fal3arda-new.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fal3arda-new.com/
Submission: On April 06 via manual (April 6th 2023, 9:12:10 am UTC) from QA — Scanned from NL

Summary HTTP 109 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 28 IPs in 7 countries across 24 domains to perform 109 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is fal3arda-new.com.
TLS certificate: Issued by GTS CA 1P5 on March 9th 2023. Valid for: 3 months.

This is the only time fal3arda-new.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	54.39.128.117 54.39.128.117	16276 (OVH) (OVH)
12	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.97.8 18.66.97.8	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:7600:a:e047:752:b361	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	52.48.199.209 52.48.199.209	16509 (AMAZON-02) (AMAZON-02)
3 11	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	18.213.43.223 18.213.43.223	14618 (AMAZON-AES) (AMAZON-AES)
2 2	213.155.156.183 213.155.156.183	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 1	2600:9000:211... 2600:9000:211e:3200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.196.170.44 18.196.170.44	16509 (AMAZON-02) (AMAZON-02)
109	28

19 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

fal3arda-new.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.39.128.117 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns561935.ip-54-39-128.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-8.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:7600:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.199.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-199-209.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.180 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.213.43.223 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-43-223.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.183 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:3200:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.170.44 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-170-44.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 145	176 KB
24	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 228 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 335	247 KB
19	fal3arda-new.com fal3arda-new.com	263 KB
11	demand.supply live.demand.supply — Cisco Umbrella Rank: 35996	32 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 569	4 KB
5	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	gstatic.com www.gstatic.com	16 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 230	3 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 323	1 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 387	956 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5011	646 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	98 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1289 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1006	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1045 id5-sync.com — Cisco Umbrella Rank: 437	17 KB
2	google.nl adservice.google.nl — Cisco Umbrella Rank: 14602	696 B
2	histats.com s10.histats.com — Cisco Umbrella Rank: 16830 s4.histats.com — Cisco Umbrella Rank: 13900	5 KB
1	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 1502	1 KB
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 759	442 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 4884	617 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3163	104 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 299	61 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3449	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	1 KB
109	24

	Domain	Requested by
19	fal3arda-new.com	fal3arda-new.com
17	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net fal3arda-new.com www.googletagservices.com
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com googleads.g.doubleclick.net fal3arda-new.com
11	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com
11	live.demand.supply	fal3arda-new.com live.demand.supply client
7	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com pagead2.googlesyndication.com
3	www.gstatic.com	fal3arda-new.com 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	1 redirects tpc.googlesyndication.com fal3arda-new.com
3	3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	x.bidswitch.net	2 redirects
2	eb2.3lift.com	2 redirects
2	d5p.de17a.com	2 redirects
2	fonts.googleapis.com	3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com fal3arda-new.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	www.googletagservices.com	3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com fal3arda-new.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.nl	securepubads.g.doubleclick.net
1	cs.media.net	1 redirects
1	s.ad.smaato.net	1 redirects
1	fksnk.com	1 redirects
1	dclk-match.dotomi.com	3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com
1	s0.2mdn.net	googleads.g.doubleclick.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	s4.histats.com	s10.histats.com
1	s10.histats.com	fal3arda-new.com
109	33

This site contains links to these domains. Also see Links.

Domain
kooora4lives.tv
go.yalla-shoot-matches.com
koooralive-tv.net
yalla-shoot-tv.net
kora-online.io
bein-match.net
kooora4lives.io
yalla-goalz.com
as-goal.io
kora-online-tv.net
yalla-shoots.co
yalla-lives.io
yalla-shoot-tv.io
kooora-lives.com
livesoccertv.tv
soccer-stream.tv
sulvo.com

Subject Issuer	Validity	Valid
*.fal3arda-new.com GTS CA 1P5	`2023-03-09` - `2023-06-07`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
histats.com R3	`2023-03-15` - `2023-06-13`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-02-25` - `2023-05-26`	3 months	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://fal3arda-new.com/
Frame ID: 9ADD6BEBE2E30A2ED0867B1D876EEAE5
Requests: 59 HTTP requests in this frame

Frame: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0584A2E892A0784DEABCE2DE2A4FBC47
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FFDD4F7C2327B0BE62F8BE40E44020E9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9DC487B3377C1766984DB7B208F62005
Requests: 2 HTTP requests in this frame

Frame: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DF15D79CCC62ABC5EE200895C5D57693
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKWQ9cICEMTp4s4CGJDy5-IBMAE&v=APEucNWQK6w5Pbk3o6YMnAi36yltqs6ifabWv6gsQzSRll2QK478of0smVWdgFtLyl3mrozvuDaR3kKE8X2uLOxTt-0Ok917emVcb0ajyTwE3JdwUTKyMfb1DtbV3wwgsfSA8yFgVk1NYJROkyR5D7-_fJIGM_aUaExO4CHDCBC7RwEmdOjA7RIp9nyNig7yWHe8-zRY2GMGXVx5Yno3-JSWeUnfmMxPeQ
Frame ID: 3676E7EC66C86D9C0F48FEC723C5FB17
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9B088DC656AC3E759C2F055237EEE221
Requests: 3 HTTP requests in this frame

Frame: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9C2851DE9A06E2E20B4EC681D106ACE8
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 0F4912ABCDB75CB7AEC40278F2EA701C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C651EBADB2324CB88AB109248DE38E9D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B21B9D07E8E4E097614A83A79001E418
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js
Frame ID: BB9548FBE266118EA0B7EA1D66002DC7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

في العارضة - fel3arda أهم مباريات اليوم بث مباشر

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

109
Requests

91 %
HTTPS

58 %
IPv6

24
Domains

33
Subdomains

28
IPs

7
Countries

936 kB
Transfer

2111 kB
Size

28
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://kooora4lives.tv/
Title: الرئيسية

Search URL Search Domain Scan URL

URL: https://go.yalla-shoot-matches.com/h2/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://koooralive-tv.net/
Title: koora live

Search URL Search Domain Scan URL

URL: https://yalla-shoot-tv.net/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://kora-online.io/
Title: kora online

Search URL Search Domain Scan URL

URL: https://bein-match.net/
Title: beinmatch

Search URL Search Domain Scan URL

URL: https://kooora4lives.io/
Title: koora4live

Search URL Search Domain Scan URL

URL: https://yalla-goalz.com/
Title: yalla goal

Search URL Search Domain Scan URL

URL: https://as-goal.io/
Title: as goal

Search URL Search Domain Scan URL

URL: https://kora-online-tv.net/
Title: kora online

Search URL Search Domain Scan URL

URL: https://yalla-shoots.co/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://yalla-lives.io/
Title: yalla live

Search URL Search Domain Scan URL

URL: https://yalla-shoot-tv.io/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://kooora-lives.com/
Title: koora live

Search URL Search Domain Scan URL

URL: https://livesoccertv.tv/
Title: live soccer tv

Search URL Search Domain Scan URL

URL: https://soccer-stream.tv/
Title: soccer stream

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://fal3arda-new.com/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKV34ZH5d4TNkVKXgT9_Wl0&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKV34ZH5d4TNkVKXgT9_Wl0&google_cver=1&C=1

Request Chain 74

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZC6M5Cf0s8BYbj0mTr-WKAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDUWNLFIQQNlJOB7f6VpZwc&google_cver=1

Request Chain 75

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELib-n9s3rwPX5xZHUG1ixA&google_cver=1

Request Chain 76

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc2MDYwMjk0NDU1NjgyNjI4

Request Chain 105

https://fksnk.com/cs/google?google_gid=CAESEMRPOm6UccVQACWdn0kSAa8&google_cver=1&google_push=Aer7DvLPdjnB4WXofCG-wOB_HntQcUI9oDtlhOfApfArBAkwTZFv0bmDWA1z0Y8VkctmwJYGbUJwu12Rjp3-ApaL5a6byiE7LjvL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MzhBQTFFNUZENkQ1NjFDQw==

Request Chain 106

https://d5p.de17a.com/cookies/google?google_gid=CAESEBYVuc5sS_Zde0Y6VOCSfkQ&google_cver=1&google_push=Aer7DvKwzzFK-nGGv475eAyARcvdE7i8-xmgVaSEm4Aj4EA4xFA548xMuFQePZnNsXY7YuyCDEBUXkX7Nas7VF3BLNPrC5pLuXJV HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBYVuc5sS_Zde0Y6VOCSfkQ&google_cver=1&google_push=Aer7DvKwzzFK-nGGv475eAyARcvdE7i8-xmgVaSEm4Aj4EA4xFA548xMuFQePZnNsXY7YuyCDEBUXkX7Nas7VF3BLNPrC5pLuXJV HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKwzzFK-nGGv475eAyARcvdE7i8-xmgVaSEm4Aj4EA4xFA548xMuFQePZnNsXY7YuyCDEBUXkX7Nas7VF3BLNPrC5pLuXJV

Request Chain 107

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEM6HKaWZVO4SlKCn-CnioJ4&google_cver=1&google_push=Aer7DvIFpsBCuP8es95pVtZuXOSltuOkAhP-CliXNAX91Skb5VunBUoxprHLF-JIo-WSKfTH3R2Gi5tCIB85kPUc6VNexq5CHKzP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aer7DvIFpsBCuP8es95pVtZuXOSltuOkAhP-CliXNAX91Skb5VunBUoxprHLF-JIo-WSKfTH3R2Gi5tCIB85kPUc6VNexq5CHKzP

Request Chain 108

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEMOMSCjtaN57DTNLLzjZkg&google_cver=1&google_push=Aer7DvIbTpP_0jnI6yBtXrmbWOg2ZqhlZQLQGedxAaPiL_pdk6GspCUGrD_nfdwFn4eBBGbHzr0zk8Omjb_P6TgK_QnqojnfiT2j HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aer7DvIbTpP_0jnI6yBtXrmbWOg2ZqhlZQLQGedxAaPiL_pdk6GspCUGrD_nfdwFn4eBBGbHzr0zk8Omjb_P6TgK_QnqojnfiT2j&google_gid=CAESEEMOMSCjtaN57DTNLLzjZkg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE0MTEzMDIzMDMyMzUzODIyNjA0MQ%3D%3D&google_push=Aer7DvIbTpP_0jnI6yBtXrmbWOg2ZqhlZQLQGedxAaPiL_pdk6GspCUGrD_nfdwFn4eBBGbHzr0zk8Omjb_P6TgK_QnqojnfiT2j

Request Chain 109

https://cs.media.net/cksync?type=g&google_gid=CAESEDFklcW-xCKHORjqKgboZww&google_cver=1&google_push=Aer7DvL-5MkLYVNoK_x6YZT5-XlMGQ7J1syO1k1YiK8NH7G4IhAt3O2JG4IYwW6CkzNtpNbNzD5Q4JA34BOjiQ8o5Tzoyako9L4K HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIzNzczOTI0ODgxODMwNzAwMFYxMA%3d%3d&mn_hm=MzIzNzczOTI0ODgxODMwNzAwMFYxMA%3d%3d&google_sc=1&google_push=Aer7DvL-5MkLYVNoK_x6YZT5-XlMGQ7J1syO1k1YiK8NH7G4IhAt3O2JG4IYwW6CkzNtpNbNzD5Q4JA34BOjiQ8o5Tzoyako9L4K&gdpr=&gdpr_consent=

Request Chain 110

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELOsGurOjYTi79mDWFJqFRk&google_cver=1&google_push=Aer7DvKlZDhxs9BXC2_XjOmndnx9r6XFUqY1l7HU4ZJgVK0yRQZatwbHEcy_PddOat77x_rCZHtHcibrw5P3b48VLiieX_c87mmW5Q HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELOsGurOjYTi79mDWFJqFRk&google_cver=1&google_push=Aer7DvKlZDhxs9BXC2_XjOmndnx9r6XFUqY1l7HU4ZJgVK0yRQZatwbHEcy_PddOat77x_rCZHtHcibrw5P3b48VLiieX_c87mmW5Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4f5d208a-d4db-4ac4-a192-25fd63d1f117&%%GOOGLE_PUSH_PAIR%%

Request Chain 112

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

109 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
fal3arda-new.com/ 58 KB
15 KB 261ms
211ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fal3arda-new.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 937b929aa78513b8b8014db1d4e357051bfd160effd65600e4b0c9896c11c59c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b38e82a5e021eb5-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 06 Apr 2023 09:12:03 GMT
last-modified: Thu, 06 Apr 2023 03:20:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqJtPBj5%2FWA44AzvLB1qyAVFcEMmLsrL1LXbOYoZNvFlCJZHKlFSXN8VmDdg9hSCKYxtWgvqdgf8b1EDyCls16q29fiER5OLoa4%2FhalLDdtx1gGDtdY4ZKflCPfAvrezXhsPTXC8vzzNMX1crMme"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 classic-themes.min.css
fal3arda-new.com/wp-includes/css/ 291 B
496 B 174ms
172ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fal3arda-new.com/wp-includes/css/classic-themes.min.css?ver=6.2
Requested by: Host: fal3arda-new.com
URL: https://fal3arda-new.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: public
date: Thu, 06 Apr 2023 09:12:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Mar 2023 04:49:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"642514ea-123"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LAoqy48doqQwr13IODCyCImp8txH5BfYii8zC4FFRQNsUrj84fOtjvxLpbfH68MeWBE81QckvKkymRz9s6lHVEooPC%2FXvvlu3BUzpxsCJp4Vc14XhkMdwAnL8s18ibWMJFKg%2Bx94mAIEWD%2FAGke"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7b38e82bbeec1eb5-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 06 May 2023 09:12:03 GMT

GET
H2 200 coderevolution-front.css
fal3arda-new.com/wp-content/plugins/rss-feed-post-generator-echo/styles/ 5 KB
2 KB 157ms
156ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fal3arda-new.com/wp-content/plugins/rss-feed-post-generator-echo/styles/coderevolution-front.css?ver=6.2
Requested by: Host: fal3arda-new.com
URL: https://fal3arda-new.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfbd2c38cedac96230249461652f7545821df940184d34baf90219843163af70

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: public
date: Thu, 06 Apr 2023 09:12:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 10 Feb 2023 19:41:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63e69dee-13c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2lnuFtpxXmk1fKSQhB%2Bb7wSc4HRwsZ4UB2rkWC9l6bk2WAszOHDWIihhjeiLxMJFbR%2FtwozXkyc0LqPdjOBXXVIIFpuAcicFO41iGM8IJ1WIosX9DAW%2F1SQfurQ9nbtbCq2NmURt6gxY02OiHD5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7b38e82bbeed1eb5-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 06 May 2023 09:12:03 GMT

GET
H2 200 echo-thumbnail.css
fal3arda-new.com/wp-content/plugins/rss-feed-post-generator-echo/styles/ 1 KB
556 B 172ms
171ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fal3arda-new.com/wp-content/plugins/rss-feed-post-generator-echo/styles/echo-thumbnail.css?ver=6.2
Requested by: Host: fal3arda-new.com
URL: https://fal3arda-new.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 349b786ffb07d8e1916e7e6bb6704393edf162afee6c1f93e4325aaa522cbb93

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: public
date: Thu, 06 Apr 2023 09:12:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 10 Feb 2023 19:41:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63e69dee-596"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DiHMee9sNr7mF9XPFWtgJpDnIM7xIcNp6eELyzqJYxvQ3%2BxGE4e14NFwuXq%2F4hxP1bya3XBNDYRSWw00SRQ9mur3V2%2FsrkFrdJ0Kl4A7%2FUWvOG4A0ZeEI7dcv9rBWM7b21DNnJzaauJh1VI7Ezp"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7b38e82bbeee1eb5-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 06 May 2023 09:12:03 GMT

GET
H2 200 NeoSansArabic.woff
fal3arda-new.com/wp-content/themes/AlbaKora4Live-v6/fonts/ 56 KB
57 KB 242ms
241ms Font
font/woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fal3arda-new.com/wp-content/themes/AlbaKora4Live-v6/fonts/NeoSansArabic.woff
Requested by: Host: fal3arda-new.com
URL: https://fal3arda-new.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6

Request headers

Referer: https://fal3arda-new.com/
Origin: https://fal3arda-new.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:03 GMT
cf-cache-status: MISS
last-modified: Sat, 12 Nov 2022 14:24:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "636fac87-e014"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsAwVHlA7bI5EElFUtEtUxslKusY7HZgmKGPrchK%2F0QlN2LZY1fWk4gtjsq0vS%2Fm3NfUmUgL6c0Zup5ZGPqQ692cFdRZAXcQi4B0M7UfVd%2B1dpuUfHb%2FM1Jc5MFiYTROpGfYrDW4y8ceHGI0STX4"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b38e82bbeef1eb5-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57364

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 132ms
94ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: fal3arda-new.com
URL: https://fal3arda-new.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a96f56c22e89075d1379d764b58d0958835cf35d4ad2ac986f9a1b4da21939dc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nf-request-id: 01GX6PA3DZZJ39KZCPK0HZW9TE
date: Thu, 06 Apr 2023 09:12:03 GMT
content-encoding: br
cf-cache-status: HIT
age: 987
cf-polished: origSize=4391
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"35bb9e6db9857fc569a17c544f386c1e-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 7b38e82bffecb734-AMS
link: <https://live.demand.supply/impl.v16.6.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/ZmFsM2FyZGEtbmV3LmNvbS8=>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 %D9%81%D9%8A-%D8%A7%D9%84%D8%B9%D8%A7%D8%B1%D8%B6%D8%A9.png
fal3arda-new.com/wp-content/uploads/2023/01/ 7 KB
8 KB 157ms
156ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fal3arda-new.com/wp-content/uploads/2023/01/%D9%81%D9%8A-%D8%A7%D9%84%D8%B9%D8%A7%D8%B1%D8%B6%D8%A9.png
Requested by: Host: fal3arda-new.com
URL: https://fal3arda-new.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f15a70c023c8153cd0adbb9469ad2ef6b0539680e3d2f7d9d4bb34e0bc8dd761

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:03 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7394
pragma: public
last-modified: Tue, 10 Jan 2023 09:45:46 GMT
server: cloudflare
etag: "63bd33ca-1ce2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nk2HATzJc%2F9%2FGb0SDl7%2BAmzX0AOwQz43pN5WhLV8DHtuZ4GjwHf6nTFHX9n37fONeLpTVsOTZ0hFKVItOzULErZx60s5%2Bwd34SJCTszkkujBk%2FTrlM0joU7opnJIP7UqIaipqsPkTXjCCilLnDLk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7b38e82bdef81eb5-AMS
expires: Sat, 06 May 2023 09:12:03 GMT

GET
H2 200 rocket-loader.min.js Show response
fal3arda-new.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 15ms
15ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fal3arda-new.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: fal3arda-new.com
URL: https://fal3arda-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 Mar 2023 12:31:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6419a395-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BymUULf%2FSNwKaucmdB%2BImOICeDFgcXfOAuz2eSL5xguC%2FFdr66EDnJcLh9xhP9eX%2FiPjyxGCgHkLNDM30okkKI4EvQyV87%2B2N8TMO5OYniomBt%2BBW5IecaezkPWsxU92JKJlC1oFv8%2BpwsdzUogO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7b38e82bdefa1eb5-AMS
expires: Sat, 08 Apr 2023 09:12:03 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 impl.v16.6.0.js Show response
live.demand.supply/ 73 KB
24 KB 23ms
22ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v16.6.0.js
Requested by: Host: fal3arda-new.com
URL: https://fal3arda-new.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bddfa06ed0f920fe2c6becef95256455be16d6a51c06a8a3f94391d779b60485

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nf-request-id: 01GX6NZ2W66BW8F2AEVG4RXPYH
date: Thu, 06 Apr 2023 09:12:03 GMT
content-encoding: br
cf-cache-status: HIT
age: 142001
cf-polished: origSize=74963
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"da46b296f47f9ba31cec02502d8a5798-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7b38e82c9873b734-AMS

GET
H2 200 ZmFsM2FyZGEtbmV3LmNvbS8= Show response
live.demand.supply/p4/v16-2-0/ 924 B
574 B 173ms
173ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-2-0/ZmFsM2FyZGEtbmV3LmNvbS8=
Requested by: Host: fal3arda-new.com
URL: https://fal3arda-new.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ccc16cf20636e77066ce647f362fed5f566d4d098f5560dd4ee2d36a5c2be21

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:03 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7b38e82c9875b734-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
497 B 54ms
36ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=133&cs=c&dsReferer=ZmFsM2FyZGEtbmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nf-request-id: 01GX4V9Y23TJNZVP1S6TY88R31
date: Thu, 06 Apr 2023 09:12:03 GMT
cf-cache-status: HIT
age: 143912
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7b38e82cb9320b05-AMS

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
26 KB 179ms
112ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58cac36272a8e720b5996068d37b268bac410ff37c5aa452ca9d0c30315cd24c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25654
x-xss-protection: 0
server: cafe
etag: 676 / 19453 / m202303300101 / config-hash: 10004049301988528966
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 09:12:03 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
641 B 44ms
27ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nf-request-id: 01GWM0CRZQRFXYY88SXWPABV0D
date: Thu, 06 Apr 2023 09:12:03 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 144078
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7b38e82cb92c0b05-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 944 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3 200 fal3arda-new.com_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 29 B
393 B 148ms
148ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/fal3arda-new.com_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmFsM2FyZGEtbmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.6.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38e3a04bc20c8c53ea2e800a6d937e561421b9b8138d9e633ff5e94700216ae5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:03 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7b38e82daa8f0b05-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/ 397 KB
123 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

991fe33155584583fa75319093a543a4f074e91a7db90ab8b6fbb2f39aa1023d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 08:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1064
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125910
x-xss-protection: 0
server: cafe
etag: 14470834828239977126
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 05 Apr 2024 08:54:19 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 387 B
229 B 117ms
55ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=fal3arda-new.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d29b2ba58070ce7ede5b9f0562d7dd941fe70335c085c7dcbc64307ed7db5306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 204
x-xss-protection: 0
expires: Thu, 06 Apr 2023 09:12:03 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 76ms
19ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: fal3arda-new.com
URL: https://fal3arda-new.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:05:34 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 51.254.41.128/25
etag: "-375139978"
content-type: text/javascript
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 4364
x-request-id: 760480918

GET
H3 200 106284-67791983-17597997-49651166-4659-6397-6385635764-594023-279091009570-0719-300x180.jpg
fal3arda-new.com/wp-content/uploads/2023/04/ 13 KB
14 KB 193ms
192ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fal3arda-new.com/wp-content/uploads/2023/04/106284-67791983-17597997-49651166-4659-6397-6385635764-594023-279091009570-0719-300x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98c409873ba1757c153d4d60685e4446dccdff87f09bb916a85b04a379b7cb4a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:03 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13649
pragma: public
last-modified: Thu, 06 Apr 2023 03:19:09 GMT
server: cloudflare
etag: "642e3a2d-3551"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zj1VlSxHF5P4coOlozFq3npO5ahIGyWoOrTfkECHvZ%2B26cOBMurLAbTrNImB7aBhpfZw%2B%2FOy%2BLHuGr8HsMjLjiVXiEHPlBV%2F2F2rLT4H7xrYoXVDoVOOfbw%2BNvOBr95kkcwRhB5MADdh6t6ZCyt1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7b38e82e7f2e06d2-AMS
expires: Sat, 06 May 2023 09:12:03 GMT

GET
H3 200 106286-844884-7930-4804500160-13790294-46764727689881-03379653431857-6157-300x180.png
fal3arda-new.com/wp-content/uploads/2023/04/ 13 KB
13 KB 206ms
203ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fal3arda-new.com/wp-content/uploads/2023/04/106286-844884-7930-4804500160-13790294-46764727689881-03379653431857-6157-300x180.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c51461ddf992bd177c48653bc7cbd8b544ba17de02440013eb377ddbb58470c4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:03 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13144
pragma: public
last-modified: Thu, 06 Apr 2023 03:19:10 GMT
server: cloudflare
etag: "642e3a2e-3358"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMU7%2FELPUWPiSZSmG%2B3sQjh1trHx8gBLMN9T0GSIuRxz2%2FxsVNgHgqLZeYcWv0fLaekc%2FOUVo%2BzwhG0RT0TOQGNa4VorUJMTW%2F5c49zKiTf8zefnf%2B8Nb%2BJTzTNN%2FFHH03O3yYWSmj%2BKoZtQK7sy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7b38e82e8f3306d2-AMS
expires: Sat, 06 May 2023 09:12:03 GMT

GET
H3 200 106282-46697619570224-62145944-2589-1149028353379392-4090-795115-937066155523-300x180.jpg
fal3arda-new.com/wp-content/uploads/2023/04/ 14 KB
14 KB 207ms
205ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fal3arda-new.com/wp-content/uploads/2023/04/106282-46697619570224-62145944-2589-1149028353379392-4090-795115-937066155523-300x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9e1e7b0f223c3b4197ef25a2715f6560b8a83e4769d6799b74b7bfdd2ff7ae6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:03 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13881
pragma: public
last-modified: Thu, 06 Apr 2023 01:20:19 GMT
server: cloudflare
etag: "642e1e53-3639"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AXXPRGy1PXo%2FAN%2FeVbg4mpyZ7kF%2BXlYldjD8QVVYnSUUmM40K%2F8tQgeU4YLtCdC5fkN5c7JOAW2Lmi61QdI%2BpwZCb%2BVeRFRTCccCrJGBOHiDumxyFOz9e9vgxqDs9WkWPgnFMAmGt%2BwviHSM3xZv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7b38e82e8f3406d2-AMS
expires: Sat, 06 May 2023 09:12:03 GMT

GET
H3 200 106278-636225-37771622-458545-4742252494-854260084378-322326717267-2375044593-300x180.jpg
fal3arda-new.com/wp-content/uploads/2023/04/ 14 KB
15 KB 201ms
199ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fal3arda-new.com/wp-content/uploads/2023/04/106278-636225-37771622-458545-4742252494-854260084378-322326717267-2375044593-300x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c510f1adbec9c66dd6918f512ea4e4eef3966f3765ddb55eba254fd9a33c1dab

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:03 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14417
pragma: public
last-modified: Thu, 06 Apr 2023 01:20:15 GMT
server: cloudflare
etag: "642e1e4f-3851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G8yTRxMZAEaQAW4ktDma9zNdnNtCAm7VNXRG72LGXZupEY6I194FMB3s%2FUWSURITNuvYOrbBB%2F9eE2iwNBleylVsX2FcqWod3XH5LuCfm72d1aWE%2FfeoDuml69dda6iMDCx03pEPc9nH8QnCQ%2FNA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7b38e82e8f3506d2-AMS
expires: Sat, 06 May 2023 09:12:03 GMT

GET
H3 200 106280-819089-6743985100-55212110459995-909724515798-94892986-90180658-3481-06-300x180.jpg
fal3arda-new.com/wp-content/uploads/2023/04/ 17 KB
18 KB 215ms
213ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fal3arda-new.com/wp-content/uploads/2023/04/106280-819089-6743985100-55212110459995-909724515798-94892986-90180658-3481-06-300x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd79eaa7b72bf74ae80978d6794692281bc9749f168412df7e05973963d42c2c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:03 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17618
pragma: public
last-modified: Thu, 06 Apr 2023 01:20:17 GMT
server: cloudflare
etag: "642e1e51-44d2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4mJfDtEj9WZWlOnQmPgAMwJWGjhmZZxhpTuTgHk38TgNs7o5CWLjAetlkkl6%2FUUJBR%2FQyGpQInBdBr%2B4gF8wVs2DeMmyt7krV3cR5FKlS%2Bbb%2BCT3ziVhM3bw67ZtnQOxvYrtM54K3YIYwmSlp0Z"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7b38e82e8f3706d2-AMS
expires: Sat, 06 May 2023 09:12:03 GMT

GET
H3 200 106270-91736587-633615785580-21343727-311315353989-1692817265-73559508-0971-89-300x180.png
fal3arda-new.com/wp-content/uploads/2023/04/ 17 KB
18 KB 188ms
186ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fal3arda-new.com/wp-content/uploads/2023/04/106270-91736587-633615785580-21343727-311315353989-1692817265-73559508-0971-89-300x180.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d58dae93fc3a9e8ae752be24e5b29f41b7276a86524a1231ffa8a688c4a04509

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:03 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17526
pragma: public
last-modified: Thu, 06 Apr 2023 00:17:17 GMT
server: cloudflare
etag: "642e0f8d-4476"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SnvTBK9lK%2BPFJEBkPUdV98LlomJOJOV7q8tARkVF9sAVONPIsgbihfot%2B17azCTM0pGfAS5XhjMzy0yiDW8bn0V7E1LB6wYK1Sn11qv5OjQ0CSKiteX%2FmYTE7XVjTLgwZt%2Bzwb%2BQH7vplmmkGThH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7b38e82e8f3806d2-AMS
expires: Sat, 06 May 2023 09:12:03 GMT

GET
H3 200 106266-7489-3784-86615931-265606-1960-771319741846387191-331561-27523598-1474-8972-300x180.jpg
fal3arda-new.com/wp-content/uploads/2023/04/ 13 KB
13 KB 218ms
216ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fal3arda-new.com/wp-content/uploads/2023/04/106266-7489-3784-86615931-265606-1960-771319741846387191-331561-27523598-1474-8972-300x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cad778bd90f07391809c637cd19384a2fee597ec43363392d0471ab862c3be4a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:03 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13029
pragma: public
last-modified: Thu, 06 Apr 2023 00:17:14 GMT
server: cloudflare
etag: "642e0f8a-32e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhFPqUYs%2B6MEzElPKMxnGtS9iln01jRZ4gXYtag5da1ap3wRNMPc%2BrEb4YROtgw40dTk7Aq2K9m4uGs%2B%2BtTf7ZiN62ScuvVKbkAOsRqj31FUh%2FyH4FYjDmRoAMwzID2pOE%2Bd7QLBrJWZ1Svngw2l"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7b38e82e8f3c06d2-AMS
expires: Sat, 06 May 2023 09:12:03 GMT

GET
H3 200 106268-0408-059813-33557844-1987640750979254-7180323780-77375421-5464345183-03-300x180.jpg
fal3arda-new.com/wp-content/uploads/2023/04/ 12 KB
12 KB 174ms
172ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fal3arda-new.com/wp-content/uploads/2023/04/106268-0408-059813-33557844-1987640750979254-7180323780-77375421-5464345183-03-300x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b74d7621c063d9aa235090faf1c8ad7b13c1a748813c38d591cd18df09d52b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:03 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11845
pragma: public
last-modified: Thu, 06 Apr 2023 00:17:16 GMT
server: cloudflare
etag: "642e0f8c-2e45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXx0xKaHdjiQJc6eXjgAMK8IX%2BG6zOSXtOQy%2B%2B3RqCfP0JuX1RKwzdXY3Madtr56775gk%2B0gYOesJYkbGd2wnRyy4958X1LHh1Yp3XrerIIdMqJwP7QL0OhnizgO8Tg6CYtxZEzJFiwwkeeVygx0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7b38e82e8f3e06d2-AMS
expires: Sat, 06 May 2023 09:12:03 GMT

GET
H3 200 106262-25151364-433082-215375128419-102649-631339372737-895685736553-83116414-300x180.jpg
fal3arda-new.com/wp-content/uploads/2023/04/ 14 KB
15 KB 205ms
203ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fal3arda-new.com/wp-content/uploads/2023/04/106262-25151364-433082-215375128419-102649-631339372737-895685736553-83116414-300x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f87d52f2a8f5b5a6606d892e5ab7a3441c4ea3b85d41d43010afd388b118556

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:03 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14843
pragma: public
last-modified: Thu, 06 Apr 2023 00:17:11 GMT
server: cloudflare
etag: "642e0f87-39fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=as5CbSqZmuCXfi%2BEYpajiF7nUyaLEJk3%2BcNJvIsHq0fnCfjqzfT%2FJR8FEuIUciXvRrLNETERO8xBM1LnPb2txkM8NpVzrtydrbbFXQqpeAbiWfAODmv5MInDnuwMLXXHHlqJhY12tWpPFWsfPfhU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7b38e82e8f4006d2-AMS
expires: Sat, 06 May 2023 09:12:03 GMT

GET
H3 200 106264-5227501354-69343872-466719194971-913757-008813522259-33773121-314735-300x180.jpeg
fal3arda-new.com/wp-content/uploads/2023/04/ 14 KB
15 KB 219ms
217ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fal3arda-new.com/wp-content/uploads/2023/04/106264-5227501354-69343872-466719194971-913757-008813522259-33773121-314735-300x180.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 077194375e658814d1bf159458d390ee40f95e6acbe39c51c62f8a49064d5029

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:03 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14538
pragma: public
last-modified: Thu, 06 Apr 2023 00:17:12 GMT
server: cloudflare
etag: "642e0f88-38ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzGSZoNoZnhcnWs69L0VmJJS%2B347JmbgFcq8om0pQAJ1A4et5HeFfNsr3t2G8mzjizEPnkDd1VlSHSwHG66QslIM%2BEvt%2F60XZWl1IGULRTOQMpyKETaYFcwiI6ptDw27%2BrAVTRr%2BvyFhf7TI8ZN3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7b38e82e8f4206d2-AMS
expires: Sat, 06 May 2023 09:12:03 GMT

GET
H3 200 106258-624330325048-77124904055035-00372402623438-82013433627840-36077050-300x180.jpg
fal3arda-new.com/wp-content/uploads/2023/04/ 19 KB
20 KB 219ms
217ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fal3arda-new.com/wp-content/uploads/2023/04/106258-624330325048-77124904055035-00372402623438-82013433627840-36077050-300x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 746a3b2f45f8a679c41fb7732b19ef1228215855cccc379451503022a2dd6cb5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:03 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19704
pragma: public
last-modified: Wed, 05 Apr 2023 23:17:56 GMT
server: cloudflare
etag: "642e01a4-4cf8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etLPhNCvcgyAx0oJAZUfmBisNt98NaBTkaLVY5VPVOegmrv5sXtY76ZuO6vW2lv00UhK0vV%2FZFeGatFeTBJHFptkXHnE0EakPGYc7Ye7ImLIMg9u%2FZU%2B9WFMdllChDWsUj8%2BL%2F%2BS97Lbn%2Bun8DKM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7b38e82e8f4306d2-AMS
expires: Sat, 06 May 2023 09:12:03 GMT

GET
H3 200 106260-04356769-4411499241-05551940-6762122757-1940246546-41873610920962-8415-300x180.jpg
fal3arda-new.com/wp-content/uploads/2023/04/ 10 KB
10 KB 161ms
159ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fal3arda-new.com/wp-content/uploads/2023/04/106260-04356769-4411499241-05551940-6762122757-1940246546-41873610920962-8415-300x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbadd11886434fc7da8e1c6b492e6cdac378d371883e2195047efe76f76cb4c5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:03 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9795
pragma: public
last-modified: Wed, 05 Apr 2023 23:17:57 GMT
server: cloudflare
etag: "642e01a5-2643"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQ9kue2gpFB5%2BcvIUatbNWFc%2FxXGoFIE6TfjDHL6%2F1Hq9I5NrUXu39CsY3KS34cuZMfwANSU7PqXlEmhIb3El%2FKMeER3fnDOgSGsDagXc417TDiAmqgaypUMiiiVOlZypf6C35gL4XIbTRqrTqHg"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7b38e82e8f4506d2-AMS
expires: Sat, 06 May 2023 09:12:03 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
500 B 23ms
22ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=fal3arda-new.com_auto_728x90_sticky_display_bottom&pdc=0.1199928492307663&ucv=null&e=tcp&dsReferer=ZmFsM2FyZGEtbmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.6.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nf-request-id: 01GX4V9Y23TJNZVP1S6TY88R31
date: Thu, 06 Apr 2023 09:12:03 GMT
cf-cache-status: HIT
age: 143912
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7b38e82eabeb0b05-AMS

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 24ms
24ms Stylesheet
text/css 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nf-request-id: 01GTP882AJGXJCM3VNH3JF57QN
date: Thu, 06 Apr 2023 09:12:03 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 1050084
etag: W/"14c5381be186641471a926a081d90c88-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7b38e82ead621c8f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
531 B 116ms
28ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=fal3arda-new.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 89ms
28ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fal3arda-new.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
652 B 498ms
497ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1189340139285044&correlator=4134880780346765&eid=21065724&output=ldjh&gdfp_req=1&vrg=202303300101&ptt=17&impl=fif&iu_parts=44890869%3A22853861021%2Cca-pub-3831894559014614-tag%2Cf2dbc6c8-7c5c-40fd-837a-f1edea333b10&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=1496929532&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3Df2d3b322-f149-4ecf-b63b-db8bf7760251%26pof%3D0%26interstitials-bid%3D2%26bid-p%3Dgoogle%26bsc%3D41&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1680772323643&lmt=1680751210&dlt=1680772323148&idt=419&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ffal3arda-new.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1959286589.1680772324&ga_sid=1680772324&ga_hid=702212571&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

409cdb41d0cc8bd2547be314101139e0bf161608a4c7ab1d023b8063e97e15bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 622
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fal3arda-new.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
7 KB 341ms
340ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1189340139285044&correlator=1621024690383075&eid=21065724&output=ldjh&gdfp_req=1&vrg=202303300101&ptt=17&impl=fif&iu_parts=44890869%3A22853861021%2Cca-pub-3831894559014614-tag%2C0579983d-e471-436b-b409-8812b21ea2ab&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&adks=3822491207&sfv=1-0-40&prev_scp=ti%3Df2d3b322-f149-4ecf-b63b-db8bf7760251%26pof%3D0%26bid%3D0.04%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D41&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1680772323650&lmt=1680751210&dlt=1680772323148&idt=419&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ffal3arda-new.com%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1959286589.1680772324&ga_sid=1680772324&ga_hid=702212571&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d73f044d1bb058cd5b228d1202d7f61bc9b1b12744b6961a69dd2badabc164

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7116
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fal3arda-new.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 119ms
68ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202303300101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60a9fbf402b1fe2f96224c03c341141f8a0aff084ada2ae5f46c69f553d4fbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11259
x-xss-protection: 0

GET
H2 200 container.html Show response
3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0584 6 KB
3 KB 101ms
27ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fal3arda-new.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Apr 2023 09:12:03 GMT
expires: Fri, 05 Apr 2024 09:12:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/ 33 KB
12 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aefb4605e33667c5eab919352461823eb85bb1269482bc2c58d1446e1fe71b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 10:05:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83176
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11892
x-xss-protection: 0
server: cafe
etag: 14369727199939890373
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 04 Apr 2024 10:05:47 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 50 B
184 B 302ms
97ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4738867&@f16&@g1&@h1&@i1&@j1680772323668&@k0&@l1&@m%D9%81%D9%8A%20%D8%A7%D9%84%D8%B9%D8%A7%D8%B1%D8%B6%D8%A9%20-%20fel3arda%20%D8%A3%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:135237876&@b3:1680772324&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ffal3arda-new.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: dc43e0dbbe9f1395dce87f6dc73aeb9bbb49a06b23bbb6aeea91ee8b84b4e714

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 06 Apr 2023 09:12:03 GMT
Connection: close
Content-Length: 50
Content-Type: text/html;charset=UTF-8

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 84ms
34ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 06 Apr 2023 09:12:03 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FFDD 13 KB
5 KB 20ms
19ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fal3arda-new.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 3754
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Apr 2023 08:09:29 GMT
expires: Fri, 05 Apr 2024 08:09:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9DC4 783 B
1 KB 77ms
29ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

254c4927ebe60607fa8d741eecd4d07fc23a7fed5d707dc9873a3042eb405c8c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pCWMN2ueHtV4oINxm8t0QA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fal3arda-new.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-pCWMN2ueHtV4oINxm8t0QA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 06 Apr 2023 09:12:03 GMT
expires: Thu, 06 Apr 2023 09:12:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js Show response
pagead2.googlesyndication.com/bg/ Frame FFDD 36 KB
14 KB 58ms
19ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6a0ccee31f397086765dfacf790871ff937c6bc8db532880b8b3612ceed4a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 10:02:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14260
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Apr 2024 10:02:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9DC4 0
0 54ms
53ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202303300101&jk=1189340139285044&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 51ms
20ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 32127
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-yyz4568-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YtlqBeWk4CN9Ushw0J5T4AHAwKzJUpxeWBR6aZJ5uaUGQsPVbAg5ugTIpBUdYWj3qvo7NF%2BQXC7VVD3xmx2KrgxbxciKGvHYCvQTUyUnp5S9F8IrxmRUYW6FxPvbDkg0QlMgMVT5M6bRp8M5GZE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7b38e8313e8506d8-AMS

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 63ms
24ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

099c242b7f21357ba887e27ac080dd6799d369d07511e1a788c633f40a6790b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 13:19:47 GMT
server: cloudflare
x-amz-request-id: 2NH91815PXFAA8KB
age: 2998
etag: W/"c248fe2e1769ec0b3fd66c9a48efe1d4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7b38e8314c7c0e8c-AMS
x-amz-id-2: ayoTa5vhhjdlgQLsGFnDanMeD0/kzx4ArxMqMbJcjcEicJh0NW1/45iyYoGNtO1gV4bfg56ElEFx8atJIkiSCg==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 37 KB
11 KB 70ms
21ms Script
text/javascript 18.66.97.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-8.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 14:45:11 GMT
content-encoding: gzip
via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 22:36:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 66414
x-amz-server-side-encryption: AES256
etag: W/"4fd6c99ca40fed5d11cbd9e1b76a92f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: X9YdqMSJ3YxeCj3c3w4nkfJ5KzXDgkF9CrSjS7HbSL5_MmZlTh_zCg==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 79ms
18ms Script
text/javascript 2600:9000:2250:7600:a:e047:752:b361
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7600:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 06 Apr 2023 04:34:44 GMT
Via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Jan 2023 04:07:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 16640
x-amz-server-side-encryption: AES256
ETag: "aded621b17723f487b3c9d0e43cf2f94"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859
X-Amz-Cf-Id: FlFd8lYuXsXJLw3t0xW_cUhXsO8keCd2Z2vheJmB4yv1HCAwQdKnMA==

GET
H2 200 container.html Show response
3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DF15 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fal3arda-new.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Apr 2023 09:12:03 GMT
expires: Fri, 05 Apr 2024 09:12:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 20ms
20ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.04&b=2&r=fal3arda-new.com_auto_728x90_sticky_display_bottom&sy=1776a27e-a355-447f-877f-9e98c32c92ac&ts=41&cd=2&pud=133&pus=c&pue=402&pid=27&pis=c&pie=428&ppd=175&pps=a&ppe=577&pcl=459&ttc=579&tti=1129&ttif=0&lca=577&lcak=ppe&lct=577&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=fal3arda-new.com&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=f2d3b322-f149-4ecf-b63b-db8bf7760251&e=lm&dsReferer=ZmFsM2FyZGEtbmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.6.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nf-request-id: 01GX4V9Y23TJNZVP1S6TY88R31
date: Thu, 06 Apr 2023 09:12:04 GMT
cf-cache-status: HIT
age: 143913
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7b38e8311f580b05-AMS

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3676 624 B
826 B 129ms
59ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKWQ9cICEMTp4s4CGJDy5-IBMAE&v=APEucNWQK6w5Pbk3o6YMnAi36yltqs6ifabWv6gsQzSRll2QK478of0smVWdgFtLyl3mrozvuDaR3kKE8X2uLOxTt-0Ok917emVcb0ajyTwE3JdwUTKyMfb1DtbV3wwgsfSA8yFgVk1NYJROkyR5D7-_fJIGM_aUaExO4CHDCBC7RwEmdOjA7RIp9nyNig7yWHe8-zRY2GMGXVx5Yno3-JSWeUnfmMxPeQ

Requested by

Host: 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com
URL: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Apr 2023 09:12:04 GMT
expires: Thu, 06 Apr 2023 09:12:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DF15 78 KB
27 KB 96ms
95ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com
URL: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 09:12:04 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF15 42 B
63 B 55ms
53ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C-8kdA3PPG3Cr3EfqXHUf19XQ8qdgNGc137S5Pn5yEkGfhdx1SXKZWQzjI1ZFrt99DGWtnCyhnx_vlq1bMiIK_Ke6EzF1jcN3foTaCATOwKrNWCBc

Requested by

Host: 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com
URL: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 09:12:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF15 0
20 B 54ms
53ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16210575650446099246&x=1&ct=76

Requested by

Host: 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com
URL: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 09:12:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame DF15 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com
URL: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 07:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Apr 2023 07:53:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame DF15 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com
URL: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 14:16:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Apr 2023 14:16:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF15 159 KB
49 KB 892ms
844ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com
URL: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Apr 2023 09:12:04 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FFDD 0
10 B 18ms
18ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BeCrUw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
325 B 77ms
23ms XHR
text/plain 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://fal3arda-new.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fal3arda-new.com
date: Thu, 06 Apr 2023 09:12:03 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
335 B 116ms
32ms XHR
application/json 52.48.199.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.199.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-199-209.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: e0697898f82b1edecca9be22e1efb867f60ccac7e6d64957154ae663d7d9f34e

Request headers

Referer: https://fal3arda-new.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 09:12:04 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://fal3arda-new.com
cache-control: no-cache
x-server: 10.45.19.59
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF15 0
20 B 58ms
56ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8612295618275&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 09:12:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF15 0
20 B 58ms
57ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8612295618275&version=m202301230201&ct=76&x=1&cor=16210575650446098000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 09:12:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DF15 67 KB
31 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNHRK0py_wShZba5qteDP14byomFbaVcgyEyBxzbvlR5ZL7BolS589KyjSfyCbHDCq7Q88lc1eJQUzi5jk3bQfDD9JHQ&cry=1&dbm_d=AKAmf-DVz6gd78c1psCvnEH5gApEhD41si9WG-arqKC7QvV42clt5eFedy1lyag_B3DLzyB5BIn6k4Gs9-Y4OWcIhCGqs8F2kj3Z1oxliQKdtlLJ4i0evLHHzlT8Gh6--nouUvdl7p2PjD5oy9S2UxcCeizmPlBTHjerDJPfK0BWvSw0kInNDp-TPPhNaXRZZXf8TlmZ_p2wWl-uEZg2YnxO1CMBWWH_8dBa19a7CmPDMn6xHZOkjOYZHyJ6HHYEayHxjhWoUCANlUCQe9mM-gnHPzID7GViHzT8i_bTvSVnAWQyTqFVUem-KWWyndtN4YW_FOD5ZxRKuZBo5TvJd30g5gZOhq0N-NB96DY9vA9TsdOBZlbKgaRRzE0LGcSckqb3ZDcpS8NEMNaj2YB3cERILmi0TiYjWXVcdFF7uCPdteC0Aaub1DXJUVlzo7CxypRXy_N69Ae8mNabUIM2hg5-QUDdNQpekiYjIz6HP6iA4Vxlofqm27saGkNGkMKp_aKNBcL_8VojvOXoXDpvpNZopNImbJ5QBD5WxSKAnIZ_gPNmzJwR6WPiGhcahKMxbWiEtdQmuolXrP6BBzB10OaA3fcnbZwbGidlJuigaxBEU83DLnNHI35UoKj2TkJ0rVERwUUK-885q3y2fdjm7Tiu7FuZ9xcjo1LUWzn2YurpgwoCYZYR59E3hhMQ8RVsjHgPackKLJ8RIIk2T0r7KIb8azNaLJzhGHrTMJFcO5KkpbdjohUww9iMyvlkaL-xKoIpye_9JYmrMiYxRqMR6eaM0QUzfYdgFE96jygGPpKOXV9F6qPCDNnTNJeMenYuPW-dv85qdozcPAPG4uGUwkyjHv7CO0GKd1sa_Iy8FZ6FQ1t_CjDy8uyW1vIQFAzacI85Vo2GqxvfriVJDRFFRSQbiC_LqJVqmr7Xd3ecgw6rsRo6GJykiu2tz_JVU-uBx9cP8K0oxPaIcVnHhEYOLegHW-2rvRncV_TAfsZQ5iMzAuAGOx9uhCven1LyXWgzVY6q_DNFLe6p-BOp_ybGXsQ1yT5M-1tH9KcB_S2bBVEr-yaYQe_U6OL4YUc9oK-eOWz5sBZCkTopnJ-iGgRt_U8itvixbH9M9TrtHQ9gfkTSJFDJhz006bFgzw5CfQVJiQa2GgqJDvnmQwx6R7FKS7QyjxrjMqCCBKUuQWDu1DHGQdewCwcd1tV5PFGuJr2OlRYm4KYpEOvod-YIDIZVX_fdJZUj8iYtw2ibyzcFWgyfGZkVkSrpqFocpkKAbsUxrx3Y3fgOhepVigmXYMgl3LiVaNaHsHfJxsuSskprETzqnnOcT60bzFgofJwP421txqcxTA1J4EIDcvQx6jiziZghlM60gldkQp3Q8Hv8UhvyXnUdHm__miPlZD1v0R9Yf4AGRECqs6oI8clzQCsBjvkKXsaooY6HkOrT6SpZPiedUA_xK2fkPDIvRJSAF9ihhCDvxwb7ngtOKG7wW9Muf70kdLiXSlHxcHzYe-pw8BiKkiPK09XBG07_J3pcet62kVej6Uwvt_rCXPMLWXrDTC1SoDcIGPDCM0k0sguI9ZCWCUzod6GtrJsiyIiWTG_bMH8RgzpB0hA-2QucADhJh0PIjFq24AUgH2tvxe25Z1c-mj6CvObuKC7bn_q2B_Yb2naKR-gr97ufkueTTQlgt_8fvq13UHBIk2u9oGxFdcKsuxadi7fn39M9DtxvbjtLFqBoakj9ccut4bjC9ux7Hd343KYCrFXcMuuR-TaDD_rYg9qL3MUDY9YNRqhWB-3RAw_b-uEyefSBz9vrFgJCuE-D9gjYHoi8e1nQE54R4rZ543rh-B_6XD-RdOGo28bEKVMQ-zIFdv_YamCT6S72niYMZ2g1gbgJtegDXsNGuiO-VNsXp2SN3RBFZKTglzCUe7324P51LF_U7Wjic6drw9SZiHeMkUkKokQ7YMVt1mfi8xy-6J_cNgDITyGLpFlnPOI7QCG-HKLfa0YMNEqpFN6hnN-IzF4ojbZepvXcDxcLr6Xri2AimJH2ofP9n5F8W5SK1hgH7cPhb6OeIowycmo485iobt8SzjGk2PKv4XsQ0hrvJBrqR2oWopovuHdZvlRKJsz8DDcq2zv0YZ1blifVelKb033uVKZXXSw01XGbogZKqpF4z_8Sij6vRKV7Vo2oYbJWuyQqKUlU-T6jpD-hpWpMOqchZyHP4oObH6D53rc51H1gUuwJ-Pihp9zgaVzfiaeOSP4skrnIgorGxr6gWfPfvvQg1Wx4q0G4ybOVjLpqdIHnBvdUJWxjAW9EzIlXXiDtdAyXef_8ODB1d0gBo9KuLTc7XAammpGvE_BswVgWf2GdplDx4Y_Ghzh4uDy6FlpraHreHadKicKcOKNHSYyJF8NYPriSOZPRU8xDU0pep9juLcdawtJmciHpJDZQIQOV_JX7UWUiUAAab6tX38OGyZHIk6Dc9rPqSBPqT8N5MD7yNaq8yJ4v6ysPbJPg64mWUCNIsj9MHBbO_WrkkefEvY-3fi_AnfqruQE8xNVtdQ792E7gTEMeeX68RV2I2t-cZEcr9rRBIIEmQ6biNB9ST2gj0Q-rg5dAYiWytLIUPoGFSc7jENbvIf8LMJSAF_lODm_ZzD2XwyA0UFeErmW3ii3abPWrVtAqbxY2q0YuEC-f--NQJngIajTyz56tQD9sIilaz43G4mD-WvdMMaiyBv64FLKsPOseIcKdyNDMFhoUrzo0cNhUh9dYVFs5r-Cm9bHtUw9qjLVnwJLzjyssRQn08Y2KuSuCLRJZDj4yuL_e23iWcKWhRdswG8LZoxrtYQx0VxsAgp2QwMW4GyoJ7eUlmuxNRgsHMPK1Llwpi8xCnP-Tq4LAlffDe24E566LK7X28LwkCbuPGh1173M8HCSSuNBPm9G5FcMs5oeR7bUMpZIre9zhcm4tUVJO4sV0CMMvtebyOCks48QPAZzLLPtfCOhHVrliHxvR3q0KPvLutLBOJDg40kwWXKFZcH8JrMWmrj6RieUZlFr-iVT3gUKxm81m1c8bVTPf8dXfZqmXIysQviRAP7ABAkL6kGxjqwpH2cM1FTGZ_qYTfIxVCZ7uJYrrW48Nbd2ByhoEAAbzTxDYPPbK88HyLZcXE2K6sDcWqqCN62BFwOHnpNOOWhANyhWf8cYEDQzOXeuNN6goU4DUL8oZaTRvrS9P9yMcHA2hpDkd_dh-0PpS7HcIHGhkSxYkFFN1pqn-BhdS2J5as_YFDhdFQqSRfyJ8F1jhWRlDqowsxau7Uk4ZPIvEE4lDPnDOoj3m2B8y10x4FJTAb13rpGfE3pVvkgr3-runQLF60ncq1UMEpip4JP69m-IIJXLNI5UO7R1KIT7CxO5JnGU6b6f7BEp5y9JLsixzf4uykL31FLk27b8C6bU4-rdcs_q4gBHDV4Pc9l2_4yLVGEb3SxztiYXzKFF2C0SpSgRY&cid=CAQSSwDUE5ymW4VqLGHZy1w4r3zk7Ab7Mgis-SN094QkcOyqgCglRQZmh-4LZsLzwnk4mcnLmSveXPeUzTv0pYI8aWSe239O8DsgpVfraRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Ffal3arda-new.com%2F&ds=l&xdt=1&iif=1&cor=16210575650446098000&adk=250412560&idt=106&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d97c4a2e7f556ecba865991a44af6e3444082416fff2fb39381a894857c891b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 09:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31620
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
498 B 33ms
33ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=fal3arda-new.com_auto_interstitial_desktop&e=nai&dsReferer=ZmFsM2FyZGEtbmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.6.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nf-request-id: 01GX4V9Y23TJNZVP1S6TY88R31
date: Thu, 06 Apr 2023 09:12:04 GMT
cf-cache-status: HIT
age: 143913
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7b38e832087b0b05-AMS

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
165 B 31ms
30ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=fal3arda-new.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 28ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fal3arda-new.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 147 KB
44 KB 438ms
438ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1189340139285044&correlator=882277628312208&eid=21065724&output=ldjh&gdfp_req=1&vrg=202303300101&ptt=17&impl=fif&iu_parts=44890869%3A22853861021%2Cca-pub-3831894559014614-tag%2C94a76bd1-9ccd-47b8-849a-d3e56dae93e2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&adks=3595137289&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3Df2d3b322-f149-4ecf-b63b-db8bf7760251%26pof%3D0%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D41&eri=1&sc=1&cookie=ID%3D5f6ba432a4eb2d7d%3AT%3D1680772323%3AS%3DALNI_MZ_-91jRNg6OMx0UpEemikPMoBzbg&gpic=UID%3D00000bd27669a3ef%3AT%3D1680772323%3ART%3D1680772323%3AS%3DALNI_MZIY9km7lTXIT9wCwZbM-t6FWi8lQ&abxe=1&dt=1680772324168&lmt=1680751210&dlt=1680772323148&idt=419&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ffal3arda-new.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1959286589.1680772324&ga_sid=1680772324&ga_hid=702212571&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYo7XZrvUwSABSAghkEhsKDGlkNS1zeW5jLmNvbRi-ttmu9TBIAFICCGoSGQoKcHViY2lkLm9yZxjbtdmu9TBIAFICCGoSGQoKdWlkYXBpLmNvbRijtdmu9TBIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc3d62350217e310fdbb27404105b9ba48f3a5e1de6de189562d549d6644fc8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45504
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fal3arda-new.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3676
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKV34ZH5d4TNkVKXgT9_Wl0&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKV34ZH5d4TNkVKXgT9_Wl0&google_cver=1&C=1

43 B
632 B

38ms
30ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKV34ZH5d4TNkVKXgT9_Wl0&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKWQ9cICEMTp4s4CGJDy5-IBMAE&v=APEucNWQK6w5Pbk3o6YMnAi36yltqs6ifabWv6gsQzSRll2QK478of0smVWdgFtLyl3mrozvuDaR3kKE8X2uLOxTt-0Ok917emVcb0ajyTwE3JdwUTKyMfb1DtbV3wwgsfSA8yFgVk1NYJROkyR5D7-_fJIGM_aUaExO4CHDCBC7RwEmdOjA7RIp9nyNig7yWHe8-zRY2GMGXVx5Yno3-JSWeUnfmMxPeQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Apr 2023 09:12:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 06 Apr 2023 09:12:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEKV34ZH5d4TNkVKXgT9_Wl0&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3676
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZC6M5Cf0s8BYbj0mTr-WKAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDUWNLFIQQNlJOB7f6VpZwc&google_cver=1

43 B
632 B

37ms
37ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDUWNLFIQQNlJOB7f6VpZwc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKWQ9cICEMTp4s4CGJDy5-IBMAE&v=APEucNWQK6w5Pbk3o6YMnAi36yltqs6ifabWv6gsQzSRll2QK478of0smVWdgFtLyl3mrozvuDaR3kKE8X2uLOxTt-0Ok917emVcb0ajyTwE3JdwUTKyMfb1DtbV3wwgsfSA8yFgVk1NYJROkyR5D7-_fJIGM_aUaExO4CHDCBC7RwEmdOjA7RIp9nyNig7yWHe8-zRY2GMGXVx5Yno3-JSWeUnfmMxPeQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Apr 2023 09:12:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 06 Apr 2023 09:12:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDUWNLFIQQNlJOB7f6VpZwc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3676
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELib-n9s3rwPX5xZHUG1ixA&google_cver=1

43 B
1 KB

42ms
42ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELib-n9s3rwPX5xZHUG1ixA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKWQ9cICEMTp4s4CGJDy5-IBMAE&v=APEucNWQK6w5Pbk3o6YMnAi36yltqs6ifabWv6gsQzSRll2QK478of0smVWdgFtLyl3mrozvuDaR3kKE8X2uLOxTt-0Ok917emVcb0ajyTwE3JdwUTKyMfb1DtbV3wwgsfSA8yFgVk1NYJROkyR5D7-_fJIGM_aUaExO4CHDCBC7RwEmdOjA7RIp9nyNig7yWHe8-zRY2GMGXVx5Yno3-JSWeUnfmMxPeQ

Protocol

HTTP/1.1

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Apr 2023 09:12:04 GMT
AN-X-Request-Uuid: 05860073-4d68-4b66-8170-c46723a3c7a8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 95.211.95.247; 95.211.95.247; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Apr 2023 09:12:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELib-n9s3rwPX5xZHUG1ixA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3676
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc2MDYwMjk0NDU1NjgyNjI4

170 B
243 B

29ms
29ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc2MDYwMjk0NDU1NjgyNjI4

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 09:12:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 06 Apr 2023 09:12:04 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 95.211.95.247; 95.211.95.247; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 794fe5e2-4511-4722-83e9-fbd4db356c7b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc2MDYwMjk0NDU1NjgyNjI4
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230404/r20110914/ Frame DF15 28 KB
11 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230404/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNHRK0py_wShZba5qteDP14byomFbaVcgyEyBxzbvlR5ZL7BolS589KyjSfyCbHDCq7Q88lc1eJQUzi5jk3bQfDD9JHQ&cry=1&dbm_d=AKAmf-DVz6gd78c1psCvnEH5gApEhD41si9WG-arqKC7QvV42clt5eFedy1lyag_B3DLzyB5BIn6k4Gs9-Y4OWcIhCGqs8F2kj3Z1oxliQKdtlLJ4i0evLHHzlT8Gh6--nouUvdl7p2PjD5oy9S2UxcCeizmPlBTHjerDJPfK0BWvSw0kInNDp-TPPhNaXRZZXf8TlmZ_p2wWl-uEZg2YnxO1CMBWWH_8dBa19a7CmPDMn6xHZOkjOYZHyJ6HHYEayHxjhWoUCANlUCQe9mM-gnHPzID7GViHzT8i_bTvSVnAWQyTqFVUem-KWWyndtN4YW_FOD5ZxRKuZBo5TvJd30g5gZOhq0N-NB96DY9vA9TsdOBZlbKgaRRzE0LGcSckqb3ZDcpS8NEMNaj2YB3cERILmi0TiYjWXVcdFF7uCPdteC0Aaub1DXJUVlzo7CxypRXy_N69Ae8mNabUIM2hg5-QUDdNQpekiYjIz6HP6iA4Vxlofqm27saGkNGkMKp_aKNBcL_8VojvOXoXDpvpNZopNImbJ5QBD5WxSKAnIZ_gPNmzJwR6WPiGhcahKMxbWiEtdQmuolXrP6BBzB10OaA3fcnbZwbGidlJuigaxBEU83DLnNHI35UoKj2TkJ0rVERwUUK-885q3y2fdjm7Tiu7FuZ9xcjo1LUWzn2YurpgwoCYZYR59E3hhMQ8RVsjHgPackKLJ8RIIk2T0r7KIb8azNaLJzhGHrTMJFcO5KkpbdjohUww9iMyvlkaL-xKoIpye_9JYmrMiYxRqMR6eaM0QUzfYdgFE96jygGPpKOXV9F6qPCDNnTNJeMenYuPW-dv85qdozcPAPG4uGUwkyjHv7CO0GKd1sa_Iy8FZ6FQ1t_CjDy8uyW1vIQFAzacI85Vo2GqxvfriVJDRFFRSQbiC_LqJVqmr7Xd3ecgw6rsRo6GJykiu2tz_JVU-uBx9cP8K0oxPaIcVnHhEYOLegHW-2rvRncV_TAfsZQ5iMzAuAGOx9uhCven1LyXWgzVY6q_DNFLe6p-BOp_ybGXsQ1yT5M-1tH9KcB_S2bBVEr-yaYQe_U6OL4YUc9oK-eOWz5sBZCkTopnJ-iGgRt_U8itvixbH9M9TrtHQ9gfkTSJFDJhz006bFgzw5CfQVJiQa2GgqJDvnmQwx6R7FKS7QyjxrjMqCCBKUuQWDu1DHGQdewCwcd1tV5PFGuJr2OlRYm4KYpEOvod-YIDIZVX_fdJZUj8iYtw2ibyzcFWgyfGZkVkSrpqFocpkKAbsUxrx3Y3fgOhepVigmXYMgl3LiVaNaHsHfJxsuSskprETzqnnOcT60bzFgofJwP421txqcxTA1J4EIDcvQx6jiziZghlM60gldkQp3Q8Hv8UhvyXnUdHm__miPlZD1v0R9Yf4AGRECqs6oI8clzQCsBjvkKXsaooY6HkOrT6SpZPiedUA_xK2fkPDIvRJSAF9ihhCDvxwb7ngtOKG7wW9Muf70kdLiXSlHxcHzYe-pw8BiKkiPK09XBG07_J3pcet62kVej6Uwvt_rCXPMLWXrDTC1SoDcIGPDCM0k0sguI9ZCWCUzod6GtrJsiyIiWTG_bMH8RgzpB0hA-2QucADhJh0PIjFq24AUgH2tvxe25Z1c-mj6CvObuKC7bn_q2B_Yb2naKR-gr97ufkueTTQlgt_8fvq13UHBIk2u9oGxFdcKsuxadi7fn39M9DtxvbjtLFqBoakj9ccut4bjC9ux7Hd343KYCrFXcMuuR-TaDD_rYg9qL3MUDY9YNRqhWB-3RAw_b-uEyefSBz9vrFgJCuE-D9gjYHoi8e1nQE54R4rZ543rh-B_6XD-RdOGo28bEKVMQ-zIFdv_YamCT6S72niYMZ2g1gbgJtegDXsNGuiO-VNsXp2SN3RBFZKTglzCUe7324P51LF_U7Wjic6drw9SZiHeMkUkKokQ7YMVt1mfi8xy-6J_cNgDITyGLpFlnPOI7QCG-HKLfa0YMNEqpFN6hnN-IzF4ojbZepvXcDxcLr6Xri2AimJH2ofP9n5F8W5SK1hgH7cPhb6OeIowycmo485iobt8SzjGk2PKv4XsQ0hrvJBrqR2oWopovuHdZvlRKJsz8DDcq2zv0YZ1blifVelKb033uVKZXXSw01XGbogZKqpF4z_8Sij6vRKV7Vo2oYbJWuyQqKUlU-T6jpD-hpWpMOqchZyHP4oObH6D53rc51H1gUuwJ-Pihp9zgaVzfiaeOSP4skrnIgorGxr6gWfPfvvQg1Wx4q0G4ybOVjLpqdIHnBvdUJWxjAW9EzIlXXiDtdAyXef_8ODB1d0gBo9KuLTc7XAammpGvE_BswVgWf2GdplDx4Y_Ghzh4uDy6FlpraHreHadKicKcOKNHSYyJF8NYPriSOZPRU8xDU0pep9juLcdawtJmciHpJDZQIQOV_JX7UWUiUAAab6tX38OGyZHIk6Dc9rPqSBPqT8N5MD7yNaq8yJ4v6ysPbJPg64mWUCNIsj9MHBbO_WrkkefEvY-3fi_AnfqruQE8xNVtdQ792E7gTEMeeX68RV2I2t-cZEcr9rRBIIEmQ6biNB9ST2gj0Q-rg5dAYiWytLIUPoGFSc7jENbvIf8LMJSAF_lODm_ZzD2XwyA0UFeErmW3ii3abPWrVtAqbxY2q0YuEC-f--NQJngIajTyz56tQD9sIilaz43G4mD-WvdMMaiyBv64FLKsPOseIcKdyNDMFhoUrzo0cNhUh9dYVFs5r-Cm9bHtUw9qjLVnwJLzjyssRQn08Y2KuSuCLRJZDj4yuL_e23iWcKWhRdswG8LZoxrtYQx0VxsAgp2QwMW4GyoJ7eUlmuxNRgsHMPK1Llwpi8xCnP-Tq4LAlffDe24E566LK7X28LwkCbuPGh1173M8HCSSuNBPm9G5FcMs5oeR7bUMpZIre9zhcm4tUVJO4sV0CMMvtebyOCks48QPAZzLLPtfCOhHVrliHxvR3q0KPvLutLBOJDg40kwWXKFZcH8JrMWmrj6RieUZlFr-iVT3gUKxm81m1c8bVTPf8dXfZqmXIysQviRAP7ABAkL6kGxjqwpH2cM1FTGZ_qYTfIxVCZ7uJYrrW48Nbd2ByhoEAAbzTxDYPPbK88HyLZcXE2K6sDcWqqCN62BFwOHnpNOOWhANyhWf8cYEDQzOXeuNN6goU4DUL8oZaTRvrS9P9yMcHA2hpDkd_dh-0PpS7HcIHGhkSxYkFFN1pqn-BhdS2J5as_YFDhdFQqSRfyJ8F1jhWRlDqowsxau7Uk4ZPIvEE4lDPnDOoj3m2B8y10x4FJTAb13rpGfE3pVvkgr3-runQLF60ncq1UMEpip4JP69m-IIJXLNI5UO7R1KIT7CxO5JnGU6b6f7BEp5y9JLsixzf4uykL31FLk27b8C6bU4-rdcs_q4gBHDV4Pc9l2_4yLVGEb3SxztiYXzKFF2C0SpSgRY&cid=CAQSSwDUE5ymW4VqLGHZy1w4r3zk7Ab7Mgis-SN094QkcOyqgCglRQZmh-4LZsLzwnk4mcnLmSveXPeUzTv0pYI8aWSe239O8DsgpVfraRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Ffal3arda-new.com%2F&ds=l&xdt=1&iif=1&cor=16210575650446098000&adk=250412560&idt=106&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4681920200f339999ac3f6d4a6c5214d92e9a0edca00cfb91b28e3494ea03ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 14:17:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11009
x-xss-protection: 0
server: cafe
etag: 12368014760096651300
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Apr 2023 14:17:48 GMT

GET
H2 200 4060803545046672294
s0.2mdn.net/simgad/ Frame DF15 60 KB
61 KB 133ms
21ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/4060803545046672294

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

503c16f17f95f64947207584c58d11bc7e791d2c925ae5ab066221c6b905a77b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 21:26:34 GMT
x-content-type-options: nosniff
age: 474330
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61724
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 09:19:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Mar 2024 21:26:34 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230404/r20110914/elements/html/ Frame DF15 11 KB
4 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230404/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 14:17:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4123
x-xss-protection: 0
server: cafe
etag: 4541610132340792384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Apr 2023 14:17:48 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DF15 0
0 176ms
65ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstSzi9ykOn8r-7CWRn54298Zl2DZT8bs7VWtUz4EMHHSoUgyURcQpHpmY0kiA3IO_VvCKQMXLEKNYSRhD4-vgqzaQc8wocxxVNEq7aJXJf6QgR4JI5plg8JlcdWntJXk0oo9B-2VWU-ub2xcDVyWCNepintkmldT6B3tk3WoopUXLdKkZYhPJbwx_AOcBJrqoZUwjsm_GwmzqiDt7KJaNuscMCjiPH3CbYtZM1fZd7WXkd5EYiIlF_mQz56cd5SCOeJnPo5M4crABtQBg8BPfyZ8JcXim92lH5rmDt_PftBGz8ZkREToJXcyQNayfpFAEkObTEyxMCe8fwdjxDyWEnJBUOpGSZySOcViuHaihiEQbsx1Y_AF9ZhhdVlz2RioBhx1cTLf_PqfOw2nfZG8s7r1wKzkaoDiRp-JPW-xABQbtBi_QppmZojQ49dbbdUmuXWkVjLGvK85xRSgyihmmQnZtJtQWFflgqdp0av-7huSSrUlmps4ilZhs3NyXXX-PAEP40CdVnhNThRACaKyeO9RUsgChw2ii5BISK-MYTe5CnfLqvdLvcs6a3Who2pWmqYuQHx5SR-KYku61Rr_WeaXB9mlbeak9lAajj7iAQW8NgMBgIiLZGWA7eBqD4Ov9IjSZFahlcBaLu2iPXqqXKqToaim0tfjMQwKUoPmEhUCiUiuJ6-fjQJtrcYV3qLgJ-gg-MFUuFFF8B26WjoEJDR-gKJmK6U5kZB_Gr8vNwg0K8gwXMD97zxjcNGU2u02ch5GPmhbL-pPSVrxSc1k2I1zEiWJDpCi3foJpHXKTYisfq8C9Aoxncr2g7S4Rqotp1W89aGKDSFmHpu--MZpBUC0yks_cCLzJ6c9kFApb_MvdXVtrQ_02CTCvEi8To26S2unITn9tWfnwCgjsljd3zcXCUE-5BPB2rqgQ5XwmuADBQtaEfwWx16x6ksY9gaT1fyF9YdJhF-kJRj8qQSMXefG4_LDuRpTaDDbXnQd888J3K0MvCVnGQHb17O01pa8_61KvS9qtZvPA60_ufeEQjWFcUOLxVNLmoo6yqwqxItTLE8OEYkP56LoZkMT3Bs3ACGmXNi5zbO63fZmQTWmI724YrigMKWGlNp8tn6gzRfGpdszeooaheKFoRm0CRq2gYWCEOtP2iB8HruPraMB_bATZ7dCTInftgweupOV71RdIHGRF3yMysQ_M-0vqiOSIzhyTznsk05agBaekKzqXiFLlnxnsrtu2x20BJ1_02J7ZlqN7a7AGJKhkH3TZgWImC_zaQ&sai=AMfl-YQtOhuXV56Wbi_GcH-RlWf7RSSoYHM6XEFouYUhHcdtPjmU86N_geKWn8SWdcZiBkJw861iFUP6LwqGt2vcwstbZ-d5XmCF3sYnQKA7LQQP0ANgk51V7hvkLe8NGAxqyV-BoT4HhbRwxfFDWS8bC2rCNI_RBpVGrxBmUrPmhoyv40OES8Jh-JnQVpR8fv83yZf5X7qC5Vx6lTMMYt_Bh-DwfK4-O5LKxvmQGKiEXmZEHXnDPnKIpzm5MUp-nzl9OrxBCw6RWR_b18Zf-K-lKpstZ--Xve5X&sig=Cg0ArKJSzKfQWmeSKCIBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230404.78478&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 06 Apr 2023 09:12:04 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 06 Apr 2023 09:12:04 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DF15 41 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 11:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252045
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Apr 2024 11:11:19 GMT

GET
DATA 200
OK truncated
/ Frame DF15 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78f91ce10870f4a8a3e60c91722e1544116cb2d3beebd19f7b755fa48c1dee4e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9B08 22 KB
8 KB 24ms
22ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 252100
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Apr 2023 11:10:24 GMT
expires: Tue, 02 Apr 2024 11:10:24 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js Show response
pagead2.googlesyndication.com/bg/ Frame 9B08 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6a0ccee31f397086765dfacf790871ff937c6bc8db532880b8b3612ceed4a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 10:02:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14260
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Apr 2024 10:02:49 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DF15 0
0 58ms
57ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstSzi9ykOn8r-7CWRn54298Zl2DZT8bs7VWtUz4EMHHSoUgyURcQpHpmY0kiA3IO_VvCKQMXLEKNYSRhD4-vgqzaQc8wocxxVNEq7aJXJf6QgR4JI5plg8JlcdWntJXk0oo9B-2VWU-ub2xcDVyWCNepintkmldT6B3tk3WoopUXLdKkZYhPJbwx_AOcBJrqoZUwjsm_GwmzqiDt7KJaNuscMCjiPH3CbYtZM1fZd7WXkd5EYiIlF_mQz56cd5SCOeJnPo5M4crABtQBg8BPfyZ8JcXim92lH5rmDt_PftBGz8ZkREToJXcyQNayfpFAEkObTEyxMCe8fwdjxDyWEnJBUOpGSZySOcViuHaihiEQbsx1Y_AF9ZhhdVlz2RioBhx1cTLf_PqfOw2nfZG8s7r1wKzkaoDiRp-JPW-xABQbtBi_QppmZojQ49dbbdUmuXWkVjLGvK85xRSgyihmmQnZtJtQWFflgqdp0av-7huSSrUlmps4ilZhs3NyXXX-PAEP40CdVnhNThRACaKyeO9RUsgChw2ii5BISK-MYTe5CnfLqvdLvcs6a3Who2pWmqYuQHx5SR-KYku61Rr_WeaXB9mlbeak9lAajj7iAQW8NgMBgIiLZGWA7eBqD4Ov9IjSZFahlcBaLu2iPXqqXKqToaim0tfjMQwKUoPmEhUCiUiuJ6-fjQJtrcYV3qLgJ-gg-MFUuFFF8B26WjoEJDR-gKJmK6U5kZB_Gr8vNwg0K8gwXMD97zxjcNGU2u02ch5GPmhbL-pPSVrxSc1k2I1zEiWJDpCi3foJpHXKTYisfq8C9Aoxncr2g7S4Rqotp1W89aGKDSFmHpu--MZpBUC0yks_cCLzJ6c9kFApb_MvdXVtrQ_02CTCvEi8To26S2unITn9tWfnwCgjsljd3zcXCUE-5BPB2rqgQ5XwmuADBQtaEfwWx16x6ksY9gaT1fyF9YdJhF-kJRj8qQSMXefG4_LDuRpTaDDbXnQd888J3K0MvCVnGQHb17O01pa8_61KvS9qtZvPA60_ufeEQjWFcUOLxVNLmoo6yqwqxItTLE8OEYkP56LoZkMT3Bs3ACGmXNi5zbO63fZmQTWmI724YrigMKWGlNp8tn6gzRfGpdszeooaheKFoRm0CRq2gYWCEOtP2iB8HruPraMB_bATZ7dCTInftgweupOV71RdIHGRF3yMysQ_M-0vqiOSIzhyTznsk05agBaekKzqXiFLlnxnsrtu2x20BJ1_02J7ZlqN7a7AGJKhkH3TZgWImC_zaQ&sai=AMfl-YQtOhuXV56Wbi_GcH-RlWf7RSSoYHM6XEFouYUhHcdtPjmU86N_geKWn8SWdcZiBkJw861iFUP6LwqGt2vcwstbZ-d5XmCF3sYnQKA7LQQP0ANgk51V7hvkLe8NGAxqyV-BoT4HhbRwxfFDWS8bC2rCNI_RBpVGrxBmUrPmhoyv40OES8Jh-JnQVpR8fv83yZf5X7qC5Vx6lTMMYt_Bh-DwfK4-O5LKxvmQGKiEXmZEHXnDPnKIpzm5MUp-nzl9OrxBCw6RWR_b18Zf-K-lKpstZ--Xve5X&sig=Cg0ArKJSzKfQWmeSKCIBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=176&vt=11&dtpt=175&dett=2&cstd=0&cisv=r20230404.78478&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 06 Apr 2023 09:12:04 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B08 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=ByLnh5IwuZNWuC6mT9u8P98-K6AcAAAAAOAHgBAI&bg=!j4yljNjNAAYIJb0jKCU7ADkAdvg8WuPMcYtAgFBnWmcnfiO2bPqFRvRiUkpS9__HhitvYS8shghTaQ1bk-SCQf1ghC27YZdo8pgCAAAAm1IAAAACaAEHmQL1pkieaBe2S2bkUozKgXEpe1LItWLSm6hcd1T2Ln8alkJJP67qwVuz42_Cq9FPRmnzhrWfdCSXAxiQZUK6es47jY5hmEG2AZOrDcS3pw5_Ff95s3MRRKe7IrRQV-acFTeSBchFFCxdWpKK8Z5aPZHt2jpw3zi_ExA41Y5bgEj4fOk18eBp5evSePIfaJXP2EI8rMm7rT2quqVRIAnMfuxkxtsG6SbDXY6kVYpIC53V8uJ8rL6prxVvngXo6uaSSF31I-03tG4J5IdD59GQib2fIJVhl4ApuO33r8wlxa7I7Mhy0RkCp1EgyyDa259zOJf_Q62jIr2-vegv8RLHYgsjxTL1-cTBuLXN-K0LJz9q5U5dSkdlhzw62kvGMlaD-Id1mMf86NY2yUGi4vrjO0-ut5o8elAFRTgupNfyOeHqDJ-g0uYp_LUUmwo7cm9X4J5A-bhOJ34uyeJv0O036HO9mtm65JPC-RzPceYiauv1V6XaJGtXrHGmnxm9d1W6FpMXPlApm7d8Oj_bAJ9oOpEX5BxGnIUTQo6UmknqkwHSjXHjIHtWw8Qo6lYwttNU1Zt-Ct_Nr3_nAMF1qKOqKhlPqy15RCvlLTsA4F7XyMT-vmZgPHhHJwh1JWNVmwun4Yf3gLlxv-iGheShLpFD1-cgc8l18js6FbiH_3pVVjXJLlRriY9dzHX00cpKtP7Ve4boimZ6MOHOUPfkA67hn7wFTDP7QcC2D0CP1jSPyepkJbmdf2ynsOs6lekRz_WI7g-FTZG8TZvCx9cjwwfe5cfQOlx_9zoDtq_MDRQaJJHInXpvy_OiZti6AiLsBgXfylP5CpEBYDcWs3JJi2c0e4V1IYyR6vdJik9A2WfYpC6SoUUKIAx5LF7tcsGH8U-YNL9TxTzMNWIkS86CfYAIJ279cvdLkjUFHpDhwx-eEW-BcFGi13FWHsIH5ksxFXh9SJ_fek3eItMLNSH8g5LY8fQNoLc5aRRc5yKRCxrGqxZCF_DI4L1Keg

Requested by

Host: 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com
URL: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 09:12:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202303300101&jk=1189340139285044&bg=!x8SlxJDNAAYIJb0jKCU7ADkAdvg8Wp1tgR6RUUb7x8e7XAEBa1xD172YYbJRuOsnos9qdeVRo4X-ovI3LYdka4O8U6brHvFdWa4CAAAAWFIAAAACaAEHCgB1ufG7gIumXbZJxhaooeGYS6hHbd8Fg8BWMq-oe9i3q03j3UU5y66NZjd5MpbkruRj3FyRoAxrNJispOAZiF7K37BsFtKlAQWmS6uBoQHXUEjn8eZSYc01pVYoNwm0aUUD469qCuAVl4uvrhcGl_vR92f0kR0tmQKmEPTrsJRPW1heC-NCH3M1VmezQ7ci6x8KMC6zeyKcsYTvAcU5vwGwl2Iq6nYU2LeKzMTJbIknwnqFxuba91rrJif-aKQr3RvH-5EuaK16hcnlrm6l_OGGqNapIHRCtYZm5XLUc2fOlE-NQD0VHrTwoZr_Dd-P2ZlDcyCX4CV312hDOTneY13CNm1mD685niUF7pmmW7CUrRD7W2r44IRTGmly3xvGcZHHUg0WrLE8W2gQixdIwuhrQc-0Sah8_MYBGJOv2epuxlTwwZflUVGzRtwliDth5uqIXjdU5QbjgjSiQzywPNxrn-57UxSVPLDCyhDTaOzBXF63Qflk_ZMwl669BBl3ReUKjzhqpCnyZelcm0ijF9kVIEc8mVn5i4GfCXEHkNBvNhX6TArdyI1fHA_4xl8H4BnqT_hKkmDDx9UCuUH8vNmX6I1Cpf31l--3TPUumdHaITjnaEBLPBkUSjFmuj6M9F0ZUGkU2gu5-VDgfG5AjfvkSv4hZKOQ8v9o6A1qLkIgeu4m7zXYXDh9aELvp53daF6s0KT2MCeceuYNKVx9a4Z3zIvfRst0LfAEVHQUiT_q6JEO1sG1jDXvJhSGg77ME5dvMtS2RIpqP_mBKVW2ZIm1dU0ZWBMfazyBdL8MjF_zuy2gmtNFkKX4rrKL7dni8N-oJnsE3w_FunRPnQUYH7IqOJ9L5liCCAipPXjfWCgEPrPxF9yRY4HzqXcgjjfn_ujYisr1QwT7kMb0ea1NBULXzGvPOuDmZRFySCzW_fxHHKiVz74gtcmv1j00LZITugS7Vj8NC71N5zNCg1JUkZeMe1xCxj16wUUQf9tQLDlFzR1I4HZxzUiiNI9Vg-HPop-qFcZ9vMd3C3xp7uPC1-IO867A78FYq9MKUm9uLas2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 container.html Show response
3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9C28 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fal3arda-new.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Apr 2023 09:12:03 GMT
expires: Fri, 05 Apr 2024 09:12:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
498 B 23ms
22ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.91&b=2&r=fal3arda-new.com_auto_interstitial_desktop&sy=1776a27e-a355-447f-877f-9e98c32c92ac&ts=41&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=fal3arda-new.com&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=f2d3b322-f149-4ecf-b63b-db8bf7760251&e=lm&dsReferer=ZmFsM2FyZGEtbmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.6.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fal3arda-new.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nf-request-id: 01GX4V9Y23TJNZVP1S6TY88R31
date: Thu, 06 Apr 2023 09:12:04 GMT
cf-cache-status: HIT
age: 143913
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7b38e8350c6c0b05-AMS

GET
H2 200 css2
fonts.googleapis.com/ Frame 9C28 4 KB
1 KB 80ms
29ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com
URL: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Apr 2023 09:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 08:03:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Apr 2023 09:12:04 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0F49 8 KB
966 B 68ms
32ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: fal3arda-new.com
URL: https://fal3arda-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Apr 2023 09:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 07:50:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Apr 2023 09:12:04 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame 0F49 2 KB
765 B 19ms
19ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: fal3arda-new.com
URL: https://fal3arda-new.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 14:16:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Apr 2023 14:16:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/ Frame 0F49 22 KB
9 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/abg_lite_fy2021.js

Requested by

Host: fal3arda-new.com
URL: https://fal3arda-new.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 14:16:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Apr 2023 14:16:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame 0F49 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/window_focus_fy2021.js

Requested by

Host: fal3arda-new.com
URL: https://fal3arda-new.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 07:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Apr 2023 07:53:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame 0F49 20 KB
8 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: fal3arda-new.com
URL: https://fal3arda-new.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 14:16:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Apr 2023 14:16:07 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0F49 0
0 31ms
30ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRH2XMY2OGqGsuPZa1-ZAFQUV-RV1mANXXjXqNIuIwgm2xFDEJPI2vYSh-SBbzgC8JktoRx0jIckb7IC2bGGOUy-gyXIQ
Requested by: Host: fal3arda-new.com
URL: https://fal3arda-new.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0F49 159 KB
49 KB 250ms
249ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fal3arda-new.com
URL: https://fal3arda-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Apr 2023 09:12:04 GMT

GET
H2 200 44008b7cb3297f7f50c87c2397b9ea58.js Show response
www.gstatic.com/mysidia/ Frame 0F49 34 KB
15 KB 75ms
22ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/44008b7cb3297f7f50c87c2397b9ea58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: fal3arda-new.com
URL: https://fal3arda-new.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de2a3f5dabc1b655b163f59fde071d68c2ee1747f5f3eaecbd6594220caf4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 09:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 431082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14387
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 17:23:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 09:27:22 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/elements/html/ Frame 9C28 19 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com
URL: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 14:18:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8171
x-xss-protection: 0
server: cafe
etag: 2240023182167719722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Apr 2023 14:18:25 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9C28 205 B
518 B 73ms
26ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com
URL: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 08:28:35 GMT
x-content-type-options: nosniff
age: 2609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 05 Apr 2024 08:28:35 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9C28 604 B
694 B 72ms
27ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com
URL: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 07:10:02 GMT
x-content-type-options: nosniff
age: 7322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 05 Apr 2024 07:10:02 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C651 143 B
227 B 23ms
22ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com
URL: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 922
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Apr 2023 08:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B21B 1 KB
643 B 24ms
23ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com
URL: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 84877
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 09:37:27 GMT
etag: 48472445140208031
expires: Thu, 06 Apr 2023 09:37:27 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame B21B 0
104 B 168ms
25ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBVAxHVCLXojbqgtn1CBdAM&google_cver=1&google_push=Aer7DvIRahAUdwtMDWhGHJ-nFe4bvmtPAwzRsZdykjQQ6AqE4jv-UMYrGJG3MHDJrs3N5B6bfYM3aWJUaN_vIYDYbQAPsQ5Ojnow
Requested by: Host: 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com
URL: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 09:12:04 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B21B
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEMRPOm6UccVQACWdn0kSAa8&google_cver=1&google_push=Aer7DvLPdjnB4WXofCG-wOB_HntQcUI9oDtlhOfApfArBAkwTZFv0bmDWA1z0Y8VkctmwJYGbUJwu12Rjp3-ApaL5a6byiE7LjvL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MzhBQTFFNUZENkQ1NjFDQw==

170 B
188 B

43ms
42ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MzhBQTFFNUZENkQ1NjFDQw==

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 09:12:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MzhBQTFFNUZENkQ1NjFDQw==
date: Thu, 06 Apr 2023 09:12:05 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B21B
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEBYVuc5sS_Zde0Y6VOCSfkQ&google_cver=1&google_push=Aer7DvKwzzFK-nGGv475eAyARcvdE7i8-xmgVaSEm4Aj4EA4xFA548xMuFQePZnNsXY7YuyCDEBUXkX7Nas7VF3BLNPrC5p...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBYVuc5sS_Zde0Y6VOCSfkQ&google_cver=1&google_push=Aer7DvKwzzFK-nGGv475eAyARcvdE7i8-xmgVaSEm4Aj4EA4xFA548xMuFQePZnNsXY7YuyCDEBUXkX7Nas7VF3BLNPrC...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKwzzFK-nGGv475eAyARcvdE7i8-xmgVaSEm4Aj4EA4xFA548xMuFQePZnNsXY7YuyCDEBUXkX7Nas7VF3BLNPrC5pLuXJV

170 B
188 B

40ms
40ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKwzzFK-nGGv475eAyARcvdE7i8-xmgVaSEm4Aj4EA4xFA548xMuFQePZnNsXY7YuyCDEBUXkX7Nas7VF3BLNPrC5pLuXJV

Requested by

Host: 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com
URL: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 09:12:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKwzzFK-nGGv475eAyARcvdE7i8-xmgVaSEm4Aj4EA4xFA548xMuFQePZnNsXY7YuyCDEBUXkX7Nas7VF3BLNPrC5pLuXJV
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B21B
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEM6HKaWZVO4SlKCn-CnioJ4&google_cver=1&google_push=Aer7DvIFpsBCuP8es95pVtZuXOSltuOkAhP-CliXNAX91Skb5VunBUoxprHLF-JIo-WSKfTH3R2Gi5tCIB85kPUc...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aer7DvIFpsBCuP8es95pVtZuXOSltuOkAhP-CliXNAX91Skb5VunBUoxprHLF-JIo-WSKfTH3R2Gi5tCIB85kPUc6VNexq5CHKzP

170 B
188 B

42ms
42ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aer7DvIFpsBCuP8es95pVtZuXOSltuOkAhP-CliXNAX91Skb5VunBUoxprHLF-JIo-WSKfTH3R2Gi5tCIB85kPUc6VNexq5CHKzP

Requested by

Host: 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com
URL: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 09:12:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 06 Apr 2023 09:12:04 GMT
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aer7DvIFpsBCuP8es95pVtZuXOSltuOkAhP-CliXNAX91Skb5VunBUoxprHLF-JIo-WSKfTH3R2Gi5tCIB85kPUc6VNexq5CHKzP
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: btDNJ6ToJpF7s-oSI-ipGYnWbzKRTzIHVK-uoSJIx0oxb3EsAq7_3A==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B21B
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEMOMSCjtaN57DTNLLzjZkg&google_cver=1&google_push=Aer7DvIbTpP_0jnI6yBtXrmbWOg2ZqhlZQLQGedxAaPiL_pdk6GspCUGrD_nfdwFn4eBBGbHzr0zk8Omjb_P6TgK_QnqojnfiT2j
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aer7DvIbTpP_0jnI6yBtXrmbWOg2ZqhlZQLQGedxAaPiL_pdk6GspCUGrD_nfdwFn4eBBGbHzr0zk8Omjb_P6TgK_QnqojnfiT2...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE0MTEzMDIzMDMyMzUzODIyNjA0MQ%3D%3D&google_push=Aer7DvIbTpP_0jnI6yBtXrmbWOg2ZqhlZQLQGedxAaPiL_pdk6GspCUG...

170 B
188 B

42ms
41ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE0MTEzMDIzMDMyMzUzODIyNjA0MQ%3D%3D&google_push=Aer7DvIbTpP_0jnI6yBtXrmbWOg2ZqhlZQLQGedxAaPiL_pdk6GspCUGrD_nfdwFn4eBBGbHzr0zk8Omjb_P6TgK_QnqojnfiT2j

Requested by

Host: 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com
URL: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 09:12:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE0MTEzMDIzMDMyMzUzODIyNjA0MQ%3D%3D&google_push=Aer7DvIbTpP_0jnI6yBtXrmbWOg2ZqhlZQLQGedxAaPiL_pdk6GspCUGrD_nfdwFn4eBBGbHzr0zk8Omjb_P6TgK_QnqojnfiT2j
date: Thu, 06 Apr 2023 09:12:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B21B
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEDFklcW-xCKHORjqKgboZww&google_cver=1&google_push=Aer7DvL-5MkLYVNoK_x6YZT5-XlMGQ7J1syO1k1YiK8NH7G4IhAt3O2JG4IYwW6CkzNtpNbNzD5Q4JA34BOjiQ8o5Tzoyako9L4K
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIzNzczOTI0ODgxODMwNzAwMFYxMA%3d%3d&mn_hm=MzIzNzczOTI0ODgxODMwNzAwMFYxMA%3d%3d&google_sc=1&google_push=Aer7DvL-5MkLYVNoK_x6YZT5-XlMGQ7...

170 B
188 B

41ms
40ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIzNzczOTI0ODgxODMwNzAwMFYxMA%3d%3d&mn_hm=MzIzNzczOTI0ODgxODMwNzAwMFYxMA%3d%3d&google_sc=1&google_push=Aer7DvL-5MkLYVNoK_x6YZT5-XlMGQ7J1syO1k1YiK8NH7G4IhAt3O2JG4IYwW6CkzNtpNbNzD5Q4JA34BOjiQ8o5Tzoyako9L4K&gdpr=&gdpr_consent=

Requested by

Host: 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com
URL: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 09:12:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 06 Apr 2023 09:12:04 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIzNzczOTI0ODgxODMwNzAwMFYxMA%3d%3d&mn_hm=MzIzNzczOTI0ODgxODMwNzAwMFYxMA%3d%3d&google_sc=1&google_push=Aer7DvL-5MkLYVNoK_x6YZT5-XlMGQ7J1syO1k1YiK8NH7G4IhAt3O2JG4IYwW6CkzNtpNbNzD5Q4JA34BOjiQ8o5Tzoyako9L4K&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Thu, 06 Apr 2023 09:12:04 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B21B
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELOsGurOj...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELO...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4f5d208a-d4db-4ac4-a192-25fd63d1f117&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

41ms
41ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4f5d208a-d4db-4ac4-a192-25fd63d1f117&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com
URL: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 09:12:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4f5d208a-d4db-4ac4-a192-25fd63d1f117&%%GOOGLE_PUSH_PAIR%%
date: Thu, 06 Apr 2023 09:12:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B21B 0
12 B 40ms
38ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JBud7-i2n8_wC6flZ3nhH8PXqPlb1AWI8Nht1lWmUIg5W-Xt74opLwV9nl2gClXIwQjnaD2Q

Requested by

Host: 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com
URL: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 09:12:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C651
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

32ms
32ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com
URL: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Apr 2023 09:12:04 GMT
expires: Thu, 06 Apr 2023 09:12:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Apr 2023 09:12:04 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js Show response
pagead2.googlesyndication.com/bg/ Frame BB95 36 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js

Requested by

Host: fal3arda-new.com
URL: https://fal3arda-new.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6a0ccee31f397086765dfacf790871ff937c6bc8db532880b8b3612ceed4a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 10:02:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14260
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Apr 2024 10:02:49 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DF15 42 B
174 B 59ms
58ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrLhVqJ2HX9ryng3bZKMX-Pg0tB9jnDCQy1Jt9P0j7dDZj1YMMHtCsbYGkw2ngkXBOfQDIo2YwQLtU1YZt4elKWYzYbmh2K5n8d9DjApqAioJWLyohL8vWc-ePDhDpJ_enJqQZPg&sai=AMfl-YSXkheBwYIew5PVFmQIDe7n2u1yyFL3bH3bt1Byo2TdFVrGkQZM7OpQMANCLzt0woyHw_h3KU5q2426szU-yIUk8bwqGpODrIV16sxO0RSWYBHqgSreNuSGRP4YRFjPtCECWeorMj1k-wNP&sig=Cg0ArKJSzLDqhW0wI3UgEAE&cid=CAQSSwDUE5ymW4VqLGHZy1w4r3zk7Ab7Mgis-SN094QkcOyqgCglRQZmh-4LZsLzwnk4mcnLmSveXPeUzTv0pYI8aWSe239O8DsgpVfraRgB&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230405&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3822491207&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680772324007&rpt=1016&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 09:12:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF15 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8612295618275&version=m202301230201&ct=76&x=1&cor=16210575650446098000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 09:12:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
live.demand.supply/	1970-01-20 20:28:52	Name: demandSupplyTi Value: f2d3b322-f149-4ecf-b63b-db8bf7760251
.demand.supply/	1970-01-20 10:52:54	Name: __cf_bm Value: edtRhuLw0RBuTVf6fx.dTOsIUmSNv.NwU4LJSgPgrbo-1680772323-0-AdQ9vU2QuRQjSpg9ISC4bmgLQ5ggJy1vqcPE/pwhDF/75TI0iwOsXcYGv8o5/kAkXrmBNcsPJqJz0/rSGZRGHB0=
fal3arda-new.com/	1970-01-20 19:38:28	Name: HstCfa4738867 Value: 1680772323668
fal3arda-new.com/	1970-01-20 19:38:28	Name: HstCla4738867 Value: 1680772323668
fal3arda-new.com/	1970-01-20 19:38:28	Name: HstCmu4738867 Value: 1680772323668
fal3arda-new.com/	1970-01-20 19:38:28	Name: HstPn4738867 Value: 1
fal3arda-new.com/	1970-01-20 19:38:28	Name: HstPt4738867 Value: 1
fal3arda-new.com/	1970-01-20 19:38:28	Name: HstCnv4738867 Value: 1
fal3arda-new.com/	1970-01-20 19:38:28	Name: HstCns4738867 Value: 1
.fal3arda-new.com/	1970-01-20 20:14:28	Name: __gads Value: ID=5f6ba432a4eb2d7d:T=1680772323:S=ALNI_MZ_-91jRNg6OMx0UpEemikPMoBzbg
.fal3arda-new.com/	1970-01-20 20:14:28	Name: __gpi Value: UID=00000bd27669a3ef:T=1680772323:RT=1680772323:S=ALNI_MZIY9km7lTXIT9wCwZbM-t6FWi8lQ
.doubleclick.net/	1970-01-20 20:14:28	Name: IDE Value: AHWqTUnGGnO3LcULldTCItm-uhsbgOvEmCaDOd6x-vfelI6XLVmUraE2zIyz0sylDtg
.adnxs.com/	1970-01-20 13:02:28	Name: uuid2 Value: 676060294455682628
.casalemedia.com/	1970-01-20 13:02:28	Name: CMPS Value: 5236
.casalemedia.com/	1970-01-20 13:02:28	Name: CMPRO Value: 5236
.adnxs.com/	1970-01-20 13:02:28	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>2t=Zl/!]tbPl1M>e)ZlrFUfJ+tGXxo<Ex1()E`08TKxM%x:Cl@Db7$@-YZR*bb/'aH3If)y3KL9D3I?+^NNTev
.casalemedia.com/	1970-01-20 19:38:28	Name: CMID Value: ZC6M5Cf0s8BYbj0mTr-WKQAA
.3lift.com/	1970-01-20 13:02:28	Name: tluid Value: 1141130230323538226041
.doubleclick.net/	1970-01-20 10:52:55	Name: DSID Value: NO_DATA
.bidswitch.net/	1970-01-20 19:38:28	Name: tuuid Value: 4f5d208a-d4db-4ac4-a192-25fd63d1f117
.bidswitch.net/	1970-01-20 19:38:28	Name: c Value: 1680772324
.bidswitch.net/	1970-01-20 19:38:28	Name: tuuid_lu Value: 1680772324
.de17a.com/	1970-01-20 19:31:16	Name: guid Value: 1.571685830202662642
.media.net/	1970-01-20 19:38:28	Name: visitor-id Value: 3237739248818307000V10
.media.net/	1970-01-20 11:13:01	Name: data-g Value: CAESEDFklcW-xCKHORjqKgboZww~~3
fksnk.com/	1970-01-20 11:02:57	Name: AWSALBCORS Value: q3+izwnjyzMk7nhFzwQ9L66nU5+MzhpI454ysAoK6nb6d1fM9upLsiF16oMR2VjTbsJ7gtIyYEEoZ9/SlCNjGvpgZXZRbuhwY+MYkQ4a09yEbxd2nYwO5zh+UX5A
.fksnk.com/	1970-01-20 13:02:28	Name: f_001 Value: 38AA1E5FD6D561CC
.fksnk.com/	1970-01-20 10:54:18	Name: g_001 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3e0ab3107aebac40ce1d6a1ffbcd68bb.safeframe.googlesyndication.com
adservice.google.com
adservice.google.nl
bcp.crwdcntrl.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
cs.media.net
d5p.de17a.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
eb2.3lift.com
fal3arda-new.com
fksnk.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id5-sync.com
live.demand.supply
pagead2.googlesyndication.com
s.ad.smaato.net
s0.2mdn.net
s10.histats.com
s4.histats.com
securepubads.g.doubleclick.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.250.185.194
142.250.185.98
162.19.138.116
18.196.170.44
18.213.43.223
18.66.97.8
185.80.39.216
185.89.210.180
213.155.156.183
23.35.228.23
2600:9000:211e:3200:1b:5138:8a40:93a1
2600:9000:2250:7600:a:e047:752:b361
2606:4700:10::6816:3456
2606:4700::6810:5514
2606:4700::6810:8616
2a00:1450:4001:801::2003
2a00:1450:4001:806::2006
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2001
2a02:fa8:8806:20::2040
2a06:98c1:3121::3
46.105.201.240
52.48.199.209
54.39.128.117
76.223.111.18
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
077194375e658814d1bf159458d390ee40f95e6acbe39c51c62f8a49064d5029
099c242b7f21357ba887e27ac080dd6799d369d07511e1a788c633f40a6790b0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
254c4927ebe60607fa8d741eecd4d07fc23a7fed5d707dc9873a3042eb405c8c
2b74d7621c063d9aa235090faf1c8ad7b13c1a748813c38d591cd18df09d52b5
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f87d52f2a8f5b5a6606d892e5ab7a3441c4ea3b85d41d43010afd388b118556
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
349b786ffb07d8e1916e7e6bb6704393edf162afee6c1f93e4325aaa522cbb93
38e3a04bc20c8c53ea2e800a6d937e561421b9b8138d9e633ff5e94700216ae5
409cdb41d0cc8bd2547be314101139e0bf161608a4c7ab1d023b8063e97e15bd
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
503c16f17f95f64947207584c58d11bc7e791d2c925ae5ab066221c6b905a77b
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406
58cac36272a8e720b5996068d37b268bac410ff37c5aa452ca9d0c30315cd24c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d97c4a2e7f556ecba865991a44af6e3444082416fff2fb39381a894857c891b
60a9fbf402b1fe2f96224c03c341141f8a0aff084ada2ae5f46c69f553d4fbea
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6ccc16cf20636e77066ce647f362fed5f566d4d098f5560dd4ee2d36a5c2be21
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
746a3b2f45f8a679c41fb7732b19ef1228215855cccc379451503022a2dd6cb5
76d73f044d1bb058cd5b228d1202d7f61bc9b1b12744b6961a69dd2badabc164
78f91ce10870f4a8a3e60c91722e1544116cb2d3beebd19f7b755fa48c1dee4e
8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a
937b929aa78513b8b8014db1d4e357051bfd160effd65600e4b0c9896c11c59c
98c409873ba1757c153d4d60685e4446dccdff87f09bb916a85b04a379b7cb4a
991fe33155584583fa75319093a543a4f074e91a7db90ab8b6fbb2f39aa1023d
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9de2a3f5dabc1b655b163f59fde071d68c2ee1747f5f3eaecbd6594220caf4f4
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a96f56c22e89075d1379d764b58d0958835cf35d4ad2ac986f9a1b4da21939dc
aefb4605e33667c5eab919352461823eb85bb1269482bc2c58d1446e1fe71b40
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9e1e7b0f223c3b4197ef25a2715f6560b8a83e4769d6799b74b7bfdd2ff7ae6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bddfa06ed0f920fe2c6becef95256455be16d6a51c06a8a3f94391d779b60485
c4681920200f339999ac3f6d4a6c5214d92e9a0edca00cfb91b28e3494ea03ff
c510f1adbec9c66dd6918f512ea4e4eef3966f3765ddb55eba254fd9a33c1dab
c51461ddf992bd177c48653bc7cbd8b544ba17de02440013eb377ddbb58470c4
cad778bd90f07391809c637cd19384a2fee597ec43363392d0471ab862c3be4a
cc3d62350217e310fdbb27404105b9ba48f3a5e1de6de189562d549d6644fc8c
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cfbd2c38cedac96230249461652f7545821df940184d34baf90219843163af70
d29b2ba58070ce7ede5b9f0562d7dd941fe70335c085c7dcbc64307ed7db5306
d58dae93fc3a9e8ae752be24e5b29f41b7276a86524a1231ffa8a688c4a04509
d6a0ccee31f397086765dfacf790871ff937c6bc8db532880b8b3612ceed4a72
dbadd11886434fc7da8e1c6b492e6cdac378d371883e2195047efe76f76cb4c5
dc43e0dbbe9f1395dce87f6dc73aeb9bbb49a06b23bbb6aeea91ee8b84b4e714
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
e0697898f82b1edecca9be22e1efb867f60ccac7e6d64957154ae663d7d9f34e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3
e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15a70c023c8153cd0adbb9469ad2ef6b0539680e3d2f7d9d4bb34e0bc8dd761
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
fd79eaa7b72bf74ae80978d6794692281bc9749f168412df7e05973963d42c2c

fal3arda-new.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

109 Requests

91 %HTTPS

58 %IPv6

24 Domains

33 Subdomains

28 IPs

7 Countries

936 kBTransfer

2111 kBSize

28 Cookies

17 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fal3arda-new.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

91 %
HTTPS

58 %
IPv6

24
Domains

33
Subdomains

28
IPs

7
Countries

936 kB
Transfer

2111 kB
Size

28
Cookies

109 HTTP transactions
8 data transactions