGaGYAslue3IL08qUvymxyG2AvS9Qlxyykf2HseZ5spXMsXXZxvbRx9fHz3PPl-YSUJwt5BX3M88QrBeuqsdTs0v8htPJ-aqep-AaCvoza4IqpSrFOdz1lzuTjIhAqn_yxBczvYcyZw4gQvBoWevCVnTGJXx1LqGy6mqY4-SHBPvuY39DJK39Zk-sIbKWyBFvsGLZ7rTvLR0Pu67i-HIsyUGpn7hCJTxD4gldECRoTxOU-3j46QKA2Rf05j-zVgsbREgvRDJ9o8IMRfbP_kvjgtkPv-ne5SQLFaYVG5HY4iMoJWiYp7ZZt-syu8fjv20unitGuFfrob4hQcmTGlrYXIijf8ITxwVR92R0XEyvG9Lr-y4chmP5Qcn3nmoVPIfP54GXim2VaEBEJTC84TkSxITvF9VrtKVnAqsZ57WdUi9cS60G82CxejpxKGxyux5Y5Q-P4WQj1e96CEPsbIv0Ua-sY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG58trC6iY_63CsPL7_UP_diasArJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBI0CT9CcOX4bbr5YIpIAOMGvknU89DGxW6tWhAoKpR_BJmS_i88agB8_E5QQeVYsowBKAsODmqUPO3woLYNQQKvCEECAVeZHg4ZsldXIjMjnr1t5H8UARrX-48vpPZU-na3D_oXCR2F-vl2ELMPdTkJ9ad_IKPktsNRvaSEqsYgTEsYstBOO6l8AY3pxNYFwVUtcfIUqVhfOksKtlmg9nzkdwEonw8GIj3tpI-gLhfOvmLMQKvc5rYW68kys0kfmPiFLJMUOme_WsH0pSnoMYpAUvegfvdthTIGMuAOO6U5iuEFdmzCOpAlvq4okXiQr1hiRUIsfgtBBfueIWje9LX4Mz8ZtYbMyaqcs-xOr4GzgBAGABq3rsJv8mO_VmwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NTY0MTY2ODI5OTExNzQz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CIR_0w7zN8VMWxI_Ci_g9At4YzQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
7161f3ed2b45ada2ed1be9f1ffd68263a5256877be8e471b315765b1ce1a81d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31042073
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10325
expires
Fri, 15 Dec 2023 04:40:38 GMT
img
pix.eu.criteo.net/img/ Frame B2BB 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5887&q=80&r=2&u=https%3A%2F%2Fobjectstore.true.nl%2Fprijsvrij%3Aaccommodations%2F626x416%2FBSPVZ0XF6JXOHCHUP0CBJ37WOKP3VR663NXIVF32.jpg&v=3&w=400&s=KthMtAwcR_pU5TbWl6gmthZp&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IurAACm_4Iu-XDAAasfbcuP06Nhm39MnXJOg&u=%7COPrpa1iqH2ZxI59tfAWF4xNDZHlf2AyV2lcQsOp0R0g%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVcoTCBkKm8eoAVQZmKhBqJGVagvgQVKlPFFw5c7MH2G6am22hd-jUY6qqG8BXXPeCN9_N-7C4mlq7p5uTP4W8nYcEeIGmvGaGYAslue3IL08qUvymxyG2AvS9Qlxyykf2HseZ5spXMsXXZxvbRx9fHz3PPl-YSUJwt5BX3M88QrBeuqsdTs0v8htPJ-aqep-AaCvoza4IqpSrFOdz1lzuTjIhAqn_yxBczvYcyZw4gQvBoWevCVnTGJXx1LqGy6mqY4-SHBPvuY39DJK39Zk-sIbKWyBFvsGLZ7rTvLR0Pu67i-HIsyUGpn7hCJTxD4gldECRoTxOU-3j46QKA2Rf05j-zVgsbREgvRDJ9o8IMRfbP_kvjgtkPv-ne5SQLFaYVG5HY4iMoJWiYp7ZZt-syu8fjv20unitGuFfrob4hQcmTGlrYXIijf8ITxwVR92R0XEyvG9Lr-y4chmP5Qcn3nmoVPIfP54GXim2VaEBEJTC84TkSxITvF9VrtKVnAqsZ57WdUi9cS60G82CxejpxKGxyux5Y5Q-P4WQj1e96CEPsbIv0Ua-sY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG58trC6iY_63CsPL7_UP_diasArJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBI0CT9CcOX4bbr5YIpIAOMGvknU89DGxW6tWhAoKpR_BJmS_i88agB8_E5QQeVYsowBKAsODmqUPO3woLYNQQKvCEECAVeZHg4ZsldXIjMjnr1t5H8UARrX-48vpPZU-na3D_oXCR2F-vl2ELMPdTkJ9ad_IKPktsNRvaSEqsYgTEsYstBOO6l8AY3pxNYFwVUtcfIUqVhfOksKtlmg9nzkdwEonw8GIj3tpI-gLhfOvmLMQKvc5rYW68kys0kfmPiFLJMUOme_WsH0pSnoMYpAUvegfvdthTIGMuAOO6U5iuEFdmzCOpAlvq4okXiQr1hiRUIsfgtBBfueIWje9LX4Mz8ZtYbMyaqcs-xOr4GzgBAGABq3rsJv8mO_VmwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NTY0MTY2ODI5OTExNzQz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CIR_0w7zN8VMWxI_Ci_g9At4YzQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
727bd2403e8bf3e229cb18270e8b4747fdbe812ccfab74a4cde67672ee829dcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
39068
expires
Fri, 15 Dec 2023 21:52:44 GMT
5f1aecf9bd6d4f5bb63cfec168184c84_sw2_all_medium_out.png
static.criteo.net/design/dt/5887/200529/ Frame B2BB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/5887/200529/5f1aecf9bd6d4f5bb63cfec168184c84_sw2_all_medium_out.png
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IurAACm_4Iu-XDAAasfbcuP06Nhm39MnXJOg&u=%7COPrpa1iqH2ZxI59tfAWF4xNDZHlf2AyV2lcQsOp0R0g%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVcoTCBkKm8eoAVQZmKhBqJGVagvgQVKlPFFw5c7MH2G6am22hd-jUY6qqG8BXXPeCN9_N-7C4mlq7p5uTP4W8nYcEeIGmvGaGYAslue3IL08qUvymxyG2AvS9Qlxyykf2HseZ5spXMsXXZxvbRx9fHz3PPl-YSUJwt5BX3M88QrBeuqsdTs0v8htPJ-aqep-AaCvoza4IqpSrFOdz1lzuTjIhAqn_yxBczvYcyZw4gQvBoWevCVnTGJXx1LqGy6mqY4-SHBPvuY39DJK39Zk-sIbKWyBFvsGLZ7rTvLR0Pu67i-HIsyUGpn7hCJTxD4gldECRoTxOU-3j46QKA2Rf05j-zVgsbREgvRDJ9o8IMRfbP_kvjgtkPv-ne5SQLFaYVG5HY4iMoJWiYp7ZZt-syu8fjv20unitGuFfrob4hQcmTGlrYXIijf8ITxwVR92R0XEyvG9Lr-y4chmP5Qcn3nmoVPIfP54GXim2VaEBEJTC84TkSxITvF9VrtKVnAqsZ57WdUi9cS60G82CxejpxKGxyux5Y5Q-P4WQj1e96CEPsbIv0Ua-sY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG58trC6iY_63CsPL7_UP_diasArJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBI0CT9CcOX4bbr5YIpIAOMGvknU89DGxW6tWhAoKpR_BJmS_i88agB8_E5QQeVYsowBKAsODmqUPO3woLYNQQKvCEECAVeZHg4ZsldXIjMjnr1t5H8UARrX-48vpPZU-na3D_oXCR2F-vl2ELMPdTkJ9ad_IKPktsNRvaSEqsYgTEsYstBOO6l8AY3pxNYFwVUtcfIUqVhfOksKtlmg9nzkdwEonw8GIj3tpI-gLhfOvmLMQKvc5rYW68kys0kfmPiFLJMUOme_WsH0pSnoMYpAUvegfvdthTIGMuAOO6U5iuEFdmzCOpAlvq4okXiQr1hiRUIsfgtBBfueIWje9LX4Mz8ZtYbMyaqcs-xOr4GzgBAGABq3rsJv8mO_VmwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NTY0MTY2ODI5OTExNzQz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CIR_0w7zN8VMWxI_Ci_g9At4YzQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
815dc409813a160edea1f1e9dffb60ec236403511332d4a56e89f326166e75e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 29 May 2020 13:12:08 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5ed10a28-89c"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
2204
expires
Fri, 15 Dec 2023 21:52:44 GMT
img
pix.eu.criteo.net/img/ Frame B2BB 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5887&q=80&r=2&u=https%3A%2F%2Fobjectstore.true.nl%2Fprijsvrij%3Aaccommodations%2F626x416%2F74AE18B1G812HI28V68ODSUELQ0LR48NTG82SRY1.jpg&v=3&w=400&s=pIn_qKvPxbCbyXlVAptFNr3U&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IurAACm_4Iu-XDAAasfbcuP06Nhm39MnXJOg&u=%7COPrpa1iqH2ZxI59tfAWF4xNDZHlf2AyV2lcQsOp0R0g%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVcoTCBkKm8eoAVQZmKhBqJGVagvgQVKlPFFw5c7MH2G6am22hd-jUY6qqG8BXXPeCN9_N-7C4mlq7p5uTP4W8nYcEeIGmvGaGYAslue3IL08qUvymxyG2AvS9Qlxyykf2HseZ5spXMsXXZxvbRx9fHz3PPl-YSUJwt5BX3M88QrBeuqsdTs0v8htPJ-aqep-AaCvoza4IqpSrFOdz1lzuTjIhAqn_yxBczvYcyZw4gQvBoWevCVnTGJXx1LqGy6mqY4-SHBPvuY39DJK39Zk-sIbKWyBFvsGLZ7rTvLR0Pu67i-HIsyUGpn7hCJTxD4gldECRoTxOU-3j46QKA2Rf05j-zVgsbREgvRDJ9o8IMRfbP_kvjgtkPv-ne5SQLFaYVG5HY4iMoJWiYp7ZZt-syu8fjv20unitGuFfrob4hQcmTGlrYXIijf8ITxwVR92R0XEyvG9Lr-y4chmP5Qcn3nmoVPIfP54GXim2VaEBEJTC84TkSxITvF9VrtKVnAqsZ57WdUi9cS60G82CxejpxKGxyux5Y5Q-P4WQj1e96CEPsbIv0Ua-sY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG58trC6iY_63CsPL7_UP_diasArJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBI0CT9CcOX4bbr5YIpIAOMGvknU89DGxW6tWhAoKpR_BJmS_i88agB8_E5QQeVYsowBKAsODmqUPO3woLYNQQKvCEECAVeZHg4ZsldXIjMjnr1t5H8UARrX-48vpPZU-na3D_oXCR2F-vl2ELMPdTkJ9ad_IKPktsNRvaSEqsYgTEsYstBOO6l8AY3pxNYFwVUtcfIUqVhfOksKtlmg9nzkdwEonw8GIj3tpI-gLhfOvmLMQKvc5rYW68kys0kfmPiFLJMUOme_WsH0pSnoMYpAUvegfvdthTIGMuAOO6U5iuEFdmzCOpAlvq4okXiQr1hiRUIsfgtBBfueIWje9LX4Mz8ZtYbMyaqcs-xOr4GzgBAGABq3rsJv8mO_VmwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NTY0MTY2ODI5OTExNzQz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CIR_0w7zN8VMWxI_Ci_g9At4YzQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e9328d26461b48aae98f78fe8f182f7eff91d26f35f04af9d2df37a508a0401e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
50744
expires
Fri, 15 Dec 2023 21:52:44 GMT
all
csm.eu.criteo.net/ Frame B2BB 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=r64Y3sLIow_TvZs0nAKs9lJ_qP9Ij2YeK33k51V82Ch6sp_u3688wI6DvChHzkeQ4IQ4LZwe9_-0naYDzQiFA0PtFJu7BlVuFD59yi6BGvQjBK6_SV6SDQa9qpQ4x2bAAjwLxYG6HYGFNu4EIu-oLmrfiuKGpeq8W6oe-1sCPfype6VTYzG98PkflaN7r14-R5Rda9kZkhWV_dkJ4GxWmU0gwednn_bHPJFnZFg54X0HXf3-WEZpOaJsJgU&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IurAACm_4Iu-XDAAasfbcuP06Nhm39MnXJOg&u=%7COPrpa1iqH2ZxI59tfAWF4xNDZHlf2AyV2lcQsOp0R0g%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVcoTCBkKm8eoAVQZmKhBqJGVagvgQVKlPFFw5c7MH2G6am22hd-jUY6qqG8BXXPeCN9_N-7C4mlq7p5uTP4W8nYcEeIGmvGaGYAslue3IL08qUvymxyG2AvS9Qlxyykf2HseZ5spXMsXXZxvbRx9fHz3PPl-YSUJwt5BX3M88QrBeuqsdTs0v8htPJ-aqep-AaCvoza4IqpSrFOdz1lzuTjIhAqn_yxBczvYcyZw4gQvBoWevCVnTGJXx1LqGy6mqY4-SHBPvuY39DJK39Zk-sIbKWyBFvsGLZ7rTvLR0Pu67i-HIsyUGpn7hCJTxD4gldECRoTxOU-3j46QKA2Rf05j-zVgsbREgvRDJ9o8IMRfbP_kvjgtkPv-ne5SQLFaYVG5HY4iMoJWiYp7ZZt-syu8fjv20unitGuFfrob4hQcmTGlrYXIijf8ITxwVR92R0XEyvG9Lr-y4chmP5Qcn3nmoVPIfP54GXim2VaEBEJTC84TkSxITvF9VrtKVnAqsZ57WdUi9cS60G82CxejpxKGxyux5Y5Q-P4WQj1e96CEPsbIv0Ua-sY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG58trC6iY_63CsPL7_UP_diasArJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBI0CT9CcOX4bbr5YIpIAOMGvknU89DGxW6tWhAoKpR_BJmS_i88agB8_E5QQeVYsowBKAsODmqUPO3woLYNQQKvCEECAVeZHg4ZsldXIjMjnr1t5H8UARrX-48vpPZU-na3D_oXCR2F-vl2ELMPdTkJ9ad_IKPktsNRvaSEqsYgTEsYstBOO6l8AY3pxNYFwVUtcfIUqVhfOksKtlmg9nzkdwEonw8GIj3tpI-gLhfOvmLMQKvc5rYW68kys0kfmPiFLJMUOme_WsH0pSnoMYpAUvegfvdthTIGMuAOO6U5iuEFdmzCOpAlvq4okXiQr1hiRUIsfgtBBfueIWje9LX4Mz8ZtYbMyaqcs-xOr4GzgBAGABq3rsJv8mO_VmwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NTY0MTY2ODI5OTExNzQz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CIR_0w7zN8VMWxI_Ci_g9At4YzQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 20 Dec 2022 21:52:43 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
privacy.svg
static.criteo.net/flash/icon/ Frame B2BB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IurAACm_4Iu-XDAAasfbcuP06Nhm39MnXJOg&u=%7COPrpa1iqH2ZxI59tfAWF4xNDZHlf2AyV2lcQsOp0R0g%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVcoTCBkKm8eoAVQZmKhBqJGVagvgQVKlPFFw5c7MH2G6am22hd-jUY6qqG8BXXPeCN9_N-7C4mlq7p5uTP4W8nYcEeIGmvGaGYAslue3IL08qUvymxyG2AvS9Qlxyykf2HseZ5spXMsXXZxvbRx9fHz3PPl-YSUJwt5BX3M88QrBeuqsdTs0v8htPJ-aqep-AaCvoza4IqpSrFOdz1lzuTjIhAqn_yxBczvYcyZw4gQvBoWevCVnTGJXx1LqGy6mqY4-SHBPvuY39DJK39Zk-sIbKWyBFvsGLZ7rTvLR0Pu67i-HIsyUGpn7hCJTxD4gldECRoTxOU-3j46QKA2Rf05j-zVgsbREgvRDJ9o8IMRfbP_kvjgtkPv-ne5SQLFaYVG5HY4iMoJWiYp7ZZt-syu8fjv20unitGuFfrob4hQcmTGlrYXIijf8ITxwVR92R0XEyvG9Lr-y4chmP5Qcn3nmoVPIfP54GXim2VaEBEJTC84TkSxITvF9VrtKVnAqsZ57WdUi9cS60G82CxejpxKGxyux5Y5Q-P4WQj1e96CEPsbIv0Ua-sY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG58trC6iY_63CsPL7_UP_diasArJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBI0CT9CcOX4bbr5YIpIAOMGvknU89DGxW6tWhAoKpR_BJmS_i88agB8_E5QQeVYsowBKAsODmqUPO3woLYNQQKvCEECAVeZHg4ZsldXIjMjnr1t5H8UARrX-48vpPZU-na3D_oXCR2F-vl2ELMPdTkJ9ad_IKPktsNRvaSEqsYgTEsYstBOO6l8AY3pxNYFwVUtcfIUqVhfOksKtlmg9nzkdwEonw8GIj3tpI-gLhfOvmLMQKvc5rYW68kys0kfmPiFLJMUOme_WsH0pSnoMYpAUvegfvdthTIGMuAOO6U5iuEFdmzCOpAlvq4okXiQr1hiRUIsfgtBBfueIWje9LX4Mz8ZtYbMyaqcs-xOr4GzgBAGABq3rsJv8mO_VmwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NTY0MTY2ODI5OTExNzQz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CIR_0w7zN8VMWxI_Ci_g9At4YzQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Dec 2023 21:52:44 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame E9FC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6IurOSakhxL_nrq6D4RewAADJAAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJdHwiHkPtiJRHSqJbdZ42I&google_cver=1
43 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJdHwiHkPtiJRHSqJbdZ42I&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fholdtoreset.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywuEm3HcNiCuvAGzTkKW7sy7mR5cPnL5JrsiJ5ryzRlPy7nTlFjhIGdKgEFcSS%2BHy8GO2e55ExXOnfh%2BydddsNwQygFVfKkfvTSy2QSV4MxTvm%2FzBW%2FBt5W9fpvxkjL%2BLdLL2YVgRNTqQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77cb9b583c759088-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJdHwiHkPtiJRHSqJbdZ42I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame E9FC 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6IurOSakhxL_nrq6D4RewAADJAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fholdtoreset.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:44 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3Y31BD4N71XCTWQ4TBWF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame E9FC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fholdtoreset.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 20 Dec 2022 21:52:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame E9FC
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5990638619304584337
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5990638619304584337
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fholdtoreset.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 20 Dec 2022 21:52:44 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
95.211.95.247; 95.211.95.247; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
525782f8-5537-40a7-9ba3-56664943a821
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5990638619304584337
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y6IurOSakhxL_nrq6D4RewAADJAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E9FC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6IurOSakhxL_nrq6D4RewAADJAAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6IurOSakhxL_nrq6D4RewAADJAAAAAB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6IurOSakhxL_nrq6D4RewAADJAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fholdtoreset.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3601:c4b2:9469:8ead:7508 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y6IurOSakhxL_nrq6D4RewAADJAAAAAB
date
Tue, 20 Dec 2022 21:52:44 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame E9FC
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559725568131227
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559725568131227
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fholdtoreset.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559725568131227
Date
Tue, 20 Dec 2022 21:52:44 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame E9FC
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=18ZdZlJq1P7Kxu5
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=18ZdZlJq1P7Kxu5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fholdtoreset.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:44 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-08cd619fbf90ae31b@eu-west-1b@dxedge-app-eu-west-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=18ZdZlJq1P7Kxu5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E9FC
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fholdtoreset.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

date
Tue, 20 Dec 2022 21:52:44 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
htw-pixel.gif
cdn.indexww.com/ht/ Frame E9FC 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6IurOSakhxL-nrq6D4RewAA%263216
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fholdtoreset.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:44 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
84029
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77cb9b584d019013-FRA
content-length
43
expires
Wed, 21 Dec 2022 21:52:44 GMT
GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame 2717 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 20:48:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3829
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 20:48:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2717 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXDyprC6iY-LZHZGkrATT6pqgBwAAAAA4AeAEAg&bg=!jI-lj8vNAAYgquz3AKo7ACkAdvg8WnR9XuWT2duADHdWlzHTaw3huVRqjrAMgLvPQFQhL6V93pAMIgIAAABNUgAAAAJoAQeZAzQpZiG2ULf4OttHW36ohgnpVmg5VT3R3Ab_fndkjRKlO8PtEj1AbNUTqN3dH9XABGygcwFwpN5V2xpxV1AynceO28M3d4ZdNPR3QM5T657jqM_V6W_w6uGv5mNN5ennuno9JzzGp6QC_qzuJduCzGL_8fU7TgT9jvU2foZbxgQUxzPctxZ8UJEMO_zCjggz3C9XgP5RQuNaJG7c81xAsJBCp3qD18IOm6paT-T7JNielCobKD5nXJEbowsDIN9OprB2Qe5LmP7Wid4-d4MotkX-XQJHJs3aKYW-c6eThGVeLL1jZP90dRUPfNiyWww1N3lJboGbh9JR-c2yrB0cqAWnCNhzFxTGh5crE6e4Z7wTpxGM9jduVnnNb7C_CSc_L69VN_fIFmZ3dV5gio39F9UQNrjD5U-a5-yoGBMiYHGKbuRltb7HCEW-zSjqKdadqx27kd0ruTgHeDWeTDsZVNeK6PfD_nmDZ3923bkLx41LyErkn-IF_mtTu0FP7lxcV-y4Fvt7UEQWnF4yTT3PkdDFu51dWsIeeoyRQTZG5WK-AsrauUgNyjeS2SB5tZss-rQw8cAS2BIrc-H1IWZHfEm-RhBmidtqoPktIyhFl0C5383G-nsQMQPTDlXKS5yjhVsBX7YSRIewpvKU5LknAn_7SDZ8V7qgcKl2mSOU5o3i-k0SNEyCL3_B2M-NnZ_yuIJD33HEYwRQY66pUxLGLlmogni4HfgcA1W0EKkHnMBRqUkkgIE5WT4sdEST29_gNRtF1Aq840kd3wnUd7NpjbqFYnmgdS3Q7gbH19STe1LuMyGxSY3_H7rlmeXvTJp9BUtprYQrLhdZAQ18WijRrXXtwvdfcISoaUixhcyEldaENKWvWRvZnzO9YB0nQWKpW35D5Zf8YlNrYCN-ijbyxoJAsGSTDwNHgbh_FyYvcsLte-YHVmvEldd4k6T6b4kBFW9LS0m-TYXy_1w5iRP_j1XhMkJnUNfVrnLPTYtLTcmaIjdMcrRyZ4OiMb_Ri1eNrxnjCnVdu1pGP6DLG3XuKG4Om1lYzZkv2fdbC-PI-KWNZlQboHehYXlqw4GaU30uFNBO_CKd
Requested by
Host: c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CLjU46WXifwCFX9GkQUdyW0AeA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9769511143142.895
5994599.fls.doubleclick.net/ Frame C17F
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9769511143142.895?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CLjU46WXifwCFX9GkQUdyW0AeA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9769511143142.895?
391 B
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLjU46WXifwCFX9GkQUdyW0AeA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9769511143142.895?
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f6.1e100.net
Software
cafe /
Resource Hash
92ad814ee855db2f2ff167c22e9959d269633ef2a1d0799445f1689f4e97a28a
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 21:52:45 GMT
expires
Tue, 20 Dec 2022 21:52:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 21:52:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLjU46WXifwCFX9GkQUdyW0AeA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9769511143142.895?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900026.redintelligence.net/ Frame 7B2A 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/request_content.php?s=39522900151741704444454012179026&a=bf1b0936
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/nba-2k23-locker-codes/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
f6cfa1cb5eb9778d7d5a4d8da46a469411c8bec5c7b62974d8d967d326a74403

Request headers

Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2304
Content-Type
text/html; charset=utf-8
Date
Tue, 20 Dec 2022 21:52:45 GMT
Expires
Tue, 20 Dec 2022 21:52:45 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 37D8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssr-T_M79_ojAuGQY2NXT_gn6l8k9FYDFLp4xDmRF07H6aVlnWnlYfp4qKukW-Fj5LxCfsJoeMKQxg9xoh3ASEdCFo&sig=Cg0ArKJSzE1o_xLSyUceEAE&id=lidar2&mcvt=1029&p=100,1260,350,1560&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1328246047&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671573163646&rpt=353&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 7B2A 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=39522900151741704444454012179026&a=bf1b0936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 21:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262313
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 21:00:52 GMT
S-300x250.gif
cdn.contentspread.net/24i/content/soberfb/EN/ Frame 7B2A 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/content/soberfb/EN/S-300x250.gif
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=39522900151741704444454012179026&a=bf1b0936
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.2.103 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3082036.ip-145-239-2.eu
Software
nginx /
Resource Hash
fb805ea8e0e2123c713b4613ec92e55d7c11db579417ab8bdbd070d5c18e5104

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 21:52:45 GMT
Last-Modified
Mon, 23 Jul 2018 15:20:14 GMT
Server
nginx
ETag
"5b55f22e-115c6"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
71110
all
csm.eu.criteo.net/ Frame 102B 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=aSEI9cLIow_TvZs0Qo_u-1uGdG5DJ_E2OGFC7cqL4IHZZOcgIkcomYh5XSuTseo8trcky1LZ8HatTtg4yXz_XRxFTZ-x-0O9yQSQC6kcX0ek_xMcJcSwlz1Fv7NC2TTMfwpw9D_rzIWam-Wbl8d3z3EYZDDcXoVmxbg6faJ8AyN3EQsgIHlmJD6JI-qZEGHaKyXgZX44ustTksgWVO33f8DSfgabcKJKr8EZmR0g-kvE-jpXIvOv-gQIoJWS_kwzlLKvzw&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6IuqwAFiBEH_ZbaAAuwTRMXbcK7BVmhAcVBsA&u=%7C5SmpTJBaS6heQT1VNn4lJXf5wkwPoJkzvmIitlb%2BWHU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVV8BiBGlNdQTqGB52-m_f3Zk99PJzF_uGqte41jayckPb0Z7K2Lr0N_2OBBOs_5CoLi0jxKcAjXX38qr96O-2zsR9iJbQkAkRc3c6dIrx2-N70VEKnzLnFZrEJC85A7STMhTpSKmjjt3rYmeX24Tpr7NvphedfakfPN2JG4KgkQ-zcX7UKho1QJP2KgCnmUPLkgzcbtzbbiIFC1fgI_9VWIk_U0WWtW1r2AHhKAHI12OTv6flWn8PlCtdComoITpVyNnYQi54lz_SqXr2eAqZEtq-7wsBDKBnwPVpwDdIpdxCtvZYEhFginyqNLwc0jnU8ctRvvEmKqq7vNBg6wsfK6_Ic2KQqqHQdK2Ce5P2j6YDnyN5u3USm0beIwF1i6OizmOIZnkdj1l3IdYZxk15W7GYX9EqmtVwO-dM5uky1lOTeieH16QcWiJWf92u-JBapF5mUqJdsBzebrhSIUPW1yGgXXqUNofW96lfyWZ3JieBxWjDe2xR8EUVQCIS7mKTGreJ-fTnVOD2lMe79FgOSk3nbenrodxQN4W1gwM4w0Esg51Q3W4WaKKyMVHhDM3yA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCny33qy6iY5GQFtqt9u8PzeCuoAvJntKxXNWdkfdwwI23ARABIABgkQSCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NsgBCakCri_P9q_OsT7gAgCoAwGqBIwCT9D_1fVBFltb63jiHOUigb7_3LITIpwHFHqQ4xKskWUWNFJ8yI5Ieln087oXo20dlY3wJGoSyPciz68RVBU9pSSEd3jsuNuXFMKJwotAO-R5ECtMMeogDIe8qNAWj9qxDmZV9qEe8fd4e9755Yu606HIBgF1YxsasXmRD69s5lDYu9iwEbtwDMWAt74Ga6Rr9gbzJr8wbA49HkTQvQYAxwdysfYi9wRpX6njvEMojuPDu2KwkOvHCCm-CYTmINMNM3jVputiUtWA-E1Knt_sL7k9Azzchcc50WqXvTeJ20pxKxZoChz19yFmzwYed7JnDY_50L1-WW1iEOeDNvm0-MV23HiocsC_6AhIduAEAYAGreuwm_yY79WbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY1NjQxNjY4Mjk5MTE3NDP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2IBt0Q472KUo1Dk-FxNyigKlbyXQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 20 Dec 2022 21:52:44 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
viewability
hal900026.redintelligence.net/ Frame 7B2A 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/viewability?s=39522900151741704444454012179026&a=1b1256da&vb=m
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=39522900151741704444454012179026&a=bf1b0936
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900026.redintelligence.net/request_content.php?s=39522900151741704444454012179026&a=bf1b0936
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 21:52:45 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 7B2A 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
dc_pre=CLjU46WXifwCFX9GkQUdyW0AeA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9769511143142.895
adservice.google.com/ddm/fls/z/ Frame C17F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CLjU46WXifwCFX9GkQUdyW0AeA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9769511143142.895
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLjU46WXifwCFX9GkQUdyW0AeA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9769511143142.895?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fholdtoreset.com%2F&domain=holdtoreset.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://holdtoreset.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://holdtoreset.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 20 Dec 2022 21:52:45 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
386041
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ 		49 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00001rrPUnAAM&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/6114/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Dec 2022 21:52:45 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://holdtoreset.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fholdtoreset.com%2F&domain=holdtoreset.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=6_oh63xqTlBQZHphRlpjQmtpdFNYdWJtbXhvdHA4RlpWdzUxRXlLYU1lREE1cXBnUTZiZy93Mmt3b2VrM0lYMHFLZEVkZXNCOEdvVDFPL3VPRnZxWHlkOW0xYk1XNHhDZjFyeDU5NlA3WmxlaFFGRThHanc0NVdzMFZDVV...
450 B
732 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=6_oh63xqTlBQZHphRlpjQmtpdFNYdWJtbXhvdHA4RlpWdzUxRXlLYU1lREE1cXBnUTZiZy93Mmt3b2VrM0lYMHFLZEVkZXNCOEdvVDFPL3VPRnZxWHlkOW0xYk1XNHhDZjFyeDU5NlA3WmxlaFFGRThHanc0NVdzMFZDVVFtWlYzckRnbk5WWURteWMrRUE5TE1LYmVQR0J2WVhmczUzU2NwdEN4cmd1elNWeTZPRElUekZtdUw5QlZDWTFoM0hVREtiR2dIWUthWDAzZkhmM3JTUEhMY2hvOFZUNE1RY2psdldpT3JQN0dlUEtMSkFDdVBRMXlQMlB1VGlVam00UTJXM3dzend4ZHF4MDNVUkdKN09aYUxxZ0x2QT09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9fe4d040a11aeed245fe2c380d7b7db243ce8839227acceb0f340e796aaf8cfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://holdtoreset.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:45 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1618750
expires
0

Redirect headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:45 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=6_oh63xqTlBQZHphRlpjQmtpdFNYdWJtbXhvdHA4RlpWdzUxRXlLYU1lREE1cXBnUTZiZy93Mmt3b2VrM0lYMHFLZEVkZXNCOEdvVDFPL3VPRnZxWHlkOW0xYk1XNHhDZjFyeDU5NlA3WmxlaFFGRThHanc0NVdzMFZDVVFtWlYzckRnbk5WWURteWMrRUE5TE1LYmVQR0J2WVhmczUzU2NwdEN4cmd1elNWeTZPRElUekZtdUw5QlZDWTFoM0hVREtiR2dIWUthWDAzZkhmM3JTUEhMY2hvOFZUNE1RY2psdldpT3JQN0dlUEtMSkFDdVBRMXlQMlB1VGlVam00UTJXM3dzend4ZHF4MDNVUkdKN09aYUxxZ0x2QT09fA&cppv=2
access-control-allow-origin
https://holdtoreset.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
520034
content-length
0
expires
0
369.json
id5-sync.com/g/v2/ 		216 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/369.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/6114/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
2e1b7c5a4d2a245d61f627be4ef47317f824b45ea9cfd90de74a7896d37acd93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://holdtoreset.com
date
Tue, 20 Dec 2022 21:52:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=88
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/6114/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Dec 2022 21:52:45 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://holdtoreset.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
id
id.crwdcntrl.net/ 		43 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/6114/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.235.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-235-208.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:45 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://holdtoreset.com
cache-control
no-cache
x-server
10.45.30.37
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ 		63 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/6114/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
89fcc62cc7a61020beb84c44eddb3766813024b01ac457f7707072f37e1bb0cd

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Dec 2022 21:52:45 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://holdtoreset.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Thu, 19 Jan 2023 21:52:45 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=6_oh63xqTlBQZHphRlpjQmtpdFNYdWJtbXhvdHA4RlpWdzUxRXlLYU1lREE1cXBnUTZiZy93Mmt3b2VrM0lYMHFLZEVkZXNCOEdvVDFPL3VPRnZxWHlkOW0xYk1XNHhDZjFyeDU5NlA3WmxlaFFGRThHanc0NVdzMFZDVVFtWlYzckRnbk5WWURteWMrRUE5TE1LYmVQR0J2WVhmczUzU2NwdEN4cmd1elNWeTZPRElUekZtdUw5QlZDWTFoM0hVREtiR2dIWUthWDAzZkhmM3JTUEhMY2hvOFZUNE1RY2psdldpT3JQN0dlUEtMSkFDdVBRMXlQMlB1VGlVam00UTJXM3dzend4ZHF4MDNVUkdKN09aYUxxZ0x2QT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 20 Dec 2022 21:52:45 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
500911
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame CB39 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:45 GMT
AN-X-Request-Uuid
307c488d-83a7-49d0-97c2-b00401a14294
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
95.211.95.247; 95.211.95.247; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fed
ups.analytics.yahoo.com/ups/58596/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58596/fed?1p=0&he=&gdpr=0&gdpr_consent=&us_privacy=&pixelId=58596
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Dec 2022 21:52:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://holdtoreset.com
content-type
application/json
access-control-allow-credentials
true
content-length
0
369.json
id5-sync.com/g/v2/ 		216 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/369.json
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
6d13432cfc622cff5ac6eb7e1323766b2beea4e5066b0b48d727c4b0550c29d1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://holdtoreset.com
date
Tue, 20 Dec 2022 21:52:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		63 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
23ce0c6669d616036fbb31e9e5375ed07926f78e6d3d4ad1c4b5177a6ba58d53

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Dec 2022 21:52:46 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://holdtoreset.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Thu, 19 Jan 2023 21:52:46 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame B612 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 20 Dec 2022 21:52:46 GMT
ETag
"623de86a-cf34"
Expires
Wed, 21 Dec 2022 21:52:48 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 697B 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 20 Dec 2022 21:52:46 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
sync.aralego.com/idSync/ Frame B46D 		35 B
266 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idSync/?ucf_nid=par-BE7E7ADB8D34EE2BF7BBD2899BB62A77&gdpr=0&redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fucfunnel%2F3bd2b988-9111-4986-b873-fc4758e2fbef%3Fuid%3DUCFUID
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

connection
close
content-length
35
content-type
image/gif
date
Tue, 20 Dec 2022 21:52:46 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame F76E 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
963
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77cb9b611bdf6934-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 20 Dec 2022 21:52:46 GMT
expires
Wed, 21 Dec 2022 01:52:46 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame BF5C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cS_MBCmB8r7ikhrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

date
Tue, 20 Dec 2022 21:52:45 GMT
server
33XP005
x-33x-status
2000208
usync.html
eus.rubiconproject.com/ Frame 0B11 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 20 Dec 2022 21:52:46 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame D359 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 20 Dec 2022 21:52:46 GMT
3bd2b988-9111-4986-b873-fc4758e2fbef
ex.ingage.tech/v1/sync/betweenx/ Frame 280E
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43907&gdpr=0&callback_url=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fbetweenx%2F3bd2b988-9111-4986-b873-fc4758e2fbef%3Fuid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43907&gdpr=0&callback_url=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fbetweenx%2F3bd2b988-9111-4986-b873-fc4758e2fbef%3Fuid%3D%24%7BUSER_ID%7D&crf=1
  • https://ex.ingage.tech/v1/sync/betweenx/3bd2b988-9111-4986-b873-fc4758e2fbef?uid=89120140-a736-5263-bab3-1b1ed91135b0
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/sync/betweenx/3bd2b988-9111-4986-b873-fc4758e2fbef?uid=89120140-a736-5263-bab3-1b1ed91135b0
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:53d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, max-age=1296000
cf-cache-status
DYNAMIC
cf-ray
77cb9b61ce1392bd-FRA
date
Tue, 20 Dec 2022 21:52:46 GMT
server
cloudflare
vary
Origin

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://ex.ingage.tech/v1/sync/betweenx/3bd2b988-9111-4986-b873-fc4758e2fbef?uid=89120140-a736-5263-bab3-1b1ed91135b0
rubicon
ex.ingage.tech/v1/syncPage/ Frame F9F5 		951 B
607 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/syncPage/rubicon?userId=3bd2b988-9111-4986-b873-fc4758e2fbef&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:53d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d048d1ba1fb1f78e38c3e0cc432db86fb8138d98d4b61242b1b7951f62208b1

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
cf-cache-status
DYNAMIC
cf-ray
77cb9b611cb492bd-FRA
content-encoding
gzip
content-type
text/html
date
Tue, 20 Dec 2022 21:52:46 GMT
server
cloudflare
vary
Origin
usersync.html
ad-cdn.technoratimedia.com/html/ Frame A13E 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_6.29.0
Requested by
Host: holdtoreset.com
URL: https://holdtoreset.com/wp-content/cache/min/1/files/instibid/1e57d553-2491-4060-9445-311910c2acb4.js?ver=1671559756
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:f76:14f7:d635:25c4:c8d7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4890) /
Resource Hash
11f916d76fc8418b0445a28b15e417ac49ff2c16fca2ff002d29f6b2fd8d52c9

Request headers

Referer
https://holdtoreset.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age
77
cache-control
max-age=900
content-encoding
gzip
content-length
6922
content-md5
FFbxJ2/F0I3zONDZaRlIPw==
content-type
text/html; charset=utf-8
date
Tue, 20 Dec 2022 21:52:46 GMT
etag
96d8defa-7ed3-4bf6-984e-9a91c0d53fe6
expires
Tue, 20 Dec 2022 22:07:46 GMT
last-modified
Tue, 29 Nov 2022 14:49:17 GMT
opc-request-id
iad-1:btqZf1lklD8GgWo_n33X1fol5fFgq-CPKHJ3uUMAksJrtUExSB3YcEWH0X1jkUnZ
server
ECAcc (ama/4890)
storage-tier
Standard
vary
Accept-Encoding
version-id
19cfae25-bc35-407d-9577-06d083aedab5
x-api-id
native
x-cache
HIT
usync.js
eus.rubiconproject.com/ Frame 0B11 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9d34431790fcddd9edf82c97a3c06863de64f7ad5b6752968a5e88a5526cda13

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 21:52:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Dec 2022 20:26:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81246
Connection
keep-alive
Content-Length
10067
Expires
Wed, 21 Dec 2022 20:26:52 GMT
async_usersync
ib.adnxs.com/ Frame B612 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:46 GMT
AN-X-Request-Uuid
a6fcc38d-59b7-4d4f-a6aa-3622fddc05c3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
95.211.95.247; 95.211.95.247; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 99F7 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fholdtoreset.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f94656d3ed7a8cc00572a61e1d6be50ab78fab99c579391cf5c9bfad077ae756

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77cb9b6169719088-FRA
content-encoding
br
content-type
text/html
date
Tue, 20 Dec 2022 21:52:46 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Wd2IZ3EBu5YPUjXlBMtappHwEusvfcqFxJZw1cXbO7KEmfjOE8XL5euYgFqFPcu0f3HtHrfBKWNuH4gBleqE%2BMH6rEhPyu4B2iwPrJcIrJSCG1slsD3CrAnKaqbu6GRHwhLy4tSBZbRHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Y6IurOSakhxL_nrq6D4RewAADJAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 99F7 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6IurOSakhxL_nrq6D4RewAADJAAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fholdtoreset.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:c4b2:9469:8ead:7508 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 99F7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3900186492792356753
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3900186492792356753
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fholdtoreset.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3900186492792356753
pragma
no-cache
date
Tue, 20 Dec 2022 21:52:45 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ie
match.prod.bidr.io/cookie-sync/ Frame 99F7 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fholdtoreset.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.188.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-188-40.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:46 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 99F7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=414663a2-2eae-4500-a108-bd0b5e1ce5c1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=414663a2-2eae-4500-a108-bd0b5e1ce5c1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fholdtoreset.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 20 Dec 2022 21:52:46 GMT
Server
MT3 254 34fcae8 master zrh-pixel-x4 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=414663a2-2eae-4500-a108-bd0b5e1ce5c1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 20 Dec 2022 21:52:45 GMT
crum
dsum-sec.casalemedia.com/ Frame 99F7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3124465297036076095&expiration=1672782765
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3124465297036076095&expiration=1672782765
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fholdtoreset.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3124465297036076095&expiration=1672782765
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 99F7
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=1EF0D74A73FA4717A847B76AC604BBDD
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=1EF0D74A73FA4717A847B76AC604BBDD
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fholdtoreset.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Tue, 20 Dec 2022 21:52:46 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=1EF0D74A73FA4717A847B76AC604BBDD
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 19 Dec 2022 21:52:46 GMT
bridge
cm.adgrx.com/ Frame 99F7 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fholdtoreset.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:46 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-4
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame 99F7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fholdtoreset.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
htw-pixel.gif
cdn.indexww.com/ht/ Frame 99F7 		43 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6IurOSakhxL-nrq6D4RewAA%263216
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fholdtoreset.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:46 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
84031
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77cb9b61ccf39013-FRA
content-length
43
expires
Wed, 21 Dec 2022 21:52:46 GMT
usync.html
eus.rubiconproject.com/ Frame F9F5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Requested by
Host: ex.ingage.tech
URL: https://ex.ingage.tech/v1/syncPage/rubicon?userId=3bd2b988-9111-4986-b873-fc4758e2fbef&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ex.ingage.tech/v1/syncPage/rubicon?userId=3bd2b988-9111-4986-b873-fc4758e2fbef&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 20 Dec 2022 21:52:46 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 20 Dec 2022 21:52:46 GMT
location
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
server
AkamaiGHost
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2BE5 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5389875557645&version=m202209210101&ct=77&x=1&cor=13099733716217246000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 21:52:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame F9F5 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9d34431790fcddd9edf82c97a3c06863de64f7ad5b6752968a5e88a5526cda13

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 21:52:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Dec 2022 20:26:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81246
Connection
keep-alive
Content-Length
10067
Expires
Wed, 21 Dec 2022 20:26:52 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame F9F5 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=insticator&khaos=LBWRI2RY-1K-QTV
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
f69a50991384d09413b97a37bb74928b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
async_usersync
ib.adnxs.com/ Frame B612 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Dec 2022 21:52:47 GMT
AN-X-Request-Uuid
3f68754e-84f4-4c66-a83d-3a8ba5168da9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
95.211.95.247; 95.211.95.247; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
44367467495e4504a4eb099502323fd4_cpn_300x250_1.png
static.criteo.net/design/dt/5887/221212/ Frame 102B 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/5887/221212/44367467495e4504a4eb099502323fd4_cpn_300x250_1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
853530465a7d0b9dcec4a5279d08ec06c6bc795818508dba18b26656d483ed5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 21:52:47 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 12 Dec 2022 20:43:52 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"63979288-2b91"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
11153
expires
Fri, 15 Dec 2023 21:52:47 GMT
track
track1.aniview.com/ Frame 6F9E 		0
93 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?r=holdtoreset.com&sn=&ic=0&tgt=0&app=&wi=640&he=360&test=&d36=6.2.68&apppkg=&fv=1&proto=https&d66=8.2.6&clsid=a29320fe-9954-4ca0-bc60-2530a7667f5e&rando=47
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.166.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-166-244.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://holdtoreset.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 20 Dec 2022 21:52:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d2nr2jos5slco1.cloudfront.net
URL
https://d2nr2jos5slco1.cloudfront.net/Aniview-Content/video_holdtoreset.com_1.mp4
Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=holdtoreset.com
Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=holdtoreset.com
Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=728x90&siteURL=holdtoreset.com
Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x600&siteURL=holdtoreset.com

Verdicts & Comments Add Verdict or Comment

210 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| oncontentvisibilityautostatechange object| ai_front object| rlArgs object| Insticator function| gtag object| dataLayer function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| HUParams undefined| $ function| jQuery boolean| ai_dummy function| _ object| aniplayerPos function| jQueryBridget function| EvEmitter object| fizzyUIUtils function| InfiniteScroll function| imagesLoaded function| rl_view_image function| rl_hide_image function| MobileDetect object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| insticatorCommentingUnitSettings object| InsticatorApp string| insticatorHeaderCodeVersion object| __webpack_exports__ function| AnchorAd object| instBid object| ads_list object| embeds_list boolean| isPageviewSent object| federatedObj object| confiant object| InsticatorXmess object| instBidChunk object| _pbjsGlobals object| AOS function| _load object| addComment boolean| ai_tracking_finished object| google_tag_manager function| ai_install_standard_click_trackers function| ai_process_impressions function| onYouTubeIframeAPIReady object| gaGlobal string| GoogleAnalyticsObject function| ga undefined| google_measure_js_timing object| webpackChunk_aniview_player object| avContentPlayer object| __connect object| pbjs object| element function| tcOutline object| czrapp function| Waypoint object| _params object| $_to_center_with_delay object| gaplugins object| gaData object| storageAni number| google_global_correlator object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_ba function| sync16589_b undefined| sync16589_c undefined| sync16589_ca undefined| sync16589_d function| sync16589_e object| sync16589_g function| sync16589_da function| sync16589_ea object| sync16589_ object| sync16589_ha object| sync16589_o object| sync16589_ta object| sync16589_K function| sync16589_aa function| sync16589_a function| sync16589_f function| sync16589_h function| sync16589_i function| sync16589_j function| sync16589_k function| sync16589_ga function| sync16589_fa function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_p function| sync16589_ia function| sync16589_ja function| sync16589_r function| sync16589_ka function| sync16589_s function| sync16589_t function| sync16589_q function| sync16589_u function| sync16589_la function| sync16589_v function| sync16589_w function| sync16589_x function| sync16589_y function| sync16589_z function| sync16589_A function| sync16589_B function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_C function| sync16589_ma function| sync16589_G function| sync16589_H function| sync16589_na function| sync16589_oa function| sync16589_I function| sync16589_J function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_L function| sync16589_M function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_Q function| sync16589_R function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_Z function| sync16589_X function| sync16589__ function| sync16589_Y function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_3 function| sync16589_8 function| sync16589_ua function| sync16589_4 function| sync16589_6 function| sync16589_va function| sync16589_wa function| sync16589_9 function| sync16589_7 function| sync16589_5 function| sync16589_xa function| sync16589_ya function| sync16589_za function| sync16589_Aa function| sync16589_$ function| sync16589_Ba function| sync16589_Ca function| sync16589_Da function| sync16589_Ea object| lotame_sync_16589 function| setImmediate function| clearImmediate object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_132 object| Criteo object| Criteo_identitytag_132 object| google_image_requests

65 Cookies

Domain/Path Name / Value
.holdtoreset.com/ Name: InstiSession
Value: eyJpZCI6IjY5YzBkZjFjLWFkNDItNDM3Yi1hNGU1LTAzYjRhNTg2MWI5NCIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
holdtoreset.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.holdtoreset.com/ Name: _pubcid
Value: a99db70c-50d5-42be-b643-edb02bd0360a
holdtoreset.com/ Name: hb_insticator_uid
Value: 3bd2b988-9111-4986-b873-fc4758e2fbef
.holdtoreset.com/ Name: _ga_FPFFZVF5SC
Value: GS1.1.1671573162.1.0.1671573162.0.0.0
.adnxs.com/ Name: uuid2
Value: 5990638619304584337
.rubiconproject.com/ Name: khaos
Value: LBWRI2RY-1K-QTV
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB2FamF/R4AWuHMylPn9loes1z8yuimHAOLEX6pakvgue/2sYsAbIfKExxqZVNXzFzNPYE5SG0SX/sxuhZpbWKLtHd/oxzaasvg=
holdtoreset.com/ Name: visitorGeo
Value: DE
holdtoreset.com/ Name: visitorCity
Value: Butzbach
holdtoreset.com/ Name: visitorIP
Value: 95.211.95.247
.holdtoreset.com/ Name: _ga
Value: GA1.2.2080067451.1671573162
.holdtoreset.com/ Name: _gid
Value: GA1.2.1880643562.1671573163
.holdtoreset.com/ Name: _gat_gtag_UA_72398024_1
Value: 1
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: HAPLB8A
Value: s87155|Y6Iur
.adnxs.com/ Name: icu
Value: ChgIr-x4EAoYASABKAEwq92InQY4AUABSAEKGAjiunsQChgBIAEoATCq3YidBjgBQAFIARCr3YidBhgB
.aniview.com/ Name: 2_C_155
Value: INSTUID
sync.aniview.com/ Name: 2_C_155
Value: INSTUID
.doubleclick.net/ Name: IDE
Value: AHWqTUmoEXJoZqp5vqqSMlpxeVLQKYMaUBWqmXukL2qEsp424cu7rjuaCRuol9-Mjrc
.criteo.com/ Name: uid
Value: a90e9493-3e4e-4ba7-bcb3-74b87e0235c4
.yahoo.com/ Name: A3
Value: d=AQABBKsuomMCEHK8W8Z0EAiTpyeSUZMyIeMFEgEBAQGAo2OsYwAAAAAA_eMAAA&S=AQAAAsDClDH8yQ63Mu0hkCJS7tM
.openx.net/ Name: i
Value: 7e4440b7-e3b4-4b99-8e51-88a2da622524|1671573163
.aniview.com/ Name: aniC
Value: 1671573163124-950045864517-007216-003-008701
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&1436ed91-fc10-47fa-82c7-58269e398f90"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzE1NzMxNjM7MjswMjHLWyyufbtNqrWLT0aKByss4vSPnSeCdfOf8vg6bJXZMg==
.linkedin.com/ Name: lidc
Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2460:u=1:x=1:i=1671573163:t=1671659563:v=2:sig=AQE5uBuQNdtXzV5GTEziaoLHhQYCIWPu"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A-kf2fJc-UeboHelgc9Ge1A
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.holdtoreset.com/ Name: __gads
Value: ID=078dad1bbe37a318:T=1671573163:S=ALNI_Ma9kpRkI2mqpsyP5vNanWlz_RYqIA
.holdtoreset.com/ Name: __gpi
Value: UID=00000bb04bbee0d7:T=1671573163:RT=1671573163:S=ALNI_Mac-nQWtsJ0YPvrkJl3aFdVnUKDWg
.doubleclick.net/ Name: DSID
Value: NO_DATA
.casalemedia.com/ Name: CMPS
Value: 3216
.casalemedia.com/ Name: CMPRO
Value: 3216
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>3kBPw[!]tbPl1M>e)ZlrFUfJ+tGXxo7ETz0B<BY-9CJ]tKaX?An@L+n`Oyx1m-LXr_*bpRz*qF1`*b`-<*:#v$
.casalemedia.com/ Name: CMID
Value: Y6IurOSakhxL-nrq6D4RewAA
.analytics.yahoo.com/ Name: IDSYNC
Value: 175w~28yl
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: be68c9bc658a4604
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3MjU1szA0NjQyMhfiM9TNSSsw8A0K8MmPj6wEAGmNw5olAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3MjU1szA0NjQyMhfiM9TNSSsw8A0K8MmPj6wEAGmNw5olAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZm5oam5saGZiYWEMANvrFVwQAAAA
.w55c.net/ Name: wfivefivec
Value: 18ZdZlJq1P7Kxu5
.w55c.net/ Name: matchcasale
Value: 5
.aralego.com/ Name: gdpr
Value: 1
.aralego.com/ Name: sspid
Value: 8f07b927-b92b-3ddc-b9dd-5cb9995012a9
holdtoreset.com/ Name: _lr_retry_request
Value: true
holdtoreset.com/ Name: _lr_env_src_ats
Value: false
.holdtoreset.com/ Name: cto_bundle
Value: oQ7UM19XbUQxS1JnUnpZQkhtQWI0JTJCTWxuTzRwQiUyRlI4RTdGc0tWdjU3YzE3eVV3V0FOdU85WUxOUmE1MkplTGpRSTEwRWg5Y2puRzNZd2RZTEdLZjk0M1dvcEF2U2FTWVlzNUpuRVhhRVhkZUx6aURUMHFYbEk2N0pUbG94Zkp4eW5jMEkwYm1WdSUyRmYzaVpodkZ6JTJGaFZ3U09tQSUzRCUzRA
.holdtoreset.com/ Name: cto_bidid
Value: _2XQel94aHlGQ252cGFLY2I0MFNLcDAzS0RqRjlZTzJJSmRYdiUyRmNuVWNMY3A5aktWbWIwNyUyQnpyTkxoNFFFTDRSZ3N4ZlM1SnpmbXRjZEklMkZhaEhaQ09zbHRSY0ZsTiUyQjBYWGVOUDl4cGxYMTVYb1R5VVI2N1BwalJHSFBEcGdZY3g5REJV
holdtoreset.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-12-20T21%3A52%3A46%22%7D
.technoratimedia.com/ Name: tads_ipv6
Value: 2001:1af8:4020:a034:1000::8
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 89120140-a736-5263-bab3-1b1ed91135b0
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: Y6IurgAHnTj8MbZTcHZRbiZPlxna1B38s-9rAg==
ex.ingage.tech/ Name: instUid
Value: 3bd2b988-9111-4986-b873-fc4758e2fbef
.simpli.fi/ Name: suid
Value: 1EF0D74A73FA4717A847B76AC604BBDD
.turn.com/ Name: uid
Value: 3900186492792356753
.adform.net/ Name: C
Value: 1
.mathtag.com/ Name: uuid
Value: 414663a2-2eae-4500-a108-bd0b5e1ce5c1
.adform.net/ Name: uid
Value: 3124465297036076095
.casalemedia.com/ Name: CMTS
Value: 5256

3 Console Messages

Source Level URL
Text
other warning URL: https://c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=88
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://ups.analytics.yahoo.com/ups/58596/fed?1p=0&he=&gdpr=0&gdpr_consent=&us_privacy=&pixelId=58596
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
a.teads.tv
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.turn.com
ads.betweendigital.com
ads.eu.criteo.com
ads.pubmatic.com
adservice.google.com
ajax.googleapis.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
auth.instiengage.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bidder.criteo.com
btlr.sharethrough.com
c1.adform.net
c41cc75bfddf18322c952904b21cadee.safeframe.googlesyndication.com
cat.nl.eu.criteo.com
cdn.aralego.net
cdn.confiant-integrations.net
cdn.contentspread.net
cdn.holdtoreset.com
cdn.id5-sync.com
cdn.indexww.com
cdnjs.cloudflare.com
cm.adgrx.com
cm.g.doubleclick.net
csm.eu.criteo.net
d2f0uviei09pxb.cloudfront.net
d2nr2jos5slco1.cloudfront.net
d2s3kjdp77ms5k.cloudfront.net
dashboard.insticator.com
df80k0z3fi8zg.cloudfront.net
dsum-sec.casalemedia.com
eb2.3lift.com
embedproduction.s3.amazonaws.com
eus.rubiconproject.com
event.insticator.com
ex.ingage.tech
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geoip.insticator.com
get.s-onetag.com
go1.aniview.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hal9000.redintelligence.net
hal900026.redintelligence.net
hb.aralego.com
hb.minutemedia-prebid.com
hb.yellowblue.io
holdtoreset.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
imasdk.googleapis.com
insticator-d.openx.net
js-sec.indexww.com
lexicon.33across.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
okodigital-d.openx.net
okodigital.technoratimedia.com
onetag-geo.s-onetag.com
p.rfihub.com
pagead2.googlesyndication.com
pix.eu.criteo.net
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
player.aniview.com
player.avplayer.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prg.smartadserver.com
protected-by.clarium.io
px.ads.linkedin.com
region1.google-analytics.com
rtb.fr.eu.criteo.com
s.amazon-adsystem.com
s2s.aniview.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.gravatar.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-segments.s-onetag.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync.aniview.com
sync.aralego.com
sync.mathtag.com
sync.technoratimedia.com
tag.1rx.io
tags.crwdcntrl.net
targeting.unrulymedia.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
track1.avplayer.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
video-ads.rubiconproject.com
web.hb.ad.cpe.dotomi.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
d2nr2jos5slco1.cloudfront.net
dashboard.insticator.com
104.18.33.19
104.18.36.94
129.80.94.115
13.32.27.44
13.48.34.46
135.125.160.77
138.201.84.244
141.95.33.111
143.204.215.76
144.76.91.199
145.239.2.103
147.75.85.234
162.210.196.208
172.217.16.198
172.217.18.98
178.250.2.146
178.250.2.148
18.158.142.172
18.193.98.105
18.232.45.101
184.51.84.65
185.29.132.241
185.80.39.216
185.86.138.16
185.89.210.122
185.89.210.153
188.42.196.115
193.0.160.128
2.18.232.7
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.19.147.43
23.35.236.188
23.35.236.201
23.37.42.132
2600:1901:0:8344::
2600:9000:206f:b000:9:78a:e540:93a1
2600:9000:211e:7600:10:3422:3f00:21
2600:9000:214f:5a00:3:f434:dfc0:21
2600:9000:214f:be00:1c:f0ba:c200:21
2600:9000:214f:dc00:1:4a30:d840:21
2602:803:c004:200::140
2606:2800:233:f76:14f7:d635:25c4:c8d7
2606:4700:10::6816:3456
2606:4700:10::6816:53d
2606:4700:20::ac43:47fe
2606:4700::6811:180e
2606:4700::6812:116b
2620:1ec:21::14
2a00:1450:4001:800::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::200e
2a00:1450:4001:813::200a
2a00:1450:4001:827::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2001
2a00:1450:400c:c0a::9a
2a00:1450:400d:806::2003
2a00:1450:400d:807::2004
2a00:1450:400d:80a::2001
2a00:1450:400d:80c::2003
2a02:2638:1::13
2a02:2638:1::17
2a02:2638:1::4
2a02:2638:1::8
2a02:2638::2
2a02:2638::24
2a02:2638::3
2a02:26f0:3500:1c::1724:a36c
2a02:26f0:3500:58c::2c79
2a02:fa8:8806:13::1460
2a04:fa87:fffe::c000:4902
2a05:d018:d29:3601:c4b2:9469:8ead:7508
2a06:98c1:3121::3
3.126.56.137
3.215.162.50
3.228.46.33
3.232.245.134
3.33.220.150
34.102.146.192
34.120.133.55
34.120.135.53
34.149.20.76
34.233.111.211
34.237.159.44
34.252.235.208
35.158.68.97
35.204.158.49
35.244.159.8
37.157.6.233
44.193.121.218
50.31.142.255
52.216.109.227
52.30.188.40
52.46.143.56
52.55.166.244
52.58.171.208
52.95.122.74
54.80.98.164
63.34.132.74
65.9.66.68
65.9.66.74
67.202.105.22
69.166.1.14
69.173.144.139
69.173.144.165
69.173.151.100
72.251.241.206
72.251.249.14
76.223.111.18
96.16.141.156
99.86.4.101
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04fe2272736e39ca3e66c23f630e44e7ed2f8d94bf06bcb4b72a47059f0e38f4
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0688c689d53abf96083b536daceff19a6e0d73b041089128cdd65e01b4f93aa7
071129a7e079a95ea022c80a014cfd795934552170b11d3b0edb8fcdfb0eac81
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095834cc86bd018fdb4a9e31c99f9f96904b819be2b9dc16b3390383288d4d90
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0acaa59424a2c78e757669691ab82bf94ecb4d81d4d28962220925fd6c0a467e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cd24171011edea4117118dbd8ab00470db26a136eb84c05cef6904774e78e2b
0dd33bd7a204c970cedcd69579d8ec7b49cae9354fc7f1b4d41aceac20cedb90
11e4f273302f904e258ded2b755bb49c7a3fc7d1d5346863fda7c1ef2bb1f895
11ed45137d40bf098873b40a76eb2ed6a6b1ed17225982f744da6129c1f659a5
11f916d76fc8418b0445a28b15e417ac49ff2c16fca2ff002d29f6b2fd8d52c9
121750985ac8baac2215dd6a4cee21ef53810e7e8fd77c1410dfa8eed633fa07
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
1891b054a7cf74a81590ee3ea25baa920520a70de1e1ab716a8fe2639b827e00
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1a6fa05546489536c79111e39e330cf4c6faec07c1ae6e5144a3f51748251d72
1d1714057127e8cd32d3d493eae000981b88d6b1906b4592b96f3776b4f077ba
1d7e13126c244d70c1e555c51a7db39b55fecf487697710c1841b951bdb5f707
1f46c179bf80ff8374132a327a1e1c94edd67373aaeabc85663efdeb617f797e
1fd432aff8ad7653ea949bf9ed7f0bc16c65f0d5fa2b62d4df6dbdcb30379b8a
20cebcb3fc8b5ae2c62e931b7126da9422ac5dc57502c3c3da2f95ce49494ea4
2333db8fd856a0398e65b4e12f8424252646a94cb38edb8dd6bf5e5fcc10c491
23ce0c6669d616036fbb31e9e5375ed07926f78e6d3d4ad1c4b5177a6ba58d53
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86
255eef079d3f18e253c2b3288b4ed0d621b1266c2845679b66af9db6d8faea2e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
277647d15edf7f8b5214c2474176bcecbf765b45917c46331d0627e04c57302f
2796480dee836b236d23c88fc44286184b74be5b5ea8c042017204792bb87b66
289308e2bbb4f6730ae64f5e292f57e52feec7a1923eb49f91a86a3597aa4b2b
2af469d349556c4828c0fdee37079efacbeaa1f27ec5cce6724f189cf6737983
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
2dd39b350bb363de7ab1dbfdfd42c2c64447939ec914f8769f8d51f4f4ab0fa6
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1b7c5a4d2a245d61f627be4ef47317f824b45ea9cfd90de74a7896d37acd93
2e3ddbb194051e38dcfe38fc05d502c531f5e457aeeba50a1d15a6871b0b02b3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31c2de7c45d9964fcce532884d12a7816e0bbb003890a10752d452b9f5749f68
31e7dd9e916c20af6b8b09ad84211d1c268355d40f7dfad41ec57be2feaee4d3
32dcb7b5d0e79583353a56225e4d8097e004103102d584e245d1b96547f9948d
34d0522ad3462b68618e0b7292b3c0fadcb001544fe05a3226627beb576a5580
35666281a375809a335a03ef8f1140ad824118d2627dd335773a426a3acf4578
35a68c84d8a3e407b6e0f5fcb94fe486afbf0ecccb209119639394e661620e02
3a6b5985bc0e2dd700048b7bb9a250d37a1bad8de140de7e307610eb250d788b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e3e6358df951436d7c4e597f61f7bb0dcbfa9b99385c14a7016bd5475cd7d07
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4287c42dfa851c2d08b8fb73a4e43f11b7ba2cb30c924e70f52b5db171ec1edf
43d568ecd3b26f05a839c869119066d3f671cbc707d002e4816bcc0d0803bfae
44ee1641dc785f26d656ebe376aa24c7a6be3871772dd80ea1f454697a98e9bd
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4d2d2f2900b4534d42501a7ba6a4d94f110c1c4d0dcfd5ff3da9d88c9382c0f4
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eff82ad6b195383f313cffdc9d03367fc1e2312989f3dbe5b3bef673e949614
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
529d0a7b3944929222155bca3272ba1a87acc2faa09b2ed26a713872b7ff8794
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
570c41b7b8aa2afa3417b4882f2a6cbd5594a73a56462c973f03e578f097608d
57b609b4cb4abf45feef12a5299bd7dbf2d6cd869094aa2e4495bce85c18e441
58c78ea24a54d81cd6af405447977e90b5dee6e0a862c1af9d79cd35c7f3c420
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d048d1ba1fb1f78e38c3e0cc432db86fb8138d98d4b61242b1b7951f62208b1
5d20eb026b8bb497a6588b444a4c71fda05c0f4c39d5d679d8e0b3527d87af31
6196398d56db0643b253b6117f1901bff2fda3bf2364432b0c87db0142fe59c1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62eb625b521f2666ad304adb404172b036433db191105cdd2a32a7739c865066
64fcc726f66ef9fc6d30fff8b3f17ba98f28da1ce3ad49ee347f8e84bc4c4202
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
66a8dfcc4572e000bf5b4351bae2a763b3357a65ed373ff27a7e7b38ec9486ae
6876935c9752a629f3eadd17397f5533a422461a4ceabd5a8f3bb680e3270ebd
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
696d7a4435b0ec4e6d59586c09fa126d22d3e168fd2dccb452081b813da77f82
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6c76cae4aabc1d4236da2fecf8fcae818a2cf95406446774ccf9db5ca14d4b59
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
6d13432cfc622cff5ac6eb7e1323766b2beea4e5066b0b48d727c4b0550c29d1
6d4660015b1605602ea873bb89028fb173f9f1fa9f33123e765e98dfd9fb8aeb
6df968e65ed4801aeaf8c0633eeeea07d7639f9048302b29d87359730e76c869
70293a9596d24be8780039a1118cf8fe4efc32534e1f8feabf3ea5711190d2bb
7045b569f5a9b9088ea08679182c211e1d8c9cbfd2d1c29438eba2e643038c62
713d862202431dddb66372117e1cf9e085d1d8761a9b8015385ee07c91ed474c
7161f3ed2b45ada2ed1be9f1ffd68263a5256877be8e471b315765b1ce1a81d0
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
727bd2403e8bf3e229cb18270e8b4747fdbe812ccfab74a4cde67672ee829dcf
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
735958e162947ba5a865bf5e44c430ef29c9798a4bbbffc06916547fccaa44d4
744ff524d1ce233b0d7f09c86d6ef081fd162cd6187c8cc9df59af32f26d6081
75eba55d370b89931d3d2a5a12689c27170bc9ee565970d7b6be75d2fd0f491a
760f52ebdec27ef9d5d9645659c01fc4ac3950f141ab4800558d23d9572060d1
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
792a550de403d732be95775e8722929ff8ed97f4d3fe4cf93223ecd878b89573
79a7b82887e1a8925ad2867420274ebd34ba292f66da433d0a3dcfcfb05bc40b
7a2e74761b6b7b72852f669be6afecf86abefcbf568d2b2a0a79942bed24801c
7bb8245674d0f66f12040e4565ac38c6d9598ad73530379f67d545fa74b0ac0d
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e44d592889d9f5915ae6254f0a68a71196a5bc2540db9620b81effd976eba5b
7e46e9a27382f87ed191c79c9a361b4c44f871ca0ccd86b29593f10a017a34a2
80e7aefdd09a701b2862f1f26113eef8d612f7b56ff9a26930898d47364c9a74
8159d3d0e7df5496376f113055b84d40c88f255c6d4851e6065bc010a4138a91
815dc409813a160edea1f1e9dffb60ec236403511332d4a56e89f326166e75e6
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8305abf54ad51c3e40a0514847f2d8a4bfa39cffa09077bb593f3c33e592b5e0
8334dc904cb6607715458fae8da83ab377335280db0e0dd239c4f76e47cb8eee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
853530465a7d0b9dcec4a5279d08ec06c6bc795818508dba18b26656d483ed5d
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
88512810d8338e837273ffd5f6e896fac568468af72ad38192cd16b0b5408f52
89fcc62cc7a61020beb84c44eddb3766813024b01ac457f7707072f37e1bb0cd
8d6976aa4fde8b605397b7fa962b9024048247cb4e6b095aac4e73f50c9567f7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dff9242236a8556ee505f407ad4e5da9495cb4780ef9b04fc0134eace60f6ea
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
91725c64e5da498f4cfb75da7848e9c66d8a0e21a0cf1cff3e119b0f8ce954d8
9263ddb5fb9a4ee8db38e276e12f6ffc10d22c512294acc467b6cae8ab68e0f9
92ad814ee855db2f2ff167c22e9959d269633ef2a1d0799445f1689f4e97a28a
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
93975ae1d8cef7cb7a8c05ef392abe1b4d080b570b19cab279a208afe7d36cf9
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9907d985f690fe3ee40482938e7ac3b91fa4dea20bf43fac6ed8b676722c7b6f
99ac91aa65f4009660b03f7c185e8745eb185fbc9e0053bf1ac2f81dc9b32966
9d34431790fcddd9edf82c97a3c06863de64f7ad5b6752968a5e88a5526cda13
9dfeef1565775dec56fb94b3ed7eedee04076a7c642160d23867c070498819ab
9e2f0b1b15300dc964124da7e876a10b6aa4e40c25956c6eed44a637540d26e2
9e9e4955b68eb7f76303c6915409683827b32c6a18290cccaa35f3594ba917b2
9fa20886c42169be9594e2287996bdf2a613aaa5b89a6c8b32568bc511344bc2
9fe4d040a11aeed245fe2c380d7b7db243ce8839227acceb0f340e796aaf8cfb
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7842c0861159a91866347785d7c69224cb5c512b80352b437f2c6a5e7a77ff0
a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81
a7cab4493bc1ff75fa363ddbde019fb2518088299dc626f99c3f16f8c037eed2
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
a99ec5984ec0d266d89c0325a074ebe5c5a141dc5be84e85f22a853dd9c1f32a
aa40ab4f89a7c52dd9cb78a8b5a293e16d06595c62ed13db9bacc8e45353b61a
aad375aec81dc3b7a06ba52fe740de3ee4a0edca4858e70945782b881e637d2b
ade81a40aecd1c72726bc58b1b8c858755e5fe1c30903f7056cc3357ca53d927
aed7e43c5a7b7ebb10d2073d171d00f6eb48fe93ee95e39601c961bfb342738f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6ec333744296a0e9dd84eb3a3380c415317cb226cfe017126c925d0d2a489f4
b82d3ebe1d68923d7607f2fb2f52dba2378e8bb19968035d1d4a09514bbe1219
b875bead01dfa1b02a553e8efda0f3a65d39da24f19ad37af95f06795eee76dc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcef1839366966d4aa8b0c748fcebd34b32803efca2c4228c19e02a964c507fe
be61b36122e31b36b60cac2f823b50ea426f46d1abdf137e9c57c160a75796c9
c002b1b4f4aacc0c7e2bf806a9efa9263fb5f34826500f0ffb0417238cc7cceb
c13794a8a1420ffe10d498c2b42e4877c5ac67cd06135282b96eab1533e41e44
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c44be4b987d3b9a0394a04ecca2176548dee3a9282afd93aae45cfc3b03c82b4
c9fb87c5c2596cbf5dbd68d2a9d340c21f02ba74cb40922b9060584caa4f86a1
cb03fcc9956e8131df0a0a936e702552d0be3539e1a2abbdb999d20a72de57f8
cbb4b075550bdbd2c0a81e9abf04b677b820432084a1e13a088a790be8d906f4
cbff952e8c47bf976906662ac210c3ae9aaf8e10820d404e8f760bc273bcb4fb
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cfef2f865db882bb86bd53b03163fcad800b2ca0b6346487846e1df342343a7d
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d1d05642e23866a6d7fb1b165615355e7c01fffaf89c61e9c14c0beecb96ae23
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d39b765a83700d723062c2030cad7c7358d7e6305c11b64b81fd4381a75da5ae
d49c9ad378618e0a0eb8e6fca04c13f6005e13badf79e0c977d76d851f7aa60a
d6e641c854dd713bc5cf6161044b4ce21d2b0f523c82b0e37f1900759671de8d
dbad0593413619c798276de1c95b829e0613b70aa6e342fcc2e98aab9ad605e8
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de46f6cd41958b3be7f7e7edff99642634ca277245ce30217d912b20e5e79fd8
def1424f4f259a4cf927fe1f7ea7ec24bdc2fc78edca55fdb593cc0c293dbec5
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3936e01b1a4a324b9deefc093c09855a5edcd306abb82819f8ec6422435cd5e
e39b0961c64cf345e25f1202ce7580a0994cffdc1b2813c20116c238038074c6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9328d26461b48aae98f78fe8f182f7eff91d26f35f04af9d2df37a508a0401e
e9968e7e23c0aacf5295e9dd757a0d177050e463a3187263c6c726120748882e
eb96b061a9c2b82ad94ff5a6fade4d547d7649e8310b6168bb1f4b2f3e419f3c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f055a9db0e538caa5d54354dc992d7050e9130e5fdb6e91100bcade3c092d5c5
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f08e45b5a5473b835f1959f5f427efb577c595b38e04dac76ed50f1883bb4f2e
f2f8c7997f52d388163a69b8832524663fd4b607f83cdb13ed9c6e928ad71fac
f43360ec59264dc4dda1c36b31c556ba1562f94a9895afc17a0b9be40cc75ea9
f496aaad6178532142bcfd5e0a741579c7af17ed88d20b12b831b6a2d3eecdb7
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f4ef988f09c6650e9b588431850d832057426a9120a8b661930a07eb6598f420
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f62d1f16cc0eeaec6f056814fa73e720fd5aeec0f132c5cb31846ac6a6ac2ad9
f6cfa1cb5eb9778d7d5a4d8da46a469411c8bec5c7b62974d8d967d326a74403
f94656d3ed7a8cc00572a61e1d6be50ab78fab99c579391cf5c9bfad077ae756
fb805ea8e0e2123c713b4613ec92e55d7c11db579417ab8bdbd070d5c18e5104
fc1eb0b6f3864982cf399d2a8b45edbd29b503ee704ff94490dea92bbff6b3a8
fc78be1f61e788ae25af79b0b83548acf1082cfb07edae63850fd685884093db