www1.ihdstreams.xyz Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www1.ihdstreams.xyz/
Submission: On September 15 via manual (September 15th 2023, 4:19:41 pm UTC) from CA — Scanned from NL

Summary HTTP 334 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 67 IPs in 8 countries across 53 domains to perform 334 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www1.ihdstreams.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 10th 2023. Valid for: a year.

This is the only time www1.ihdstreams.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
3	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a02:26f0:480... 2a02:26f0:480:25::1726:6216	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.160.212.52 3.160.212.52	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	192.243.61.227 192.243.61.227	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2600:9000:26d... 2600:9000:26da:da00:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.29.224.243 52.29.224.243	16509 (AMAZON-02) (AMAZON-02)
1	173.233.137.36 173.233.137.36	7979 (SERVERS-COM) (SERVERS-COM)
2	2606:4700:10:... 2606:4700:10::6814:81f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.159.59 99.86.159.59	16509 (AMAZON-02) (AMAZON-02)
10	2600:9000:224... 2600:9000:2246:cc00:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
5	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 12	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	54.39.156.32 54.39.156.32	16276 (OVH) (OVH)
2	2a0c:5c87:524... 2a0c:5c87:5241::2	55081 (24SHELLS) (24SHELLS)
1	23.227.151.194 23.227.151.194	55081 (24SHELLS) (24SHELLS)
45	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
14 50	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
5 13	172.64.148.101 172.64.148.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 9	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
2	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	54.165.18.101 54.165.18.101	14618 (AMAZON-AES) (AMAZON-AES)
2 4	18.200.74.55 18.200.74.55	16509 (AMAZON-02) (AMAZON-02)
35	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
4	2600:9000:224... 2600:9000:2246:f400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2600:1f18:1ac... 2600:1f18:1aca:4282:fb64:6350:439:4507	14618 (AMAZON-AES) (AMAZON-AES)
2	2a02:26f0:480... 2a02:26f0:480:f::213:7edc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a02:26f0:480... 2a02:26f0:480:7b5::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	3.126.78.53 3.126.78.53	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
3	2600:9000:211... 2600:9000:211e:3a00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	185.86.139.102 185.86.139.102	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	35.214.202.28 35.214.202.28	15169 (GOOGLE) (GOOGLE)
1	18.211.144.199 18.211.144.199	14618 (AMAZON-AES) (AMAZON-AES)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 3	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1	37.157.2.229 37.157.2.229	() ()
2	23.50.131.94 23.50.131.94	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
3	34.193.218.65 34.193.218.65	() ()
1 1	2603:c020:400... 2603:c020:400d:3000:7130:bb0b:d7e:bee2	() ()
2	23.32.184.192 23.32.184.192	16625 (AKAMAI-AS) (AKAMAI-AS)
3 5	216.52.2.48 216.52.2.48	() ()
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 ^_^) (CDN77 ^_^)
1 1	23.201.255.110 23.201.255.110	16625 (AKAMAI-AS) (AKAMAI-AS)
2	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	145.40.97.67 145.40.97.67	54825 (PACKET) (PACKET)
1	3.75.2.61 3.75.2.61	16509 (AMAZON-02) (AMAZON-02)
2	3.76.65.13 3.76.65.13	16509 (AMAZON-02) (AMAZON-02)
2 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:cca0:8b97:e855:348c	() ()
3 4	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	() ()
1 1	151.101.194.49 151.101.194.49	() ()
2 2	37.157.4.29 37.157.4.29	() ()
3	2606:4700::68... 2606:4700::6811:190e	() ()
1	69.173.144.165 69.173.144.165	() ()
1	185.64.189.112 185.64.189.112	() ()
1	54.72.250.72 54.72.250.72	() ()
334	67

18 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www1.ihdstreams.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

jscdn.greeter.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:25::1726:6216 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tg1.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.212.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-212-52.mxp53.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.61.227 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

www.profitabledisplaynetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26da:da00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.224.243 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-224-243.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.233.137.36 (United States)

ASN7979 (SERVERS-COM, US)

www.effectivecreativeformat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:81f (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.159.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-159-59.mxp64.r.cloudfront.net

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:2246:cc00:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.39.156.32 (Québec, Canada)

ASN16276 (OVH, FR)
PTR: ns562579.ip-54-39-156.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0c:5c87:5241::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.151.194 (Piscataway, United States)

ASN55081 (24SHELLS, US)

ghb.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 172.217.16.194 (United States) 14 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.64.148.101 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.89.210.153 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

feed.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content1.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.165.18.101 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-18-101.compute-1.amazonaws.com

servt.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.200.74.55 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-74-55.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2246:f400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f18:1aca:4282:fb64:6350:439:4507 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f::213:7edc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:480:7b5::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn-adipolo.urekamedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.78.53 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-78-53.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:211e:3a00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.111.18 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.202.28 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 28.202.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.211.144.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-144-199.compute-1.amazonaws.com

serv.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.96.105.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.253 (London, United Kingdom) 3 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.229 (None, )

ASN- ()

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.50.131.94 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-94.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.174.117 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.193.218.65 (None, )

ASN- ()

servs.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:c020:400d:3000:7130:bb0b:d7e:bee2 (None, ) 1 redirects

ASN- ()

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.52.2.48 (None, ) 3 redirects

ASN- ()

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.201.255.110 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 145.40.97.67 (Amsterdam, Netherlands) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.2.61 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-2-61.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.76.65.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-65-13.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:cca0:8b97:e855:348c (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.19 (United States) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (None, )

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (None, ) 1 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.29 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (None, )

ASN- ()

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (None, )

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (None, )

ASN- ()

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.250.72 (None, )

ASN- ()

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 152 ade.googlesyndication.com Failed	494 KB
70	doubleclick.net 15 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 47 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 396	474 KB
35	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 331	3 MB
17	ihdstreams.xyz www1.ihdstreams.xyz	248 KB
15	adsafeprotected.com 2 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 958 static.adsafeprotected.com — Cisco Umbrella Rank: 635 dt.adsafeprotected.com — Cisco Umbrella Rank: 570	339 KB
14	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4447 buttons-config.sharethis.com — Cisco Umbrella Rank: 5278 l.sharethis.com — Cisco Umbrella Rank: 4833 count-server.sharethis.com — Cisco Umbrella Rank: 11136 platform-cdn.sharethis.com — Cisco Umbrella Rank: 10164	58 KB
13	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 658	9 KB
9	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 268	7 KB
8	google.com www.google.com — Cisco Umbrella Rank: 2 mts0.google.com — Cisco Umbrella Rank: 4126	115 KB
8	adipolo.com player.aplhb.adipolo.com — Cisco Umbrella Rank: 59617 adipolo.com — Cisco Umbrella Rank: 54782 ghb.aplhb.adipolo.com — Cisco Umbrella Rank: 63149	162 KB
7	pubmatic.com 3 redirects ads.pubmatic.com — Cisco Umbrella Rank: 568 image6.pubmatic.com — Cisco Umbrella Rank: 913 hbopenbid.pubmatic.com	13 KB
7	rubiconproject.com 4 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 402 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1174 eus.rubiconproject.com — Cisco Umbrella Rank: 669 token.rubiconproject.com	13 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	369 KB
7	modoro360.com tg1.modoro360.com — Cisco Umbrella Rank: 79676 servt.modoro360.com — Cisco Umbrella Rank: 81943 serv.modoro360.com — Cisco Umbrella Rank: 102078 servs.modoro360.com	14 KB
5	lijit.com 3 redirects ap.lijit.com	2 KB
5	aniview.com player.aniview.com — Cisco Umbrella Rank: 2171 pbs.aniview.com Failed	265 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	130 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 56	5 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 1045 r.turn.com	2 KB
4	onetag-sys.com 3 redirects onetag-sys.com — Cisco Umbrella Rank: 884	1008 B
3	cloudflare.com cdnjs.cloudflare.com	27 KB
3	bidswitch.net grid.bidswitch.net — Cisco Umbrella Rank: 1178 x.bidswitch.net — Cisco Umbrella Rank: 373	656 B
3	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 1037	347 B
3	adform.net 2 redirects cm.adform.net c1.adform.net	1 KB
3	blismedia.com 2 redirects tr.blismedia.com — Cisco Umbrella Rank: 2251	581 B
3	3lift.com 3 redirects eb2.3lift.com — Cisco Umbrella Rank: 433	1 KB
3	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 885	715 B
3	avplayer.com feed.avplayer.com — Cisco Umbrella Rank: 18194 player.avplayer.com — Cisco Umbrella Rank: 14610 content1.avplayer.com — Cisco Umbrella Rank: 19818	227 KB
3	histats.com s10.histats.com — Cisco Umbrella Rank: 12396 s4.histats.com — Cisco Umbrella Rank: 12421	11 KB
3	greeter.me jscdn.greeter.me — Cisco Umbrella Rank: 64947	18 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 349 pr-bh.ybp.yahoo.com	713 B
2	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 582	1 KB
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 641	725 B
2	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 924	89 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1071	2 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 151
2	createjs.com code.createjs.com — Cisco Umbrella Rank: 1698	125 KB
1	360yield.com match.360yield.com	199 B
1	everesttech.net 1 redirects sync-tm.everesttech.net	539 B
1	quantserve.com cms.quantserve.com	463 B
1	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 2490	18 KB
1	technoratimedia.com 1 redirects sync.technoratimedia.com	432 B
1	1rx.io 1 redirects sync.1rx.io — Cisco Umbrella Rank: 630	276 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 49764	605 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 406	149 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 1104	413 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 7890	554 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3499	104 B
1	urekamedia.com cdn-adipolo.urekamedia.com — Cisco Umbrella Rank: 155223	881 KB
1	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 7692	5 KB
1	effectivecreativeformat.com www.effectivecreativeformat.com — Cisco Umbrella Rank: 273065
1	profitabledisplaynetwork.com www.profitabledisplaynetwork.com — Cisco Umbrella Rank: 101566
0	Failed function sub() { [native code] }. Failed
334	53

	Domain	Requested by
45	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www1.ihdstreams.xyz pagead2.googlesyndication.com googleads.g.doubleclick.net a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com s0.2mdn.net www.googletagservices.com
44	cm.g.doubleclick.net	14 redirects googleads.g.doubleclick.net a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
35	s0.2mdn.net	www1.ihdstreams.xyz s0.2mdn.net a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
28	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www1.ihdstreams.xyz a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com s0.2mdn.net
17	www1.ihdstreams.xyz	www1.ihdstreams.xyz
13	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net
12	securepubads.g.doubleclick.net	1 redirects jscdn.greeter.me www.googletagservices.com securepubads.g.doubleclick.net www1.ihdstreams.xyz
10	platform-cdn.sharethis.com
9	ib.adnxs.com	5 redirects googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	www1.ihdstreams.xyz pagead2.googlesyndication.com a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
7	dt.adsafeprotected.com	a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
7	a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
7	www.googletagservices.com	jscdn.greeter.me www1.ihdstreams.xyz a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
6	googleads4.g.doubleclick.net	www1.ihdstreams.xyz
6	www.google.com	tpc.googlesyndication.com a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
5	ap.lijit.com	3 redirects player.aniview.com
5	player.aniview.com	player.avplayer.com player.aniview.com
5	fonts.googleapis.com	www1.ihdstreams.xyz a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
4	image6.pubmatic.com	3 redirects ads.pubmatic.com
4	onetag-sys.com	3 redirects player.aniview.com
4	static.adsafeprotected.com	a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
4	fw.adsafeprotected.com	2 redirects www1.ihdstreams.xyz
4	player.aplhb.adipolo.com	jscdn.greeter.me player.aplhb.adipolo.com
3	cdnjs.cloudflare.com	s0.2mdn.net
3	prebid.a-mo.net	1 redirects player.aniview.com
3	servs.modoro360.com	player.aniview.com
3	pixel.rubiconproject.com	3 redirects
3	tr.blismedia.com	2 redirects a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
3	eb2.3lift.com	3 redirects
3	s.ad.smaato.net	a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
3	ghb.aplhb.adipolo.com	player.aplhb.adipolo.com
3	fonts.gstatic.com	fonts.googleapis.com
3	jscdn.greeter.me	www1.ihdstreams.xyz
2	c1.adform.net	2 redirects
2	r.turn.com	a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
2	ad.turn.com	2 redirects
2	x.bidswitch.net
2	eus.rubiconproject.com	player.aniview.com eus.rubiconproject.com
2	ads.pubmatic.com	player.aniview.com
2	ads.stickyadstv.com	player.aniview.com
2	dis.criteo.com	a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
2	ssbsync.smartadserver.com	a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
2	pm.w55c.net	2 redirects
2	mts0.google.com	a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
2	www.gstatic.com	a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
2	www.googleadservices.com	a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
2	code.createjs.com	s0.2mdn.net
2	servt.modoro360.com
2	s10.histats.com	www1.ihdstreams.xyz s10.histats.com
1	match.360yield.com	a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
1	hbopenbid.pubmatic.com	player.aniview.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	sync-tm.everesttech.net	1 redirects
1	cms.quantserve.com	a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	grid.bidswitch.net	player.aniview.com
1	secure-assets.rubiconproject.com	1 redirects
1	vid.vidoomy.com	player.aniview.com
1	ups.analytics.yahoo.com	player.aniview.com
1	sync.technoratimedia.com	1 redirects
1	sync.1rx.io	1 redirects
1	cm.adform.net	player.aniview.com
1	gcm.ctnsnet.com	1 redirects
1	match.adsrvr.org	a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
1	serv.modoro360.com	player.aniview.com
1	csync.loopme.me	1 redirects
1	ads.travelaudience.com	1 redirects
1	dclk-match.dotomi.com	a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
1	cdn-adipolo.urekamedia.com
1	content1.avplayer.com
1	player.avplayer.com	tg1.modoro360.com
1	feed.avplayer.com	tg1.modoro360.com
1	player.adtelligent.com	player.aplhb.adipolo.com
1	s4.histats.com	s10.histats.com
1	adipolo.com
1	count-server.sharethis.com	platform-api.sharethis.com
1	www.effectivecreativeformat.com	www1.ihdstreams.xyz
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	www.profitabledisplaynetwork.com	www1.ihdstreams.xyz
1	platform-api.sharethis.com	www1.ihdstreams.xyz
1	tg1.modoro360.com	www1.ihdstreams.xyz
0	ade.googlesyndication.com Failed
0	pbs.aniview.com Failed	player.aniview.com
0	us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif Failed	player.aniview.com
334	85

This site contains links to these domains. Also see Links.

Domain
signup.adipolo.com
v2.sportsurge.net
www.histats.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-10` - `2024-03-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
greeter.me E1	`2023-09-12` - `2023-12-11`	3 months	crt.sh
wl1.aniview.com R3	`2023-08-09` - `2023-11-07`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-20` - `2024-06-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
profitabledisplaynetwork.com R3	`2023-08-30` - `2023-11-28`	3 months	crt.sh
effectivecreativeformat.com R3	`2023-08-20` - `2023-11-18`	3 months	crt.sh
player.aplhb.adipolo.com R3	`2023-07-18` - `2023-10-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
adipolo.com E1	`2023-09-01` - `2023-11-30`	3 months	crt.sh
histats.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
ghb.aplhb.adipolo.com ZeroSSL ECC Domain Secure Site CA	`2023-08-04` - `2023-11-02`	3 months	crt.sh
player.adtelligent.com R3	`2023-07-19` - `2023-10-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.avplayer.com GeoTrust TLS RSA CA G1	`2023-08-14` - `2024-09-13`	a year	crt.sh
*.adservrs.com Amazon RSA 2048 M02	`2023-09-13` - `2024-10-11`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
*.aniview.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-11-09`	a year	crt.sh
1372348363.rsc.contentproxy9.cz R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-16` - `2024-04-16`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.a-mo.net R3	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh

This page contains 46 frames:

Primary Page: https://www1.ihdstreams.xyz/
Frame ID: D59EE529F98DCA3CE2F5D1C98274AA84
Requests: 84 HTTP requests in this frame

Frame: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9B82CECB8E5BD667CA9F7A6B88DCE7BB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 289080CC8952CA7C00E40A6A38D3976C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EF2E4D0DAE6883E75A81E749DD752DED
Requests: 2 HTTP requests in this frame

Frame: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 21C38C787123F03D4494823BB81FC2F0
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLiL_vQBMAE&v=APEucNUMA9eo3G-0e64LGfUDfgKi-3nwfZIAF97Lj4ZZ6E5RetaO6N-1tFiY82HpNKZxUOfi91H58GTrsNA471rWNl54M9vlqZEYNHuRS8zzDVr-9V4izDdGp2JsPIGWCGUaEJRZOxGzlZojZTqJMKwqpGv91_bjmgs5k1Q9QxLg4C8yermjN8E
Frame ID: 3D9497D642E86F03B05532562CD05D63
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 559A77121EA96C5548599A5B2E0AACC4
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1FCE00A14A33E354D6BDF475BC4494DC
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/955163022351803370/index.html?ev=01_250
Frame ID: 80E9273EE1CD7248E55EAACF7C22D9C7
Requests: 4 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 8AD63C4FEA56DA1DC2F68D7A5A73B2AF
Requests: 1 HTTP requests in this frame

Frame: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 614D7CBBE182ADA52AF62838F658FC0F
Requests: 20 HTTP requests in this frame

Frame: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C1F634A17914B1676CC9276328D7B747
Requests: 18 HTTP requests in this frame

Frame: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E14761D8758E2C21B089DCEA331F03E2
Requests: 24 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Frame ID: 92AAC42E1105F80B53908EAC64602010
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkdrzwgEwAQ&v=APEucNUPQIZWlxwO0pfl-5tSfXJPM3KAXT5VFsHeQGbN4IjVlT8a9YE7-FUEFWjj6zztH8FR8hwdHOSuL4hQACYY35hCX61czjqjXtOW61x4hoJ6DhyBTFPsZLv3NoU2wgkNjVno5IaTA7PIfbGIGdLMCVxlo3puD-_BtHK-dgY1YjxppiRBxmc
Frame ID: DF02C29C42FA6CB3DB78437C26035720
Requests: 5 HTTP requests in this frame

Frame: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E44156F37F29D6C9A67D40CA267F1B45
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGJjN8OwBMAE&v=APEucNXDRGU1PFsdvmXsqMAfJO-UUMyoT-iLAijto935-5bi27X4dP11P4TP7QRP9NEQ22ZgxqV1cCtyGeerFMqx2CJexpxYemSSy1y0IGaRB8RT3xZd74WSK9jYSI_nXsynpH0IrKIcvxFlroF6Ldq1dIm_LGWGIi_59e6XPpkJP499BR8MNKE
Frame ID: 63C7376AF609919F389971FDD3CDD659
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGL_tr-kBMAE&v=APEucNUMPyQUATR9BZGA-VVNF8nhD--BIjiHbRn0kPA9mogYVyjsAY9ss7zrxnPWI8T-9M0y10NJAD0DI_YOMDkn8Bl1groMawWoYFFg4yHQYDaEkaAnuEl2mcz3SJxnswuKjgHxEJtQs7uWYv8AgonOw2PxktLSdrPq-0L1zLaHN5e2DZltbYs
Frame ID: D2A12E7359E418422609B4FE1944D617
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1AAB0D2100E3DE70F34D93E91E9207FC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 77D37F48C1B537F799BB994917C3D0C2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 39771F7AC23DD8668A1A8DAF408414CC
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=FJ3NQwLM1p&t=1&renderingType=2&ev=01_250
Frame ID: 274C8F2A86BF119198E087B51DCA1721
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/t8GibRNARgYsE0Sx_-jM8Z9WBbCCL83x92A0C_FtaJU.js
Frame ID: 44D71B369945CB1341F5E400299A9E27
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F2E6DFF8E14E3D48DFA9ED2066A72331
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9AB802752AA24A22E7C5997C678B3E7E
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250
Frame ID: 3E6BA94348506A5F607D92B4510D4A90
Requests: 16 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D60095c900c0799791c46d8d4%26biddername%3D46%26auid%3D1694794780024-960921239749-001175-007-002382%26key%3D%24UID
Frame ID: 98581B3CF2FC1D2BEA36C7892147225B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=60095c900c0799791c46d8d4&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: C6CCE0B1C1B28B6814933B6FF6F5288A
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/user-matching?id=&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: 56D08DA0CC8889AC7A370FFDFF35295F
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: 2453A3BD9D1FEEDF3F668EE805826A57
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1694794780024-960921239749-001175-007-002382&key=OPTOUT
Frame ID: 3BBF9070672DBF2ED8055E4D1A516F05
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=3&auid=1694794780024-960921239749-001175-007-002382&key=GDPR
Frame ID: BCFAA35601C780013FB4FB992EF0C3C9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1694794780024-960921239749-001175-007-002382%26key%3D
Frame ID: 2712867DE1D303052AE320B4911AC045
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D18%26auid%3D1694794780024-960921239749-001175-007-002382%26key%3D%24UID
Frame ID: 257E7FCAF323593B9BD36D7D45EF2445
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58815/sync?redir=true&gdpr=1&gdpr_consent=
Frame ID: 63EDBC02DF547306C21F004E4D34ED3F
Requests: 1 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1694794780024-960921239749-001175-007-002382%26key%3D%7B%7BVID%7D%7D
Frame ID: 8196CA33DDAC1DCD6535E9A9F919AFEF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: 3C6F5F2CA8756E3C1E4E376FF8AA128D
Requests: 3 HTTP requests in this frame

Frame: https://us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif/?gdpr=1&gdpr_consent=&us_privacy=1---&coppa=0&puid=1694794780024-960921239749-001175-007-002382&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D57%26auid%3D1694794780024-960921239749-001175-007-002382%26key%3D%24%7BUID%7D
Frame ID: BB4CB5ACA0877A869447EC68069A5C8B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fpbs.aniview.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: 40A295A2D6494B4E0E2F9355837F98B4
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=105&auid=1694794780024-960921239749-001175-007-002382&key=&gdpr=1
Frame ID: 49F307D69B37534065024E37D6D538F7
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 0A00AC59B388F9699C31F7A220EA21C4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 34152B60D3D48AE561C70AB12FACA398
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AB1E540220375168129DC60261D60781
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4254254474626114355/index.html?ev=01_250
Frame ID: 7C37258C91ECDA5DBEADBB3899BA40FF
Requests: 5 HTTP requests in this frame

Frame: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 374994058628B9EACF54DD6B47D01C93
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 02915BBDEFE121C9D7CB7BF6AE7309B9
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Crackstreams - NBA Streams | NFL - MMA Streams - UFC - Boxing - Formula 1MenuMenu

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

basket.js (JavaScript Libraries) Expand

Overall confidence: 10%
Detected patterns

basket.*\.js

Page Statistics

334
Requests

85 %
HTTPS

40 %
IPv6

53
Domains

85
Subdomains

67
IPs

8
Countries

7089 kB
Transfer

14084 kB
Size

36
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://signup.adipolo.com/

Search URL Search Domain Scan URL

URL: https://v2.sportsurge.net/
Title: Sportsurge

Search URL Search Domain Scan URL

URL: http://www.histats.com/viewstats/?sid=2633223&ccid=514

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1

Request Chain 79

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQSEGndQ1arKqetcfPJ-MwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENkAdm4xgr74akrhb0A6c8A&google_cver=1

Request Chain 81

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc1MzI5MDk2ODUzMzAwNTU1OQ%3D%3D

Request Chain 97

https://fw.adsafeprotected.com/rfw/st/1630069/73568031/4.js?ias_dspID=3&ias_campId=1014045034&ias_pubId=&ias_chanId=1&ias_placementId=20436341973&bidurl=https://www1.ihdstreams.xyz/&ias_dealId=&xsId=ABAjH0gzM-NfU6Jrlshn66lGlScB&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gzM-NfU6Jrlshn66lGlScB&adContainerId=brand_safety_GoQEZZTlM9SY-gbI3YyACQ&cbFunctionName=goog_wrapCb_GoQEZZTlM9SY-gbI3YyACQ&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww1.ihdstreams.xyz&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fa0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fa0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:cce5aeb4-1f61-bf67-4d16-a7e57362b064,c:oiWOuU,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-4z8t9,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tPWyaXv+11%7C12%7C13%7C141*.1630069-73568031%7C1411%7C14121%7C1413,idMap:141*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:20,oid:ab384fe0-53e3-11ee-b539-5670c829a772,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?xsId=ABAjH0gzM-NfU6Jrlshn66lGlScB&ias_xappb=&adContainerId=brand_safety_GoQEZZTlM9SY-gbI3YyACQ&cbFunctionName=goog_wrapCb_GoQEZZTlM9SY-gbI3YyACQ&true_pb=

Request Chain 139

https://securepubads.g.doubleclick.net/pagead/adview?ai=CgTggGoQEZZyrOpeN7gONw4egDdbgpOly2fG35_4RtsK-3oUCEAEgudvzJmCVkq6CtAegAbfa3NoDyAEJqQKHagKEr9-xPuACAKgDAcgDywSqBI0CT9ArHKbSMGPMuMFsD7GmfEoiG2j_imIz4QPUqYESMEfXhT3x36X5m7t03nOQkN74A5eemuzP5wff2TbHb1pnoMIWk3oD8_cKNgKjYYosqcXX1qCy2yYBPVQMxaOiMK5j-5B6gjhzX_1Hs7b_xK2FOn_sZNQipsTQi4ETnIMQN_w8xKpf7qYj0YsN9QV8n9L06gVhX5j2WNtS-hWpHkimhbkbMNPdjoYt7PyP4NCpVscl9qKc1SWoAqJ59_FEepOVx8VRhA3INBBM-P4srA7-NAFw8h1XuP-9s_3rgcG69q25qDwXm22rB5ex0Lkl7ux54h2jiI0kzr95wVBGUNl4YulEDy6oFM-cVYxlbYDABJCv7cSXBOAEAYgFt5-XwECSBQQIBBgBkgUECAUYBKAGLoAHsaWjJagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEInCDNIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCWxodHRwczovL3d3dy5kZWhuZXIuZGUvbWFya2V0Lz9lbV9zcmM9a3cmZW1fY21wPWdvb2dsZS9ub25icmFuZC9ERV8wMDNfTWFya3QvREVfMDAzX01hcmt0X1BtYXgvbG9jYWxfY2FtcGFpZ26ACgPICwGYDLqWm43sA7gTgwTYEw7QFQGYFgGAFwGyFx4KHAgAEhRwdWItNjczNjI1NjQ3MzIwMjczMxjkww4&sigh=PJiEN9BHlkM&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJW1fEA8DqSpZea85N0yiCSFmPuKLqTgLR7ohDvWdhvS-iLH4wSD676nK8DRP0ifO1xF-7X0qamMBgB&template_id=515&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229938857740687414714%22,%22debug_reporting%22:true,%22destination%22:%22https://dehner.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22995568951%22],%224%22:[%2209-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226516529460218006001%22}&andc=true

Request Chain 152

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1

Request Chain 153

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQSEGndQ1arKqetcfPJ-MwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1

Request Chain 154

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENkAdm4xgr74akrhb0A6c8A&google_cver=1

Request Chain 155

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc1MzI5MDk2ODUzMzAwNTU1OQ%3D%3D

Request Chain 156

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1

Request Chain 157

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQSEGndQ1arKqetcfPJ-MwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1

Request Chain 158

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENkAdm4xgr74akrhb0A6c8A&google_cver=1

Request Chain 159

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc1MzI5MDk2ODUzMzAwNTU1OQ%3D%3D

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1

Request Chain 161

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQSEGndQ1arKqetcfPJ-MwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENkAdm4xgr74akrhb0A6c8A&google_cver=1

Request Chain 163

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc1MzI5MDk2ODUzMzAwNTU1OQ%3D%3D

Request Chain 168

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEX9rOvDEa1Pb-isHcYTWpQ&google_cver=1&google_push=AXcoOmR8VDWLx1B5MsSmmED7oCnLiAHvGIVoIEwA9SLww7OHv11o-02qsNl6OK88n87xxswyK9w8Mqj_o134Sw_pft2bREMaDTdd HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEX9rOvDEa1Pb-isHcYTWpQ&google_cver=1&google_push=AXcoOmR8VDWLx1B5MsSmmED7oCnLiAHvGIVoIEwA9SLww7OHv11o-02qsNl6OK88n87xxswyK9w8Mqj_o134Sw_pft2bREMaDTdd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QTM3SjRUZzgxUUhieEY1&google_gid=CAESEEX9rOvDEa1Pb-isHcYTWpQ&google_cver=1&google_push=AXcoOmR8VDWLx1B5MsSmmED7oCnLiAHvGIVoIEwA9SLww7OHv11o-02qsNl6OK88n87xxswyK9w8Mqj_o134Sw_pft2bREMaDTdd

Request Chain 169

https://ads.travelaudience.com/google_pixel?google_gid=CAESELtdf28hW4zcLuYKDDPrMms&google_cver=1&google_push=AXcoOmTLF9OW-gTkK1vVBEMr3_U0VF3hvc9i9CGTmMcF-hkH6JOrW9mghx7UAMSkgZcpqOXApp8SDRqfF-EhHuJo0nXz9WwxE0wd HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8-XtlBO6QzK9kXmWRD1pFQ&google_push=AXcoOmTLF9OW-gTkK1vVBEMr3_U0VF3hvc9i9CGTmMcF-hkH6JOrW9mghx7UAMSkgZcpqOXApp8SDRqfF-EhHuJo0nXz9WwxE0wd

Request Chain 171

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIWtCjwyqJcyPOMKLMcJh-g&google_cver=1&google_push=AXcoOmShBddH0yDTm0T52-9mEKpz-531tv1Pdtbv3PCYTyOVCTr60d34VXbUf3kc0ahhqUksHfSDIpwkVCZyXnZ9rGS3CyZdI3oO HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmShBddH0yDTm0T52-9mEKpz-531tv1Pdtbv3PCYTyOVCTr60d34VXbUf3kc0ahhqUksHfSDIpwkVCZyXnZ9rGS3CyZdI3oO&google_gid=CAESEIWtCjwyqJcyPOMKLMcJh-g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY5MjkzNzI2NzA3NzgyNzIwNzU2Mw%3D%3D&google_push=AXcoOmShBddH0yDTm0T52-9mEKpz-531tv1Pdtbv3PCYTyOVCTr60d34VXbUf3kc0ahhqUksHfSDIpwkVCZyXnZ9rGS3CyZdI3oO

Request Chain 173

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEEM8yDjNB8opFPyGSc6Q8os&google_cver=1&google_push=AXcoOmQ-Zk3YJAXNLut46PKwBAQtRgYCzR4e3jYIjDX0dcDRXWVXr3IMgn8zRRzY5B1bzmo-3rsJtmrxZn8hOjy2FYSiL6bm79wd HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=500e7ef9-229e-4f1a-88c2-790c11aea531&google_cver=1&google_gid=CAESEEM8yDjNB8opFPyGSc6Q8os&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQ-Zk3YJAXNLut46PKwBAQtRgYCzR4e3jYIjDX0dcDRXWVXr3IMgn8zRRzY5B1bzmo-3rsJtmrxZn8hOjy2FYSiL6bm79wd&gdpr=${GDPR}

Request Chain 212

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMm8Rho2UYLCYNx4AUutgfY&google_cver=1&google_push=AXcoOmRVbb2Gllbcsqm9K7JqUra3i-TanAttZIr7kr3v9_0gF3IT1vrpdSKU_nG7Jhd7udOZii1-yA8uIv9mLf1I4dDstZCYpI4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRVbb2Gllbcsqm9K7JqUra3i-TanAttZIr7kr3v9_0gF3IT1vrpdSKU_nG7Jhd7udOZii1-yA8uIv9mLf1I4dDstZCYpI4&google_hm=1K-rDpqKQ8eGReSKonye7YM

Request Chain 215

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGGI8R-B0jzX3Kng6kzZzmA&google_cver=1&google_push=AXcoOmSEiA_G5WqQkGqZtEiMtiAQNhbPt49_ChQp7qezJ33P8h029iEziXdAGI0K8W8MOcU1UdQa7Xa4A8KY3gubEahqMdheA82e HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1LVDFYU1YtMVUtQlc4Ng==&google_push=AXcoOmSEiA_G5WqQkGqZtEiMtiAQNhbPt49_ChQp7qezJ33P8h029iEziXdAGI0K8W8MOcU1UdQa7Xa4A8KY3gubEahqMdheA82e

Request Chain 217

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEM7k6EHyW8v8Qbdy5vwR5sc&google_cver=1&google_push=AXcoOmTml4-T-AUOjuQIiVuVZ7IzhLx7nxY2ajJ8X0ggOhld_aa3LmJhxSCcYqgq30j9mUCPQCPAR1LLSpwU_rTvpea2ABPzPhS1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTml4-T-AUOjuQIiVuVZ7IzhLx7nxY2ajJ8X0ggOhld_aa3LmJhxSCcYqgq30j9mUCPQCPAR1LLSpwU_rTvpea2ABPzPhS1

Request Chain 229

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1694794780024-960921239749-001175-007-002382%26key%3D%5BRX_UUID%5D HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1694794780024-960921239749-001175-007-002382&key=OPTOUT

Request Chain 230

https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1694794780024-960921239749-001175-007-002382&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D3%26auid%3D1694794780024-960921239749-001175-007-002382%26key%3D%5BUSER_ID%5D HTTP 307
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=3&auid=1694794780024-960921239749-001175-007-002382&key=GDPR

Request Chain 235

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

Request Chain 238

https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D105%26auid%3D1694794780024-960921239749-001175-007-002382%26key%3D HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=105&auid=1694794780024-960921239749-001175-007-002382&key=&gdpr=1

Request Chain 246

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENfzmNNuxeHz0YkzY1tsCmo&google_cver=1&google_push=AXcoOmRsbvgSw7UmVpigDnrIWYA7I-c6VOhi-ZlfUrCpz0V14yfuOFD29sTdKmVvXiUf2HvNDunm68o7vlEKjQal4ufmUYG_DrPd7g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzg5MDM3MjQzODMxNTU3MzY4OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENfzmNNuxeHz0YkzY1tsCmo&google_cver=1

Request Chain 247

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIYMeo0o8JJ-Ur7RKfNdt7s&google_cver=1&google_push=AXcoOmQRnjfsyOukb_KR-JsLbmtvaZ5b6sN1RAMJF60Z-1z6sLCMmWx0dRJc75y4IQLBCeQUZiGkbCF_qxu7FV_dlbA6ynUmelMA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQRnjfsyOukb_KR-JsLbmtvaZ5b6sN1RAMJF60Z-1z6sLCMmWx0dRJc75y4IQLBCeQUZiGkbCF_qxu7FV_dlbA6ynUmelMA&google_hm=hmUEhBy9Yd9AzALGYg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6504841CBD61DF40CC02C662BLIS

Request Chain 248

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFdTINQNHMDI1UVMkYmtNw8&google_cver=1&google_push=AXcoOmStD2ujRDPODIkV6m-AqIJTAMi42UaI7y5dy4w15wQwvXC-qWCNA0Hq3i7uIQyk3KdUxtJuHHUbG8FbYLSceDrhdVxdq8sn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmStD2ujRDPODIkV6m-AqIJTAMi42UaI7y5dy4w15wQwvXC-qWCNA0Hq3i7uIQyk3KdUxtJuHHUbG8FbYLSceDrhdVxdq8sn&google_hm=eS1lMkloYjdSRTJwRng4TTNQcTh1aTFzUjJySkdfNFg3T35B

Request Chain 250

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENobs_P2GpiGBCBTsK-TXoQ&google_cver=1&google_push=AXcoOmSGSTPpnwe4G6_qki7s_NDYj9Ls4h0Vj2hc_7CRAE2T5hPtXDO57eCmQnYnaiAmT7muhVGZPTy_nrY3ueho9Dw_JjrO1Nnlow HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENobs_P2GpiGBCBTsK-TXoQ&google_cver=1&google_push=AXcoOmSGSTPpnwe4G6_qki7s_NDYj9Ls4h0Vj2hc_7CRAE2T5hPtXDO57eCmQnYnaiAmT7muhVGZPTy_nrY3ueho9Dw_JjrO1Nnlow&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=m25yT7VAR_KJm3STiYxB1Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSGSTPpnwe4G6_qki7s_NDYj9Ls4h0Vj2hc_7CRAE2T5hPtXDO57eCmQnYnaiAmT7muhVGZPTy_nrY3ueho9Dw_JjrO1Nnlow

Request Chain 251

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGGI8R-B0jzX3Kng6kzZzmA&google_cver=1&google_push=AXcoOmTghEs7OOnutT32ZjAe2LRfN1kBM7wWhynztZbn2sej5JRs1sM_zVsgND0QgdG1hJZNJnvgOXEUfi4SXXnEae_MUt_vfXXUQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1LVDFYV1ItQi0yUkNJ&google_push=AXcoOmTghEs7OOnutT32ZjAe2LRfN1kBM7wWhynztZbn2sej5JRs1sM_zVsgND0QgdG1hJZNJnvgOXEUfi4SXXnEae_MUt_vfXXUQw

Request Chain 252

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEM7k6EHyW8v8Qbdy5vwR5sc&google_cver=1&google_push=AXcoOmQimO-wYW7vq2E2-5Xp7i0-gyPg4xPMFfd2vGV3F-Affzm2SuTMVzJJwK8MtL7UChD4VCEYDYJozEZvBvINtoEx7Tyottrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQimO-wYW7vq2E2-5Xp7i0-gyPg4xPMFfd2vGV3F-Affzm2SuTMVzJJwK8MtL7UChD4VCEYDYJozEZvBvINtoEx7Tyottrw

Request Chain 254

https://fw.adsafeprotected.com/rfw/st/1475223/71249298/4.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=&ias_chanId=1&ias_placementId=20111331724&bidurl=https://www1.ihdstreams.xyz/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jRr5YXsURqerwsiMnzAiYY&adContainerId=brand_safety_G4QEZZiBOI2Y-gbp-r7ACA&cbFunctionName=goog_wrapCb_G4QEZZiBOI2Y-gbp-r7ACA&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww1.ihdstreams.xyz&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fa0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fa0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:3312221b-e440-873b-6837-0bdfd8de2527,c:oiWOOL,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-96tzx,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tPWybg6+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141%7C142%7C143%7C144%7C151%7C152%7C153%7C16*.1475223-71249298%7C161%7C162%7C171%7C172%7C173%7C174%7C175%7C176%7C177%7C178%7C179%7C17a%7C17b%7C17c%7C17d%7C17e%7C181%7C182,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:97,oid:abd9723c-53e3-11ee-93e2-827e0700ad5b,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_G4QEZZiBOI2Y-gbp-r7ACA&cbFunctionName=goog_wrapCb_G4QEZZiBOI2Y-gbp-r7ACA&true_pb=

Request Chain 257

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIUQa4xyDtC4qZ4JmVFJatQ&google_cver=1&google_push=AXcoOmQTRMKH_KisENwvof-fWVl5AMsAW6Gp1N8pxUwnvZDDTET7HptP9AV_QkcB0nQRTmGkxUnaaqvM4Z3on50ZbNaRlQLV2J0l4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIUQa4xyDtC4qZ4JmVFJatQ&google_push=AXcoOmQTRMKH_KisENwvof-fWVl5AMsAW6Gp1N8pxUwnvZDDTET7HptP9AV_QkcB0nQRTmGkxUnaaqvM4Z3on50ZbNaRlQLV2J0l4Q

Request Chain 258

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIYMeo0o8JJ-Ur7RKfNdt7s&google_cver=1&google_push=AXcoOmRYUadT-kv9mf-AqKnuAJvwKhN-jjVIVklr9WjId3mdYX3v6N4k5bY7kIIfrSTLsRZedqjPis9I7O7U4SiJHg7A_cL0gqp- HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRYUadT-kv9mf-AqKnuAJvwKhN-jjVIVklr9WjId3mdYX3v6N4k5bY7kIIfrSTLsRZedqjPis9I7O7U4SiJHg7A_cL0gqp-&google_hm=hmUEhBy9Yd9AzALGYg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6504841CBD61DF40CC02C662BLIS

Request Chain 259

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEK-T5zYn50loeF0q8ySx_ag&google_cver=1&google_push=AXcoOmQKvWkru0Y9hTN9TFZMfy2ZFZJPFlLLqS2fhJrOERxmB8dnloQGUXt-i-GKCXF9TDYWSPSyh0pu30sAvhSop01ei0sfVvQG HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEK-T5zYn50loeF0q8ySx_ag&google_cver=1&google_push=AXcoOmQKvWkru0Y9hTN9TFZMfy2ZFZJPFlLLqS2fhJrOERxmB8dnloQGUXt-i-GKCXF9TDYWSPSyh0pu30sAvhSop01ei0sfVvQG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjkwMTc0NDg3Mjk1OTAwNjQ5Nw&google_push=AXcoOmQKvWkru0Y9hTN9TFZMfy2ZFZJPFlLLqS2fhJrOERxmB8dnloQGUXt-i-GKCXF9TDYWSPSyh0pu30sAvhSop01ei0sfVvQG

Request Chain 260

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENobs_P2GpiGBCBTsK-TXoQ&google_cver=1&google_push=AXcoOmQaEChEzQeX7-PGfRKKt9pIdn46lH-v07-cwLVIaHb7ZF_NWXTWms3U2Yap9Rd7JmJvZ8zmrgP6MkFmsunZ3SBGhLSWhpp1PQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=m25yT7VAR_KJm3STiYxB1Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQaEChEzQeX7-PGfRKKt9pIdn46lH-v07-cwLVIaHb7ZF_NWXTWms3U2Yap9Rd7JmJvZ8zmrgP6MkFmsunZ3SBGhLSWhpp1PQ

Request Chain 261

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDL-Z0RaqVjOJiULHMbNJjc&google_cver=1&google_push=AXcoOmRHgM-RlROMkDuQom7k3FGSJMbjQS3pvyyX3O48R1EFqlr03d27Y1d0T46_fr5lF_ADrzw_62RFOY7wq_3FzniEttLXjMuIGA HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDL-Z0RaqVjOJiULHMbNJjc&google_cver=1&google_push=AXcoOmRHgM-RlROMkDuQom7k3FGSJMbjQS3pvyyX3O48R1EFqlr03d27Y1d0T46_fr5lF_ADrzw_62RFOY7wq_3FzniEttLXjMuIGA&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRHgM-RlROMkDuQom7k3FGSJMbjQS3pvyyX3O48R1EFqlr03d27Y1d0T46_fr5lF_ADrzw_62RFOY7wq_3FzniEttLXjMuIGA&google_hm=HU3ztGZHuigyuU7mRbihN1ow

Request Chain 322

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENfzmNNuxeHz0YkzY1tsCmo&google_cver=1&google_push=AXcoOmQJfoB4M_AT6d38uqvQPNQHXzXsgpV8ui15bKrgZE7FJNEviuNtfQGEnirr0fHvP3IU7A0lW9cmw7vccSVeeyJQww9ODLi07g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzg5MDM3MjQzODMxNTU3MzY4OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENfzmNNuxeHz0YkzY1tsCmo&google_cver=1

Request Chain 323

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGGI8R-B0jzX3Kng6kzZzmA&google_cver=1&google_push=AXcoOmSPrXahx09NrP_VQ7U1-1RXn1ks72Z2E7GSThzETQPS8tsl_U1qIxAbZANfR_lhpfloJl_8LqGLkcU3tyjXaaYsclSphC9iZw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1LVDFZQ0YtMi04UUFN&google_push=AXcoOmSPrXahx09NrP_VQ7U1-1RXn1ks72Z2E7GSThzETQPS8tsl_U1qIxAbZANfR_lhpfloJl_8LqGLkcU3tyjXaaYsclSphC9iZw

Request Chain 324

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDL-Z0RaqVjOJiULHMbNJjc&google_cver=1&google_push=AXcoOmToKrBM39qDmk1yuezj9QwGV4u6fu-XDNBtumuweKWTu-PQ2JyexaFGw1mlBVAtfjqnQKI7Q8rRjlVcELVxgN7yZqX9pF4wTg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmToKrBM39qDmk1yuezj9QwGV4u6fu-XDNBtumuweKWTu-PQ2JyexaFGw1mlBVAtfjqnQKI7Q8rRjlVcELVxgN7yZqX9pF4wTg&google_hm=HU3ztGZHuigyuU7mRbihN1ow

Request Chain 326

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEM7k6EHyW8v8Qbdy5vwR5sc&google_cver=1&google_push=AXcoOmTjhCUbAspY_8tjg02XkAUR1WIJFVpoZ_c8LI5iUEfD_G7hHQ1JnFS5b0kDSYZTP9Z9pY6DzITbyW-cwG6pLmbTeBSRaxsrPA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTjhCUbAspY_8tjg02XkAUR1WIJFVpoZ_c8LI5iUEfD_G7hHQ1JnFS5b0kDSYZTP9Z9pY6DzITbyW-cwG6pLmbTeBSRaxsrPA

Request Chain 328

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIWtCjwyqJcyPOMKLMcJh-g&google_cver=1&google_push=AXcoOmQW_OsJ537aqbaGhmdr-5qR4v0F9qfA9Ur0ukeFlEyoe58LP_gMPaH_BKYCd58Ozt9lJSp-usSl8UpFSnCgKg2wLaGSgVd0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY5MjkzNzI2NzA3NzgyNzIwNzU2Mw%3D%3D&google_push=AXcoOmQW_OsJ537aqbaGhmdr-5qR4v0F9qfA9Ur0ukeFlEyoe58LP_gMPaH_BKYCd58Ozt9lJSp-usSl8UpFSnCgKg2wLaGSgVd0

334 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www1.ihdstreams.xyz/ 22 KB
5 KB 128ms
64ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48b68e773ed8021e4f036856493bd67105f694fb513aeae6bab12f111cc42269

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 807231389833bbf2-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 15 Sep 2023 16:19:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQdRTnLFUYauVeWMxnPazSmy0iZcN1A8OLQUszhDCs5nQ7OhGmC9sR0PaGY2oFmLEAaNk%2FAXTizBgEDhl5ihRWP7QNUb6nM3T9%2F7ggGlkkse18X3gXalnqpfA%2F6uaeIHAL7N74lXXBK7FCBKq7W3mRjs"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 88ms
29ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,700&display=swap

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2542cd76df29fd9ac4615f66c62bf94aab8585d36d27c4e8af1354a9bf3a4a99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Sep 2023 16:19:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 16:08:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Sep 2023 16:19:36 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
439 B 99ms
40ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Sep 2023 16:19:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 16:19:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Sep 2023 16:19:36 GMT

GET
H2 200 app.css
www1.ihdstreams.xyz/css/ 9 KB
3 KB 55ms
55ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.ihdstreams.xyz/css/app.css
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29828638d01d73bfd6bd1ff7c87772facd6910124912ebae7e0ac6429f347196

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:36 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 26 Aug 2023 13:42:07 GMT
server: cloudflare
age: 2704
cf-polished: origSize=9528
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FcyEwvc44sVAGAoUVW46XAlvZ%2BnwK%2Fn1Q9Qfg2JclouEyOMsdv7WlmjnvVyrwg4RcX0QioFRtj0Psk4GVRKAMd4J7BGYYX2GugGaEqHmNDNXlmW0W%2B0ejSwOAqhYI4rkQa1%2BdtGkYhpHtVZnGPRfOoT"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8072313908c8bbf2-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 A-letterbigger_Savir.png
jscdn.greeter.me/ 945 B
1 KB 88ms
21ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jscdn.greeter.me/A-letterbigger_Savir.png

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Sun, 10 Jul 2022 13:45:06 GMT
x-amz-request-id: tx0000000000000104b8b63-0065047b51-baa5d12d-fra1b
etag: "f07519ec5fbc46385f386b577e6e2a1d"
x-envoy-upstream-healthchecked-cluster
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1694794776.dop010.am5.t,1694794776.cds312.am5.hn,1694794776.cds320.am5.c
content-type: image/png
cache-control: max-age=1353
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 945

GET
H2 200 rocket-loader.min.js Show response
www1.ihdstreams.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 25ms
23ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.ihdstreams.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Sep 2023 15:48:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6500883e-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyy%2F8lcRNhURMNxxrwI41mrRC69c0oKCLi3ZhpGhGpF13Qs70VNTtyOdELsssQjw8GlTpY0gk2HhPR%2B4kCyQQHRJoog4VS6smNnAHKHsbUeuh%2FU%2Bj1D%2FKq3GPovTxiGuGSbbDMzmqk0e1YgGI9%2BfhSD9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8072313908d1bbf2-FRA
expires: Sun, 17 Sep 2023 16:19:36 GMT

GET
H2 200 nba.png
www1.ihdstreams.xyz/images/ 2 KB
2 KB 80ms
78ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.ihdstreams.xyz/images/nba.png
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9953f046235e5dff6ad5d40a6ee2927f53de1ab7c0a6e061e0551e69e9acddc4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:36 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Feb 2021 20:44:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vynPBIdxWJZc9ISPOPY26%2Bq73ROw7Smp84k%2BLlO%2FC0GGq5MnVPTshKvtZ6%2F1QDtiwcrzkSX5VEZbHw77XBN5Z47pbtFg1OhfY3G25pVNMimfGsDEvZQlw6c%2F7OqLgnq%2BkcqPbHEkp1hb47M4WyrrOko"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8072313908d5bbf2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1807

GET
H2 200 WNBA.png
www1.ihdstreams.xyz/images/ 26 KB
26 KB 55ms
53ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.ihdstreams.xyz/images/WNBA.png
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce1727ed068df20a4587a51a996eee3e98065d456b697426b43581c78c0e180f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:36 GMT
cf-cache-status: HIT
last-modified: Sun, 27 Aug 2023 20:58:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GTcWeRMJ1Q24lIu392vLHV8SVujRdXPJdHrRNDlrtMzAB67YtzLPvUQwd%2B8f5Yjo1kMSDcYsm8CnMBMOlO6kWMDInvl8vqRc4GGYjd%2B7n57FrUS%2FaT1PrptM%2BFpISsMUHH0Bk%2FnqrXGE8%2FqPnvdVrMUe"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8072313908d6bbf2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 26212

GET
H2 200 nfl.png
www1.ihdstreams.xyz/images/ 4 KB
4 KB 81ms
79ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.ihdstreams.xyz/images/nfl.png
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c542012c84c6c9b8b31b62c0919d8c76fe2ceb18c8721646cb57f382f38d3020

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:36 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Feb 2021 20:44:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYI%2B0xIyUmZVQOuFJ%2FSM%2BTYPbWtIUAx%2BNFj%2BPWdG68IWX11D5xpWSyyjADJRArQuyN69j5y4joHaNY3Z8%2B2jBtFWXxcy4ZWPXG1brRbQ319uxP9bKTB9LfX8gZujphfZ%2BFTZ6EeNny1rHg3a%2BZaJ7b1%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8072313908d8bbf2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4018

GET
H2 200 mlbs.png
www1.ihdstreams.xyz/images/ 734 B
1 KB 49ms
47ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.ihdstreams.xyz/images/mlbs.png
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c49942d851969cee2ed7c9d24370dfa247d7507c35af5218f2b47464eb14b2c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:36 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Sep 2022 14:14:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tA1aoH3XWFd6tVJwZCxF3hkvGKLRLTNozP4ULk2CTHpczZFIMqeT61gGSIRet%2B8K7cWrcg4natZ66MyWsk9a5cCBxHjCz9VJrgWmDWN%2Fn4cWqqYswB1IXEwnmxAgiIcRY9gXgIcpeojX1LcF4PZglFeR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8072313908d9bbf2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 734

GET
H2 200 mls.png
www1.ihdstreams.xyz/images/ 22 KB
23 KB 52ms
50ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.ihdstreams.xyz/images/mls.png
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a70b25b074c2b6c3ba5133d9f9b4c1facca92385b087263cf4a7a63461868b3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:36 GMT
cf-cache-status: HIT
last-modified: Sun, 27 Aug 2023 21:00:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TjYEt9im0FhsPPmtADd707vi93PL7aRP9aJdUBLP7OAMWPp92UxEubvyIAlkEdVuzBsjLrRUAMWQlTOezR0O9KWXwQc26IEzo1BP4ZBtKeKPJdQzhzftzr%2FKn702jrTg%2F4hEyZPAzSMtbg3xsCBYrD1%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8072313908dcbbf2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 22920

GET
H2 200 mma.png
www1.ihdstreams.xyz/images/ 7 KB
7 KB 72ms
70ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.ihdstreams.xyz/images/mma.png
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9757415edc6793a3544240a995b7f19f49c96bacf8d6ae41b2657d9f7bac1be7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:36 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Feb 2021 20:44:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BN99admZFGWYrg4n0ScFPYvoUIpOPsjSdKFYjzvQ%2F7S3Up5RW8DExDGah%2FsOqtD7HGJryB7s%2Fe8vzYY8SxeECkNyxYqk0nmfXvcIvUP2TF29R4K2vaSbWoPr3AT7dV4w%2F0707sWHSzhXkHWmUraqf2QN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8072313908debbf2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6673

GET
H2 200 boxing.png
www1.ihdstreams.xyz/images/ 9 KB
9 KB 81ms
79ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.ihdstreams.xyz/images/boxing.png
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef4e851bde18d7fc0111215f4d6a622bc9f648b0b96700b2e98a67c2cd633799

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:36 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Feb 2021 20:44:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=toSQkvHyXlRkHIeCPzWiSx8FPBJhqQul7cQq2GEXkqmayXVolOdaFXNYLQkPaOFbwQxOhHfZkpWr3gofjsHWquoBPIn7XcGauJLWPNXr1MPocH7%2BzfHIqnFneaFgQfE6%2BT3bCzlP7Lbi9UglQdB%2Fc4mb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8072313908dfbbf2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9140

GET
H2 200 f1.png
www1.ihdstreams.xyz/images/ 2 KB
2 KB 54ms
52ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.ihdstreams.xyz/images/f1.png
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8511af2c0e0f877701ecceabdb9833984f9e4539d05196c05dfd78251dc55a1b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:36 GMT
cf-cache-status: HIT
last-modified: Sun, 28 Mar 2021 15:44:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3BTpiFVqa%2BCeXxFrhcB1qink6B2TYBIFir9ds2oW%2BG2oql2XZx%2FDZXCDSP9cbA0%2BdaibdJ8aYunpF%2FO2YSfTp3wSpawQIqQhTNMVn3biJtVp2clSE6pZzMCQms5%2FWpuXwaQtd3f1iNtIgUy9OD950gG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8072313908e1bbf2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2022

GET
H2 200 nhl.jpg
www1.ihdstreams.xyz/images/ 35 KB
35 KB 95ms
93ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.ihdstreams.xyz/images/nhl.jpg
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f5ba267e4a28eeeeb5f692e2f89a08cb2d87be40ca4aca4a622c375939578fb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:36 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Mar 2023 20:38:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7JO%2FNomAfHfXY8wX2yxDFILDO7vydiLi05Pt%2B9jWl3joVjgh3LTDKZoNi%2BINVE5K%2FWJ5h7nlk0n7xKbpFWx%2BgMe4fv3%2Bs8hrK77SJxVGUbLQvJgdKt1zCa%2BZQTv65zBjftMdwJqbFP8MU%2Fy5OZdyYfx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 807231392902bbf2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 35380

GET
H2 200 nccab.png
www1.ihdstreams.xyz/images/ 28 KB
28 KB 80ms
79ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.ihdstreams.xyz/images/nccab.png
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3415d1f3f46175bc47b0e1055fc044b0ca4743150abbdfb8ff2029b80029f36c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:36 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Mar 2023 18:23:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFS8qLc%2FgjmlPFv%2FTrivXf%2BYWlUT%2BPZWwSSCipEm%2F1qjvrOgA2o%2FGGJC%2Bp50hVaf1fcZyYLWoVj94k%2BPhxd4S28gkU0l%2BZx1IlelB9KRQ7Z71IkHv5jyXYTrjs9t%2FJXyhhHqBd%2FKf3lXREUkwhjsdT%2Fc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 807231392903bbf2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 28608

GET
H2 200 ncaafz.png
www1.ihdstreams.xyz/images/ 9 KB
9 KB 55ms
54ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.ihdstreams.xyz/images/ncaafz.png
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 973a1edcabad76ff85ea8d54d0f0c173afc90cc6a2d19b8abd1dd254921942bb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:36 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 14:23:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2213
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LO8Td6hZBKNGwEerfTx4NiufQcC3oNKrkseJLd4Q5MmDd6AhXqW%2FHQ67yFeEexg%2B2Xp1JA5nEpu5k%2BSqiRUsBgYSJSlmZxdiHsR5679Z4jJR6N3eiA9Bemw5jhC8szat1RbB1JH%2F9%2Bvhk9y4aWmfsY0b"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 807231392907bbf2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 8953

GET
H2 200 xfl.png
www1.ihdstreams.xyz/images/ 51 KB
52 KB 73ms
72ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.ihdstreams.xyz/images/xfl.png
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94250774030be67093bb2b17844ecb5c73f9fd12afcdaca0fee1f279f709d32a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:36 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 07:44:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WrIz5hU92hU2sLuXd6S7PnaMLfkocBMaQO2p16nNZupIjAqmIoWWYP6IFwzQa1a81W3l3mX9NqK4gIolnYRK0AJnF8hS4aHMNksVsVlXqDLnSa4TVENuoc%2BXLKgbjc%2B0psNwYngzQBSHFoIV4jL9hs8A"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 807231392909bbf2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 52428

GET
H2 200 wwe.png
www1.ihdstreams.xyz/images/ 33 KB
34 KB 80ms
79ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.ihdstreams.xyz/images/wwe.png
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fca03541a50907237eb1c1872eed044c5a98c6049e9f6064419e08e9cc82af6c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:36 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 08:15:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2AWa5kNxyJkiVr488fEPZ%2FvIIn9ky0NGGaKueksCpHKzOKlZbUcoq3rZ8Dkpbw8JSoRroEDNAfB%2FkjcW6ZZWPwQvaG%2B1d6rQ2ZC8LPbQkcZXRLZZlG2K6uD5jSHmZO%2Bs5QjhSF9Ao3mSeuLx99OThvC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 80723139290dbbf2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 34006

GET
H2 200 Sportsurge.png
www1.ihdstreams.xyz/images/ 3 KB
4 KB 72ms
71ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.ihdstreams.xyz/images/Sportsurge.png
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9ae233e8c3c3cf459ffa8b7ae75983cf1ca35bf6eb21468716423cb30475d51

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:36 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Oct 2022 19:52:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2214
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NZwrF8oqN4i%2BsB6%2FWZHpM7xZHuqOcO9WEmrtrp6oNN01F5qkqhrwbu57QEGglyr%2F4tjvkliYr3wKhQ9lFsaWhNxgpEWI%2FtBRgbjT%2BQ0il8NUd2lKf2WxyqAi%2B6hE%2FhAEKWqcfIWOqedQEP%2BqpOApFVj5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 807231392910bbf2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3307

GET
H/1.1 200
OK spt Show response
tg1.modoro360.com/api/adserver/ 30 KB
8 KB 244ms
128ms Script
text/javascript 2a02:26f0:480:25::1726:6216
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=632c400f6736d736c5787e64&AV_PUBLISHERID=632c3dff8e62a32fb323cd86
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:6216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e6151b94a9260d9b6cb436a8aa892dfac39db60c16bff0de1b8fdd44a19b3f4e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

X-Bamboo-C-SkSt: 1
Content-Encoding: gzip
X-Bamboo-C-SkFe: 1
X-Bamboo-C-S: BYPASS
Date: Fri, 15 Sep 2023 16:19:36 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Vary: Accept-Encoding
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Content-Length: 7395
Expires: Fri, 15 Sep 2023 16:24:36 GMT

GET
H2 200 ihdstreams.xyzdynamic.js Show response
jscdn.greeter.me/ 8 KB
8 KB 20ms
19ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/ihdstreams.xyzdynamic.js

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

cecdb772902480238ed72f56e63233f74af64e5db96706a47d8d40363e6f6332

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Sun, 02 Oct 2022 07:54:26 GMT
x-amz-request-id: tx0000000000000103e7344-006504773c-ba9c596e-fra1b
etag: "06342141a46f1a42c83deb96dfde3cba"
x-envoy-upstream-healthchecked-cluster
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1694794776.dop010.am5.t,1694794776.cds312.am5.hn,1694794776.cds312.am5.c
content-type: text/javascript
cache-control: max-age=308
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7957

GET
H2 200 ihdstreams.xyzhead.js Show response
jscdn.greeter.me/ 8 KB
9 KB 22ms
21ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/ihdstreams.xyzhead.js

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

59848ac7fa952227246d55a015096752802cb43ca29d530e1309f770ee54ab7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Sun, 02 Oct 2022 07:54:26 GMT
x-amz-request-id: tx0000000000000103e737b-006504773c-baa5d0b5-fra1b
etag: "facc79495eb5555fbbf60d0288371d83"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1694794776.dop010.am5.t,1694794776.cds312.am5.hn,1694794776.cds002.am5.c
content-type: text/javascript
cache-control: max-age=308
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 8633

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 203 KB
46 KB 136ms
37ms Script
text/javascript 3.160.212.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.212.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-212-52.mxp53.r.cloudfront.net

Software

Resource Hash

cb9c4209cb9614d749efa807c0f454fc51136f7d5914ca629945cadad984edf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:08 GMT
content-encoding: gzip
via: 1.1 195b923a1c82c96d843c757f80ce2a18.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MXP53-P3
age: 29
etag: W/"32bd5-ML7JuoX3RQAdwjY+/7SzPPb0+Vo"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: ko4xaRM9z4KcDJ8dB-5G9WXyPEoS7g7vV9RMFWZkV9G6M6fm3tLIWg==

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 76ms
21ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www1.ihdstreams.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:17:59 GMT
x-content-type-options: nosniff
age: 79297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:17:59 GMT

GET
H/1.1 403
Forbidden invoke.js
www.profitabledisplaynetwork.com/3ca0f619c604ae8a19b9799a144e8ee5/ 0
0 483ms
110ms Script
application/javascript 192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.profitabledisplaynetwork.com/3ca0f619c604ae8a19b9799a144e8ee5/invoke.js
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 16:19:37 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 602045c93485470012219531.js Show response
buttons-config.sharethis.com/js/ 554 B
1000 B 512ms
427ms Script
text/javascript 2600:9000:26da:da00:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/602045c93485470012219531.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:da00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2319dbc0d652282694fa0847f099ecb17e4dca70baadde117a227a22e188860f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:38 GMT
via: 1.1 455035b7b3ab5f564b775e2968249d3e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Sun, 06 Jun 2021 23:18:05 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
etag: "2b6a1b0751a89208a9aef5d82f937db6"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 554
x-amz-cf-id: ZoVvWHbBdTxypfxE06nOxiJcDF0DgZFwIdABdMBULoBnIJZ7VtbTCA==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
406 B 122ms
40ms XHR
text/plain 52.29.224.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=www1.ihdstreams.xyz&location=%2F&product=sop&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Crackstreams%20-%20NBA%20Streams%20%7C%20NFL%20-%20MMA%20Streams%20-%20UFC%20-%20Boxing%20-%20Formula%201&cms=unknown&publisher=602045c93485470012219531&sop=true&version=st_sop.js&lang=en&description=HDStreams%20is%20new%20Platform%20to%20Reddit%20NBA%20Basketball%20free%20streams%2C%20access%20every%20NBA%20live%20stream%20on%20your%20mobile%2C%20desktop%20and%20tablet%20for%20free&ua=&ua_mobile=false&ua_full_version_list=

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.224.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-224-243.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 16:19:36 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://www1.ihdstreams.xyz
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 403
Forbidden invoke.js
www.effectivecreativeformat.com/0154b07ef3e758a91da6b0cd107ed2d2/ 0
0 588ms
104ms Script
application/javascript 173.233.137.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.effectivecreativeformat.com/0154b07ef3e758a91da6b0cd107ed2d2/invoke.js
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.36 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 16:19:37 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 98ms
32ms Script
text/javascript 2606:4700:10::6814:81f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:81f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 1204
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 807231418bd7bb41-FRA
content-length: 4547

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 305 B
682 B 474ms
342ms Script
text/javascript 99.86.159.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.159.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-159-59.mxp64.r.cloudfront.net

Software

Resource Hash

c5405507f60064936019190ea271bc88c1091e292754c602e058d3c0742cd127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:38 GMT
via: 1.1 e928b6930ba0ec9937ae31d26228b38a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MXP64-C2
etag: 137063b37849f76a00ae813d9d930fc7
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=900
content-length: 305
apigw-requestid: LNDRLjOooAMEPBw=
x-amz-cf-id: 2OV8Cdh2Niast9TIDwPynpCp9hLm979RfhaN_QI3E_t3yLo2e6oDOQ==

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
745 B 128ms
33ms Image
image/svg+xml 2600:9000:2246:cc00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/facebook.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2246:cc00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 20:26:44 GMT
via: 1.1 90b1dc17dc69490d49275971c6988188.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MXP63-P1
age: 1799574
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 301
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
etag: "c6e9be45643e197ce1db1d7e24a99adc"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: yRYBg1HnMtYkSJfJpnQT667O7YwhJM_aNfVl_xi1Nst9pPBdJpB0xw==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 731 B
1 KB 129ms
35ms Image
image/svg+xml 2600:9000:2246:cc00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/twitter.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2246:cc00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 01:17:43 GMT
via: 1.1 90b1dc17dc69490d49275971c6988188.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MXP63-P1
age: 2127715
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 731
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
etag: "0af2fb38987598376c99e21af17ade45"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 3r4BarUQNZdl7xO1-3O2csyQbRW8auprTBOA1xOPwk1exwEQ1OcRVA==

GET
H2 200 reddit.svg
platform-cdn.sharethis.com/img/ 910 B
1 KB 129ms
35ms Image
image/svg+xml 2600:9000:2246:cc00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/reddit.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2246:cc00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 10:02:25 GMT
via: 1.1 90b1dc17dc69490d49275971c6988188.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MXP63-P1
age: 2441833
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 910
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
etag: "78d796ca648d8a5e665b48ed0217c56a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: IEZ-TDc-v6IRrTjuVa1l49pGx-nmVMWYRmqtbZ2HbkPfj9XtTD6-hQ==

GET
H2 200 whatsapp.svg
platform-cdn.sharethis.com/img/ 832 B
1 KB 128ms
34ms Image
image/svg+xml 2600:9000:2246:cc00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/whatsapp.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2246:cc00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 06:38:55 GMT
via: 1.1 90b1dc17dc69490d49275971c6988188.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: MXP63-P1
age: 2281243
etag: "afe7fc60ed757db39a88d2950fce69c9"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 832
x-amz-cf-id: v5A10aMdBeO9kQ5Vy8NycU91gOQktS_gJUpJxVtZoIsU0_v5TpEdDA==

GET
H2 200 messenger.svg
platform-cdn.sharethis.com/img/ 372 B
814 B 130ms
36ms Image
image/svg+xml 2600:9000:2246:cc00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/messenger.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2246:cc00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 10:16:04 GMT
via: 1.1 90b1dc17dc69490d49275971c6988188.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MXP63-P1
age: 1836214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 372
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
etag: "a5aa43fa302867d3e888ac2f69b7b288"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: xEsu4AXMoh2SeA-3cX26XaF4hv-0a56jXTN9t-gNJtXf-tGDX06mAQ==

GET
H2 200 linkedin.svg
platform-cdn.sharethis.com/img/ 456 B
881 B 129ms
36ms Image
image/svg+xml 2600:9000:2246:cc00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/linkedin.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2246:cc00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 18:46:02 GMT
via: 1.1 90b1dc17dc69490d49275971c6988188.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
x-amz-cf-pop: MXP63-P1
age: 2496816
etag: "fa43b4ede18498b114fc7185993f6da7"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 456
x-amz-cf-id: 91XpJKbnhoZGMqNpf0cT5did4kux5oRLrVqjInRAsjbw3TKm_wdWzQ==

GET
H2 200 pinterest.svg
platform-cdn.sharethis.com/img/ 771 B
1 KB 38ms
38ms Image
image/svg+xml 2600:9000:2246:cc00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/pinterest.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2246:cc00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 02:22:14 GMT
via: 1.1 90b1dc17dc69490d49275971c6988188.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MXP63-P1
age: 2210243
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 771
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
etag: "2b10a062e719c64b686e2e8fcdc216dc"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 7dPk6RrdXsN7Rjx-hXSql4eNAJ7HmZ-tzwKoO6ELedQvEjXmGMQv_Q==

GET
H2 200 sharethis.svg
platform-cdn.sharethis.com/img/ 514 B
939 B 40ms
39ms Image
image/svg+xml 2600:9000:2246:cc00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/sharethis.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2246:cc00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 22:46:52 GMT
via: 1.1 90b1dc17dc69490d49275971c6988188.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: MXP63-P1
age: 2395966
etag: "deecdaa377907db5cc1722fc831670a1"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 514
x-amz-cf-id: YdE0TJcZG0zU4L13bsUnYhSvKuz4HM3B3MaGWu1ee_YyUhQAhvK7qQ==

GET
H2 200 arrow_left.svg
platform-cdn.sharethis.com/img/ 565 B
1008 B 41ms
41ms Image
image/svg+xml 2600:9000:2246:cc00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/arrow_left.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2246:cc00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 01:14:22 GMT
via: 1.1 90b1dc17dc69490d49275971c6988188.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MXP63-P1
age: 2041516
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 565
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
etag: "b55d8d2b9321e381a3c38a4bddb74037"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: s34acjekTvzYfVGSqByByZls9cJ7QlnXEnHGQj2AVQ-tYgiM7BlKrw==

GET
H2 200 arrow_right.svg
platform-cdn.sharethis.com/img/ 565 B
1007 B 43ms
42ms Image
image/svg+xml 2600:9000:2246:cc00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/arrow_right.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2246:cc00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 02:50:29 GMT
via: 1.1 90b1dc17dc69490d49275971c6988188.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MXP63-P1
age: 2381349
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 565
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
etag: "9928d025bd5792b718ee0a185f62e67c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: -SCdEUjFbdEbEwVzRfb9QbUusT0XbpPuwKsX4N3dM2dmskGes6ZIhA==

GET
H2 200 hb_736354_16735.js Show response
player.aplhb.adipolo.com/prebidlink/470776/ 922 B
778 B 166ms
101ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/470776/hb_736354_16735.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ihdstreams.xyzhead.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 382f98ee9c7df50ab64c0a9b6973cd902eaf31198b4241f38bea7fac68d2f04d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:37 GMT
content-encoding: gzip
last-modified: Thu, 14 Sep 2023 09:56:50 GMT
server: nginx
etag: W/"6502d8e2-39a"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 15 Sep 2023 17:19:37 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 213ms
113ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ihdstreams.xyzhead.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

611ccbd49593ab8d0675006e364086ab5b05dd9dbfb7c0be953d4c7d32a97b64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28915
x-xss-protection: 0
server: cafe
etag: 761 / 19615 / m202309120101 / config-hash: 15906467109657375377
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:19:37 GMT

GET
H2 200 wrapper_hb_736354_16735.js Show response
player.aplhb.adipolo.com/prebidlink/470776/ 2 KB
1 KB 186ms
185ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/470776/wrapper_hb_736354_16735.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ihdstreams.xyzhead.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 86a9150b09ffc2b65bedc34da02a1e820e8c9bdc4e62f5249c1aca4c712fca3c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:38 GMT
content-encoding: gzip
last-modified: Thu, 14 Sep 2023 09:56:50 GMT
server: nginx
etag: W/"6502d8e2-867"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 15 Sep 2023 17:19:38 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 97 KB
29 KB 145ms
72ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ihdstreams.xyzhead.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce8066915045fdbb4b35e1812c0e13134a2526ce27e67ca582279d51fff75ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28915
x-xss-protection: 0
server: cafe
etag: 716 / 19615 / m202309120101 / config-hash: 15906467109657375377
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:19:37 GMT

GET
H2 200 adipolo_logo.png
adipolo.com/wp-content/uploads/2020/06/ 7 KB
7 KB 104ms
39ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:38 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Jun 2020 09:04:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7874772
etag: "5ed61610-1b9c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yZOG%2BGZ4RKRs03xkXE5hY5PKo5i4Furzv6NCRQBA5bJmM8mX%2FEaoqcnAK1d46y0AKrp75l0AcoA9Pd4IGZzuTCRjeF6FJy%2B8xbccAbNEROD1frksO%2F%2FoMmFtTmMbCMVdJF1ablEuTta27A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80723142691a39df-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7068

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 51 B
185 B 359ms
102ms Script
text/html 54.39.156.32
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?2633223&@f16&@g1&@h1&@i1&@j1694794777871&@k0&@l1&@mCrackstreams%20-%20NBA%20Streams%20%7C%20NFL%20-%20MMA%20Streams%20-%20UFC%20-%20Boxing%20-%20Formula%201&@n0&@o1000&@q0&@r0&@s514&@ten-US&@u1600&@b1:104680579&@b3:1694794778&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fwww1.ihdstreams.xyz%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.156.32 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns562579.ip-54-39-156.net
Software: /
Resource Hash: f2ae46d06027e419f8569f53befe548397490a2cd0f8ece9322a1763e1678dbe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 16:19:38 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

GET
H2 200 cc_514.js Show response
s10.histats.com/counters/ 15 KB
6 KB 30ms
30ms Script
text/javascript 2606:4700:10::6814:81f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_514.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:81f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: babfdd8d96853154749421058a8b281d3fa13dc64df98d8e57c477c7c56e41a4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 65355
etag: "1889425552"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 80723141cc1dbb41-FRA
content-length: 6447

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4558415f627880263b408b58c30f1c9ae4765038c86beaf568d9c067b79c936

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 hbp_master_736354_16735.js Show response
player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ 352 KB
113 KB 141ms
141ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_736354_16735.js
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/470776/hb_736354_16735.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 21d37f9066429269a82775b7e6c0f1322f99d5fb928f07aefdee839a4bd14cab

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:38 GMT
content-encoding: gzip
last-modified: Mon, 10 Jul 2023 14:56:05 GMT
server: nginx
etag: W/"64ac1c05-581d1"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 15 Sep 2023 17:19:38 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/ 408 KB
129 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37b564138a8c782c7ef7f804054712a1bb75a63677dca0e6e186b82102aebb93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 09:37:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24150
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131633
x-xss-protection: 0
server: cafe
etag: 12671944107613252425
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 14 Sep 2024 09:37:08 GMT

GET
H2 200 hbw_master_736354_16735.js Show response
player.aplhb.adipolo.com/prebidlink/dpklh/ 122 KB
39 KB 126ms
125ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/dpklh/hbw_master_736354_16735.js
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/470776/wrapper_hb_736354_16735.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: f320df46b193fc17ff43ad5b1bdf4d8096ca8be3eae2d0f782f0cf788bcc8699

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:38 GMT
content-encoding: gzip
last-modified: Thu, 14 Sep 2023 09:56:50 GMT
server: nginx
etag: W/"6502d8e2-1e9e4"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Fri, 15 Sep 2023 17:19:38 GMT

GET
H/1.1 200
OK / Show response
ghb.aplhb.adipolo.com/geo/ 148 B
423 B 583ms
55ms XHR
application/json 2a0c:5c87:5241::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/geo/
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/dpklh/hbw_master_736354_16735.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 29df211ca119ba3caa6fde266dcd2ef349c4aa5ab63ec19af39505517c5fa084

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 16:19:38 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://www1.ihdstreams.xyz
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 148

GET
H/1.1 200
OK tracking Show response
ghb.aplhb.adipolo.com/adunit/ 43 B
438 B 672ms
86ms XHR
image/gif 23.227.151.194
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=736354&site_id=16735&full_page_url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&adid=kt1w9o.ch&features=81952&vpbv=N174&tte=506&lifecycle_tte=1959
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/dpklh/hbw_master_736354_16735.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.151.194 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 16:19:38 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://www1.ihdstreams.xyz
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
15 KB 322ms
322ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1340521495430263&correlator=4434537064465272&eid=31075594&output=ldjh&gdfp_req=1&vrg=202309120101&ptt=17&impl=fifs&iu_parts=7047%3A22821132256%2Capl%2Cinter&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&didk=1421344310&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1694794778307&lmt=1694787578&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=497659922.1694794778&ga_sid=1694794778&ga_hid=2116468713&ga_fc=false&dlt=1694794776467&idt=1711&adks=3977417493&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f38ffc23580afc19794c4c4388f32fcf346b85367c6821a458ab296271798ca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15661
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www1.ihdstreams.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 835 B
413 B 356ms
356ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1340521495430263&correlator=3000461372757270&eid=31075594&output=ldjh&gdfp_req=1&vrg=202309120101&ptt=17&impl=fifs&iu_parts=7047%3A22821132256%2Capl%2Canchor%2Canchortop&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=2&didk=253446373&sfv=1-0-40&ists=1&fas=2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1694794778313&lmt=1694787578&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=497659922.1694794778&ga_sid=1694794778&ga_hid=2116468713&ga_fc=false&dlt=1694794776467&idt=1711&adks=2809816177&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bda45860b0d1edde875f3eb7dba062fd2b5df53522c146d496fb3cf16cfc4402

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 382
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www1.ihdstreams.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 128ms
74ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309120101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2b2f4721149b7cf101f7c539a1be0c2143e26cd7e001aa97b9a1e203dbb97f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12074
x-xss-protection: 0

GET
H2 200 container.html Show response
a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9B82 6 KB
3 KB 132ms
29ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 16:19:38 GMT
expires: Sat, 14 Sep 2024 16:19:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/ 38 KB
13 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1533c110f944ceb2c80c16c5e4a3bfcc898890d33f0dd092b2e67acbddc0aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 12:01:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15473
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13663
x-xss-protection: 0
server: cafe
etag: 18249464028864611006
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 14 Sep 2024 12:01:45 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/313490/ 11 KB
5 KB 68ms
14ms XHR
application/json 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fwww1.ihdstreams.xyz%2F
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_736354_16735.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e579e03e953cb09cff8d7863bdfb5505077b5165c6ceeb7df1c8a71f66e27f1f

Request headers

Referer: https://www1.ihdstreams.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

expires: Sun, 17 Sep 2023 16:19:38 GMT
date: Fri, 15 Sep 2023 16:19:38 GMT
content-encoding: gzip
last-modified: Thu, 14 Sep 2023 12:01:25 GMT
server: nginx
etag: W/"6502f615-2ad7"
content-type: application/json
access-control-allow-origin: https://www1.ihdstreams.xyz
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 127ms
46ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Sep 2023 16:19:38 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2890 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 15593
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 11:59:45 GMT
expires: Sat, 14 Sep 2024 11:59:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EF2E 829 B
1 KB 79ms
30ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1369dd61a5b93e7b0bcc278596036f11534f990d20d7c7b433725b18bccc04d1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VqgNv2OK9H7HS0-PcxnNEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 535
content-security-policy: script-src 'report-sample' 'nonce-VqgNv2OK9H7HS0-PcxnNEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 16:19:38 GMT
expires: Fri, 15 Sep 2023 16:19:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 t8GibRNARgYsE0Sx_-jM8Z9WBbCCL83x92A0C_FtaJU.js Show response
pagead2.googlesyndication.com/bg/ Frame 2890 37 KB
14 KB 64ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/t8GibRNARgYsE0Sx_-jM8Z9WBbCCL83x92A0C_FtaJU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7c1a26d134046062c1344b1ffe8ccf19f5605b0822fcdf1f760340bf16d6895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74128
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14716
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Sep 2024 19:44:10 GMT

GET
H2 200 container.html Show response
a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 21C3 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 16:19:38 GMT
expires: Sat, 14 Sep 2024 16:19:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 21C3 4 KB
767 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Sep 2023 16:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 14:36:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Sep 2023 16:19:38 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3D94 624 B
826 B 114ms
63ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLiL_vQBMAE&v=APEucNUMA9eo3G-0e64LGfUDfgKi-3nwfZIAF97Lj4ZZ6E5RetaO6N-1tFiY82HpNKZxUOfi91H58GTrsNA471rWNl54M9vlqZEYNHuRS8zzDVr-9V4izDdGp2JsPIGWCGUaEJRZOxGzlZojZTqJMKwqpGv91_bjmgs5k1Q9QxLg4C8yermjN8E

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 16:19:38 GMT
expires: Fri, 15 Sep 2023 16:19:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 559A 89 KB
31 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31438
x-xss-protection: 0
server: cafe
etag: 13183557946744512263
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:19:38 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 559A 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 11:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 11:19:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 559A 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:46:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 559A 182 KB
57 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:19:38 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 559A 42 B
63 B 122ms
121ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BX2cHhb17QWWJ17CsZ8LsIv18-aUERo02ueRr-OswfoVux5mFvs1Ur0pDTUrC8IExhqN8_Trs0KHbr6-AlYM-6d0YOKxz9Td2pry-MAJL_J9q19RA

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 559A 0
20 B 122ms
121ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16657268296117375740&x=1&ct=76

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/elements/html/ Frame 21C3 20 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77605
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 5625731030761120726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 18:46:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EF2E 0
0 119ms
119ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309120101&jk=1340521495430263&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2890 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?pf59pg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 559A 0
20 B 121ms
121ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3642754245859&version=m202309120101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 559A 0
20 B 122ms
121ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3642754245859&version=m202309120101&ct=76&x=1&cor=16657268296117375000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 559A 112 KB
43 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CIc2iL2TFHUsjNsTY6sYLmqrzdoUbinkBjZuXot7gskMBs9rjKXOdhJKmBycQt0rdcDJlHjU0zTK5R0cqgrGsDsAqzF4inzUbdq4-FiZVLnHKhBcXa1XgIJ3rwQQ7QfbLXPoWTBdjCwe7cEVrflhG4obiV0cQtk6pQQ4CwJOkh3e1qfBI&dbm_d=AKAmf-D-WCNSJIVZVbYOuEYbNS32f1X4EeSgCiLldvR7YFEsq_JE_1aRapw5z_pWkVDT3CS95qc-KMEMwxPuw0_oebrWxiysVAWoPc6DwgSpOBhPGVxsZIq64IEosCHYaVNtzDJTv04WXnZHNIqYLSfa7c0qoZTbOG3JOje-U1uzScrHItblkj6y7Xxd6UOZ4K7U8709tSO3u9SyoKttnDCDSuS_oJN-VkY-Wy3cZSakfSkvxXvccG0XmzUruZQACvFEpOn_aeK44G3u5Gynr9NbZ0DaS8bi_1_ovDiGuLuXvST8UUsIwY2lPxwIpqswRKOiwEjuVujWVtYDY9aBCE4kXM48yYv-3WNMIP_m_oSfKFKOnqybxWfbupU4QoT8N2x-F0olLDdGrq8EJeGv-seTG_tIHCR_lqmFjvGFc6TNd0aEkNf4kiijiBkuG7PhsEuokpQo95StpYqut9zptdeQ9cvZer5p45-VnfkAy70TJ-kwJaaSNi_Rda0zX6XxWd7-lqK_g9Cho_fi78MJ3aGoh3MUvAKdGat3gbVvZF7NxZ1WoHDJyJTw-cKcmVX8IVf5yC1dWnlwHLMpAitQvOXMZ4S_20y1FludVc63uzAYUUW9wx9nzG8RPhjTjsL0A9TP7zfyeRnxNRuQ9uN1Qh1nW94RhvYODlwDxl5kj0UKw8_GHBG-8uL9oWlLcsbuc_T6P_dun1r8khYJTAKUMbRtDZbpeEUDJdrruQW5F5jHVxWvxaQb9GCMSVBmvfsfFOFdzfpHRhS9lOWIvwH75f1tM_4nL8I_iv0wdt2dERd2hmb1T7xvNV89TbISI6ZTMO1Sx3wFji3paZ0lh-MzgZwJ7PmTVpARTwaN9Mw-S6vl0m1rzkeKofqBFI5vvdKfcmE0AT8GsaWPJZ8Kha9xojvOUkRVrRpXawD1fHIUgULqRxn4jMfyNlaoaEjyIn9_i_jmHHsVvtgV9LzGuzmJuVyGWfqODA5l5mtX59HJVuQPlJJuUGY_IsOKbU0mdy7Gp_rv-mrH0-78SOkLE2Gf7aAL5415MeOH5DSbuu1u-eYrkTyH9dGtXCNa5J1ivSRaz5R7w7HapdGP38m1SrIzy0IoHtnA4XkIjHL6f90N_81WliamXhTGUdbxEUAZVZkq2Cs_86OUzag46y6OWMfkjaFqDGCKvSpMq7mct5sUp2uN5iWm51knIXHkn-xPMxNnBwBoTGDYBx_ZKxorFnIb_AqJVbieFw5_x1iDFJ-rA1So9ES9MZ3_WpXtDrsOYSjT_zNLtJAWinqHsTWzkL1FQAkHtdlt6fc2ddm6PeuB8xRQppKC22RIaoYohBWJhGw4SeRZqgzbARbtIEzEhMl3VclkUXUnhF5uskQbF4phu31kpHpJbkndiZP927UP0N07XLSL8uGoNhFMvTyib0kqjLg7CzqjV7nmQzaC3FwvGM-3WWB8Gl94uJuqeQPE7xjwadWYiS6ndiUXkeK6NaITanl3P7oxYdxPGY094ZcLXN_VbISIfzCkCiqAqRJG-BVcJqz-Ber2u3CPO-qw6d-QHfAWaEZCzUXfYrywZEvl4G8PLFyReAB5sSk39iS5yFRD8EfWA3I3mz7TZQkeN9UUTWjYGRalMwPQYyWR3IU9dkzv8PSzKq5fPmF-FmmBQJ4UHTmCT0cXOdHIwEyUvSwo1dtTnO-XxdlK0Lw6wFV5oFhy7BCqlf1hPTisyTnN0S_npFzB2ct34kC7mEg73kWn9LmacqApq_DQXF9n3aoNhx_Zhnve1NHdNPpR-CFSOQ3oJ0EygcGyLl5LBj7VlxuATqc9d-6CAiuYMEWpEg68xwWrZ0KHydCwGi7FGRge0ozXyUhiwHxKJDSU7aDFROLcbg8cT8CABRlKxgBdfrlbYZrV3XMSLinXHP7WuXtMZxTGV2g7Ych-96DnsALJ_y8To-6ekb1aFKlbhSvLT-OdTqUvsAG-jVwPtlKZunszG6i8MVYks2uxvixRF19zEa1TvenApcL5Mhdoi9yKr4cWtsghXUs5hUSKapUxq0OZlpXjlnMtpzLSkqUyMbNYmHr9uQI4lU8JK6ZAxJQLoeyZWLh2vQFw7z25Q4JTpG6PZRGE5Li_wCtmFYzjYbYMpkZoyIyLnVCsXlSYM6hFmU4fRDmeEsl6afD04tAbF33uoBJo739Wz9uvq5xbe_X5aBirOymaawqL0Mw2V3glz-bjOxdtgcECYxhXaQVqgNmfKVdsVfrsgEU72yhK51w0XoK_aKXwGjsH1sMOmE3E8y32T5VWY29y8IBZ7TFnijWMtEJ3_WX8mRN74eup2QuxyPvA3VdjDrDtAuhLBoxlvt-wPq5HeE6DuhXJDCOZXno2FcxXN5UF76Csc5sOyQBD60uQM6P7VBLQ_MubB0RaKDYG4_ajq0x0mn8Rom2n15D9PrXs3B5FvjXe8orZzTgRIvWiAS7C9CMwep4pCnaaQdqXnQkhrGZ9XI4gVIv8X9FfbISZf5U9bvEUxRe25C1pHuBW-ShIMqWMIoFZTB6QzwJ3OvP0yA1he8wzuzZfP560U6jfKgDojA61O-Ip9Bnf-Z9OXHTOTi7acEctRNdAe4-seW82fboWxWzr6gGDXi05QvNmqreUrYa8BX8G8s2y54csvJ7Odusw2-wzRX49KVUr32i18iOQ-U2cPj4x91TWsdH4T46yPzBG6n9w1bT7FlWvL7qOkXURXQZA1R_Bw1D6sPmeNoXG9Nm7u1LKigRkDRz2rEqOTV8eDjJUYjXCDnOHn29I_pv7JmMyEE8IVnS8ytjMTODXytjfYOLYT5_CQV-rBcsThlY8XtyNe4SLYp7cjyEYr9vri7_gAIefWcdhPvS72siE6zz11jiCItSGM6E6A2GRi04yAnKfKKpQ31Z5Le8dW0fzgwaWMawmhvagAMyXYKA76xjdZYHO07YQUssfZI71JiGBmfrMZlYcgoB_GwUYOGSXwjF9D1kWVVgLMTMlYKGMOQHS7GN9ZPAq7rUnJCzTQVcc6lLmJ91uzlsMk3wJb1M1qAtS0dVFYRaJCzCSGTTBvmh-EuxDgRx-gAgUY-aAjjkO34Scm-eInThtNSIcx5RtywRnRtMhSn7VdYozlppvekM9dAWcYFqjTnjfY7xU1nrCxC1iM2tS3wxek8-nVyL2C8GeE1GofQLz3XNQdMu5wOkMwD3xS3W9uZjzaVKfo8mOto9pB9_68n9uPSfWwJ8Pu0Wva2MHag7dSCI-LJin-afRE7ZKuRkYh2cqlEhmVfXidh1-GPWYQo_-OqUkTqI7TxLld5nqgAPPARL64gg0YyHi35AwrwBD7NQ1Tgl_nVpo_pZijCrpIdCkrmNF9K_aSPoBF27sFXksCz9TzEmp3-DSfwQl9Xj9rQaHf9P15lLvETYIXJSCZ6aJJ89WHnti6_mnOajcfNu_eIYchi3PMPrto0aFO5s12BFd0zHGCETiqhdMxxowKmhlAX_1zQAb-C5NPpMiFZOU2nc-g5q_73Joz4sVE5F5j7U3tG8BVHIzmoZ4yH01JUfuVl5lSgEC2ngKDWJClUU5PrDt-IuwrS5SUOwgHYkYuFwFvsPsqr949nZZqJoA2BowsbfjWOCnKZOHRYP_mSpILU971DZsM8gAixWywNNelg25W1fpxplnjSXyrR4QrSS5D54ntlR5ExsBoEQGoDBX3zItHr7d2FOhc8S-WgS9HQQpSYb7JSs_Me1OmuVmdjZaOV5XJ_tEJyQXib9xY7ySubxQ2fd_thNwXZ63TncZ8csN0ZIZXPtYuFnbtZf1futwml76kYhCdJ99Mmh9TmNClB68OFGpIlzdKt6zvi3wIxXCkz7GdhHIOPGnfqNC0eztlX7ky_UqmiskyVeekMvX2LP8Vd_EcmW3CQMFpMpg8W6gdeFGVgpnPTO1&cid=CAQSTABpAlJWF_m_edtfBDDpzZDrN7fhsDjCFgR3UbyWPW9E0_5yLXFJC2w6L_n2bsh_hS_v9KDOnVF0qcKb1ngWCx-yYMpVFy3cE6gJSA4YAQ&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ds=l&xdt=1&iif=1&cor=16657268296117375000&adk=497053795&idt=105&cac=0&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da7f8222d3cbb5c3495963d53cda4860d4594ec9f6fe99cd7c5bbdd78148f088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43209
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3D94
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1

43 B
768 B

44ms
44ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLiL_vQBMAE&v=APEucNUMA9eo3G-0e64LGfUDfgKi-3nwfZIAF97Lj4ZZ6E5RetaO6N-1tFiY82HpNKZxUOfi91H58GTrsNA471rWNl54M9vlqZEYNHuRS8zzDVr-9V4izDdGp2JsPIGWCGUaEJRZOxGzlZojZTqJMKwqpGv91_bjmgs5k1Q9QxLg4C8yermjN8E
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMytS5AxbFqTJnBgm8UCxX2JYyb3ZouvrtCeymV5v7rr38WTRVVXSwdrycC4GAYBtzUyeAKaIBhNAyZ%2BRJmgYjXtlKS6yJWgloGRYVPCkJRV59KBR56Ri1MMrjMw7xiNWadpNRwpN5Kg%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80723148abf6b8fc-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3D94
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQSEGndQ1arKqetcfPJ-MwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1

43 B
735 B

41ms
41ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLiL_vQBMAE&v=APEucNUMA9eo3G-0e64LGfUDfgKi-3nwfZIAF97Lj4ZZ6E5RetaO6N-1tFiY82HpNKZxUOfi91H58GTrsNA471rWNl54M9vlqZEYNHuRS8zzDVr-9V4izDdGp2JsPIGWCGUaEJRZOxGzlZojZTqJMKwqpGv91_bjmgs5k1Q9QxLg4C8yermjN8E
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0H4x%2Bdf1OjYUzvtAbdR6%2B%2BcewKnWjhIsqAAJnZ%2Bji%2BnshUHYLCjAt0PkdAh9GIk6gueI2V3FAB0D2DsCnPs82yupytOpDkjqnID4xbM7f2UEyrcZtXk%2FPLbYIEdBoVeipaRkYVHCMEZtKA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 807231490c6bb8fc-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 3D94
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENkAdm4xgr74akrhb0A6c8A&google_cver=1

43 B
844 B

14ms
14ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENkAdm4xgr74akrhb0A6c8A&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLiL_vQBMAE&v=APEucNUMA9eo3G-0e64LGfUDfgKi-3nwfZIAF97Lj4ZZ6E5RetaO6N-1tFiY82HpNKZxUOfi91H58GTrsNA471rWNl54M9vlqZEYNHuRS8zzDVr-9V4izDdGp2JsPIGWCGUaEJRZOxGzlZojZTqJMKwqpGv91_bjmgs5k1Q9QxLg4C8yermjN8E

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:38 GMT
an-x-request-uuid: 9b30c040-d613-49bf-9e1a-15f46365e25f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 95.211.199.131; 95.211.199.131; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENkAdm4xgr74akrhb0A6c8A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3D94
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc1MzI5MDk2ODUzMzAwNTU1OQ%3D%3D

170 B
243 B

31ms
31ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc1MzI5MDk2ODUzMzAwNTU1OQ%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:38 GMT
an-x-request-uuid: b9027af1-c912-44d1-a63d-89002a08b14b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc1MzI5MDk2ODUzMzAwNTU1OQ%3D%3D
x-proxy-origin: 95.211.199.131; 95.211.199.131; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 631a2480b3d08269680f4be2 Show response
feed.avplayer.com/backend/api/playlist/ 5 KB
963 B 442ms
145ms XHR
application/json 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://feed.avplayer.com/backend/api/playlist/631a2480b3d08269680f4be2?AV_TAGID=632c400f6736d736c5787e64&pid=632c3dff8e62a32fb323cd86&cid=632c3ef859ddd85dcd3fc897&AV_TEMPID=6192229fa59e3976bb4400aa&AV_PUBLISHERID=632c3dff8e62a32fb323cd86
Requested by: Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=632c400f6736d736c5787e64&AV_PUBLISHERID=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: 37aeb49d50cc7ad2b8f41bec5329dedcf7d9084d38615b898bb7295e1157a035

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:39 GMT
content-encoding: gzip
vary: origin
x-hw: 1694794779.dop228.am5.t,1694794779.cds231.am5.hn,1694794779.cds321.am5.p
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www1.ihdstreams.xyz
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/8.3/v/ 808 KB
209 KB 75ms
17ms Script
text/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Requested by: Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=632c400f6736d736c5787e64&AV_PUBLISHERID=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: 59b670a84df3508560213c77e2fd3a5e24de1aff579ea069ff8b6df28cb1cf29

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:38 GMT
content-encoding: gzip
last-modified: Thu, 07 Sep 2023 01:12:25 GMT
etag: "1694049145"
x-hw: 1694794778.dop252.am5.t,1694794778.cds142.am5.hn,1694794778.cds018.am5.c
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 213489

GET
H2 200 track
servt.modoro360.com/ 0
98 B 361ms
105ms Image
text/plain 54.165.18.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?pid=632c3dff8e62a32fb323cd86&cid=632c3ef859ddd85dcd3fc897&cb=1694794778836&r=www1.ihdstreams.xyz&stagid=632c400f6736d736c5787e64&stplid=6192229fa59e3976bb4400aa&d35=&d65=Test1&d66=8&d74=&e=playerLoaded&cpid=631a2480b3d08269680f4be2&str=viewable
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.18.101 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-18-101.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:39 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
11 KB 317ms
316ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1340521495430263&correlator=104650845021428&eid=31075594&output=ldjh&gdfp_req=1&vrg=202309120101&ptt=17&impl=fifs&iu_parts=7047%3A22821132256%2Capl%2Caplmcm7047%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90&ifi=3&didk=1959687422&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dbd063ec55863db59%3AT%3D1694794778%3ART%3D1694794778%3AS%3DALNI_MYsAtUEO78mtPoXUEyGbfLOzpalJA&gpic=UID%3D00000c7620e6de67%3AT%3D1694794778%3ART%3D1694794778%3AS%3DALNI_MY5jC4skREVyosNFkqTz1gRYIAuDA&abxe=1&dt=1694794778899&lmt=1694787578&adxs=315&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&psts=AOrYGskz1_usk_apH66j-HpjBQEBXgwgHyqlSz51eqLOlC_Q&ga_vid=497659922.1694794778&ga_sid=1694794778&ga_hid=2116468713&ga_fc=false&dlt=1694794776467&idt=1711&prev_scp=test%3Drefresh%26hb_rfBid%3D0%26excl_cat%3DPREPOST&adks=135192340&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eebf42462640284e64748eb62bae1f23ec54850e90ad8da736321b4427bfc5db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:39 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11290
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www1.ihdstreams.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
11 KB 354ms
353ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1340521495430263&correlator=2762221600426384&eid=31075594&output=ldjh&gdfp_req=1&vrg=202309120101&ptt=17&impl=fifs&iu_parts=7047%3A22821132256%2Capl%2Caplmcm7047%2Ccube2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=4&didk=2675907388&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dbd063ec55863db59%3AT%3D1694794778%3ART%3D1694794778%3AS%3DALNI_MYsAtUEO78mtPoXUEyGbfLOzpalJA&gpic=UID%3D00000c7620e6de67%3AT%3D1694794778%3ART%3D1694794778%3AS%3DALNI_MY5jC4skREVyosNFkqTz1gRYIAuDA&abxe=1&dt=1694794778901&lmt=1694787578&adxs=1170&adys=601&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&vis=1&psz=487x24&msz=487x0&fws=0&ohw=0&psts=AOrYGskz1_usk_apH66j-HpjBQEBXgwgHyqlSz51eqLOlC_Q&ga_vid=497659922.1694794778&ga_sid=1694794778&ga_hid=2116468713&ga_fc=false&dlt=1694794776467&idt=1711&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&adks=1535134855&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6cc2c1a95a7e8f130b0257b067e966e330281842777e500714d217d2e88b022b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:39 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11461
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www1.ihdstreams.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
11 KB 332ms
331ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1340521495430263&correlator=2916281001289129&eid=31075594&output=ldjh&gdfp_req=1&vrg=202309120101&ptt=17&impl=fifs&iu_parts=7047%3A22821132256%2Capl%2Caplmcm7047%2Crich&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=5&didk=2675907386&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dbd063ec55863db59%3AT%3D1694794778%3ART%3D1694794778%3AS%3DALNI_MYsAtUEO78mtPoXUEyGbfLOzpalJA&gpic=UID%3D00000c7620e6de67%3AT%3D1694794778%3ART%3D1694794778%3AS%3DALNI_MY5jC4skREVyosNFkqTz1gRYIAuDA&abxe=1&dt=1694794778903&lmt=1694787578&adxs=166&adys=163&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&vis=1&psz=1019x0&msz=1019x0&fws=0&ohw=0&psts=AOrYGskz1_usk_apH66j-HpjBQEBXgwgHyqlSz51eqLOlC_Q&ga_vid=497659922.1694794778&ga_sid=1694794778&ga_hid=2116468713&ga_fc=false&dlt=1694794776467&idt=1711&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&adks=3228686164&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09d0e69094559926ae000e4e09b7b29a73a7608b401440fd64794f7f5638a4f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:39 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11061
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www1.ihdstreams.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 142 KB
44 KB 371ms
370ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1340521495430263&correlator=4065421317544309&eid=31075594&output=ldjh&gdfp_req=1&vrg=202309120101&ptt=17&impl=fifs&iu_parts=7047%3A22821132256%2Capl%2Caplmcm7047%2Csky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=120x600%7C160x600%7C300x600&ifi=6&didk=2675907384&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dbd063ec55863db59%3AT%3D1694794778%3ART%3D1694794778%3AS%3DALNI_MYsAtUEO78mtPoXUEyGbfLOzpalJA&gpic=UID%3D00000c7620e6de67%3AT%3D1694794778%3ART%3D1694794778%3AS%3DALNI_MY5jC4skREVyosNFkqTz1gRYIAuDA&abxe=1&dt=1694794778904&lmt=1694787578&adxs=1260&adys=641&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&vis=1&psz=487x24&msz=487x0&fws=0&ohw=0&psts=AOrYGskz1_usk_apH66j-HpjBQEBXgwgHyqlSz51eqLOlC_Q&ga_vid=497659922.1694794778&ga_sid=1694794778&ga_hid=2116468713&ga_fc=false&dlt=1694794776467&idt=1711&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&adks=2270408103&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39b005c90a6bae6b19c7c6ad543b71cb9259e9fbc51025bc84c5a424dc0a9dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:39 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44966
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www1.ihdstreams.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1630069/73568031/ Frame 559A 249 KB
75 KB 133ms
39ms Script
application/javascript 18.200.74.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1630069/73568031/skeleton.js?ias_dspID=3&ias_campId=1014045034&ias_pubId=&ias_chanId=1&ias_placementId=20436341973&bidurl=https://www1.ihdstreams.xyz/&ias_dealId=&xsId=ABAjH0gzM-NfU6Jrlshn66lGlScB&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gzM-NfU6Jrlshn66lGlScB
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.74.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-74-55.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6e62408fd9afbd35c8815924da942b59c6c160a0a93d59e741e23f85dd638b1d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 559A 111 KB
39 KB 109ms
21ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
Origin: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:19:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79224
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Sep 2023 18:19:15 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/elements/html/ Frame 559A 11 KB
4 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CIc2iL2TFHUsjNsTY6sYLmqrzdoUbinkBjZuXot7gskMBs9rjKXOdhJKmBycQt0rdcDJlHjU0zTK5R0cqgrGsDsAqzF4inzUbdq4-FiZVLnHKhBcXa1XgIJ3rwQQ7QfbLXPoWTBdjCwe7cEVrflhG4obiV0cQtk6pQQ4CwJOkh3e1qfBI&dbm_d=AKAmf-D-WCNSJIVZVbYOuEYbNS32f1X4EeSgCiLldvR7YFEsq_JE_1aRapw5z_pWkVDT3CS95qc-KMEMwxPuw0_oebrWxiysVAWoPc6DwgSpOBhPGVxsZIq64IEosCHYaVNtzDJTv04WXnZHNIqYLSfa7c0qoZTbOG3JOje-U1uzScrHItblkj6y7Xxd6UOZ4K7U8709tSO3u9SyoKttnDCDSuS_oJN-VkY-Wy3cZSakfSkvxXvccG0XmzUruZQACvFEpOn_aeK44G3u5Gynr9NbZ0DaS8bi_1_ovDiGuLuXvST8UUsIwY2lPxwIpqswRKOiwEjuVujWVtYDY9aBCE4kXM48yYv-3WNMIP_m_oSfKFKOnqybxWfbupU4QoT8N2x-F0olLDdGrq8EJeGv-seTG_tIHCR_lqmFjvGFc6TNd0aEkNf4kiijiBkuG7PhsEuokpQo95StpYqut9zptdeQ9cvZer5p45-VnfkAy70TJ-kwJaaSNi_Rda0zX6XxWd7-lqK_g9Cho_fi78MJ3aGoh3MUvAKdGat3gbVvZF7NxZ1WoHDJyJTw-cKcmVX8IVf5yC1dWnlwHLMpAitQvOXMZ4S_20y1FludVc63uzAYUUW9wx9nzG8RPhjTjsL0A9TP7zfyeRnxNRuQ9uN1Qh1nW94RhvYODlwDxl5kj0UKw8_GHBG-8uL9oWlLcsbuc_T6P_dun1r8khYJTAKUMbRtDZbpeEUDJdrruQW5F5jHVxWvxaQb9GCMSVBmvfsfFOFdzfpHRhS9lOWIvwH75f1tM_4nL8I_iv0wdt2dERd2hmb1T7xvNV89TbISI6ZTMO1Sx3wFji3paZ0lh-MzgZwJ7PmTVpARTwaN9Mw-S6vl0m1rzkeKofqBFI5vvdKfcmE0AT8GsaWPJZ8Kha9xojvOUkRVrRpXawD1fHIUgULqRxn4jMfyNlaoaEjyIn9_i_jmHHsVvtgV9LzGuzmJuVyGWfqODA5l5mtX59HJVuQPlJJuUGY_IsOKbU0mdy7Gp_rv-mrH0-78SOkLE2Gf7aAL5415MeOH5DSbuu1u-eYrkTyH9dGtXCNa5J1ivSRaz5R7w7HapdGP38m1SrIzy0IoHtnA4XkIjHL6f90N_81WliamXhTGUdbxEUAZVZkq2Cs_86OUzag46y6OWMfkjaFqDGCKvSpMq7mct5sUp2uN5iWm51knIXHkn-xPMxNnBwBoTGDYBx_ZKxorFnIb_AqJVbieFw5_x1iDFJ-rA1So9ES9MZ3_WpXtDrsOYSjT_zNLtJAWinqHsTWzkL1FQAkHtdlt6fc2ddm6PeuB8xRQppKC22RIaoYohBWJhGw4SeRZqgzbARbtIEzEhMl3VclkUXUnhF5uskQbF4phu31kpHpJbkndiZP927UP0N07XLSL8uGoNhFMvTyib0kqjLg7CzqjV7nmQzaC3FwvGM-3WWB8Gl94uJuqeQPE7xjwadWYiS6ndiUXkeK6NaITanl3P7oxYdxPGY094ZcLXN_VbISIfzCkCiqAqRJG-BVcJqz-Ber2u3CPO-qw6d-QHfAWaEZCzUXfYrywZEvl4G8PLFyReAB5sSk39iS5yFRD8EfWA3I3mz7TZQkeN9UUTWjYGRalMwPQYyWR3IU9dkzv8PSzKq5fPmF-FmmBQJ4UHTmCT0cXOdHIwEyUvSwo1dtTnO-XxdlK0Lw6wFV5oFhy7BCqlf1hPTisyTnN0S_npFzB2ct34kC7mEg73kWn9LmacqApq_DQXF9n3aoNhx_Zhnve1NHdNPpR-CFSOQ3oJ0EygcGyLl5LBj7VlxuATqc9d-6CAiuYMEWpEg68xwWrZ0KHydCwGi7FGRge0ozXyUhiwHxKJDSU7aDFROLcbg8cT8CABRlKxgBdfrlbYZrV3XMSLinXHP7WuXtMZxTGV2g7Ych-96DnsALJ_y8To-6ekb1aFKlbhSvLT-OdTqUvsAG-jVwPtlKZunszG6i8MVYks2uxvixRF19zEa1TvenApcL5Mhdoi9yKr4cWtsghXUs5hUSKapUxq0OZlpXjlnMtpzLSkqUyMbNYmHr9uQI4lU8JK6ZAxJQLoeyZWLh2vQFw7z25Q4JTpG6PZRGE5Li_wCtmFYzjYbYMpkZoyIyLnVCsXlSYM6hFmU4fRDmeEsl6afD04tAbF33uoBJo739Wz9uvq5xbe_X5aBirOymaawqL0Mw2V3glz-bjOxdtgcECYxhXaQVqgNmfKVdsVfrsgEU72yhK51w0XoK_aKXwGjsH1sMOmE3E8y32T5VWY29y8IBZ7TFnijWMtEJ3_WX8mRN74eup2QuxyPvA3VdjDrDtAuhLBoxlvt-wPq5HeE6DuhXJDCOZXno2FcxXN5UF76Csc5sOyQBD60uQM6P7VBLQ_MubB0RaKDYG4_ajq0x0mn8Rom2n15D9PrXs3B5FvjXe8orZzTgRIvWiAS7C9CMwep4pCnaaQdqXnQkhrGZ9XI4gVIv8X9FfbISZf5U9bvEUxRe25C1pHuBW-ShIMqWMIoFZTB6QzwJ3OvP0yA1he8wzuzZfP560U6jfKgDojA61O-Ip9Bnf-Z9OXHTOTi7acEctRNdAe4-seW82fboWxWzr6gGDXi05QvNmqreUrYa8BX8G8s2y54csvJ7Odusw2-wzRX49KVUr32i18iOQ-U2cPj4x91TWsdH4T46yPzBG6n9w1bT7FlWvL7qOkXURXQZA1R_Bw1D6sPmeNoXG9Nm7u1LKigRkDRz2rEqOTV8eDjJUYjXCDnOHn29I_pv7JmMyEE8IVnS8ytjMTODXytjfYOLYT5_CQV-rBcsThlY8XtyNe4SLYp7cjyEYr9vri7_gAIefWcdhPvS72siE6zz11jiCItSGM6E6A2GRi04yAnKfKKpQ31Z5Le8dW0fzgwaWMawmhvagAMyXYKA76xjdZYHO07YQUssfZI71JiGBmfrMZlYcgoB_GwUYOGSXwjF9D1kWVVgLMTMlYKGMOQHS7GN9ZPAq7rUnJCzTQVcc6lLmJ91uzlsMk3wJb1M1qAtS0dVFYRaJCzCSGTTBvmh-EuxDgRx-gAgUY-aAjjkO34Scm-eInThtNSIcx5RtywRnRtMhSn7VdYozlppvekM9dAWcYFqjTnjfY7xU1nrCxC1iM2tS3wxek8-nVyL2C8GeE1GofQLz3XNQdMu5wOkMwD3xS3W9uZjzaVKfo8mOto9pB9_68n9uPSfWwJ8Pu0Wva2MHag7dSCI-LJin-afRE7ZKuRkYh2cqlEhmVfXidh1-GPWYQo_-OqUkTqI7TxLld5nqgAPPARL64gg0YyHi35AwrwBD7NQ1Tgl_nVpo_pZijCrpIdCkrmNF9K_aSPoBF27sFXksCz9TzEmp3-DSfwQl9Xj9rQaHf9P15lLvETYIXJSCZ6aJJ89WHnti6_mnOajcfNu_eIYchi3PMPrto0aFO5s12BFd0zHGCETiqhdMxxowKmhlAX_1zQAb-C5NPpMiFZOU2nc-g5q_73Joz4sVE5F5j7U3tG8BVHIzmoZ4yH01JUfuVl5lSgEC2ngKDWJClUU5PrDt-IuwrS5SUOwgHYkYuFwFvsPsqr949nZZqJoA2BowsbfjWOCnKZOHRYP_mSpILU971DZsM8gAixWywNNelg25W1fpxplnjSXyrR4QrSS5D54ntlR5ExsBoEQGoDBX3zItHr7d2FOhc8S-WgS9HQQpSYb7JSs_Me1OmuVmdjZaOV5XJ_tEJyQXib9xY7ySubxQ2fd_thNwXZ63TncZ8csN0ZIZXPtYuFnbtZf1futwml76kYhCdJ99Mmh9TmNClB68OFGpIlzdKt6zvi3wIxXCkz7GdhHIOPGnfqNC0eztlX7ky_UqmiskyVeekMvX2LP8Vd_EcmW3CQMFpMpg8W6gdeFGVgpnPTO1&cid=CAQSTABpAlJWF_m_edtfBDDpzZDrN7fhsDjCFgR3UbyWPW9E0_5yLXFJC2w6L_n2bsh_hS_v9KDOnVF0qcKb1ngWCx-yYMpVFy3cE6gJSA4YAQ&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ds=l&xdt=1&iif=1&cor=16657268296117375000&adk=497053795&idt=105&cac=0&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:51:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 18:51:15 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 559A 30 KB
11 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11585
x-xss-protection: 0
server: cafe
etag: 30886230758233217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:54:17 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 559A 41 KB
13 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:19:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:19:15 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1FCE 22 KB
8 KB 21ms
20ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 152524
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 21:57:35 GMT
expires: Thu, 12 Sep 2024 21:57:35 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/955163022351803370/ Frame 80E9 5 KB
2 KB 78ms
22ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/955163022351803370/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e315702c9965bdfe33cbd7906797e7151bb2b76bbb71293cc2d2156cfb86fcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 157102
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2116
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 20:41:17 GMT
expires: Thu, 12 Sep 2024 20:41:17 GMT
last-modified: Wed, 30 Aug 2023 12:00:53 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 t8GibRNARgYsE0Sx_-jM8Z9WBbCCL83x92A0C_FtaJU.js Show response
pagead2.googlesyndication.com/bg/ Frame 1FCE 37 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/t8GibRNARgYsE0Sx_-jM8Z9WBbCCL83x92A0C_FtaJU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7c1a26d134046062c1344b1ffe8ccf19f5605b0822fcdf1f760340bf16d6895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14716
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Sep 2024 19:44:10 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 559A
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1630069/73568031/4.js?ias_dspID=3&ias_campId=1014045034&ias_pubId=&ias_chanId=1&ias_placementId=20436341973&bidurl=https://www1.ihdstreams.xyz/&ias_dealId=&xsI...
https://static.adsafeprotected.com/4.js?xsId=ABAjH0gzM-NfU6Jrlshn66lGlScB&ias_xappb=&adContainerId=brand_safety_GoQEZZTlM9SY-gbI3YyACQ&cbFunctionName=goog_wrapCb_GoQEZZTlM9SY-gbI3YyACQ&true_pb=

1 KB
1 KB

184ms
112ms

Script
application/javascript

2600:9000:2246:f400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?xsId=ABAjH0gzM-NfU6Jrlshn66lGlScB&ias_xappb=&adContainerId=brand_safety_GoQEZZTlM9SY-gbI3YyACQ&cbFunctionName=goog_wrapCb_GoQEZZTlM9SY-gbI3YyACQ&true_pb=
Requested by: Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:2246:f400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 04:09:26 GMT
x-amz-version-id: R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding: gzip
via: 1.1 240ebea27618238384903016b8e84168.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
age: 303013
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 08 Aug 2023 19:01:30 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: ePFdMdZOSkAHs7Cd2uVC7WG7IKOpAyepWciYCXDZNOaeiMVa-wBJLg==

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
server: nginx
x-server-name: app03.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?xsId=ABAjH0gzM-NfU6Jrlshn66lGlScB&ias_xappb=&adContainerId=brand_safety_GoQEZZTlM9SY-gbI3YyACQ&cbFunctionName=goog_wrapCb_GoQEZZTlM9SY-gbI3YyACQ&true_pb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 8AD6 91 KB
92 KB 155ms
45ms Script
application/javascript 2600:9000:2246:f400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2246:f400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 20:43:31 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via: 1.1 240ebea27618238384903016b8e84168.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
age: 4217769
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 93606
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: "1f3488247c90bb5de253d3d0cb3b7458"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: R0YoCmpHcaD6-hj5hyphyWVZuUIGyjeojIlZnIft6RcNAk00jr406w==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 559A 43 B
215 B 343ms
111ms Image
image/gif 2600:1f18:1aca:4282:fb64:6350:439:4507
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1630069&asId=cce5aeb4-1f61-bf67-4d16-a7e57362b064&tv=%7Bc:oiWOvk,pingTime:-3,time:45,type:v,im:%7BpBlk:37%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:45,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B39~0%5D,as:%5B39~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tPWyaXv+11%7C12%7C13%7C141*.1630069-73568031%7C1411%7C14121%7C1413,idMap:141*,rmeas:1,rend:0,renddet:IMG.us,siq:20%7D&br=c
Requested by: Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:fb64:6350:439:4507 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 559A 43 B
215 B 339ms
112ms Image
image/gif 2600:1f18:1aca:4282:fb64:6350:439:4507
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1630069&asId=cce5aeb4-1f61-bf67-4d16-a7e57362b064&tv=%7Bc:oiWOvm,pingTime:-6,time:47,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:47,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tPWyaXv+11%7C12%7C13%7C141*.1630069-73568031%7C1411%7C14121%7C1413,idMap:141*,rmeas:1,rend:0,renddet:IMG.us,siq:20%7D&tpiLookup=ao:www1.ihdstreams.xyz*%2Ca0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com*&br=c
Requested by: Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:fb64:6350:439:4507 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 80E9 236 KB
63 KB 119ms
31ms Script
text/javascript 2a02:26f0:480:f::213:7edc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/955163022351803370/index.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:f::213:7edc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:39 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Fri, 15 Sep 2023 16:34:39 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/955163022351803370/ Frame 80E9 130 KB
29 KB 24ms
24ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/955163022351803370/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/955163022351803370/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7a5f34bfc3b16b958a632b06cd33df8321a9a255386eaabe240ec4e3dd9061a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/955163022351803370/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 03:12:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47244
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29715
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 12:00:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 14 Sep 2024 03:12:15 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 559A 43 B
216 B 315ms
111ms Image
image/gif 2600:1f18:1aca:4282:fb64:6350:439:4507
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1630069&asId=cce5aeb4-1f61-bf67-4d16-a7e57362b064&tv=%7Bc:oiWOvM,pingTime:-2,time:73,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:442,beZ:443,mfA:445,cmA:446,inA:446,inZ:449,prA:449,prZ:456,si:462,poA:463,bl:479,poZ:479,cmZ:479,mfZ:479,loA:489,loZ:492,ltA:514,ltZ:514%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:320.480,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:73,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B67~0%5D,as:%5B67~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tPWyaXv+11%7C12%7C13%7C141*.1630069-73568031%7C1411%7C14121%7C1413,idMap:141*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:20,sinceFw:51,readyFired:true%7D&br=c
Requested by: Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:fb64:6350:439:4507 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
server: nginx
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 container.html Show response
a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 614D 6 KB
3 KB 26ms
25ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 16:19:38 GMT
expires: Sat, 14 Sep 2024 16:19:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C1F6 6 KB
3 KB 22ms
22ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 16:19:38 GMT
expires: Sat, 14 Sep 2024 16:19:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E147 6 KB
3 KB 23ms
20ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 16:19:38 GMT
expires: Sat, 14 Sep 2024 16:19:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 large-poster.jpg
content1.avplayer.com/60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/ 17 KB
17 KB 39ms
19ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content1.avplayer.com/60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/large-poster.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 9f66145fbaf681859fb04fc4cdedf358806d85dd27355199545b97db90d48829

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:39 GMT
x-guploader-uploadid: ADPycdvzYWzyWNHUDEFus-soAvgw8ATVKe3zogdZAWlnKMo7ktt9tmb2P42zP_B0l2B-1p4kjSO8J6pMk_Do8P3b7a4Xgtw8bTLe
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 16959
last-modified: Thu, 08 Sep 2022 15:38:37 GMT
server: UploadServer
etag: "0ee97d2dcd219d582aee0cecbb70cafd"
x-goog-generation: 1662651517684609
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=SZ/7Cg==, md5=Dul9Lc0hnVgq7gzsu3DK/Q==
access-control-expose-headers: Content-Type, range
cache-control: public, max-age=2592000
x-hw: 1694794779.dop252.am5.t,1694794779.cds142.am5.hn,1694794779.cds310.am5.c
x-goog-stored-content-length: 16959
accept-ranges: bytes

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 92AA 477 KB
128 KB 124ms
31ms Script
text/javascript 2a02:26f0:480:7b5::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:7b5::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 4158b54efdf08733aa711bb66fd92ae8f1e135acfe926388252906e72bf569cd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:39 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdsrQENbWcqB-jKrqLB7jLdJKCMH1ZnJagXyjtCM6fd27R7-PI4x_QK53D3z20fUtxYk2ncnhj7dsWIqqzBuL6FnFZg2t-ZC
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 130821
last-modified: Sun, 10 Sep 2023 07:15:19 GMT
server: UploadServer
etag: "a981673a6bc736049f2fc6ef8d6007c6"
vary: Accept-Encoding
x-goog-generation: 1694330119286271
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=WCzQPg==, md5=qYFnOmvHNgSfL8bvjWAHxg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 130821
accept-ranges: bytes
expires: Fri, 15 Sep 2023 16:29:39 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DF02 624 B
242 B 85ms
84ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkdrzwgEwAQ&v=APEucNUPQIZWlxwO0pfl-5tSfXJPM3KAXT5VFsHeQGbN4IjVlT8a9YE7-FUEFWjj6zztH8FR8hwdHOSuL4hQACYY35hCX61czjqjXtOW61x4hoJ6DhyBTFPsZLv3NoU2wgkNjVno5IaTA7PIfbGIGdLMCVxlo3puD-_BtHK-dgY1YjxppiRBxmc

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 16:19:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 614D 89 KB
31 KB 131ms
131ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31438
x-xss-protection: 0
server: cafe
etag: 13183557946744512263
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:19:39 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 614D 42 B
63 B 127ms
126ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AaPXWMPLYI2bmP4fSHsGvr3Fdzn3ApyxIHgH5lYCXbDMPHmZMblJtIPc-c8_qfi_4lc-ItowSe00keOMVf0KWrroqshShNNy9r7FH3S4WP0Li0YyA

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 614D 0
20 B 128ms
127ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6541534122872018636&x=1&ct=76

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 614D 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 11:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17988
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 11:19:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 614D 20 KB
8 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73970
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:46:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 614D 0
0 33ms
32ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRrhbzMSJv21PursvGBxkpkZ_n6Ve8tsaP4GO4E1lqu6F8GtyPDzbRhcH_TGaHt-xTpKphjD4gNF4hUHc-SatwTmpHSUA
Requested by: Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 614D 182 KB
57 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:19:39 GMT

GET
H3 200 container.html Show response
a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E441 6 KB
3 KB 27ms
27ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 16:19:38 GMT
expires: Sat, 14 Sep 2024 16:19:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 206 Yamkarish.mp4
cdn-adipolo.urekamedia.com/test/a92a53cfdb1b435a8/ 880 KB
881 KB 191ms
48ms Media
video/mp4 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-adipolo.urekamedia.com/test/a92a53cfdb1b435a8/Yamkarish.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b69aa3b1ddab3889f728d1e9f06b11390eaabacf8244bca766525354e55bd915

Request headers

Referer: https://www1.ihdstreams.xyz/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Range: bytes=0-

Response headers

x-77-pop: frankfurtDE
date: Fri, 15 Sep 2023 16:19:39 GMT
x-cache: HIT
x-77-cache: HIT
Content-Range: bytes 0-900871/900872
x-age: 781826
x-accel-date: 1694012953
Content-Length: 900872
x-77-nzt: AcO1ryfx+tH/Au4LAA
x-accel-expires: @1695049753
x-77-age: 781826
last-modified: Tue, 06 Sep 2022 14:19:18 GMT
server: CDN77-Turbo
etag: "631756e6-dbf08"
x-77-nzt-ray: 25b02131b7f3aa961b840465fab3d424
content-type: video/mp4
access-control-allow-origin: *

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 63C7 624 B
242 B 83ms
81ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGJjN8OwBMAE&v=APEucNXDRGU1PFsdvmXsqMAfJO-UUMyoT-iLAijto935-5bi27X4dP11P4TP7QRP9NEQ22ZgxqV1cCtyGeerFMqx2CJexpxYemSSy1y0IGaRB8RT3xZd74WSK9jYSI_nXsynpH0IrKIcvxFlroF6Ldq1dIm_LGWGIi_59e6XPpkJP499BR8MNKE

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 16:19:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C1F6 89 KB
31 KB 176ms
174ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31438
x-xss-protection: 0
server: cafe
etag: 13183557946744512263
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:19:39 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C1F6 42 B
63 B 136ms
134ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DyPBFYW-6L_KAg-OVJWKmtNrpIwh9ZiRqIdaq4H1qfAstP1xEo_3V0Z87Gzf3mIJw6xZDxQkimLhNthuNIXQ9PC5tHeHFEJwhikDxJu4H3YrrSdoA

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C1F6 0
20 B 137ms
134ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4403843139148175380&x=1&ct=76

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame C1F6 3 KB
1 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 11:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17988
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 11:19:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame C1F6 20 KB
8 KB 35ms
33ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73970
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:46:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C1F6 0
0 42ms
40ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTG6_xaByPmCmotLgYGWnU4VmaoE4IcWVQkL6_y_pDOvS1V4bP8RS2fxKAD93xqGp7E1uLlgETgY0utd3eLEd_7yB1r5w
Requested by: Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C1F6 182 KB
57 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:19:39 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D2A1 624 B
242 B 81ms
78ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGL_tr-kBMAE&v=APEucNUMPyQUATR9BZGA-VVNF8nhD--BIjiHbRn0kPA9mogYVyjsAY9ss7zrxnPWI8T-9M0y10NJAD0DI_YOMDkn8Bl1groMawWoYFFg4yHQYDaEkaAnuEl2mcz3SJxnswuKjgHxEJtQs7uWYv8AgonOw2PxktLSdrPq-0L1zLaHN5e2DZltbYs

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 16:19:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E147 89 KB
31 KB 220ms
220ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31438
x-xss-protection: 0
server: cafe
etag: 13183557946744512263
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:19:39 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E147 42 B
63 B 130ms
129ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CLg_2YY7-IG-nZgAMz3wRsp8A4eBOKOKlUh6lhK4YPAZg6Co6n2HjTmgTi-RiqW-XK3fccJI9ESVaVsEuFfzU1pxfxIuHZKXH7Zf-BhMPuFoyN7ig

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E147 0
20 B 131ms
129ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12879024382310301654&x=1&ct=76

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame E147 3 KB
1 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 11:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17988
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 11:19:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame E147 20 KB
8 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73970
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:46:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E147 0
0 37ms
35ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1yOv26zGl41gGGs8yb0H55fQlIMitGbcmr5jFclCIog7La52CYdjFB0m-sGe3cVU351T8u6E4m1Q8WkGpeKMj9S76zQ
Requested by: Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E147 182 KB
57 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:19:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 132ms
132ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309120101&jk=1340521495430263&bg=!wcKlwo3NAAZQjyUVcI87ADQBe5WfOFKUGoyX8Qmo-gVPPqdBY0XZ7oWaL2-pLwo0pH2fIjdgwhT1O6qJl4nnQimAXhnnAgAAADpSAAAABWgBB5kDFfEYuc6ID10r69hAKYSInkkEXHZkvPay9C_euLc58KIWhIoyAl5eBG2_uxegiNOYSIu8W4G1kF2MG1it-T2ec8VFT3jCgVc9dsOaTuhi4N4zR0ifD_XGB_rO7pHTID1Dt7a8CL4vBe3Z999T1hAMg8_iyp7oBLQrViXXlqkC6KQvZzlhrc5k9muOzNnk7pPiHLlG9_pPRY4ys4-Ux0l4mkZz00lJHry1LiABMS5ArLlStBTazGKKdOi5pDKgKnsFCNLsGQisumz-B7hI1gvr3xujPjELO1TKCSaY2hJ1S3EeK5schR8ej2fS3JlH_gQSVdQTayVzx0c1b5RZDaMfEqKwhg3kb8yZ4aF396OY01mJ4JoX20ZkFU9I36i3DDJqJwDQAzdtWiCBHtXf3UoJEWpaBktRhPlJDv6svNN7HZOWc1dELRvOAG-nvHjQ44XX8ejPZRdAZJTMkxlVuiZYYsPSyb101-K_Vzww_9dUkJGcNC5_A5vxO4htAL_f7is_oaZoCbFdIcEA47GD61Z_awHTQjyF8kRaAsZAC10zfirCrq7URDu-nrpG7B7EWTkfXEnoxJnaRPlLpPReO5xLOIuky07K5M68yVXqtWr9-ZjNX2C02BJv3H-vgDIR52rG5Q_nRzOWj5A7RUrmLIJ74KdZ9NZ9Rx7WuEerIDT1w3lOGzhw3NSBdmUI9r_XN5Ue_At-rS4zDnuqnsmfbKBcW1Xoj40slE9PbJkKia5V1bjE_21izy8qSBuvmPtKcio7-wV2uA4Ffc5LU7HnFbBwHDI4PAKUIReqjvN-KahFjp_yVXk5ic1SossuelctYuyqNbRedWerWeGUdZzO9pVcsBMOXHxwc9MFc9DYyYlI8zy8O8WoUkTEdBKF1rGdQaPeZkrbpvqVk3X9x8zXiyhTmdeQwzw-IqXrQIxSTxCrmc_NwIh9n8SIudKsJGk-YlkrRZh7RrOF8WYwugYHhPoPm63muj3BpxGL3MDMZZhTrFnGqWnKaVApixCQ5NwrEHlbGkutikAeCZgnEwVnPcAU1dyEt5FNtQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 113ms
59ms Preflight
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CgTggGoQEZZyrOpeN7gONw4egDdbgpOly2fG35_4RtsK-3oUCEAEgudvzJmCVkq6CtAegAbfa3NoDyAEJqQKHagKEr9-xPuACAKgDAcgDywSqBI0CT9ArHKbSMGPMuMFsD7GmfEoiG2j_imIz4QPUqYESMEfXhT3x36X5m7t03nOQkN74A5eemuzP5wff2TbHb1pnoMIWk3oD8_cKNgKjYYosqcXX1qCy2yYBPVQMxaOiMK5j-5B6gjhzX_1Hs7b_xK2FOn_sZNQipsTQi4ETnIMQN_w8xKpf7qYj0YsN9QV8n9L06gVhX5j2WNtS-hWpHkimhbkbMNPdjoYt7PyP4NCpVscl9qKc1SWoAqJ59_FEepOVx8VRhA3INBBM-P4srA7-NAFw8h1XuP-9s_3rgcG69q25qDwXm22rB5ex0Lkl7ux54h2jiI0kzr95wVBGUNl4YulEDy6oFM-cVYxlbYDABJCv7cSXBOAEAYgFt5-XwECSBQQIBBgBkgUECAUYBKAGLoAHsaWjJagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEInCDNIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCWxodHRwczovL3d3dy5kZWhuZXIuZGUvbWFya2V0Lz9lbV9zcmM9a3cmZW1fY21wPWdvb2dsZS9ub25icmFuZC9ERV8wMDNfTWFya3QvREVfMDAzX01hcmt0X1BtYXgvbG9jYWxfY2FtcGFpZ26ACgPICwGYDLqWm43sA7gTgwTYEw7QFQGYFgGAFwGyFx4KHAgAEhRwdWItNjczNjI1NjQ3MzIwMjczMxjkww4&sigh=PJiEN9BHlkM&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJW1fEA8DqSpZea85N0yiCSFmPuKLqTgLR7ohDvWdhvS-iLH4wSD676nK8DRP0ifO1xF-7X0qamMBgB&template_id=515&nis=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 15 Sep 2023 16:19:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame E441 14 KB
1 KB 44ms
43ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Sep 2023 16:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 15:17:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Sep 2023 16:19:39 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame E441 2 KB
892 B 24ms
24ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73970
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:46:49 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E441
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CgTggGoQEZZyrOpeN7gONw4egDdbgpOly2fG35_4RtsK-3oUCEAEgudvzJmCVkq6CtAegAbfa3NoDyAEJqQKHagKEr9-xPuACAKgDAcgDywSqBI0CT9ArHKbSMGPMuMFsD7GmfEoiG2j_...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229938857740687414714%22,%22debug_reporting%22:true,%22destination%22:%22https://dehner.de%22,%22event_report_window%22:%222...

0
0

107ms
55ms

Fetch
text/css

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229938857740687414714%22,%22debug_reporting%22:true,%22destination%22:%22https://dehner.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22995568951%22],%224%22:[%2209-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226516529460218006001%22}&andc=true

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:40 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"9938857740687414714","debug_reporting":true,"destination":"https://dehner.de","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["995568951"],"4":["09-15"],"6":["true"]},"priority":"500","source_event_id":"6516529460218006001"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 16:19:40 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 15 Sep 2023 16:19:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9938857740687414714","debug_reporting":true,"destination":"https://dehner.de","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["995568951"],"4":["09-15"],"6":["true"]},"priority":"500","source_event_id":"6516529460218006001"}&andc=true
access-control-allow-origin: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame E441 23 KB
9 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 06:49:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 06:49:39 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame E441 3 KB
1 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 11:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17988
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 11:19:51 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1AAB 1 KB
643 B 28ms
25ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 74130
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 19:44:09 GMT
etag: 48472445140208031
expires: Fri, 15 Sep 2023 19:44:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame E441 20 KB
8 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73970
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:46:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E441 0
0 42ms
40ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ6z4agy7qntEwjkOv6sC8xVAmLBn0tz990bUUnMZ_WBJDW3Se6Q-48pEKjnVp-GakzTXVhxpbP1mdsZikZzi2VL-qvvQ
Requested by: Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E441 182 KB
57 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:19:39 GMT

GET
H2 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame E441 36 KB
15 KB 125ms
32ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 17:48:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 17:57:26 GMT

GET
H3 200 index_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/955163022351803370/images/ Frame 80E9 130 KB
130 KB 24ms
24ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/955163022351803370/images/index_atlas_NP_1.jpg

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18885f689962e44a3391fec89f618dd64153567faba3bcb0bd83b63957611de0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/955163022351803370/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 03:12:15 GMT
x-content-type-options: nosniff
age: 47244
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133314
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 12:00:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 14 Sep 2024 03:12:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1FCE 0
20 B 137ms
137ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwOxkGoQEZZTlM9SY-gbI3YyACQAAAAA4AeAEAg&bg=!fn2lfTLNAAZQjyUVcI87ADQBe5WfOIi-4keNQfKIwP2KHma5yPLcXgl_ofyTl0rZuXpUQZutHGfybH7NTaUFY5_EkIhdAgAAAWNSAAAABGgBB5kDke5nEpuk73rgBZVao0neiyI4Zh-QTVaTAfghPTgfNRBjU_YXP0kF1EGznoKuNzv-wcvhyqXQ6JqN_sF9ThtZILdhUKuMtP5dgIxZV_QvKJ4J0s6lRUdXb7e7adqPug7X1rn57cHs1_Qke77jpTjnd1E0ptx80MBASFHViZG1HPdBH56Da9Dg5XIXJUa2uGSsJTIKI7lDCc9zsKhsd513YgI3sQjCc47OBG7QQI0Y5UwL6vKfsCRizNIMIFJ5IvRIo0inHVzC6J2b2UAI_cMDkNYs1GbQbmvW2w-7oajuIMC6kzLCPYWVknRqy9WldeuYkYUzzk3KI9SdPMEtj14ObJGexIoabnFjDYKVkatmcCxD2DjxJI8i57jEj3_5Xml6P8wF14V0BlGOxWLphhK9DPpR1kkXmElMXoCqD9VWUIG32NZgN0pPwIzGspwdk23FjyVgjIaBAcK-HwkQ_knmjS3Seits-Iv_ttE-mnXx44Lvlqi7acyVml5AVVR9K3ArnrgXw-Nq7YsVZaT7-0tChzkhdvJltAry_rQK5DZPQ1IHBurkahhsGQh3iMx_aJWq99eBefqLmufcLZNupz7fF4tKFWU8JXEgSWlFbXllEiCzAVW-7WUMe0uTltvrVLSUmRs7PVtOh0O5HaFAod5jsGPHZap88zgl-4D8k6IVsFlLyJx7BhswKaF-CWWor7E1BTXN7Stg7W3CB_Vs56LGxiwfrkBYGq0-uoCDk8i5qy_9-JiLn370uNlYWXmS47ZzYvZbS0qf5Cf3DTqPsCJ5b5QJqMVHhXCRWQ2IMwrlWxE_cY3eRE3gmzC4ExU1UFE5ULdo5RzFp6egH5mPjUYi4gUm7iRVNeeCFW7G9QDWMl4lpaeVDNQWUSd71zdl5Tl46HwBBKqD5VZT4L4lF39pTM8G2zNvNUDeRLPoCrrSZnVdgMNXXU6c_XCMBj9kLbSWjPUSzAgZGnbigr6D_DJ6_91FaQhPaM9kmeCbQIE5U12BZjZe3Xhji6PV8aEadfqQ4rtrlUJ-1gNtkFDQrPGQ9Zprtk1eYJ0gksfWbbeE-WVVOvkqDsH3X3Ar7Pl9Pz0Tk1DN9tDMBuA5sgXlRH3ngDolqNIKNREtI7rGhNOXrAHuNwrTTuOAFfj77-D-tR5DBIdBT5QWw7s3GMiys0iwbAMU3kUZK27JLjgs334I0NATP22ynOabLW8fLoRHmPx0C7w

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 data=I0BESB-fX8L1bcc7NAQXLuTxOwui_vOOOC8Q0a9PLh6amVGUxPtJvklbf1sN6_m8Hs-VoUOQPhHLp0sLbieR-x-RN8LJMOxwxs95wf6Lm13uA3orpEjGOzumBds
mts0.google.com/vt/ Frame E441 82 KB
82 KB 154ms
34ms Image
image/png 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=I0BESB-fX8L1bcc7NAQXLuTxOwui_vOOOC8Q0a9PLh6amVGUxPtJvklbf1sN6_m8Hs-VoUOQPhHLp0sLbieR-x-RN8LJMOxwxs95wf6Lm13uA3orpEjGOzumBds

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

18c184d76e0cedd386e5f9bbc3ce1a35b5f9954d1054ee180ebeabdc1d7e255f

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
date: Fri, 15 Sep 2023 16:03:31 GMT
x-content-type-options: nosniff
age: 968
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83629
x-xss-protection: 0
x-server-version-bin: CggIBBC1vIqoBg==
server: scaffolding on HTTPServer2
etag: 0928f5aefb7f06138
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Fri, 15 Sep 2023 17:03:31 GMT

GET
DATA 200
OK truncated
/ Frame E441 244 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E441 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame DF02
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1

43 B
740 B

56ms
54ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkdrzwgEwAQ&v=APEucNUPQIZWlxwO0pfl-5tSfXJPM3KAXT5VFsHeQGbN4IjVlT8a9YE7-FUEFWjj6zztH8FR8hwdHOSuL4hQACYY35hCX61czjqjXtOW61x4hoJ6DhyBTFPsZLv3NoU2wgkNjVno5IaTA7PIfbGIGdLMCVxlo3puD-_BtHK-dgY1YjxppiRBxmc
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THYC7WdwielTL%2FS6Xlb%2FSjVarWSzjV8%2BMEzR02cYY8z79QIj8EYw7h12jKMt%2BY9c9%2BOEAOPDjEMjvltJ5bCrVWrfZTuym1t6C3A93DX%2Ftbw0hZAkOP%2F2PLMmwfI6vFByUSfH9s%2FUoBguXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8072314cf8cdb8fc-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame DF02
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQSEGndQ1arKqetcfPJ-MwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1

43 B
735 B

42ms
41ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkdrzwgEwAQ&v=APEucNUPQIZWlxwO0pfl-5tSfXJPM3KAXT5VFsHeQGbN4IjVlT8a9YE7-FUEFWjj6zztH8FR8hwdHOSuL4hQACYY35hCX61czjqjXtOW61x4hoJ6DhyBTFPsZLv3NoU2wgkNjVno5IaTA7PIfbGIGdLMCVxlo3puD-_BtHK-dgY1YjxppiRBxmc
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bhCdTPT%2Fl4DHS4hV6RXTHVnjnztjadJgFCX5dUaCdXY5VINkYsem6Tt8FMkzx0sP7mhbDonXBYZ7zZ3KvRd%2FR%2BWZj6i8sxGvruUIl2Yxw5cAQWE1xWORJ5o%2FLTSFGwubvr29kqyOcLFGw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8072314de9e8b8fc-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame DF02
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENkAdm4xgr74akrhb0A6c8A&google_cver=1

43 B
842 B

25ms
24ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENkAdm4xgr74akrhb0A6c8A&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkdrzwgEwAQ&v=APEucNUPQIZWlxwO0pfl-5tSfXJPM3KAXT5VFsHeQGbN4IjVlT8a9YE7-FUEFWjj6zztH8FR8hwdHOSuL4hQACYY35hCX61czjqjXtOW61x4hoJ6DhyBTFPsZLv3NoU2wgkNjVno5IaTA7PIfbGIGdLMCVxlo3puD-_BtHK-dgY1YjxppiRBxmc

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
an-x-request-uuid: 67db2906-b650-4a47-a2c8-8025bd2e9b43
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 95.211.199.131; 95.211.199.131; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENkAdm4xgr74akrhb0A6c8A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DF02
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc1MzI5MDk2ODUzMzAwNTU1OQ%3D%3D

170 B
188 B

33ms
31ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc1MzI5MDk2ODUzMzAwNTU1OQ%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
an-x-request-uuid: 2c03721d-55bd-47e6-8710-f3a4de83623e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc1MzI5MDk2ODUzMzAwNTU1OQ%3D%3D
x-proxy-origin: 95.211.199.131; 95.211.199.131; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 63C7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1

43 B
732 B

47ms
45ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGJjN8OwBMAE&v=APEucNXDRGU1PFsdvmXsqMAfJO-UUMyoT-iLAijto935-5bi27X4dP11P4TP7QRP9NEQ22ZgxqV1cCtyGeerFMqx2CJexpxYemSSy1y0IGaRB8RT3xZd74WSK9jYSI_nXsynpH0IrKIcvxFlroF6Ldq1dIm_LGWGIi_59e6XPpkJP499BR8MNKE
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdlMDh1Caqo8uCu7p8dyH0RnpixsyhszuJH2YLUGCs2h%2FHKpU8Gi9EGFn%2Fo1v582uitZER%2F8RWnO5Q4W9cG1AVzQ0JQkEt0MaUBFTdZ2cCm8UG9JTYBu%2FdpVCq3kGPWGRj2637oYDgLgrA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8072314cf8cfb8fc-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 63C7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQSEGndQ1arKqetcfPJ-MwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1

43 B
734 B

44ms
42ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGJjN8OwBMAE&v=APEucNXDRGU1PFsdvmXsqMAfJO-UUMyoT-iLAijto935-5bi27X4dP11P4TP7QRP9NEQ22ZgxqV1cCtyGeerFMqx2CJexpxYemSSy1y0IGaRB8RT3xZd74WSK9jYSI_nXsynpH0IrKIcvxFlroF6Ldq1dIm_LGWGIi_59e6XPpkJP499BR8MNKE
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FalX3Ip%2BzqF9mKIDGro3idSVn4kZC4A7QttzYblPdFKG5uniSt8kpfqzEcyKPC0aoBkeKt2r%2B2Id798%2BRaq9xGABkQlxuFP7Nqj5666bZElIfEg%2F5NRnp4p5zzup8K3tXSEsk8qQ291yHA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8072314e09ffb8fc-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 63C7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENkAdm4xgr74akrhb0A6c8A&google_cver=1

43 B
842 B

67ms
66ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENkAdm4xgr74akrhb0A6c8A&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGJjN8OwBMAE&v=APEucNXDRGU1PFsdvmXsqMAfJO-UUMyoT-iLAijto935-5bi27X4dP11P4TP7QRP9NEQ22ZgxqV1cCtyGeerFMqx2CJexpxYemSSy1y0IGaRB8RT3xZd74WSK9jYSI_nXsynpH0IrKIcvxFlroF6Ldq1dIm_LGWGIi_59e6XPpkJP499BR8MNKE

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
an-x-request-uuid: 7e06a9bd-a429-4154-a0b1-a019c5148c5b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 95.211.199.131; 95.211.199.131; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENkAdm4xgr74akrhb0A6c8A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63C7
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc1MzI5MDk2ODUzMzAwNTU1OQ%3D%3D

170 B
188 B

41ms
39ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc1MzI5MDk2ODUzMzAwNTU1OQ%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
an-x-request-uuid: a1ff9cf6-95aa-4414-b7f5-e7908af983b3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc1MzI5MDk2ODUzMzAwNTU1OQ%3D%3D
x-proxy-origin: 95.211.199.131; 95.211.199.131; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D2A1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1

43 B
734 B

43ms
41ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGL_tr-kBMAE&v=APEucNUMPyQUATR9BZGA-VVNF8nhD--BIjiHbRn0kPA9mogYVyjsAY9ss7zrxnPWI8T-9M0y10NJAD0DI_YOMDkn8Bl1groMawWoYFFg4yHQYDaEkaAnuEl2mcz3SJxnswuKjgHxEJtQs7uWYv8AgonOw2PxktLSdrPq-0L1zLaHN5e2DZltbYs
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FB3AdmatBVBG06mlNwVWmm5EYfgMlwmM6cV3eTxygTx4QbVM1Gfp7mIl9nb54sfGgg%2BPTtzkE2ycyaAlx9KP%2BCrOX7lGXFaj5WqPsHoJTJj%2B7LoITBJGcGsSSiUvRQ%2BLMY4rXsHcAoWag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8072314cf8d0b8fc-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D2A1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQSEGndQ1arKqetcfPJ-MwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1

43 B
729 B

42ms
40ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGL_tr-kBMAE&v=APEucNUMPyQUATR9BZGA-VVNF8nhD--BIjiHbRn0kPA9mogYVyjsAY9ss7zrxnPWI8T-9M0y10NJAD0DI_YOMDkn8Bl1groMawWoYFFg4yHQYDaEkaAnuEl2mcz3SJxnswuKjgHxEJtQs7uWYv8AgonOw2PxktLSdrPq-0L1zLaHN5e2DZltbYs
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onKHPf3xPTtCxiEd1V0cvlUkWuh1IO4nH7pSoSsX1f%2B62cCR7UllrCCVBSjd69ezixEZ7nOawnQOP21UhYmCjPojtkrp7sbCG%2Fxc2zA0XUtQIdAVdSWjKMJJdkuV1OJWsbNPPGRk2t53pg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8072314e0a00b8fc-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP75q659xFu79_IsSNxvJ2Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame D2A1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENkAdm4xgr74akrhb0A6c8A&google_cver=1

43 B
842 B

25ms
24ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENkAdm4xgr74akrhb0A6c8A&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGL_tr-kBMAE&v=APEucNUMPyQUATR9BZGA-VVNF8nhD--BIjiHbRn0kPA9mogYVyjsAY9ss7zrxnPWI8T-9M0y10NJAD0DI_YOMDkn8Bl1groMawWoYFFg4yHQYDaEkaAnuEl2mcz3SJxnswuKjgHxEJtQs7uWYv8AgonOw2PxktLSdrPq-0L1zLaHN5e2DZltbYs

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
an-x-request-uuid: 27f4a1e9-7b64-4932-a2ef-113a5f9466e6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 95.211.199.131; 95.211.199.131; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENkAdm4xgr74akrhb0A6c8A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D2A1
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc1MzI5MDk2ODUzMzAwNTU1OQ%3D%3D

170 B
188 B

36ms
34ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc1MzI5MDk2ODUzMzAwNTU1OQ%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
an-x-request-uuid: 903dd2ee-e694-447f-af90-cd070827ba14
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc1MzI5MDk2ODUzMzAwNTU1OQ%3D%3D
x-proxy-origin: 95.211.199.131; 95.211.199.131; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 614D 0
20 B 146ms
144ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7124730130810&version=m202309120101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 614D 0
20 B 146ms
145ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7124730130810&version=m202309120101&ct=76&x=1&cor=6541534122872019000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 614D 100 KB
38 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DkC6CCX8_jXgUrujWIsbMvSV0eGFvOJB2WqAvKetXVezdHKlf0ZKLFT2nGd8vvPAnX7maOHm6y3vpTLV9IVOD6r09SS7x4LCPGPgXT2vAfohlrlq7YiWoVePGop4YdS04KyPcwMbPXPlT0_xYPwcymst4MRierIqEG86NboNnM1g1ecQ0&dbm_d=AKAmf-AZsNa-FOnvzBYo--2GjFhBAyvVxfnShDI97g2j5FlFfvVmkkceZv5q3H4ruz3DpVP5duLKJPbQZWgE8421sHsgoKACCbJXuBuKQWb7e68ar-OrH-2l6O2Uy1vvK3Pyi-UXo_NZSKBQHKK2ULlYwhFzA4Pd_neNvPbaFjA3WdLbgtIsCdnFGtC8enzY9wDlv0CFPpbfj1XW2qWvil5Mo0YX31ufe-WX282UEQZZyFTYDwDZmb5sdybXc1AAPI18DgySLvyzp2I5a7qKoehyHemur4dbTCAVXzRu1zJgdTkZg-7Oow3wIdQxsJfJ712LoKp5uPUtM5Eohd6NnKseNhfx9DtWxJuKeQ4bNyPMcvwJxtFp1Un0rYlYdkU2wOIAK4hyBTF1D51paVyv8m5tpTd1g0xysonRtWFn1329-0wUFnPe9hSCJ8v58DSzXFcN5OtBjPqz8l_HaNSB4TpgJAI3IO5KhOB8D9VJUurI0Qjf5IMe84VAPLTiFdQ7-iZBMiv4NmnAXYoJlFWFX8wp39nAYuTsE8_4jpevvRf5b1WgXgoL554AWQZG86hxmvcHLpUcGwwN8ief9Hyr3tJmGXu4pGrWg9wjbdWZYaV33BQOeFYjsQnFhOHSiUYA2hWDZroAJOm99hM0WPsNsy1A0crUiweu59fVqrWRnsb8uCytrfXxJ0WhEYpoNTTu84cr9e_vk9a8IjeoJsValL2pmFh5tOUyhoCj494sj8_6JYLGzQmIXMhgexs-bUHKDIQKGWvU28YVLyzGldOYYz05rCafoEtS3jhV79hzKJh5TmUeoTBu7mweJcZAmWteWs0kJlo1ZZGWHAPx6CGQAEe8Jdu2WAsajlqX620dwInTnZJ8WTM0eyA4JWJzgVO-xe7yykP9-6erCzhHv4T8yitmZWeC4gMErGzXXyp_cAlD_heQDOcVWUIWGuOxmAA2n-klxUiQZ_fyzy8aEb1QE9cEhivHw-gWIqzNz7KJX9PKs4PA28AprI51EVb_Ut8BE8ilOsfqYeeKvxU-wVbOr9jWKWeHbYMrlnMdqr_-0ycvWQFx11JKXD_Azo1SiFJkuTLJq157NN-SuRCSETV_cynUdXUp3-px6oFmEE51MIG4FbuSmZoLjd870cpnG8h9qX8Lq1NclOqxv8W2fI5Uz0Neez0gLxUOrGBEyo4dU89IWkIHAWL6s0XQXmjZL2-vq5xu8Ukn0BFsTlVY_qXnu3suPGzgCVDI_YBzQzrGJNvP0bnRdmvlTvc8vgtPTxxYUtlqQG73ocd9iSzxJCHv4GW7WYAShDWOuPXNI2_Lg8z6Olt1Q0DU1BZy2-5bdFcnA3fOpgdzkYBdfipWLsEl7QSyqPjW8QDlXz1yQvepLwtXDdijQgOfT4PDnvpC7xzHdEnKPbH-H4yrRRDamNYrpuQzYQ8Nsi35NHbQBAL2s_3BF5y9KMc5XSHMlo7N3t5FjwTiZniyC_ke2dSfrXK-FV4030jSiLmw4Z3iB6WU5PUOdZo658ILICztj5RdtvPcjjsx98Achu175zC53_jZD0qeWUAt1jCqgbyQoln_s10M2NqDaXqbSNPUSmwoA-0m4GNIlqyEoXlTKyqj__pGl8bVk84IJHfyvK0vDmu_0mtHnYyXRLj_n4JiZrgPMHvYe8YREMPhwVdjNjpZh7_6cFp7XBYjygsEePBbHJDAqF8wGpgoShlZWamFZ_fQ_W_Iez6eEW-wCuFovLyUAPConwpJI2zh0fDRLFeIwb83t7_hO9f5Oie5BzaP7gGcP3gv7SK_cBQecxJZXDbF7ymT_BtYgFPp_uYC6WjFh1fqjhjlYpaoICVjR7LTr8Ip2PM5O2Peaw3FbyZfnvwGcnQK4tAbfoWFhxyISacrMLu8n7qJCcQj3iNlUiD17s4LWkm7lr9AIQ1STW46gkDztiLfmu3-xxZfCyhfRPWt5-5qaKsO4KpWq4JuuMEHbuPNAaBYNiws0LAK2EOWH_NjSHBDk5-cv8nUOgXsrkGgj5Fz1abq4xkNkGl-7KRZ6X1nMOopKZkpsfXQ3DY9qvEo2tMdN5d1V6sfWXDeGidBeqB-AU7w9CtuNUdRz3gpx0k_S-6gXYabxPk0oZqfDehWGMzUaBqln5JsPrl05IOlkqY6HxEXwolCh3m83WSqreQmKegVWEVdoEir6krAhTW4g-P-WUaQau0m64UjeGASQg7XRVEOHVOhmbywWK09gEvl2iwV8mrB8rOgD9rN94nP0i3up30qwDYl-WFOAX7jTlnQuV5GKJ_cAlQ1s0j5eVr5dCXlOOWPryaXkp0Vi1VkhUTBjMb8xR9JADs7XORVvYRTrf5-PPi3s0JZ6zvk-wTCktLw3yn1sTXhfs8oRat3WUVZd2hA9B9XlDKDHD0hpChRaqT3xb23odD2qZqfvuXXfntqRr0NZc841ZFRe5LQjWajj3p0kWAzIt28mMukkvVtEG8uq2s2ei-PA5nNTyRYsRlSLtJyV4V_U_t6Rf-Qnkqa8luC_gbRJ9fZTSI6DFPO5REdo7ubGxoOdCivH3Qs3quDeLfGhPcB2UnHGLuqsxoMgcb0F5YGex2-BHUh5jKu3Ze49adIVA2nGih4CGLt7Yi4EXGMa9NOsJ8V5hSOgYZRLCRB1pVTvd5egFioqDWEVAJ5UsSfuHtRia8TZxMhPvftjWDEqJ_zi1ZX3wI5rirRVooR0IdcnxNOcTXoH0QtJYs9ZaQh2et5Q6ouzdMcI2fXsMDGM2_pKmSYsdqNT8bQ_HCmFxrhaeMnuH6L0SpdEMIzkwdyOk8nFb4ymzxFMgeLuhr3e3ylk3qVwJ68lErl80eLxanh_d92GlTnNJcrjwcSQ_YRUjEUSi4i0Ap4IlYy6XVBGUfHRzwVeJ_7ILAcb3doyIilMOy0szY9_NgCov1HuaqTRv5nsN26LeQrpIg3lf0XMpCG_VEhIyUGSG4FBn9nYakloTeSPxUc03rEeJqAl_0LElzULrDXzs-7pUB-BqN3u5ooxbKkIJ9hUB-5Rpv6B5ieqRsZ0q3kbBwQrMURUCwgktqJrT3bFt84JwmqZMS8z494B_KhagHtkC_CQvOCEKTk1ItKrcIxb1DDlHXyZa1EeLKLitSp6C_LTvIFs2jlne04rHUfEVyNWpR56dMPJ7Uay95xasiAXVYXkMQBMG6u5JcMLlVgc2bSMC8uO0zMar28QK5PV8n_9DzpvNrDZ3-7tY4kb6TuHTxA5SiO9fW_9_F2zAz6RDw0GJgxtbUWb4nai_nEQX3ZI0HbBdVHMi7Hnmp5R2k14ri5_XUhPLmGhdr4tYbnSwtK9qJ8fu79Pdh_huOumpFXshGc9-o6RkzgRyecuqYBolIV-k0Fg-_0tfaizhlDi-tYpnuOJZNctCisQjGvgiEX0k3t6waCEjg7mzhlKbAqT-jZJOB2nz8sE6qkFP7wt5cmRpNF7ObN7n-lqs8HCA60P0k88f9nHzDK1FamHb8B57EPeT-MIn683xqyPC-oCsp17M0wYr95zcLbHwIuli8rQ6K_plBYzMnLuXKORtr_3UMjMN8AdfInfItxWSDzo3LY9uvmF14lUkqh7p6sdbJduUG8TtgUWKt4Q2B7-LvimW3UiD3R6pwtC8NGfrjT7r9l3dsPqYbI1dnoylScUHBX9ZokHpSmzJAiulXWtdfeHslEt0-IQQssjTmYH7-O_5wre5SFt47otYAIP89l&cid=CAQSPABpAlJWgmxUcotL2Yx_l_18SY9pcrUpbaXW3yyD2j_90D5_ll6UE9J9Pu4IajuG1w6jprVNH-GPuV-12xgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ds=l&xdt=1&iif=1&cor=6541534122872019000&adk=250412560&idt=141&cac=0&dtd=18

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b43870639e0de5bfcc8e16864569716beca84bd2edae896183586f1ceecbd52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39231
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 1AAB 0
104 B 129ms
46ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHgIDBpf6SkGlG7mgY36bbc&google_cver=1&google_push=AXcoOmQRE2if2-gClMASLt4kjfPhucoqhzWUPhBtnvlFVDPB3d4WDLEZKDAiz4BivtsrU1fixTijp8bn0AlqYeppWX4VsXNkiH2D
Requested by: Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1AAB
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEX9rOvDEa1Pb-isHcYTWpQ&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEX9rOvDEa1Pb-isHcYTWpQ&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QTM3SjRUZzgxUUhieEY1&google_gid=CAESEEX9rOvDEa1Pb-isHcYTWpQ&google_cver=1&google_push=AXcoOmR8VDWLx1B5MsSmmED7oCnLiAHvGIVoIEwA9SLww7O...

170 B
188 B

42ms
36ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QTM3SjRUZzgxUUhieEY1&google_gid=CAESEEX9rOvDEa1Pb-isHcYTWpQ&google_cver=1&google_push=AXcoOmR8VDWLx1B5MsSmmED7oCnLiAHvGIVoIEwA9SLww7OHv11o-02qsNl6OK88n87xxswyK9w8Mqj_o134Sw_pft2bREMaDTdd

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 15 Sep 2023 16:19:39 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-gfcd4f77#rel-ec2-master i-064d20a31ca5f1852@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QTM3SjRUZzgxUUhieEY1&google_gid=CAESEEX9rOvDEa1Pb-isHcYTWpQ&google_cver=1&google_push=AXcoOmR8VDWLx1B5MsSmmED7oCnLiAHvGIVoIEwA9SLww7OHv11o-02qsNl6OK88n87xxswyK9w8Mqj_o134Sw_pft2bREMaDTdd
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1AAB
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESELtdf28hW4zcLuYKDDPrMms&google_cver=1&google_push=AXcoOmTLF9OW-gTkK1vVBEMr3_U0VF3hvc9i9CGTmMcF-hkH6JOrW9mghx7UAMSkgZcpqOXApp8SDRqfF-EhHuJo...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8-XtlBO6QzK9kXmWRD1pFQ&google_push=AXcoOmTLF9OW-gTkK1vVBEMr3_U0VF3hvc9i9CGTmMcF-hkH6JOrW9mghx7UAMSkgZcpqOXApp8SDRqfF-EhHuJo0nXz9WwxE0wd

170 B
188 B

36ms
35ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8-XtlBO6QzK9kXmWRD1pFQ&google_push=AXcoOmTLF9OW-gTkK1vVBEMr3_U0VF3hvc9i9CGTmMcF-hkH6JOrW9mghx7UAMSkgZcpqOXApp8SDRqfF-EhHuJo0nXz9WwxE0wd

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 15 Sep 2023 16:19:39 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8-XtlBO6QzK9kXmWRD1pFQ&google_push=AXcoOmTLF9OW-gTkK1vVBEMr3_U0VF3hvc9i9CGTmMcF-hkH6JOrW9mghx7UAMSkgZcpqOXApp8SDRqfF-EhHuJo0nXz9WwxE0wd
x-host: tde-deliveryengine-production-845fcd7858-gw5d6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame 1AAB 0
236 B 133ms
61ms Image
text/plain 2600:9000:211e:3a00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESED19rGRcliCix6tjUteVgkw&google_cver=1&google_push=AXcoOmSPa2Ik0Y_vlulWmUTJH1hFqJpyCNRl9x_sJoY68umXMyrH0cVRbRt7qJnO8YyG887gG-NlryZN4lbpI9Juh_P7W3AAl4Pw
Requested by: Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3a00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:39 GMT
cache-control: no-cache, must-revalidate
via: 1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: NRITo-6Fm4ady1vHJfFEe0gWNLvViCxIH6-262OXzzD1Be_80URGIw==
x-cache: Miss from cloudfront

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1AAB
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIWtCjwyqJcyPOMKLMcJh-g&google_cver=1&google_push=AXcoOmShBddH0yDTm0T52-9mEKpz-531tv1Pdtbv3PCYTyOVCTr60d34VXbUf3kc0ahhqUksHfSDIpwkVCZyXnZ9rGS3CyZdI3oO
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmShBddH0yDTm0T52-9mEKpz-531tv1Pdtbv3PCYTyOVCTr60d34VXbUf3kc0ahhqUksHfSDIpwkVCZyXnZ9rGS3CyZdI3o...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY5MjkzNzI2NzA3NzgyNzIwNzU2Mw%3D%3D&google_push=AXcoOmShBddH0yDTm0T52-9mEKpz-531tv1Pdtbv3PCYTyOVCTr60d34...

170 B
188 B

34ms
34ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY5MjkzNzI2NzA3NzgyNzIwNzU2Mw%3D%3D&google_push=AXcoOmShBddH0yDTm0T52-9mEKpz-531tv1Pdtbv3PCYTyOVCTr60d34VXbUf3kc0ahhqUksHfSDIpwkVCZyXnZ9rGS3CyZdI3oO

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY5MjkzNzI2NzA3NzgyNzIwNzU2Mw%3D%3D&google_push=AXcoOmShBddH0yDTm0T52-9mEKpz-531tv1Pdtbv3PCYTyOVCTr60d34VXbUf3kc0ahhqUksHfSDIpwkVCZyXnZ9rGS3CyZdI3oO
date: Fri, 15 Sep 2023 16:19:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 1AAB 0
45 B 243ms
25ms Image
text/plain 185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJHuFQTrURLuEmfRowntQog&google_cver=1&google_push=AXcoOmRJltsVFc-C77XTdrhyKlE_G4IWrHAPK0z5TNQnRJUdXxScQ_ueolkSX_cYXTykR3N4j-ycvwJYYbhaLVuCCS8P2yaYUEfO
Requested by: Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:39 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1AAB
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=500e7ef9-229e-4f1a-88c2-790c11aea531&google_cver=1&google_gid=CAESEEM8yDjNB8opFPyGSc6Q8os&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

35ms
34ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=500e7ef9-229e-4f1a-88c2-790c11aea531&google_cver=1&google_gid=CAESEEM8yDjNB8opFPyGSc6Q8os&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQ-Zk3YJAXNLut46PKwBAQtRgYCzR4e3jYIjDX0dcDRXWVXr3IMgn8zRRzY5B1bzmo-3rsJtmrxZn8hOjy2FYSiL6bm79wd&gdpr=${GDPR}

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=500e7ef9-229e-4f1a-88c2-790c11aea531&google_cver=1&google_gid=CAESEEM8yDjNB8opFPyGSc6Q8os&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQ-Zk3YJAXNLut46PKwBAQtRgYCzR4e3jYIjDX0dcDRXWVXr3IMgn8zRRzY5B1bzmo-3rsJtmrxZn8hOjy2FYSiL6bm79wd&gdpr=${GDPR}
date: Fri, 15 Sep 2023 16:19:39 GMT
server: _
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1AAB 0
12 B 35ms
31ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IBoRksHA-ZtdHWkx2gJc7i2O8gH-UK-EM8PBK0xZLNj84RXEmWYccsKGg0PuoAfpC3SJ4GVg

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ 577 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
serv.modoro360.com/api/adserver/tag/ 44 KB
6 KB 509ms
230ms XHR
application/json 18.211.144.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://serv.modoro360.com/api/adserver/tag/?AV_TAGID=632c400f6736d736c5787e64&AV_PUBLISHERID=632c3dff8e62a32fb323cd86&AV_DURATION=18&AV_VIDEOURL=https%3A%2F%2Fcdn-adipolo.urekamedia.com%2Ftest%2Fa92a53cfdb1b435a8%2FYamkarish.mp4&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&AV_CHANNELID=632c3ef859ddd85dcd3fc897&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&TRACK_URL=servt.modoro360.com&pce=1&npx=1&AV_DETDOMAIN=www1.ihdstreams.xyz&AV_DADPOS=1&AV_OPLACEMENT=1&AV_TAG=632c400f6736d736c5787e64&AV_TEMPLATE=6192229fa59e3976bb4400aa&AV_GPID=/632c3dff8e62a32fb323cd86/632c400f6736d736c5787e64/www1.ihdstreams.xyz&d36=6.2.127&responsive=1&sver=4&avtoken=779687&omv=1.0.1&AV_D65=Test1&AV_D66=8.3.18&clsid=50596a53-ab39-42e9-879b-ee77a7bfca97&rando=36&AV_WIDTH=500&AV_HEIGHT=281&AV_DNT=0&cb=1694794779689&AV_CGUID=01ftrvrvyj4bm5fq8f05&AV_CGUIDLIST=01ftrvrvyj4bm5fq8f05,01ftrvrvyj4bm5fq8f06,01ftrvrvyj4bm5fq8f04&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.144.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-144-199.compute-1.amazonaws.com
Software: /
Resource Hash: b1139082f082fd158856deb7c46e548a7fef76ef754570668e7808e37e1dcfd4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:40 GMT
x-bamboo-c-skst: 1
content-encoding: gzip
x-bamboo-c-skfe: 1
x-bamboo-c-s: BYPASS
access-control-max-age: 1728000
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin: https://www1.ihdstreams.xyz
content-type: application/json
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires: Mon, 04 Sep 2023 02:33:00 GMT

GET
H2 200 track
servt.modoro360.com/ 0
97 B 110ms
110ms Image
text/plain 54.165.18.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?r=www1.ihdstreams.xyz&sn=&ic=0&tgt=0&app=&wi=500&he=281&test=&d36=6.2.127&apppkg=&fv=1&proto=https&d65=Test1&d66=8.3.18&clsid=50596a53-ab39-42e9-879b-ee77a7bfca97&rando=36&pid=632c3dff8e62a32fb323cd86&cid=632c3ef859ddd85dcd3fc897&stagid=632c400f6736d736c5787e64&stplid=6192229fa59e3976bb4400aa&pt=2&d66=8.3.18&d74=&stagid=632c400f6736d736c5787e64&stplid=6192229fa59e3976bb4400aa&cvid=631a0c74c080af4ad20201d2&cpid=631a2480b3d08269680f4be2&str=viewable&cmssynd=%5B%5D&e=inventory&vi=100&cb=1694794779688
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.18.101 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-18-101.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:39 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 124ms
55ms Preflight
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 15 Sep 2023 16:19:39 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C1F6 0
20 B 122ms
121ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1635539332211&version=m202309120101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C1F6 0
20 B 121ms
121ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1635539332211&version=m202309120101&ct=76&x=1&cor=4403843139148175400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C1F6 89 KB
37 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTvVLGMkZSLkoO0rYRW43hu5EZjKFwtAtEU7_GEzW7YofD6iMtVqfGbsGRz8g9p5HyU-0RWbPuZJEI8OK5wXfn0NNfUw&cry=1&dbm_d=AKAmf-CmoBbWq-D8eE09y0S9xoB2Xlvekq7RAanBAarIm-w9fmbCUUnJzqo4BULrcBY_rULuZDGIAPPxqqBqb3EC_xjLza3SBbrcrxhNXM_c1ImY2pI7mKunZZb1zoZqvgb7L5p2QiIXz6hqL5EIBlKrxv9ivNgL3asibBbyrNCaEpcni96WwD4gKmaoyh9Ufid-JUHS3ZnPJUMQrF_45titeW-e0x0dgm6L2VA2aNxa_NnuvLHRMOfmngAq-CsHHCoBAU22X4Qjszp5C6xsbb9wGQZpoHMM3yC0wgoY0zHq3NtMsh-gG2-RGKC4b8ygBx062R7kifCnF-LhnLzdLnByVIZmYAcCV6YssZMhEmYnUXnkHjZf0ddQKfiL8C3nu7PFVrPHQ8XPUPWUUdSfyW4K0Mscl30J041wjEk7iO5BCaGcNxDKlmrgzM0Br6dCG5ngPgmcXnLhG_F_noyTq0v_LN5wQy_siEyCha5WlI0XfATYVjqpZIvhh30SqDh2xAE6fuwA5dQiudoxIssPEC80J4eufy2NTok5DTkadArJ0RbJFegemA0sj7XAaGLBtlWDymEqdKe56y1uSWIvHRsvHlJXmyv_LQ6JtQcSIoRZISvWolt0aPfzh2-Ch6_CJXo1P2Ul8iPT5gEwmpxcawftqc3yWCSnWm6r2CzjwQB9VI5_8mRl50BMjooDF2jW2GzFgNRDxpBYO611Lu01_cTbXwKtfa05tSj6pMtVpDCxZkCDLYCqmw49_vt7mOQNT3rH23sV7ly6I0fKDcnnhyG6LCto_vUIjuy3a2F2Uoc1hHXyZQ2DfpjoDiPWe6BHsWb9GWr1Yvxu6HVEujRJMqIvjZSGeooAFjLtrdj0fwUyQ-llCrC64GmSmVYEQfuZimFNwzz3d4kUnlS-AhbLLqV7qxeSUMJkWr0-LIlVlduNyv1H5ybfvkW1P9OUiGNF2rpEDaFIETS1lI5SdpJCR4XaxPgmqrdpuyvb7rjbeHY0A8MsTwLnVXAYXJ5letLn1ktJj1fY2br_wBktJ-wfkLop7CODG-qpH7Z9BONnDDPQLkGg7TcLBG1gBCNvzsmE_XWx6QgOVpG84ShrcfQk1MLyuVHYOI1KStyEnkgn7MC1lRfghHblBHO9uZiQ_-Qg0uh2YQd53FP0y1jPL-EpJV2gUCYIQRXfW1tRWC0_UgX6Zkje49XSTk0kIVPe85h1HVdkWgC8j-VkCbG5-qSljUEK33Xq7TSzsivmiwG3A1OO10sFQqajpfqGQgt3ro8DbVHbk9wtkc5ZncFAaC7KREwWy3tWbHMgNJRmy7JlXfcSrxLyi-xqNVnHwvSZ7xCb-lRu_qArRGoElMLDx5ycu0JB_GlZgWsT7z8U_n9LOJ1XZ_e99MZ6pwPXX6nWZqgAU8g3Z9HSfgG3dtoR3OYNRvkBBlVc5yTAR3bZm8rZ8XHwkNGvJYGMoKZmXH7rSsedsWmNjNDOZ9Zh_KTlf4eTfrwfeSvOZD7dVXdSLLWe5ziRJNoLrS2EWcqy5F1SfXT84IlNXwwsPlKxW7DFyZrd76Vue4gXsL0ygjF6sZFR3hSKJ1R7ifN1wLfiMqxEPj8q5GQrh4_t6evRQvekfkfKkVkhfPIc_JmkBoCeY6H4cqTixUM6bFXocI-aOFZzbabyn60YoFZAXKh-LEzItjK4-UT4xKONwOYwSt50o1UHpmIMm06nlkWbFjoWPnSUolUyZ6fn9rJ8vpTcrgHtdkpRriZUS0FO1yrO_JRwwPXfwv55prh7RITicuSRDz3YV29LI0fKdJ3GQKwvALGMNPY_f93p1o8g1q3vBQlOvil1zn7igd-aAsL5KgM2bC87dZbpn2J8dNpuPKoa9F94tasKNnraprQKrgVlV4iTpNCsYeukJUurOzIkU_0UKKzRsVbpHRg-nISv7C7ffKD-mpT78ZNBXl7O3aRHdhty03N6t5ge4XR0n4yxJ2mN70iJiecT7rq9DHpHuRnViZXVPYubCnoHOBjuMLkSakVi97A06JKgYFSSrMHX4p7IHsopfHPK2SIa8owxSXkBugDYkTzC-JaH3nh7uxS2HIVMJfWl7mZP_h30NZfaly9PhUKGaaaNyclMa0YjdcimTWRYUP_hBgLtnMWuEcpAuaa8vB6mufFO3GnAtRkVMJ_RkWEu9gSdjHZnaSDc768bAnG4BzeiXhj_MgYCFrOWpBRMkcdzRxfIZLSaHxzB6EABbSh9hYxkeuWz1JlMgdecFFcvinvILaS5-3kdARHTLfy76ZxpDUSBD2lv2utgQ2r7You2sZaEE69UfZrss6mpK7Db6IqXu3HHmvlatR-6I8bBLN64OlEikGeqF5FJsGxCgysg8DJrzkN0wACAAmSt0LQ6oDdf0i3inNSiPIcnm6vohWG7OojuDOUtQYf_odJOmAmGc_ZZ5zz9SbkxSCeONzADMIykr7GihAVgWF3bTUAMAaNX0NLBDF3TBFq-ye85UODP5GLXu5R3E624LiXODpwEIYkhTfCNJe0hb1zAprae8GgBfrMz9NHoVMlYbD10GYGENTdvakmTlyJGORHH764CtzNISBq4brkYUj8sxN5zWsk7WOr6NKh_gWxBjX-QkGYi_zNu54ireZdxR_n1BRbqaLetNoSMFKfskFnTPwllVKtHIXwZt0l66wCz1V1HGet-bbzoyPMTGU6hqjXvUny3pljfZ3RptdARIl8hZtVHyhbsBh_YxEInv7HUwMZHXKCWATG3Gl_qWTW86MvRQnNmAMUMQYr-DqGhsjSVvBGJv3R3qv8QNCr4dTIWxokAh9rLKpPAt8zF4qRBYQvMVJu46ynq6N3F_DoU0gYJwr2t80hE4fjYppsthshoedxY05OqjpIG6m0168c0ND-GnoNlIzF0aV2fSwV3fJkVdJmeYqKi-N09366gg9rm6FUFDryf0euJqaNLbRHUsKqvo1dAMpTkDOi-N24Q6bPnhY5G05kEKLKZk98dPz3DzW9_38o4zi0X3c4hYAY2b9po3DMJ1i2B2Z_ntUhL-McqKHnjvkax44-tqnr6aNoFkU3aXknsHuuvwlXpPJ8rItqoeprmQUNuRNyrCqIlSxaURMyry0BpbEXqmgb2vGyOTyBmAXHHxanq553mfK8wG8h9GoJI5NJ4HRHa9P7YU8bfBqCAmTQ0bdg8VmWdpCzHnjEpDw31jMixMXK-eVYvNjnnOhPXCmkoLytfA1-ZU4STIW-0_Y8YPqnt2XMXxvOWexLwYLoy8kIYWBIIG262_DZvuI8FIxSQpZsZVskArWktyCuQxB3EFHeTFaVObvYMEazZU8vazuqpC88KPGouuBpDT1SA3YrbhoYbMrX2_lmKsfPByTl6QXTM7ZrePQjcoOIyo8t-ErN_kukRNZFuXgFUMppc4XpPYlOaFQSeVHwoyKUbEZ3opEsDf64j8UjT9pM&cid=CAQSPABpAlJWAwwfqElVcX30snPQ7xP9tM39quNZLaA6d39CSg4THcjqmke-L_YmaYQRVSRZG1f2fkYrlu74zRgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ds=l&xdt=1&iif=1&cor=4403843139148175400&adk=1964084972&idt=218&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21569e6b56a5a15f76f1d99a1a13d7f7e920a847d34b887593adbc0be98eaae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38024
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 145 KB
45 KB 385ms
384ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1340521495430263&correlator=2008182166085761&eid=31075594&output=ldjh&gdfp_req=1&vrg=202309120101&ptt=17&impl=fifs&iu_parts=7047%3A22821132256%2Capl%2Caplmcm7047%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=7&didk=429895242&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dbd063ec55863db59%3AT%3D1694794778%3ART%3D1694794778%3AS%3DALNI_MYsAtUEO78mtPoXUEyGbfLOzpalJA&gpic=UID%3D00000c7620e6de67%3AT%3D1694794778%3ART%3D1694794778%3AS%3DALNI_MY5jC4skREVyosNFkqTz1gRYIAuDA&abxe=1&dt=1694794779873&lmt=1694787579&adxs=1300&adys=-286&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&vis=1&psz=300x-1&msz=300x-1&fws=516&ohw=300&psts=AOrYGskz1_usk_apH66j-HpjBQEBXgwgHyqlSz51eqLOlC_Q&ga_vid=497659922.1694794778&ga_sid=1694794778&ga_hid=2116468713&ga_fc=false&dlt=1694794776467&idt=1711&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26excl_cat%3DPREPOST&adks=1570630426&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e36fbe4836cfe620bd0f30443bca920191a5f0c99b5ea46738eae3168989ba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:40 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46119
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www1.ihdstreams.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 614D 172 KB
60 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
Origin: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83680
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Sep 2023 17:04:59 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/elements/html/ Frame 614D 11 KB
4 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DkC6CCX8_jXgUrujWIsbMvSV0eGFvOJB2WqAvKetXVezdHKlf0ZKLFT2nGd8vvPAnX7maOHm6y3vpTLV9IVOD6r09SS7x4LCPGPgXT2vAfohlrlq7YiWoVePGop4YdS04KyPcwMbPXPlT0_xYPwcymst4MRierIqEG86NboNnM1g1ecQ0&dbm_d=AKAmf-AZsNa-FOnvzBYo--2GjFhBAyvVxfnShDI97g2j5FlFfvVmkkceZv5q3H4ruz3DpVP5duLKJPbQZWgE8421sHsgoKACCbJXuBuKQWb7e68ar-OrH-2l6O2Uy1vvK3Pyi-UXo_NZSKBQHKK2ULlYwhFzA4Pd_neNvPbaFjA3WdLbgtIsCdnFGtC8enzY9wDlv0CFPpbfj1XW2qWvil5Mo0YX31ufe-WX282UEQZZyFTYDwDZmb5sdybXc1AAPI18DgySLvyzp2I5a7qKoehyHemur4dbTCAVXzRu1zJgdTkZg-7Oow3wIdQxsJfJ712LoKp5uPUtM5Eohd6NnKseNhfx9DtWxJuKeQ4bNyPMcvwJxtFp1Un0rYlYdkU2wOIAK4hyBTF1D51paVyv8m5tpTd1g0xysonRtWFn1329-0wUFnPe9hSCJ8v58DSzXFcN5OtBjPqz8l_HaNSB4TpgJAI3IO5KhOB8D9VJUurI0Qjf5IMe84VAPLTiFdQ7-iZBMiv4NmnAXYoJlFWFX8wp39nAYuTsE8_4jpevvRf5b1WgXgoL554AWQZG86hxmvcHLpUcGwwN8ief9Hyr3tJmGXu4pGrWg9wjbdWZYaV33BQOeFYjsQnFhOHSiUYA2hWDZroAJOm99hM0WPsNsy1A0crUiweu59fVqrWRnsb8uCytrfXxJ0WhEYpoNTTu84cr9e_vk9a8IjeoJsValL2pmFh5tOUyhoCj494sj8_6JYLGzQmIXMhgexs-bUHKDIQKGWvU28YVLyzGldOYYz05rCafoEtS3jhV79hzKJh5TmUeoTBu7mweJcZAmWteWs0kJlo1ZZGWHAPx6CGQAEe8Jdu2WAsajlqX620dwInTnZJ8WTM0eyA4JWJzgVO-xe7yykP9-6erCzhHv4T8yitmZWeC4gMErGzXXyp_cAlD_heQDOcVWUIWGuOxmAA2n-klxUiQZ_fyzy8aEb1QE9cEhivHw-gWIqzNz7KJX9PKs4PA28AprI51EVb_Ut8BE8ilOsfqYeeKvxU-wVbOr9jWKWeHbYMrlnMdqr_-0ycvWQFx11JKXD_Azo1SiFJkuTLJq157NN-SuRCSETV_cynUdXUp3-px6oFmEE51MIG4FbuSmZoLjd870cpnG8h9qX8Lq1NclOqxv8W2fI5Uz0Neez0gLxUOrGBEyo4dU89IWkIHAWL6s0XQXmjZL2-vq5xu8Ukn0BFsTlVY_qXnu3suPGzgCVDI_YBzQzrGJNvP0bnRdmvlTvc8vgtPTxxYUtlqQG73ocd9iSzxJCHv4GW7WYAShDWOuPXNI2_Lg8z6Olt1Q0DU1BZy2-5bdFcnA3fOpgdzkYBdfipWLsEl7QSyqPjW8QDlXz1yQvepLwtXDdijQgOfT4PDnvpC7xzHdEnKPbH-H4yrRRDamNYrpuQzYQ8Nsi35NHbQBAL2s_3BF5y9KMc5XSHMlo7N3t5FjwTiZniyC_ke2dSfrXK-FV4030jSiLmw4Z3iB6WU5PUOdZo658ILICztj5RdtvPcjjsx98Achu175zC53_jZD0qeWUAt1jCqgbyQoln_s10M2NqDaXqbSNPUSmwoA-0m4GNIlqyEoXlTKyqj__pGl8bVk84IJHfyvK0vDmu_0mtHnYyXRLj_n4JiZrgPMHvYe8YREMPhwVdjNjpZh7_6cFp7XBYjygsEePBbHJDAqF8wGpgoShlZWamFZ_fQ_W_Iez6eEW-wCuFovLyUAPConwpJI2zh0fDRLFeIwb83t7_hO9f5Oie5BzaP7gGcP3gv7SK_cBQecxJZXDbF7ymT_BtYgFPp_uYC6WjFh1fqjhjlYpaoICVjR7LTr8Ip2PM5O2Peaw3FbyZfnvwGcnQK4tAbfoWFhxyISacrMLu8n7qJCcQj3iNlUiD17s4LWkm7lr9AIQ1STW46gkDztiLfmu3-xxZfCyhfRPWt5-5qaKsO4KpWq4JuuMEHbuPNAaBYNiws0LAK2EOWH_NjSHBDk5-cv8nUOgXsrkGgj5Fz1abq4xkNkGl-7KRZ6X1nMOopKZkpsfXQ3DY9qvEo2tMdN5d1V6sfWXDeGidBeqB-AU7w9CtuNUdRz3gpx0k_S-6gXYabxPk0oZqfDehWGMzUaBqln5JsPrl05IOlkqY6HxEXwolCh3m83WSqreQmKegVWEVdoEir6krAhTW4g-P-WUaQau0m64UjeGASQg7XRVEOHVOhmbywWK09gEvl2iwV8mrB8rOgD9rN94nP0i3up30qwDYl-WFOAX7jTlnQuV5GKJ_cAlQ1s0j5eVr5dCXlOOWPryaXkp0Vi1VkhUTBjMb8xR9JADs7XORVvYRTrf5-PPi3s0JZ6zvk-wTCktLw3yn1sTXhfs8oRat3WUVZd2hA9B9XlDKDHD0hpChRaqT3xb23odD2qZqfvuXXfntqRr0NZc841ZFRe5LQjWajj3p0kWAzIt28mMukkvVtEG8uq2s2ei-PA5nNTyRYsRlSLtJyV4V_U_t6Rf-Qnkqa8luC_gbRJ9fZTSI6DFPO5REdo7ubGxoOdCivH3Qs3quDeLfGhPcB2UnHGLuqsxoMgcb0F5YGex2-BHUh5jKu3Ze49adIVA2nGih4CGLt7Yi4EXGMa9NOsJ8V5hSOgYZRLCRB1pVTvd5egFioqDWEVAJ5UsSfuHtRia8TZxMhPvftjWDEqJ_zi1ZX3wI5rirRVooR0IdcnxNOcTXoH0QtJYs9ZaQh2et5Q6ouzdMcI2fXsMDGM2_pKmSYsdqNT8bQ_HCmFxrhaeMnuH6L0SpdEMIzkwdyOk8nFb4ymzxFMgeLuhr3e3ylk3qVwJ68lErl80eLxanh_d92GlTnNJcrjwcSQ_YRUjEUSi4i0Ap4IlYy6XVBGUfHRzwVeJ_7ILAcb3doyIilMOy0szY9_NgCov1HuaqTRv5nsN26LeQrpIg3lf0XMpCG_VEhIyUGSG4FBn9nYakloTeSPxUc03rEeJqAl_0LElzULrDXzs-7pUB-BqN3u5ooxbKkIJ9hUB-5Rpv6B5ieqRsZ0q3kbBwQrMURUCwgktqJrT3bFt84JwmqZMS8z494B_KhagHtkC_CQvOCEKTk1ItKrcIxb1DDlHXyZa1EeLKLitSp6C_LTvIFs2jlne04rHUfEVyNWpR56dMPJ7Uay95xasiAXVYXkMQBMG6u5JcMLlVgc2bSMC8uO0zMar28QK5PV8n_9DzpvNrDZ3-7tY4kb6TuHTxA5SiO9fW_9_F2zAz6RDw0GJgxtbUWb4nai_nEQX3ZI0HbBdVHMi7Hnmp5R2k14ri5_XUhPLmGhdr4tYbnSwtK9qJ8fu79Pdh_huOumpFXshGc9-o6RkzgRyecuqYBolIV-k0Fg-_0tfaizhlDi-tYpnuOJZNctCisQjGvgiEX0k3t6waCEjg7mzhlKbAqT-jZJOB2nz8sE6qkFP7wt5cmRpNF7ObN7n-lqs8HCA60P0k88f9nHzDK1FamHb8B57EPeT-MIn683xqyPC-oCsp17M0wYr95zcLbHwIuli8rQ6K_plBYzMnLuXKORtr_3UMjMN8AdfInfItxWSDzo3LY9uvmF14lUkqh7p6sdbJduUG8TtgUWKt4Q2B7-LvimW3UiD3R6pwtC8NGfrjT7r9l3dsPqYbI1dnoylScUHBX9ZokHpSmzJAiulXWtdfeHslEt0-IQQssjTmYH7-O_5wre5SFt47otYAIP89l&cid=CAQSPABpAlJWgmxUcotL2Yx_l_18SY9pcrUpbaXW3yyD2j_90D5_ll6UE9J9Pu4IajuG1w6jprVNH-GPuV-12xgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ds=l&xdt=1&iif=1&cor=6541534122872019000&adk=250412560&idt=141&cac=0&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:51:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77304
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 18:51:15 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 614D 30 KB
11 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73522
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11585
x-xss-protection: 0
server: cafe
etag: 30886230758233217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:54:17 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 614D 41 KB
13 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:19:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79224
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:19:15 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E147 0
20 B 130ms
130ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4812090444733&version=m202309120101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E147 0
20 B 129ms
129ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4812090444733&version=m202309120101&ct=76&x=1&cor=12879024382310302000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E147 106 KB
41 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIwb1AL1MGaZ_0rXEGbgfpUMxG7qmPTNI0n_o8U9JpZww-IaC4I9J8czh5c0hC6WExU8bfO5vFZHrcfpYq2TraScSwqlMmvEIS2-NjBV4STHv5egGPri9g8atNQkkcOHOEVNIrBHRQctoafxVFxISbGUyz93wV0xU0Qnd0cvd12xzTp2c&dbm_d=AKAmf-Bhb1FqieqXdyV0mUOM8_8E20uztaa3Xl6pYmo8CXVlOStiUci55XPQZ7Vf1fj0f1OOctkzCTgIeRXj45gqrrYYdWxnDtTpvEtDoBObPuppnmTBjMvEUHHO4O7fnl_AIW5bBwAVSrIB-GYd7QmLMroIe_RKKfRzd7TmWdN-RxO905aDH6cvKK5O87JzpodpopjNfqk2zynrX7qd-3rOQ3sId5VV2uEgGcoaDqGyA0WRjSGS0h2fK6z3lKEbZZJwcKkSLNtwrwf2u7a27fe1AlKCHsjHzsWYG_XvGubXYv-EDJQ4_NIbLhN77jaHUkswuMSYfUg5E_RoxK7e9jl2uKhsL90-BL7c8HuIFV-AoWWZ6iqZENKBzruu7We-ThdCU9RMjQ5hx2UrFugISeInR3kcvRbqFRORSjN2WAPYnG5frSA86RIgVNw2j8X2cdet-gFiUUKrUNKKcQjdfGVJlmjd6YPsEtb3BK5dZmXIYGmyUHKarPD-opFE6iTsU3BRtfmPr0dd3Ed1P5E1wbZX3R8hgL_pBQrwa0D6xuYFBePpYkdIsTuJIkXXrkfOWYM7J5lNpQjnrtbIOj6XBZ_fOCWZvSVETaK-C_KJPkA2q2MG7TKI669cFQVCb1YLqJ12-tF3dGy9gw_x4PXSlDS-27RWgEk_-yPpnwREbfJcZf24swEJMUaOfY987Jsn1Zx1e4yRAOaYtWZtUDsH8XhoNGG1RwGGtEdyEm_TJqN4_RqotjJGAAB4Yp6W5z4tHnCeSfyzgwndUpTMJmAuFt_otTy0yi7emGOvlxQFOIA4Evxa5QlDhZpzPhfC1rh_s1OA6ALyWUIpED6OVpa5d3FqCUz_AK5rUzv4hkyWrzqiyRXXgElIFQrI5eur6yHPeVDFp5SXwWQWRFm2Ok6suih7FleANlAZ1s4Q40DYms90AuwQbha5hP6KkGWApMV1s_dOcG51mGubu0AGE16I4dcjUtYlsnzCMzzaEfIaflDsoRxjBbFfrXThD0ZvUwV_ja-UXuvnQ6AyOw1M6IF0_TtobkOysLWS9xSIapG89PKxOu8P3w0wKWLO_Ak3p2clLe_8NGWw1oOtV2DetWwnzAcF_cTUyK_SF44eOOi1GXvdYy2H350e6mw3eznhluFGHFESaIlmMB6p-n3sD_mnKnd17c0dDZ1yPxhY1z_2lcJt4vOK7gzaBc0qyLU6i766pr_isve-xH2Oes7ptG4HY02JIixVNy8i_lzEpeSMO3CTYJkfe1GuWrlzii-KGXtNxdfFT2778HUb0NJcw02iALosj9pYZmlng6xLUoW8MoVN5QAn8jbo9cbt3uVGY_jFJV-8XNJzvGYQOcP0mNnLZ7gkqaXu8l1r-XSBYLISQ0e048t8-bfR5ywgC256MF9SrIsOPcN4LHdTkzyyvIHBpeISKp56r48Kf2k6yY8kk7_W-pSX-KfO7UCOkbolKdK2sn3TaPjGjSZxEAJ9gCFPnvAcNmi1aklKSfbcm4NMDz6OR5_V9IXzKkH0OWHhWDg_5WrGjc9TxDbmucVKvJ1Fq6Kvt5aFekQ882cpdOTIWNW8CsLEk-4TwiBKmhgioIUokig_PtyvKRjdIY6Do8GeuCcXbQ4JCSyX_WZyOrsuHTthZZ5UijLQp7z4At3kN5GqtLvxeR-mhbl2CpnwXEu_ZX9GRzUyGyFWtwgu5vPz9QVsURaDtzcbIxTNk5kdHUKxu_VIQCNnWhIucRM5dUiyZmsUSSDFyLWNCxOwq9jTr1Pj-vcORhwVhwGeoBhfYrnZ50gqK77G0rRhmkhsHo3zDCFWmyeG0g0_XQ0MQnq9M8b61nsVSHslNFlDozrJv5m-LStbixtE6eg34COLBjiJ9Ziy3KfJPSTkVHYCdqa_shF5xizSBTVTyJM1U7vfJnIeYzocBd2e_UNvMQa9GesmbWejEUeIMAMDBLRk-f1igA1kstl8NHM-IkFdRjVdKgtcGO66-M_NYhYbs_W1IfVJi0SvEQxsjaoK-6Nn-yEzCXACfDxfS1mosE8-391KMFD6PZOPwoQML1lNuGMCSc9n6pAvGgCsRBSDcMb6VydJyj0x3DE32PmE2lCaLhgxTw-86TmP9y9H1t8kzIHi1Usn0BBPm0YY_606pRbUrNd-FWPIt0cYNRKzR8q0k62EiQ8XAw5BS2RCrSU6I_m2WLLt_GujI68v_bQnNOv7JSyg8-1D7cZQsFW2VI7OvyIZC2E4a11DPu9ajMCDwRl6ofvvLgjex2jvjLD4kQgl27LIWT0WI4XjjS3tqPMxlhP0fyC-CXjZN8Iyv2se3mSVAnPFDa614hu1UZnnfDbPjkSPcXgTQdL6eRkSah03fVT7DHQrnyxVyZhOetziz5reoIvRg6fF0P0Tn1NwVCpUKF0WnhF4ChG-Qde-QpcfLNXpWUuYCNthPu9oJpkvOHraCv5leYD0Xd48qzAnlWh4qcSHkYUCJNJ_VzvNiM8imi4bkojl-TomC8bfFhFlYnheElJ3JBpZAl9PTs1Bjp0Ruu6E179eAdvCndl4uXzVzbYT4lxd7zbrTeK-Wn0Pc_8epR5uGFaZgVNQxJPIbGzi4LmMZRhkK6Hd7rNT5LPbEgkQ3KvTppFMXBHQzSfnwevYPG9f_zEgnkIToSvdP-C2Xf_MlphCHqQ4Xno1zHXn7X2OIw83msWu_HjGRBu1I2Bpw6sdOq0z_7YIPAHeGNp4VVACMMYZtuaKGdYvdQst3dGXdQimDAF2l05XANtx9idsPipm1ia2mCJmybfRcla6lYqUSB_64WgoQKX5CCngoyt1gk6OVpYEUNofx5u4Tgt3aCDnh57QC-YOgkgp31WSi8DBxoyP7sMsP6g7xgPOGHis_M5y5DkXCOZQeG9x43ZYQnZgIhlfHRm8L3rL1YQiTuITxvM2nMFAwufqzbJ2JeD2aeTPkziryp5oRm8sKnUuYsYm8gfPHWAQN_YvOPSLoKqpWv-pkhj4wfXfPQFKE4IhPFTaEH9ei9E2cITppCtgqBJ0jz2tLuixm__rgJhVjVt_RnYqnaxEg_jR95Wa2OE6rvm4teMHh72YbgUDucAUef_miBHEinXHWBsIHgpTyYjiDUmcNgjiR6rkFMErGGxBEdd11zEuUYGlzPxW1Zkws3MVNLzaVokADR-6oPBLZeNlTtOXEcm3_9IT8dkr7DEhieR2phxnO-u9NfIQmYAtoGfOP4r3-pSM0-spB8Q80drTBCiTaUL5Qg9hjXeJaqpbpEeA7tBIh7bA_4i1U-e48Dw2tCslmtQ2GVt6BPhpHdIEqJfI7rpz4SaGgCbuj7gQZBRu4lBOJZP8qixmcCkffCF--Bh2uTahFpFCzKNfoRXFT0yUyBxyTaLIfNot1vymZEpbD4k6CHPJOrgz55jcrrldiUBOc5px481VVzEDfV5LQokrIitfyoNMuBYhadCRkbHGIPHnqf6vbsxX1YVd2AuPCYGq0eFu31uXWUS77Ad8FW4c4GkjAL4_U7_ZyqGyIa4rax137xEEuKTCM1BotGVMmcpuV_fO4DZpSA&cid=CAQSPABpAlJW-UoZ8DKzrxoqRP2SOUhZM3q-xzlLhQ7i9iF3KXYZr1srKYN2nbztyjlI2yDbqi_KuzaCYfbAJBgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ds=l&xdt=1&iif=1&cor=12879024382310302000&adk=2228999115&idt=232&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4525cf0da0b491e3c08793830cd7c18e633350663ced0fadc7cd351d2019c272

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41464
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E441 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3960f52a2cc71bfc791e2402be1ef0ec372cac4ef897b0738a61010aba73158

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 77D3 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 74130
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 19:44:09 GMT
etag: 48472445140208031
expires: Fri, 15 Sep 2023 19:44:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 614D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c874a29529a82ab68a5e5eda52154b19b7d7ff03d27390c1c234cc043ad0047

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame E441 33 KB
33 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 558938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 05:04:01 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 559A 43 B
215 B 120ms
111ms Image
image/gif 2600:1f18:1aca:4282:fb64:6350:439:4507
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1630069&asId=cce5aeb4-1f61-bf67-4d16-a7e57362b064&tv=%7Bc:oiWOIz,pingTime:-10,time:866,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC42MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1694794780003%7C%7C0f704c3a12ce4dec604bd6ed4fc47d24%7C%7C2e6de925b83fb1ba2705210ba8c28c4b%7C%7C25c179e812e70d06721b1febfa7f2c72%7C%7Cb892f0408a244ab46ae39bd9b292bd34%7C%7Ca7c3105d246ed605c0c847657d4300f7%7C%7C217e11ca8b1013b54a84be62cec00dd1%7C%7Cd59f21977f389bddf11364db2014e6aa%7C%7C1663701684,im:%7BpWait:14,pLoad:475%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:fb64:6350:439:4507 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
server: nginx
x-server-name: dt26.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame C1F6 111 KB
39 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
Origin: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:19:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79225
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Sep 2023 18:19:15 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/elements/html/ Frame C1F6 11 KB
4 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTvVLGMkZSLkoO0rYRW43hu5EZjKFwtAtEU7_GEzW7YofD6iMtVqfGbsGRz8g9p5HyU-0RWbPuZJEI8OK5wXfn0NNfUw&cry=1&dbm_d=AKAmf-CmoBbWq-D8eE09y0S9xoB2Xlvekq7RAanBAarIm-w9fmbCUUnJzqo4BULrcBY_rULuZDGIAPPxqqBqb3EC_xjLza3SBbrcrxhNXM_c1ImY2pI7mKunZZb1zoZqvgb7L5p2QiIXz6hqL5EIBlKrxv9ivNgL3asibBbyrNCaEpcni96WwD4gKmaoyh9Ufid-JUHS3ZnPJUMQrF_45titeW-e0x0dgm6L2VA2aNxa_NnuvLHRMOfmngAq-CsHHCoBAU22X4Qjszp5C6xsbb9wGQZpoHMM3yC0wgoY0zHq3NtMsh-gG2-RGKC4b8ygBx062R7kifCnF-LhnLzdLnByVIZmYAcCV6YssZMhEmYnUXnkHjZf0ddQKfiL8C3nu7PFVrPHQ8XPUPWUUdSfyW4K0Mscl30J041wjEk7iO5BCaGcNxDKlmrgzM0Br6dCG5ngPgmcXnLhG_F_noyTq0v_LN5wQy_siEyCha5WlI0XfATYVjqpZIvhh30SqDh2xAE6fuwA5dQiudoxIssPEC80J4eufy2NTok5DTkadArJ0RbJFegemA0sj7XAaGLBtlWDymEqdKe56y1uSWIvHRsvHlJXmyv_LQ6JtQcSIoRZISvWolt0aPfzh2-Ch6_CJXo1P2Ul8iPT5gEwmpxcawftqc3yWCSnWm6r2CzjwQB9VI5_8mRl50BMjooDF2jW2GzFgNRDxpBYO611Lu01_cTbXwKtfa05tSj6pMtVpDCxZkCDLYCqmw49_vt7mOQNT3rH23sV7ly6I0fKDcnnhyG6LCto_vUIjuy3a2F2Uoc1hHXyZQ2DfpjoDiPWe6BHsWb9GWr1Yvxu6HVEujRJMqIvjZSGeooAFjLtrdj0fwUyQ-llCrC64GmSmVYEQfuZimFNwzz3d4kUnlS-AhbLLqV7qxeSUMJkWr0-LIlVlduNyv1H5ybfvkW1P9OUiGNF2rpEDaFIETS1lI5SdpJCR4XaxPgmqrdpuyvb7rjbeHY0A8MsTwLnVXAYXJ5letLn1ktJj1fY2br_wBktJ-wfkLop7CODG-qpH7Z9BONnDDPQLkGg7TcLBG1gBCNvzsmE_XWx6QgOVpG84ShrcfQk1MLyuVHYOI1KStyEnkgn7MC1lRfghHblBHO9uZiQ_-Qg0uh2YQd53FP0y1jPL-EpJV2gUCYIQRXfW1tRWC0_UgX6Zkje49XSTk0kIVPe85h1HVdkWgC8j-VkCbG5-qSljUEK33Xq7TSzsivmiwG3A1OO10sFQqajpfqGQgt3ro8DbVHbk9wtkc5ZncFAaC7KREwWy3tWbHMgNJRmy7JlXfcSrxLyi-xqNVnHwvSZ7xCb-lRu_qArRGoElMLDx5ycu0JB_GlZgWsT7z8U_n9LOJ1XZ_e99MZ6pwPXX6nWZqgAU8g3Z9HSfgG3dtoR3OYNRvkBBlVc5yTAR3bZm8rZ8XHwkNGvJYGMoKZmXH7rSsedsWmNjNDOZ9Zh_KTlf4eTfrwfeSvOZD7dVXdSLLWe5ziRJNoLrS2EWcqy5F1SfXT84IlNXwwsPlKxW7DFyZrd76Vue4gXsL0ygjF6sZFR3hSKJ1R7ifN1wLfiMqxEPj8q5GQrh4_t6evRQvekfkfKkVkhfPIc_JmkBoCeY6H4cqTixUM6bFXocI-aOFZzbabyn60YoFZAXKh-LEzItjK4-UT4xKONwOYwSt50o1UHpmIMm06nlkWbFjoWPnSUolUyZ6fn9rJ8vpTcrgHtdkpRriZUS0FO1yrO_JRwwPXfwv55prh7RITicuSRDz3YV29LI0fKdJ3GQKwvALGMNPY_f93p1o8g1q3vBQlOvil1zn7igd-aAsL5KgM2bC87dZbpn2J8dNpuPKoa9F94tasKNnraprQKrgVlV4iTpNCsYeukJUurOzIkU_0UKKzRsVbpHRg-nISv7C7ffKD-mpT78ZNBXl7O3aRHdhty03N6t5ge4XR0n4yxJ2mN70iJiecT7rq9DHpHuRnViZXVPYubCnoHOBjuMLkSakVi97A06JKgYFSSrMHX4p7IHsopfHPK2SIa8owxSXkBugDYkTzC-JaH3nh7uxS2HIVMJfWl7mZP_h30NZfaly9PhUKGaaaNyclMa0YjdcimTWRYUP_hBgLtnMWuEcpAuaa8vB6mufFO3GnAtRkVMJ_RkWEu9gSdjHZnaSDc768bAnG4BzeiXhj_MgYCFrOWpBRMkcdzRxfIZLSaHxzB6EABbSh9hYxkeuWz1JlMgdecFFcvinvILaS5-3kdARHTLfy76ZxpDUSBD2lv2utgQ2r7You2sZaEE69UfZrss6mpK7Db6IqXu3HHmvlatR-6I8bBLN64OlEikGeqF5FJsGxCgysg8DJrzkN0wACAAmSt0LQ6oDdf0i3inNSiPIcnm6vohWG7OojuDOUtQYf_odJOmAmGc_ZZ5zz9SbkxSCeONzADMIykr7GihAVgWF3bTUAMAaNX0NLBDF3TBFq-ye85UODP5GLXu5R3E624LiXODpwEIYkhTfCNJe0hb1zAprae8GgBfrMz9NHoVMlYbD10GYGENTdvakmTlyJGORHH764CtzNISBq4brkYUj8sxN5zWsk7WOr6NKh_gWxBjX-QkGYi_zNu54ireZdxR_n1BRbqaLetNoSMFKfskFnTPwllVKtHIXwZt0l66wCz1V1HGet-bbzoyPMTGU6hqjXvUny3pljfZ3RptdARIl8hZtVHyhbsBh_YxEInv7HUwMZHXKCWATG3Gl_qWTW86MvRQnNmAMUMQYr-DqGhsjSVvBGJv3R3qv8QNCr4dTIWxokAh9rLKpPAt8zF4qRBYQvMVJu46ynq6N3F_DoU0gYJwr2t80hE4fjYppsthshoedxY05OqjpIG6m0168c0ND-GnoNlIzF0aV2fSwV3fJkVdJmeYqKi-N09366gg9rm6FUFDryf0euJqaNLbRHUsKqvo1dAMpTkDOi-N24Q6bPnhY5G05kEKLKZk98dPz3DzW9_38o4zi0X3c4hYAY2b9po3DMJ1i2B2Z_ntUhL-McqKHnjvkax44-tqnr6aNoFkU3aXknsHuuvwlXpPJ8rItqoeprmQUNuRNyrCqIlSxaURMyry0BpbEXqmgb2vGyOTyBmAXHHxanq553mfK8wG8h9GoJI5NJ4HRHa9P7YU8bfBqCAmTQ0bdg8VmWdpCzHnjEpDw31jMixMXK-eVYvNjnnOhPXCmkoLytfA1-ZU4STIW-0_Y8YPqnt2XMXxvOWexLwYLoy8kIYWBIIG262_DZvuI8FIxSQpZsZVskArWktyCuQxB3EFHeTFaVObvYMEazZU8vazuqpC88KPGouuBpDT1SA3YrbhoYbMrX2_lmKsfPByTl6QXTM7ZrePQjcoOIyo8t-ErN_kukRNZFuXgFUMppc4XpPYlOaFQSeVHwoyKUbEZ3opEsDf64j8UjT9pM&cid=CAQSPABpAlJWAwwfqElVcX30snPQ7xP9tM39quNZLaA6d39CSg4THcjqmke-L_YmaYQRVSRZG1f2fkYrlu74zRgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ds=l&xdt=1&iif=1&cor=4403843139148175400&adk=1964084972&idt=218&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:51:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 18:51:15 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame C1F6 30 KB
11 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73523
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11585
x-xss-protection: 0
server: cafe
etag: 30886230758233217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:54:17 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C1F6 41 KB
13 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:19:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79225
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:19:15 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1475223/71249298/ Frame E147 249 KB
75 KB 38ms
38ms Script
application/javascript 18.200.74.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1475223/71249298/skeleton.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=&ias_chanId=1&ias_placementId=20111331724&bidurl=https://www1.ihdstreams.xyz/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jRr5YXsURqerwsiMnzAiYY
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.74.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-74-55.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c80b9ca237cf6066c1aa40794a869ac00b7afcc0a9a5ad841428801d7f4117cc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame E147 111 KB
39 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
Origin: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:19:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79225
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Sep 2023 18:19:15 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/elements/html/ Frame E147 11 KB
4 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIwb1AL1MGaZ_0rXEGbgfpUMxG7qmPTNI0n_o8U9JpZww-IaC4I9J8czh5c0hC6WExU8bfO5vFZHrcfpYq2TraScSwqlMmvEIS2-NjBV4STHv5egGPri9g8atNQkkcOHOEVNIrBHRQctoafxVFxISbGUyz93wV0xU0Qnd0cvd12xzTp2c&dbm_d=AKAmf-Bhb1FqieqXdyV0mUOM8_8E20uztaa3Xl6pYmo8CXVlOStiUci55XPQZ7Vf1fj0f1OOctkzCTgIeRXj45gqrrYYdWxnDtTpvEtDoBObPuppnmTBjMvEUHHO4O7fnl_AIW5bBwAVSrIB-GYd7QmLMroIe_RKKfRzd7TmWdN-RxO905aDH6cvKK5O87JzpodpopjNfqk2zynrX7qd-3rOQ3sId5VV2uEgGcoaDqGyA0WRjSGS0h2fK6z3lKEbZZJwcKkSLNtwrwf2u7a27fe1AlKCHsjHzsWYG_XvGubXYv-EDJQ4_NIbLhN77jaHUkswuMSYfUg5E_RoxK7e9jl2uKhsL90-BL7c8HuIFV-AoWWZ6iqZENKBzruu7We-ThdCU9RMjQ5hx2UrFugISeInR3kcvRbqFRORSjN2WAPYnG5frSA86RIgVNw2j8X2cdet-gFiUUKrUNKKcQjdfGVJlmjd6YPsEtb3BK5dZmXIYGmyUHKarPD-opFE6iTsU3BRtfmPr0dd3Ed1P5E1wbZX3R8hgL_pBQrwa0D6xuYFBePpYkdIsTuJIkXXrkfOWYM7J5lNpQjnrtbIOj6XBZ_fOCWZvSVETaK-C_KJPkA2q2MG7TKI669cFQVCb1YLqJ12-tF3dGy9gw_x4PXSlDS-27RWgEk_-yPpnwREbfJcZf24swEJMUaOfY987Jsn1Zx1e4yRAOaYtWZtUDsH8XhoNGG1RwGGtEdyEm_TJqN4_RqotjJGAAB4Yp6W5z4tHnCeSfyzgwndUpTMJmAuFt_otTy0yi7emGOvlxQFOIA4Evxa5QlDhZpzPhfC1rh_s1OA6ALyWUIpED6OVpa5d3FqCUz_AK5rUzv4hkyWrzqiyRXXgElIFQrI5eur6yHPeVDFp5SXwWQWRFm2Ok6suih7FleANlAZ1s4Q40DYms90AuwQbha5hP6KkGWApMV1s_dOcG51mGubu0AGE16I4dcjUtYlsnzCMzzaEfIaflDsoRxjBbFfrXThD0ZvUwV_ja-UXuvnQ6AyOw1M6IF0_TtobkOysLWS9xSIapG89PKxOu8P3w0wKWLO_Ak3p2clLe_8NGWw1oOtV2DetWwnzAcF_cTUyK_SF44eOOi1GXvdYy2H350e6mw3eznhluFGHFESaIlmMB6p-n3sD_mnKnd17c0dDZ1yPxhY1z_2lcJt4vOK7gzaBc0qyLU6i766pr_isve-xH2Oes7ptG4HY02JIixVNy8i_lzEpeSMO3CTYJkfe1GuWrlzii-KGXtNxdfFT2778HUb0NJcw02iALosj9pYZmlng6xLUoW8MoVN5QAn8jbo9cbt3uVGY_jFJV-8XNJzvGYQOcP0mNnLZ7gkqaXu8l1r-XSBYLISQ0e048t8-bfR5ywgC256MF9SrIsOPcN4LHdTkzyyvIHBpeISKp56r48Kf2k6yY8kk7_W-pSX-KfO7UCOkbolKdK2sn3TaPjGjSZxEAJ9gCFPnvAcNmi1aklKSfbcm4NMDz6OR5_V9IXzKkH0OWHhWDg_5WrGjc9TxDbmucVKvJ1Fq6Kvt5aFekQ882cpdOTIWNW8CsLEk-4TwiBKmhgioIUokig_PtyvKRjdIY6Do8GeuCcXbQ4JCSyX_WZyOrsuHTthZZ5UijLQp7z4At3kN5GqtLvxeR-mhbl2CpnwXEu_ZX9GRzUyGyFWtwgu5vPz9QVsURaDtzcbIxTNk5kdHUKxu_VIQCNnWhIucRM5dUiyZmsUSSDFyLWNCxOwq9jTr1Pj-vcORhwVhwGeoBhfYrnZ50gqK77G0rRhmkhsHo3zDCFWmyeG0g0_XQ0MQnq9M8b61nsVSHslNFlDozrJv5m-LStbixtE6eg34COLBjiJ9Ziy3KfJPSTkVHYCdqa_shF5xizSBTVTyJM1U7vfJnIeYzocBd2e_UNvMQa9GesmbWejEUeIMAMDBLRk-f1igA1kstl8NHM-IkFdRjVdKgtcGO66-M_NYhYbs_W1IfVJi0SvEQxsjaoK-6Nn-yEzCXACfDxfS1mosE8-391KMFD6PZOPwoQML1lNuGMCSc9n6pAvGgCsRBSDcMb6VydJyj0x3DE32PmE2lCaLhgxTw-86TmP9y9H1t8kzIHi1Usn0BBPm0YY_606pRbUrNd-FWPIt0cYNRKzR8q0k62EiQ8XAw5BS2RCrSU6I_m2WLLt_GujI68v_bQnNOv7JSyg8-1D7cZQsFW2VI7OvyIZC2E4a11DPu9ajMCDwRl6ofvvLgjex2jvjLD4kQgl27LIWT0WI4XjjS3tqPMxlhP0fyC-CXjZN8Iyv2se3mSVAnPFDa614hu1UZnnfDbPjkSPcXgTQdL6eRkSah03fVT7DHQrnyxVyZhOetziz5reoIvRg6fF0P0Tn1NwVCpUKF0WnhF4ChG-Qde-QpcfLNXpWUuYCNthPu9oJpkvOHraCv5leYD0Xd48qzAnlWh4qcSHkYUCJNJ_VzvNiM8imi4bkojl-TomC8bfFhFlYnheElJ3JBpZAl9PTs1Bjp0Ruu6E179eAdvCndl4uXzVzbYT4lxd7zbrTeK-Wn0Pc_8epR5uGFaZgVNQxJPIbGzi4LmMZRhkK6Hd7rNT5LPbEgkQ3KvTppFMXBHQzSfnwevYPG9f_zEgnkIToSvdP-C2Xf_MlphCHqQ4Xno1zHXn7X2OIw83msWu_HjGRBu1I2Bpw6sdOq0z_7YIPAHeGNp4VVACMMYZtuaKGdYvdQst3dGXdQimDAF2l05XANtx9idsPipm1ia2mCJmybfRcla6lYqUSB_64WgoQKX5CCngoyt1gk6OVpYEUNofx5u4Tgt3aCDnh57QC-YOgkgp31WSi8DBxoyP7sMsP6g7xgPOGHis_M5y5DkXCOZQeG9x43ZYQnZgIhlfHRm8L3rL1YQiTuITxvM2nMFAwufqzbJ2JeD2aeTPkziryp5oRm8sKnUuYsYm8gfPHWAQN_YvOPSLoKqpWv-pkhj4wfXfPQFKE4IhPFTaEH9ei9E2cITppCtgqBJ0jz2tLuixm__rgJhVjVt_RnYqnaxEg_jR95Wa2OE6rvm4teMHh72YbgUDucAUef_miBHEinXHWBsIHgpTyYjiDUmcNgjiR6rkFMErGGxBEdd11zEuUYGlzPxW1Zkws3MVNLzaVokADR-6oPBLZeNlTtOXEcm3_9IT8dkr7DEhieR2phxnO-u9NfIQmYAtoGfOP4r3-pSM0-spB8Q80drTBCiTaUL5Qg9hjXeJaqpbpEeA7tBIh7bA_4i1U-e48Dw2tCslmtQ2GVt6BPhpHdIEqJfI7rpz4SaGgCbuj7gQZBRu4lBOJZP8qixmcCkffCF--Bh2uTahFpFCzKNfoRXFT0yUyBxyTaLIfNot1vymZEpbD4k6CHPJOrgz55jcrrldiUBOc5px481VVzEDfV5LQokrIitfyoNMuBYhadCRkbHGIPHnqf6vbsxX1YVd2AuPCYGq0eFu31uXWUS77Ad8FW4c4GkjAL4_U7_ZyqGyIa4rax137xEEuKTCM1BotGVMmcpuV_fO4DZpSA&cid=CAQSPABpAlJW-UoZ8DKzrxoqRP2SOUhZM3q-xzlLhQ7i9iF3KXYZr1srKYN2nbztyjlI2yDbqi_KuzaCYfbAJBgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ds=l&xdt=1&iif=1&cor=12879024382310302000&adk=2228999115&idt=232&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:51:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 18:51:15 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame E147 30 KB
11 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73523
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11585
x-xss-protection: 0
server: cafe
etag: 30886230758233217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:54:17 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E147 41 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:19:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79225
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:19:15 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3977 1 KB
643 B 21ms
21ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 74131
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 19:44:09 GMT
etag: 48472445140208031
expires: Fri, 15 Sep 2023 19:44:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C1F6 206 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d6d291dc916a0eef4f064df33e1d73fd8ef56e246916abad4e0313387966425

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6426159062837453930/ Frame 274C 671 B
435 B 33ms
32ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=FJ3NQwLM1p&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cbd24d65fca9b12a04b7d93a5c7f8facd8e872fb3e6a8b4071f2df07a496ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 407
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 16:19:40 GMT
expires: Sat, 14 Sep 2024 16:19:40 GMT
last-modified: Fri, 01 Sep 2023 16:26:06 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 614D 0
0 158ms
73ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_ZPKZtGLGi4dWSNAmxVkXdoeFLYOxObSTwUDTlOzO_U9b6H1ZIe9qHP3ueA38vmWLX1YR_uMw57tnYQig0Mg43BSt_89gaO1YKkazGBb6LBWGTLW5kk9lwmgBNvlrQwu0BUDSSqX1GfdVLvubwXxSTf4atV785H08tF4YOGsLzPtklgs9d8k3FDYYYnUQDGWGDV5XzaCQ97i4N7f0qlfu5izZvU8fnoxOylRVJhGS1_VenIJ5Go8QXPDqKqbvkpClq5PzTYdmatjFwxLEP3WePCPpCst8xoedLO7peIHpPKF4WA-bOFZGCRgnX6-1bIHaQPOHXNbanreH62IR8iEGRf_3cAjZNKR7fCL-3ojp3E76JgIaf-d-P2FRRkDcY76ZpBVMXmFLQ5w0zS5-o68TM0nJCqlJqLOHPmp5eB28IIzo_Lw1eueXucH-au7z30xmhNiY6kcSfyHN_cMWM3cpYva05bQCBU_Rb8avFS0d-_inJfVInynF_iPJ7G0a6D4X3-vi5PaBOQloXxOc6u0Bw-IOESM5KbkR38rFd51jqrzzN7hEHTJsF3DEIvj-OXeZVaf8CU2K0Zq6_GM5q4Ab81cnLdPZjZQ6E0OI3xfo7UjyXOJZubZlHK2vTAw6uE6rxaOzbwj5Gm7QJsolIcizw-uCPYtbCwNOG7-5CP2-NFPJLO5utRnzVY5hRNiO4ggJp2tHqDtzfh47Z15XcpEsT46LT3XSrgb033iaxbGxU6CsajHmwGN78tfdkJ7Sy0aJX9h22lNSrLSI57ZUbAgjaAoq4IJYy7bYQ1GM-wgm2BZANTwUM8SXe_mxeh872UQ8I3ErbaT5WpsoMhHmPYxrRXW97e1IsoMMUF0c9Ozix7y-D9nAHg1YKpAZpXOt3lg0mSJLKOI5WcZcL9t7dxQYlQupSQMC5LMyjhjrzRHAn5N8pPiICJUap-rvYh1WQJIcnuUqdDE3of-xltpbDQbpQgNNhQu8BOMQ7ASV8XEgWRg-McTJuhDR0LBGLcoXbVBNTtRfe-3oRxwCSfhdmsLXT7qFtWZwM32zypP35W9CxSFPDdrfFTb8r7q1ytutbZKKFaegu7dU-g_wXue6-nMg1vnVm_t7Bqy4xc_qDDgZpPS3HLwD6Lr69odXH4d859cd6Ske2qKsuscBIp7V7ILhiGVALptNU8kfPgNr-BzdUHhH1xdhZPD75ZZkUTCNtwDPqjQwt6nW6BKdJsvR-poVd2jUZ2i6z-cIGFcGQV6gSFEtwAs2RUMJNIkKP6bu4BAGmlwLWLKoo0B5G2kUmRwGcPvpNzsYCjF9RIPIWTAP8FWHCQfPWqKCBGuPpJZHdb5B8r5HGLgEkw&sai=AMfl-YRBj_oYuF-C5V2TzU6hVaRHqlJRXF8F6XhIlgy9ODujrGCv-BbyziKLJM9WP7SBnzxkAWnyBBh4nsktDzdtSqv34aHxyv2e0rOzssAnSuJktWiJhhr7VcVUGGeWwU0xEWual9_XPGfx6spDeT6_LYV9ujDr7VxbpMuUMuVgVcUB3YLUxDa6BgOrzx4RGOMwzPDX9PX0bm76ahNV46WdzagOE_5OmaEvUv5Jlx5KOY_XnlCvTDL1oSShuciRTAooYlVdr2k&sig=Cg0ArKJSzGKFLYIS8bdcEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=235&cbvp=1&cstd=226&cisv=r20230913.88719&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 15 Sep 2023 16:19:40 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:19:40 GMT

GET
H3 200 t8GibRNARgYsE0Sx_-jM8Z9WBbCCL83x92A0C_FtaJU.js Show response
pagead2.googlesyndication.com/bg/ Frame 44D7 37 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/t8GibRNARgYsE0Sx_-jM8Z9WBbCCL83x92A0C_FtaJU.js

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7c1a26d134046062c1344b1ffe8ccf19f5605b0822fcdf1f760340bf16d6895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14716
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Sep 2024 19:44:10 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F2E6 1 KB
643 B 21ms
21ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 74131
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 19:44:09 GMT
etag: 48472445140208031
expires: Fri, 15 Sep 2023 19:44:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E147 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 397d7ba18ebf7d61f7cd07037782bf569312d34696918a9402adf48f382510e9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 77D3 70 B
149 B 125ms
37ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGtjI_S5clC9X1HP8XP7NSQ&google_cver=1&google_push=AXcoOmRrvDFI_691o5urCkF3TCbgLPGtnM8XHAv56T927sU35RBE14O1L8VdAdkSa8u0G4qnYM2xZvVL7IulhiiXanW3TfbD_TO1
Requested by: Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:40 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 77D3
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMm8Rho2UYLCYNx4AUutgfY&google_cver=1&google_push=AXcoOmRVbb2Gllbcsqm9K7JqUra3i-TanAttZIr7kr3v9_0gF3IT1vrpdSKU_nG7Jhd7udOZii1-yA8uIv9...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRVbb2Gllbcsqm9K7JqUra3i-TanAttZIr7kr3v9_0gF3IT1vrpdSKU_nG7Jhd7udOZii1-yA8uIv9mLf1I4dDstZCYpI4&google_hm=1K-rDpqKQ8eGReSKonye7YM

170 B
188 B

34ms
33ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRVbb2Gllbcsqm9K7JqUra3i-TanAttZIr7kr3v9_0gF3IT1vrpdSKU_nG7Jhd7udOZii1-yA8uIv9mLf1I4dDstZCYpI4&google_hm=1K-rDpqKQ8eGReSKonye7YM

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRVbb2Gllbcsqm9K7JqUra3i-TanAttZIr7kr3v9_0gF3IT1vrpdSKU_nG7Jhd7udOZii1-yA8uIv9mLf1I4dDstZCYpI4&google_hm=1K-rDpqKQ8eGReSKonye7YM
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 77D3 0
173 B 64ms
18ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIYMeo0o8JJ-Ur7RKfNdt7s&google_cver=1&google_push=AXcoOmTNld_nXnTuusKoc1_C_H5y6XINEpdH3P1zqc7iwTbABUIPmUD84-3vdSE2QtPd4lwYG_LoX7qAFZWLP5cTEtasHJPY4PqT
Requested by: Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:40 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 77D3 43 B
363 B 108ms
25ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQ62YkvRbjoqellsrFxl0W5oFM3MJ93RU4MIRyvlt0DW2nLINyR7Ngwp4ZYH-6QOhxgTkJApRTrDMdlEq6JORpnpcDS_bEq&google_gid=CAESEEPvuMjoyWLM0PiEDwe-zCg&google_cver=1

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:39 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 214903
expires: Fri, 15 Sep 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 77D3
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGGI8R-B0jzX3Kng6kzZzmA&google_cver=1&google_push=AXcoOmSEiA_G5WqQkGqZtEiMtiAQNhbPt49_ChQp7qezJ33P8h029iEziXdAGI0K8W8MOcU1UdQ...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1LVDFYU1YtMVUtQlc4Ng==&google_push=AXcoOmSEiA_G5WqQkGqZtEiMtiAQNhbPt49_ChQp7qezJ33P8h029iEziXdAGI0K8W8MOcU1UdQa7Xa4A8KY3gubEahqMdheA82e

170 B
188 B

35ms
35ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1LVDFYU1YtMVUtQlc4Ng==&google_push=AXcoOmSEiA_G5WqQkGqZtEiMtiAQNhbPt49_ChQp7qezJ33P8h029iEziXdAGI0K8W8MOcU1UdQa7Xa4A8KY3gubEahqMdheA82e

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1LVDFYU1YtMVUtQlc4Ng==&google_push=AXcoOmSEiA_G5WqQkGqZtEiMtiAQNhbPt49_ChQp7qezJ33P8h029iEziXdAGI0K8W8MOcU1UdQa7Xa4A8KY3gubEahqMdheA82e
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ef823186f233724f4775c0c4b9549d14
Expires: 0

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame 77D3 0
239 B 25ms
24ms Image
text/plain 2600:9000:211e:3a00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESED19rGRcliCix6tjUteVgkw&google_cver=1&google_push=AXcoOmSbDbXw0NMBUZY-Rde0fZ7S24z-Dqn1BljHaiT6XKo3e1R9VH4ORJHLwtBi1_YfHzVc8Mq94wF6EjqMY_-yo51MQFj5itc
Requested by: Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3a00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:39 GMT
via: 1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
age: 1
x-cache: Hit from cloudfront
cache-control: no-cache, must-revalidate
x-amz-cf-id: Te8o8sx8EGl73dJtufJgNHWdd2pIfTgFa5suf6WH8__PhVwDr_eyDA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 77D3
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEM7k6EHyW8v8Qbdy5vwR5sc&google_cver=1&google_push=AXcoOmTml4-T-AUOjuQIiVuVZ7IzhLx7nxY2ajJ8X0ggOhld_aa3LmJhxSCcYqgq30j9mUCPQCPAR1LLSpwU...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTml4-T-AUOjuQIiVuVZ7IzhLx7nxY2ajJ8X0ggOhld_aa3LmJhxSCcYqgq30j9mUCPQCPAR1LLSpwU_rTvpea2ABPzPhS1

170 B
188 B

32ms
32ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTml4-T-AUOjuQIiVuVZ7IzhLx7nxY2ajJ8X0ggOhld_aa3LmJhxSCcYqgq30j9mUCPQCPAR1LLSpwU_rTvpea2ABPzPhS1

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTml4-T-AUOjuQIiVuVZ7IzhLx7nxY2ajJ8X0ggOhld_aa3LmJhxSCcYqgq30j9mUCPQCPAR1LLSpwU_rTvpea2ABPzPhS1
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 77D3 0
12 B 35ms
35ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J6zvP61bnvUrblxseyePA6TtsMX64cvWTtmGAqcSwzK6mIa5dZb53YSQ1zbWpwinW_DqEG

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9AB8 22 KB
8 KB 21ms
21ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 152525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 21:57:35 GMT
expires: Thu, 12 Sep 2024 21:57:35 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 274C 120 KB
41 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=FJ3NQwLM1p&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=FJ3NQwLM1p&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83923
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Sep 2023 17:00:57 GMT

GET
H3 200 template-489be870.js Show response
s0.2mdn.net/sadbundle/6426159062837453930/ Frame 274C 40 KB
14 KB 27ms
26ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6426159062837453930/template-489be870.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=FJ3NQwLM1p&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfcce6fbc676bcdc4c9f2e2cbdd40cee40a4b9066f829f4e9e400cbe142183f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=FJ3NQwLM1p&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 05:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 299270
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14187
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 16:26:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Sep 2024 05:11:50 GMT

GET
H3 200 index-be1f7599.css
s0.2mdn.net/sadbundle/6426159062837453930/ Frame 274C 4 KB
1 KB 24ms
24ms Stylesheet
text/css 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6426159062837453930/index-be1f7599.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=FJ3NQwLM1p&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be1f75994e53be710e621d9552d7cc796a347e85622acc435325d94e076b6996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=FJ3NQwLM1p&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 19:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 334360
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1385
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 16:26:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Sep 2024 19:27:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/14177329759233795653/ Frame 3E6B 36 KB
11 KB 26ms
21ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e96925cfa6190eac469d3f484625593dcf175d2ea0932815cb32cc7bde252051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 102565
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 10798
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 11:50:15 GMT
expires: Fri, 13 Sep 2024 11:50:15 GMT
last-modified: Thu, 24 Aug 2023 11:44:35 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C1F6 0
0 80ms
78ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJSxQ4-fabGV1IMJIf6q_wgvP7sX-E_VMwNbQ_GnywX40EKsH5oWGJsXZOzyVOXOgyDOZRTJFAG8vBqKdSiBuB5LkkjygMAR8_m8Yx6xg4FjeeVpYOTGkrpM6fUcFJeqZj6dd_C0_ijfrlHAZ8-Mwodfck6RacnfBVKckJVl59w6WnHQocn2RcxuZKowRJEEeaI4HZurTo82Dl6mf4RICNBooSnrSYWfa9K3E8gH23vHOJF429JAhQNd6_cS-nHw1ydu5ZkUrqA-Rr-07QXmXcTf_tjuMEkXcDi8IBuAnmfMYVUIxnLZZzrrAhRajZAdSWBy7xdM3lYNafVkbK-t_OOqhQR2pQzQtb5RyUI9oxGJPtqKCcHMcJ7GI-91BM4LmgnMFNcKZ2ffunoN2FSQ3XoOB45Yere3d3FOuKQTRO3_1kGW17rRLP8eLsu1OKhaI7HF5mzT_lwupSq4DGkOXXp0-UnbTO7rbgkrZ3rrZgdhddP7IFtPd1RG0Wc89KbgEBi8FTuzI3SOqq6nYKS1AOIoRIwxw08SQF9QInD7iCjwnz2oj9iEVO1zY5pmBH4EMP5l-pxwY7L678BJCV-HHy8xRoC0y0dN-v7fuvgixoqjlvB6VC6gwqeqTp-yJYfm1G-TD8IT14hFKsGeIpzHvaXNAOP4Mb2ckhCBGen_oZWnqpIFgp2Uv4_VOs2SLN5kpNEzQnQD8HOiUXpQQfAyzljwjtKWP3FhBuwoQGJfqfCtEgMOIQ8pDdB-4f6vLTMUijkUP7qvt0idUEOlxIT4bUr5mOWCFnBRomedlI08fw4hFu0aTH4neJhtq9Y_WGJW0561y-H3BWfFIfT8sQSlP19ATahNcUQG1uLDd8FeYNSXvb_oOBQzUeVdGa90O9xWtl1YM3MVFNeP78Vq-LoOEXRMaALO0_LALx0zXkN6cfd2OYuYr6x9UUVh3TdJn4raSI-wMNk4lwNyYgMu8ze19uvtmHsHEl4QqDjKv7TTg2tB2LftjBg15HT4ffd-kk2uoyZ8gRiqK9QDatzjun7I0ccu-Q5oHbu1MhsgYA3m65cuK09QMI2_qSROzq1JPiBB2tqvVgj5xKU3pkuwdbb25IJ0MVXMeID5Fu80AGci-f_oU75RsYBlYJaFvazA7h8HeNy7GZpaaUZ9nV_24Z0QQ8II7VE5ozE4RTATGO8C2Boz4LCFJhYgOMyyY_MJbxD2OWS61E3yAUkhroPhNp6UD3ervHO1nGRdZdG_z5LK5nCH44hEU9WWUBmW4t1HC2ULv3zuo6BlVC-5bqH7KT&sai=AMfl-YSPlJJeShzcBy-HJ3k_Xg3YyviwRjgoidbUPEcWMXWTSCW0QKZWYDNHd3D1GS2Gmd4q80pdBq_3_Dmvuv3VX3f8-dYJB6g4OgeJsJExa4bJjTZGr1nqsou-4wpV-X4wvWVE3mIbb6uURAsfcAl8qD_BInsX2H9ou4A4wKI70WnhvcBFwAeM_JQaWrP031ntseHkFNeGTlC5Gn4K5qZlyw1X8XFjJokjW2dHCmb9H-PJ51Vq_89Y-zZXjtzAn7r2URm2c9Q&sig=Cg0ArKJSzJM4BnAKcp1gEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=168&cbvp=1&cstd=167&cisv=r20230913.91547&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 15 Sep 2023 16:19:40 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:19:40 GMT

GET
H2 200 cookie Show response
cm.adform.net/ Frame 9858 43 B
106 B 361ms
256ms Document
image/gif 37.157.2.229

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D60095c900c0799791c46d8d4%26biddername%3D46%26auid%3D1694794780024-960921239749-001175-007-002382%26key%3D%24UID
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.229 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Fri, 15 Sep 2023 16:19:40 GMT
server: nginx

GET
H2 204 /
onetag-sys.com/usync/ Frame C6CC 0
0 29ms
28ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=60095c900c0799791c46d8d4&gdpr=1&gdpr_consent=&us_privacy=1---

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK user-matching Show response
ads.stickyadstv.com/ Frame 56D0 43 B
518 B 187ms
30ms Document
image/gif 23.50.131.94
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/user-matching?id=&_fw_gdpr=1&_fw_gdpr_consent=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.131.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-131-94.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Fri, 15 Sep 2023 16:19:40 GMT
Expires: Fri, 15 Sep 2023 16:19:40 GMT
Pragma: no-cache
Server: nginx
x-sticky-vk: 1694794780389009-528

GET
H/1.1 200
OK auto-user-sync Show response
ads.stickyadstv.com/ Frame 2453 43 B
577 B 188ms
33ms Document
image/gif 23.50.131.94
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.131.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-131-94.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Fri, 15 Sep 2023 16:19:40 GMT
Expires: Fri, 15 Sep 2023 16:19:40 GMT
Pragma: no-cache
Server: nginx
x-sticky-vk: 1694794780380016-507

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame 3BBF
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26au...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1694794780024-960921239749-001175-007-002382&key=OPTOUT

0
38 B

325ms
109ms

Document
text/plain

34.193.218.65

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1694794780024-960921239749-001175-007-002382&key=OPTOUT
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.218.65 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 0
date: Fri, 15 Sep 2023 16:19:40 GMT

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Fri, 15 Sep 2023 16:19:40 GMT
etag: OPTOUT
expires: 0
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1694794780024-960921239749-001175-007-002382&key=OPTOUT
pragma: no-cache

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame BCFA
Redirect Chain

https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1694794780024-960921239749-001175-007-002382&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%2...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=3&auid=1694794780024-960921239749-001175-007-002382&key=GDPR

0
195 B

158ms
142ms

Document
text/plain

34.193.218.65

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=3&auid=1694794780024-960921239749-001175-007-002382&key=GDPR
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.218.65 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 0
date: Fri, 15 Sep 2023 16:19:40 GMT

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: https://www1.ihdstreams.xyz/
age: 0
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 15 Sep 2023 16:19:40 GMT
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=3&auid=1694794780024-960921239749-001175-007-002382&key=GDPR
server: nginx
via: 1.1 varnish
x-varnish: 767049970

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2712 15 KB
6 KB 114ms
25ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1694794780024-960921239749-001175-007-002382%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=131888
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Fri, 15 Sep 2023 16:19:40 GMT
expires: Sun, 17 Sep 2023 04:57:48 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 257E 0
0 336ms
274ms Document
text/plain 216.52.2.48

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D18%26auid%3D1694794780024-960921239749-001175-007-002382%26key%3D%24UID
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Fri, 15 Sep 2023 16:19:40 GMT
X-Sovrn-Pod: ad_ap5ams1

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58815/ Frame 63ED 0
0 140ms
26ms Document
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58815/sync?redir=true&gdpr=1&gdpr_consent=

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 0
date: Fri, 15 Sep 2023 16:19:40 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.75
strict-transport-security: max-age=31536000

GET
H2 200 sync Show response
vid.vidoomy.com/ Frame 8196 49 KB
18 KB 171ms
41ms Document
text/html 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1694794780024-960921239749-001175-007-002382%26key%3D%7B%7BVID%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
date: Fri, 15 Sep 2023 16:19:40 GMT
etag: W/"64abbb76-c2af"
last-modified: Mon, 10 Jul 2023 08:04:06 GMT
server: CDN77-Turbo
vary: Accept-Encoding
x-77-cache: MISS
x-77-nzt: AcO1qhHiPROh
x-77-nzt-ray: 4c1562249ddd1cdd1c84046568dd4f17
x-77-pop: frankfurtDE
x-cache: MISS

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 3C6F
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

281 B
554 B

82ms
24ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 15 Sep 2023 16:19:40 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 15 Sep 2023 16:19:40 GMT
location: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server: AkamaiGHost

GET /
us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif/ Frame BB4C 0
0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 40A2 15 KB
6 KB 100ms
27ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fpbs.aniview.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=131888
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Fri, 15 Sep 2023 16:19:40 GMT
expires: Sun, 17 Sep 2023 04:57:48 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame 49F3
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D105%26auid%3D1694794780024-9609212397...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=105&auid=1694794780024-960921239749-001175-007-002382&key=&gdpr=1

0
190 B

389ms
135ms

Document
text/plain

34.193.218.65

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=105&auid=1694794780024-960921239749-001175-007-002382&key=&gdpr=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.218.65 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 0
date: Fri, 15 Sep 2023 16:19:40 GMT

Redirect headers

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Fri, 15 Sep 2023 16:19:39 GMT
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=105&auid=1694794780024-960921239749-001175-007-002382&key=&gdpr=1
server: envoy
x-envoy-upstream-service-time: 1

GET
H2 200 avpb7.51.0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 92AA 222 KB
71 KB 33ms
33ms Script
text/javascript 2a02:26f0:480:7b5::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:7b5::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 99c65b45011c8cc1887a9028fb5f5baaa3a7983ca88598b3a45d6a25311ee93b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:40 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdv3fWufucv_U9iIzoHqIXCsu25_QTINr0U8LzSb0RYLWZKrFiX_C_G_oehc3P5HqQY77gyxAc2q_ZXbf3zhWntzd78W89Sq
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 71816
last-modified: Sun, 10 Sep 2023 07:15:20 GMT
server: UploadServer
etag: "edc5627d372358f696e9974b44ab23d9"
vary: Accept-Encoding
x-goog-generation: 1694330119906669
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=pyWbRg==, md5=7cVifTcjWPaW6ZdLRKsj2Q==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 71816
accept-ranges: bytes
expires: Fri, 15 Sep 2023 16:29:40 GMT

GET
H2 200 avpb7.51.0a0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 92AA 68 KB
23 KB 28ms
28ms Script
text/javascript 2a02:26f0:480:7b5::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:7b5::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: b5b51d89a8486ee9a21480fef1232a4040f5362d7a13176e617a4cb6839166f4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:40 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtXn0I_Efko_EJSEhOd7iu487VqlAgC_vKvAhJpBYwA6tDLYTMzEQxOcgvUmeiy6fgYBVO-ocZ6o2Mtx8KX7u7yrw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 23120
last-modified: Sun, 10 Sep 2023 07:15:20 GMT
server: UploadServer
etag: "ae4132cf4a7e797ac0b26bc0cea3d9ce"
vary: Accept-Encoding
x-goog-generation: 1694330119999013
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=1A/POw==, md5=rkEyz0p+eXrAsmvAzqPZzg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 23120
accept-ranges: bytes
expires: Fri, 15 Sep 2023 16:29:40 GMT

GET
H2 200 avpb7.51.0a5.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 92AA 69 KB
22 KB 28ms
28ms Script
text/javascript 2a02:26f0:480:7b5::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a5.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:7b5::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 4bbbfbd25b39d9661c8cf4cb0a135e44c1371f3f227ac8b138eaf1c26223a123

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:40 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdsapVr4ivlf3SYuobOUHufQJa9ous-oLC02NSCnuFS1WHl2DIgSp_s8mBPddta6tJrx_0v3SAp0Es7S3hXp_KeVryneQYf1
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 22502
last-modified: Sun, 10 Sep 2023 07:15:20 GMT
server: UploadServer
etag: "067bd57427dd3cf6cfb5190789472094"
vary: Accept-Encoding
x-goog-generation: 1694330120045500
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=fTDcsw==, md5=BnvVdCfdPPbPtRkHiUcglA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 22502
accept-ranges: bytes
expires: Fri, 15 Sep 2023 16:29:40 GMT

GET
H2 200 avpb7.51.0a6.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 92AA 65 KB
20 KB 62ms
62ms Script
text/javascript 2a02:26f0:480:7b5::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a6.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:7b5::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: c6bf29161757477e025d81d0e17eefd1282e6156be38bf5f50b42bee50082dd1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:40 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdsYbpq6_MjSapDuASgENtoNO5IFfPt9OBXDlSD8bRtaYeCSFsF-elifEH7CXkYSdnrqK-7YLSkHMwBt9m0oiktv5nYAI_Po
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 20047
last-modified: Sun, 10 Sep 2023 07:15:20 GMT
server: UploadServer
etag: "90e5d1f4da05ac0649444333f0356112"
vary: Accept-Encoding
x-goog-generation: 1694330120476851
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=8/3iEg==, md5=kOXR9NoFrAZJREMz8DVhEg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 20047
accept-ranges: bytes
expires: Fri, 15 Sep 2023 16:29:40 GMT

GET
H/1.1 200
OK adv Show response
grid.bidswitch.net/ 60 B
365 B 122ms
23ms Fetch
text/xml 3.75.2.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/adv?auid=375282&u=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&r=1694794780&gdpr=1&gdpr_consent=&bf=1.75&cbb=4794780259
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.75.2.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-2-61.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d43319f37d6149f84a8b1c661b446b080d4ce518e7ead74776de1252cabbf3f1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 16:19:40 GMT
Server: nginx
Content-Type: text/xml; charset=UTF-8;
access-control-allow-origin: https://www1.ihdstreams.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 60

GET
H2 200 sync
x.bidswitch.net/ 43 B
145 B 110ms
28ms Image
image/gif 3.76.65.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=&user_id=1694794780024-960921239749-001175-007-002382&gdpr=1&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.76.65.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-76-65-13.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1694794780024-960921239749-001175-007-002382%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ 43 B
146 B 106ms
25ms Image
image/gif 3.76.65.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1694794780024-960921239749-001175-007-002382%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.76.65.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-76-65-13.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3977
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENfzmNNuxeHz0YkzY1tsCmo&google_cver=1&google_push=AXcoOmRsbvgSw7UmVpigDnrIWYA7I-c6VOhi-ZlfUrCpz0V14yfuOFD29sTdKmVvXiUf2HvNDunm68o7vlEKjQal4ufmUYG_DrPd7g
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzg5MDM3MjQzODMxNTU3MzY4OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENfzmNNuxeHz0YkzY1tsCmo&google_cver=1

43 B
398 B

50ms
17ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENfzmNNuxeHz0YkzY1tsCmo&google_cver=1
Requested by: Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENfzmNNuxeHz0YkzY1tsCmo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3977
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIYMeo0o8JJ-Ur7RKfNdt7s&google_cver=1&google_push=AXcoOmQRnjfsyOukb_KR-JsLbmtvaZ5b6sN1RAMJF60Z-1z6sLCMmWx0dRJc75y4IQLBCeQUZiGkbCF_qxu7FV...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQRnjfsyOukb_KR-JsLbmtvaZ5b6sN1RAMJF60Z-1z6sLCMmWx0dRJc75y4IQLBCeQUZiGkbCF_qxu7FV_dlbA6ynUmelMA&google_hm=hmUEhBy9Yd9AzALGY...

170 B
188 B

31ms
31ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQRnjfsyOukb_KR-JsLbmtvaZ5b6sN1RAMJF60Z-1z6sLCMmWx0dRJc75y4IQLBCeQUZiGkbCF_qxu7FV_dlbA6ynUmelMA&google_hm=hmUEhBy9Yd9AzALGYg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6504841CBD61DF40CC02C662BLIS

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQRnjfsyOukb_KR-JsLbmtvaZ5b6sN1RAMJF60Z-1z6sLCMmWx0dRJc75y4IQLBCeQUZiGkbCF_qxu7FV_dlbA6ynUmelMA&google_hm=hmUEhBy9Yd9AzALGYg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6504841CBD61DF40CC02C662BLIS
date: Fri, 15 Sep 2023 16:19:40 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3977
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFdTINQNHMDI1UVMkYmtNw8&google_cver=1&google_push=AXcoOmStD2ujRDPODIkV6m-AqIJTAMi42UaI7y5dy4w15wQwvXC-qWCNA0Hq3i7uIQyk3KdUxtJuHHUbG8FbYLSceDrhdVx...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmStD2ujRDPODIkV6m-AqIJTAMi42UaI7y5dy4w15wQwvXC-qWCNA0Hq3i7uIQyk3KdUxtJuHHUbG8FbYLSceDrhdVxdq8sn&google_hm=eS1lMkloYjdSRTJwRng4TT...

170 B
188 B

32ms
31ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmStD2ujRDPODIkV6m-AqIJTAMi42UaI7y5dy4w15wQwvXC-qWCNA0Hq3i7uIQyk3KdUxtJuHHUbG8FbYLSceDrhdVxdq8sn&google_hm=eS1lMkloYjdSRTJwRng4TTNQcTh1aTFzUjJySkdfNFg3T35B

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 15 Sep 2023 16:19:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmStD2ujRDPODIkV6m-AqIJTAMi42UaI7y5dy4w15wQwvXC-qWCNA0Hq3i7uIQyk3KdUxtJuHHUbG8FbYLSceDrhdVxdq8sn&google_hm=eS1lMkloYjdSRTJwRng4TTNQcTh1aTFzUjJySkdfNFg3T35B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 3977 43 B
362 B 36ms
29ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSdv5iQbo2NfEnqfJuqn1DhLkg4UvOiezfQDNQsiWOHAV1Cmw-SdBjoCbEb7Q2BjYNsRnkz8Gx5FbuqwPiOvJrEdaenS1glmg&google_gid=CAESEEPvuMjoyWLM0PiEDwe-zCg&google_cver=1

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 202367
expires: Fri, 15 Sep 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3977
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=m25yT7VAR_KJm3STiYxB1Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

29ms
29ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=m25yT7VAR_KJm3STiYxB1Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSGSTPpnwe4G6_qki7s_NDYj9Ls4h0Vj2hc_7CRAE2T5hPtXDO57eCmQnYnaiAmT7muhVGZPTy_nrY3ueho9Dw_JjrO1Nnlow

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=m25yT7VAR_KJm3STiYxB1Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSGSTPpnwe4G6_qki7s_NDYj9Ls4h0Vj2hc_7CRAE2T5hPtXDO57eCmQnYnaiAmT7muhVGZPTy_nrY3ueho9Dw_JjrO1Nnlow
date: Fri, 15 Sep 2023 16:19:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3977
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGGI8R-B0jzX3Kng6kzZzmA&google_cver=1&google_push=AXcoOmTghEs7OOnutT32ZjAe2LRfN1kBM7wWhynztZbn2sej5JRs1sM_zVsgND0QgdG1hJZNJnv...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1LVDFYV1ItQi0yUkNJ&google_push=AXcoOmTghEs7OOnutT32ZjAe2LRfN1kBM7wWhynztZbn2sej5JRs1sM_zVsgND0QgdG1hJZNJnvgOXEUfi4SXXnEae_MUt_vfXXUQw

170 B
188 B

32ms
32ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1LVDFYV1ItQi0yUkNJ&google_push=AXcoOmTghEs7OOnutT32ZjAe2LRfN1kBM7wWhynztZbn2sej5JRs1sM_zVsgND0QgdG1hJZNJnvgOXEUfi4SXXnEae_MUt_vfXXUQw

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1LVDFYV1ItQi0yUkNJ&google_push=AXcoOmTghEs7OOnutT32ZjAe2LRfN1kBM7wWhynztZbn2sej5JRs1sM_zVsgND0QgdG1hJZNJnvgOXEUfi4SXXnEae_MUt_vfXXUQw
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ef823186f233724f4775c0c4b9549d14
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3977
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEM7k6EHyW8v8Qbdy5vwR5sc&google_cver=1&google_push=AXcoOmQimO-wYW7vq2E2-5Xp7i0-gyPg4xPMFfd2vGV3F-Affzm2SuTMVzJJwK8MtL7UChD4VCEYDYJozEZv...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQimO-wYW7vq2E2-5Xp7i0-gyPg4xPMFfd2vGV3F-Affzm2SuTMVzJJwK8MtL7UChD4VCEYDYJozEZvBvINtoEx7Tyottrw

170 B
188 B

43ms
42ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQimO-wYW7vq2E2-5Xp7i0-gyPg4xPMFfd2vGV3F-Affzm2SuTMVzJJwK8MtL7UChD4VCEYDYJozEZvBvINtoEx7Tyottrw

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQimO-wYW7vq2E2-5Xp7i0-gyPg4xPMFfd2vGV3F-Affzm2SuTMVzJJwK8MtL7UChD4VCEYDYJozEZvBvINtoEx7Tyottrw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3977 0
12 B 37ms
33ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IkZUwQ7t8DFfX8Y7vBsWO84DnBtkBBns6Nl84iRbxAsUTkjJimLfooGx6FEdVXei8YgWfw

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame E147
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1475223/71249298/4.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=&ias_chanId=1&ias_placementId=20111331724&bidurl=https://www1.ihdstreams.xyz/&ias_dealId=&ads...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_G4QEZZiBOI2Y-gbp-r7ACA&cbFunctionName=goog_wrapCb_G4QEZZiBOI2Y-gbp-r7ACA&true_pb=

1 KB
1 KB

36ms
36ms

Script
application/javascript

2600:9000:2246:f400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_G4QEZZiBOI2Y-gbp-r7ACA&cbFunctionName=goog_wrapCb_G4QEZZiBOI2Y-gbp-r7ACA&true_pb=
Requested by: Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:2246:f400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 04:09:26 GMT
x-amz-version-id: R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding: gzip
via: 1.1 240ebea27618238384903016b8e84168.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
age: 303014
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 08 Aug 2023 19:01:30 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: DkNlYjWxl0HcfmHUoG9fvNoM7XmQfBRe5vHchNbHipEqJ1EBHZLe7A==

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
server: nginx
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_G4QEZZiBOI2Y-gbp-r7ACA&cbFunctionName=goog_wrapCb_G4QEZZiBOI2Y-gbp-r7ACA&true_pb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 0A00 91 KB
92 KB 42ms
41ms Script
application/javascript 2600:9000:2246:f400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2246:f400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 20:43:31 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via: 1.1 240ebea27618238384903016b8e84168.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
age: 4217770
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 93606
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: "1f3488247c90bb5de253d3d0cb3b7458"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: fe8KuE9VsryIe0KwE03LWPTJzCW9Q9hUgBaj6z7wZpjq2QEfuFFcVg==

GET
H2 200 dpixel
cms.quantserve.com/ Frame F2E6 35 B
463 B 86ms
24ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKNYyUe4-sAKueHPI0Ck7oc&google_cver=1&google_push=AXcoOmQym-2CgkjEioAODEWkxiM28eOfQPDq6TPx_P1WHbbaOw1_-PjBiOgr1ralG37is1hbMzuZrmF_1uY4Z0RzQ4-FEBSI0GRCqg

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F2E6
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIUQa4xyDtC4qZ4JmVFJatQ&google_push=AXcoOmQTRMKH_KisENwvof-fWVl5AMsAW6Gp1N8pxUwnvZDDTET7HptP9A...

170 B
188 B

32ms
31ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIUQa4xyDtC4qZ4JmVFJatQ&google_push=AXcoOmQTRMKH_KisENwvof-fWVl5AMsAW6Gp1N8pxUwnvZDDTET7HptP9AV_QkcB0nQRTmGkxUnaaqvM4Z3on50ZbNaRlQLV2J0l4Q

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-ams21026-AMS
pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1694794781.553096,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIUQa4xyDtC4qZ4JmVFJatQ&google_push=AXcoOmQTRMKH_KisENwvof-fWVl5AMsAW6Gp1N8pxUwnvZDDTET7HptP9AV_QkcB0nQRTmGkxUnaaqvM4Z3on50ZbNaRlQLV2J0l4Q
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F2E6
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIYMeo0o8JJ-Ur7RKfNdt7s&google_cver=1&google_push=AXcoOmRYUadT-kv9mf-AqKnuAJvwKhN-jjVIVklr9WjId3mdYX3v6N4k5bY7kIIfrSTLsRZedqjPis9I7O7U4S...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRYUadT-kv9mf-AqKnuAJvwKhN-jjVIVklr9WjId3mdYX3v6N4k5bY7kIIfrSTLsRZedqjPis9I7O7U4SiJHg7A_cL0gqp-&google_hm=hmUEhBy9Yd9AzALGY...

170 B
188 B

31ms
30ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRYUadT-kv9mf-AqKnuAJvwKhN-jjVIVklr9WjId3mdYX3v6N4k5bY7kIIfrSTLsRZedqjPis9I7O7U4SiJHg7A_cL0gqp-&google_hm=hmUEhBy9Yd9AzALGYg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6504841CBD61DF40CC02C662BLIS

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRYUadT-kv9mf-AqKnuAJvwKhN-jjVIVklr9WjId3mdYX3v6N4k5bY7kIIfrSTLsRZedqjPis9I7O7U4SiJHg7A_cL0gqp-&google_hm=hmUEhBy9Yd9AzALGYg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6504841CBD61DF40CC02C662BLIS
date: Fri, 15 Sep 2023 16:19:40 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F2E6
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEK-T5zYn50loeF0q8ySx_ag&google_cver=1&google_push=AXcoOmQKvWkru0Y9hTN9TFZMfy2ZFZJPFlLLqS2fhJrOERxmB8dnloQGUXt-i-GKCXF9TDYWSPSyh0pu...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEK-T5zYn50loeF0q8ySx_ag&google_cver=1&google_push=AXcoOmQKvWkru0Y9hTN9TFZMfy2ZFZJPFlLLqS2fhJrOERxmB8dnloQGUXt-i-GKCXF9TDYWSPS...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjkwMTc0NDg3Mjk1OTAwNjQ5Nw&google_push=AXcoOmQKvWkru0Y9hTN9TFZMfy2ZFZJPFlLLqS2fhJrOERxmB8dnloQGUXt-i-GKCXF9TDYWSPSyh0...

170 B
188 B

43ms
42ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjkwMTc0NDg3Mjk1OTAwNjQ5Nw&google_push=AXcoOmQKvWkru0Y9hTN9TFZMfy2ZFZJPFlLLqS2fhJrOERxmB8dnloQGUXt-i-GKCXF9TDYWSPSyh0pu30sAvhSop01ei0sfVvQG

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjkwMTc0NDg3Mjk1OTAwNjQ5Nw&google_push=AXcoOmQKvWkru0Y9hTN9TFZMfy2ZFZJPFlLLqS2fhJrOERxmB8dnloQGUXt-i-GKCXF9TDYWSPSyh0pu30sAvhSop01ei0sfVvQG
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F2E6
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=m25yT7VAR_KJm3STiYxB1Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

32ms
31ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=m25yT7VAR_KJm3STiYxB1Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQaEChEzQeX7-PGfRKKt9pIdn46lH-v07-cwLVIaHb7ZF_NWXTWms3U2Yap9Rd7JmJvZ8zmrgP6MkFmsunZ3SBGhLSWhpp1PQ

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=m25yT7VAR_KJm3STiYxB1Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQaEChEzQeX7-PGfRKKt9pIdn46lH-v07-cwLVIaHb7ZF_NWXTWms3U2Yap9Rd7JmJvZ8zmrgP6MkFmsunZ3SBGhLSWhpp1PQ
date: Fri, 15 Sep 2023 16:19:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F2E6
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDL-Z0RaqVjOJiULHMbNJjc&google_cver=1&google_push=AXcoOmRHgM-RlROMkDuQom7k3FGSJMbjQS3pvyyX3O48R1EFqlr03d27Y1d0T46_fr5lF_ADrzw_62RFOY7wq_3Fz...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDL-Z0RaqVjOJiULHMbNJjc&google_cver=1&google_push=AXcoOmRHgM-RlROMkDuQom7k3FGSJMbjQS3pvyyX3O48R1EFqlr03d27Y1d0T46_fr5lF_ADrzw_62RFOY7wq_3Fz...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRHgM-RlROMkDuQom7k3FGSJMbjQS3pvyyX3O48R1EFqlr03d27Y1d0T46_fr5lF_ADrzw_62RFOY7wq_3FzniEttLXjMuIGA&google_hm=HU3ztGZHuigyuU7mRbih...

170 B
188 B

43ms
42ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRHgM-RlROMkDuQom7k3FGSJMbjQS3pvyyX3O48R1EFqlr03d27Y1d0T46_fr5lF_ADrzw_62RFOY7wq_3FzniEttLXjMuIGA&google_hm=HU3ztGZHuigyuU7mRbihN1ow

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 15 Sep 2023 16:19:40 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRHgM-RlROMkDuQom7k3FGSJMbjQS3pvyyX3O48R1EFqlr03d27Y1d0T46_fr5lF_ADrzw_62RFOY7wq_3FzniEttLXjMuIGA&google_hm=HU3ztGZHuigyuU7mRbihN1ow
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame F2E6 0
44 B 31ms
29ms Image
text/plain 185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJHuFQTrURLuEmfRowntQog&google_cver=1&google_push=AXcoOmSbtZV4_yd84Gf86zT9OkHFDzyU5b-Cv6rr5be7N7dxpqG9lnBpObhv_bLHdZhZuifNy5dqPWKNERnLcEd2VUvO4OLiHktx
Requested by: Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:39 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F2E6 0
12 B 32ms
30ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LRy6gMykx9m9J5ty54EI6GANQIZOfy_0IS9qDN7CjQ_A4kwCjTsiiTqKM-hnT4XV2ncXb9

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 splitText.js Show response
s0.2mdn.net/sadbundle/14177329759233795653/ Frame 3E6B 8 KB
3 KB 23ms
22ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14177329759233795653/splitText.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75c6b260fee00db1fe67db954b335fcb5f19f4d339f33ba1228b90a54ea88042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 11:50:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102565
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3435
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 11:44:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 13 Sep 2024 11:50:15 GMT

GET
H3 200 Smart_Regular.woff
s0.2mdn.net/sadbundle/14177329759233795653/ Frame 3E6B 20 KB
20 KB 25ms
22ms Font
font/woff 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14177329759233795653/Smart_Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ed654d864a83081f65642d7c153595a722b58a0ab5776dba72f2c767b41930f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 11:50:15 GMT
x-content-type-options: nosniff
age: 102565
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20052
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 11:44:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 13 Sep 2024 11:50:15 GMT

GET
H3 200 Smart_Regular.woff2
s0.2mdn.net/sadbundle/14177329759233795653/ Frame 3E6B 15 KB
15 KB 28ms
24ms Font
font/woff2 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14177329759233795653/Smart_Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b86e678f724241714425a98d49c80fcdee4cf52b93c913b56ae403d2e423d3e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 11:50:15 GMT
x-content-type-options: nosniff
age: 102565
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14848
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 11:44:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 13 Sep 2024 11:50:15 GMT

GET
H3 200 smartNext-Bold.woff
s0.2mdn.net/sadbundle/14177329759233795653/ Frame 3E6B 19 KB
19 KB 31ms
27ms Font
font/woff 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14177329759233795653/smartNext-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a4198aac2107c45dc0d5c25bb2e1ad3420efc9fcc02cd7c2fe7cfee0d2b880

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 11:50:15 GMT
x-content-type-options: nosniff
age: 102565
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19600
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 11:44:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 13 Sep 2024 11:50:15 GMT

GET
H3 200 smartNext-Bold.woff2
s0.2mdn.net/sadbundle/14177329759233795653/ Frame 3E6B 15 KB
15 KB 65ms
62ms Font
font/woff2 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14177329759233795653/smartNext-Bold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95cd0c0f4ec29744afef0d2b001f3affe95419106afff4f93339574c9067db51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 11:50:15 GMT
x-content-type-options: nosniff
age: 102565
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14912
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 11:44:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 13 Sep 2024 11:50:15 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/ Frame 3E6B 64 KB
23 KB 102ms
26ms Script
application/javascript 2606:4700::6811:190e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

1b765b0cbd95391f6db0b565988eeb70ea68aa77bb9f8f7c8a880d96474c2aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5583433
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 23292
last-modified: Fri, 22 Apr 2022 16:32:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6262d89e-5afc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QIi%2BWi6L9eJdmge02dIFOrofIDWJmEmHeGDNs9811BBZqdnqzQLZddQk9j7aD%2BfwBN1sggGyjWAbZYfwIM0tFXZgOEX61igIUVUeiFz85Pj%2F69%2B4t0DaQRPaqw8ieYVftCEkp7%2BeUTA79dmta6wHWRkE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 807231528a745bf5-FRA
expires: Wed, 04 Sep 2024 16:19:40 GMT

GET
H2 200 EasePack.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/ Frame 3E6B 2 KB
1 KB 104ms
29ms Script
application/javascript 2606:4700::6811:190e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/EasePack.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

535520dc8857dfcf9610d361f99e9d419786585dda328a3f6635eba5982803d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8455772
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1193
last-modified: Fri, 22 Apr 2022 16:32:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6262d89e-4a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfagAC43HGn%2FLQ39hrv8DIAvO1qvJCS5U2Ot8uYGLguiJQbGqGgsmeKdf2EQ5J0zgkzUScQxzZZr8OPuEk0mULTmx%2F1KIFbhffU6fUGdzrq66tCMzDGc%2BpEQ9I5OfHD3vBggyXjxxAwse6h%2B5HDf%2Bp4s"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 807231528a755bf5-FRA
expires: Wed, 04 Sep 2024 16:19:40 GMT

GET
H2 200 EaselPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/ Frame 3E6B 5 KB
2 KB 103ms
28ms Script
application/javascript 2606:4700::6811:190e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/EaselPlugin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

2eadf86ab162e1d578164338aea12323e59534a9d43fbd526d609a667965003d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1691884
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1914
last-modified: Thu, 22 Jun 2023 11:03:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a86-77a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FPtAkb1nBKbWiQ1frlwq43UQx11uq%2FsYI69XIh4iHLZEAAwIucGg17EplqX06Ah7qY8sA3pOUsXu6Eul%2BndcXirp5PZTg1jy2Lypu0cyJegkGw8kUtLZOw6ZJN6r5BLn25%2F%2Fmd4b2fYi5GXCs1gVqQKC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 807231528a775bf5-FRA
expires: Wed, 04 Sep 2024 16:19:40 GMT

GET
H3 200 HYPE-724.thin.min.js Show response
s0.2mdn.net/sadbundle/14177329759233795653/ Frame 3E6B 55 KB
24 KB 33ms
30ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14177329759233795653/HYPE-724.thin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa4ae93330f3a0b8e253e34bc6d66018d996fb5d56ef0802e6def0d91fd035c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 11:50:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102565
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24394
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 11:44:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 13 Sep 2024 11:50:15 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3415 22 KB
8 KB 27ms
26ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 152525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 21:57:35 GMT
expires: Thu, 12 Sep 2024 21:57:35 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E147 43 B
215 B 106ms
106ms Image
image/gif 2600:1f18:1aca:4282:fb64:6350:439:4507
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=3312221b-e440-873b-6837-0bdfd8de2527&tv=%7Bc:oiWOR2,pingTime:-3,time:238,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:96%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:238,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:96,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B230~0%5D,as:%5B230~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tPWybg6+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141%7C142%7C143%7C144%7C151%7C152%7C153%7C16*.1475223-71249298%7C161%7C162%7C171%7C172%7C173%7C174%7C175%7C176%7C177%7C178%7C179%7C17a%7C17b%7C17c%7C17d%7C17e%7C181%7C182,idMap:16*,rmeas:1,rend:0,renddet:svg.us,siq:98%7D&br=c
Requested by: Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:fb64:6350:439:4507 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E147 43 B
215 B 105ms
104ms Image
image/gif 2600:1f18:1aca:4282:fb64:6350:439:4507
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=3312221b-e440-873b-6837-0bdfd8de2527&tv=%7Bc:oiWOR4,pingTime:-6,time:240,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:240,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:96,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B232~0%5D,as:%5B232~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tPWybg6+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141%7C142%7C143%7C144%7C151%7C152%7C153%7C16*.1475223-71249298%7C161%7C162%7C171%7C172%7C173%7C174%7C175%7C176%7C177%7C178%7C179%7C17a%7C17b%7C17c%7C17d%7C17e%7C181%7C182,idMap:16*,rmeas:1,rend:0,renddet:svg.us,siq:98%7D&tpiLookup=ao:www1.ihdstreams.xyz*&br=c
Requested by: Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:fb64:6350:439:4507 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AB1E 22 KB
8 KB 22ms
21ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 152525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 21:57:35 GMT
expires: Thu, 12 Sep 2024 21:57:35 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4254254474626114355/ Frame 7C37 6 KB
2 KB 23ms
22ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4254254474626114355/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a68bd47337d24bfad49cda4c4427a9abdf8d09d1a52c09819dfeebb08442245

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 345513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2166
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 16:21:07 GMT
expires: Tue, 10 Sep 2024 16:21:07 GMT
last-modified: Wed, 28 Jun 2023 11:47:08 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E147 0
0 75ms
75ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst8Xu83OUkbcctGPY2q3GnGW1bDqejd_0quPBmXHqnkR-lfcfEytx6gxHHi7-34w2-o6aoMFg4gXol8H4Mnx-zFuBA5c8NCmYwE5lJ4Jjbqv79_S09vz7Vh1eXyxonMyk3BOWtJOjr_uEcwH5YVUCH9xZVFXAGHBJBilelajt4_Z28XrhWLko7qVGv33SnQRMWFoeCCHWFqqVzVnXj17A22EAt7lhSt-pzO1UW_5wBjGTBKD5Rv1xy4drn-VrJMakjvShT1bs8pdOGsbe_K8czODBOtRGz_EGV7g2FHHy_41YYXGAS0RcTvaT-PsB3XsZrDxVEtxHRb4tqpytyhMOyCpYRSbRazJNSm5mB8B5jsEq6m35N4NLmFTmExCHNLwWeyenZN_08S85SNcuHTHsWJisl-Abu_7CtG2j6eAjcJOt3p1oZ4qsmZuGLvWPOIkt8FmVSnQAoDelfZBxcHVSWIgW_OMDT3ncy6-0Mm2uNEFzjsTF6rO-suEV8zdG9pQBhdco-BQ1H9s5VrcGO7LSu-UO_Z4_3mWwQ8hJ1cKiZCUO2QGRoS2DmEggjn-iHVXg96hsOGh9pb7jhx2lX98wZnkuUOZOp9WRlf7i_QAa-YZFZSsWCt2Ho4X-aOs-rr5xvrW_-W3QoApA-gTR0s96fXhYHFz-ONB2jmPv4mIIpu0JCRolY7F693qHeeU2aQn9RbB_1mytyZ45sljiQxE_dPg_EGbaMEROEOTcvmU3zeGFMAgZLnn9Fu5LK3-ofarBoBGccA73dch12MeJZAj75T8TqYnXKGB64uWacJbRChV_XWEhIrKjU8y6EUFn-Nl8dhgvtihudNlqn7xsGuajvB6KlCaN1msGwm9trZFvt9C6uYue2wmOA64VyD-pj8rBsE8R9NY2oqktkTlAuBZHSn2nLQGWnrWOH9H9OMN7zMzYm9MEhHVbx9wP_cEnBH4EZWqI599wG5rs2pVgOA_Jf5VQ89lfSFZbfeOAWUyG7bXgMxW-IhxmzX_RqnT7pn6qt-Lj6K3b2_YMDMocl411rIgZ3l8nhu2GKioDUY7n5r7XqdhxmxoL1yYJbmAumNJIdPwCo42RUFSzv3Aa5y_bXJEyWG4B3Q0WRFvGCIgl4YtRlgxdPJDKlgikyhUjKoCjSdmYG2D8JsL0dXRZZeyIUKCV89Kn98YaSTR_Ek7qTpketfBCySuoLbckUh963gnEpA8QSZI7x0mkdg5DmNdPhUFcQc_pNBUv67_R8ViPRGN8Z5epSYVONVtErWBJLqBgxk0mVMxUVGkIbaxA9X0O0Kdt5qIY78DWDz1K8pGgCCrLnA&sai=AMfl-YS_gfY-0angirHwW76R1j6V9A8jWJtYXzFZqIh_LorKFK37b0gZMQIlrF6ZL-kuBbEi58v2tfdgktK4w07-ZjRbeAGkfo0Pasl7ScLTbGz1HSXdf-DYgeb0fmzyF9ytSpKMe4ugLg078g91CoCwsaSN2y0tkQzIdPq8zdR6AobEdihYpDbzzJAtrvHWEdYICddAUIcg4SQHjmVb5VBCrmRNIevQ7S5A9A3ExyMOEM8XoHJ5ojBk85moCAS5b0jPMFepFAI&sig=Cg0ArKJSzKRUC1hkIhUKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=503&cbvp=1&cstd=501&cisv=r20230913.57915&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 15 Sep 2023 16:19:40 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:19:40 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3C6F 36 KB
11 KB 21ms
20ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f27d2c5f66b94230e004d6c66655d01a1cd15174edb43a04feced5daf4d5315f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 16:19:40 GMT
Content-Encoding: gzip
Last-Modified: Fri, 15 Sep 2023 15:37:22 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=83847
Connection: keep-alive
Content-Length: 10521
Expires: Sat, 16 Sep 2023 15:37:07 GMT

GET
H3 200 container.html Show response
a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3749 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 16:19:38 GMT
expires: Sat, 14 Sep 2024 16:19:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 2712 0
39 B 17ms
17ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=44352727&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1694794780024-960921239749-001175-007-002382%26key%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:39 GMT
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E147 43 B
215 B 113ms
113ms Image
image/gif 2600:1f18:1aca:4282:fb64:6350:439:4507
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=3312221b-e440-873b-6837-0bdfd8de2527&tv=%7Bc:oiWOSH,pingTime:-2,time:341,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1013,beZ:1014,mfA:1017,cmA:1019,inA:1019,inZ:1024,prA:1024,prZ:1106,si:1111,poA:1113,poZ:1137,cmZ:1137,mfZ:1137,loA:1253,loZ:1256,ltA:1354,ltZ:1354%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:96%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:341,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:96,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B333~0%5D,as:%5B333~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tPWyaXv+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141.1630069-73568031%7C142%7C143%7C144%7C151%7C152%7C153%7C16*.1475223-71249298%7C161%7C162%7C171%7C172%7C173%7C174%7C175%7C176%7C177%7C178%7C179%7C17a%7C17b%7C17c%7C17d%7C17e%7C181%7C182,idMap:16*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,siq:98,sinceFw:240,readyFired:true%7D&br=c
Requested by: Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:fb64:6350:439:4507 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
server: nginx
x-server-name: dt25.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 7C37 236 KB
63 KB 31ms
30ms Script
text/javascript 2a02:26f0:480:f::213:7edc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4254254474626114355/index.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:f::213:7edc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:40 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Fri, 15 Sep 2023 16:34:40 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/4254254474626114355/ Frame 7C37 189 KB
32 KB 21ms
21ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4254254474626114355/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4254254474626114355/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4d46096f5cf5db6a31885ebf494f092e00d82c16fabb21199546f987c012e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4254254474626114355/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 05:19:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212438
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32272
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 11:47:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Sep 2024 05:19:02 GMT

GET
H3 200 t8GibRNARgYsE0Sx_-jM8Z9WBbCCL83x92A0C_FtaJU.js Show response
pagead2.googlesyndication.com/bg/ Frame 9AB8 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/t8GibRNARgYsE0Sx_-jM8Z9WBbCCL83x92A0C_FtaJU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7c1a26d134046062c1344b1ffe8ccf19f5605b0822fcdf1f760340bf16d6895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14716
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Sep 2024 19:44:10 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 559A 0
20 B 121ms
121ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3642754245859&version=m202309120101&ct=76&x=1&cor=16657268296117375000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 614D 0
0 59ms
59ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_ZPKZtGLGi4dWSNAmxVkXdoeFLYOxObSTwUDTlOzO_U9b6H1ZIe9qHP3ueA38vmWLX1YR_uMw57tnYQig0Mg43BSt_89gaO1YKkazGBb6LBWGTLW5kk9lwmgBNvlrQwu0BUDSSqX1GfdVLvubwXxSTf4atV785H08tF4YOGsLzPtklgs9d8k3FDYYYnUQDGWGDV5XzaCQ97i4N7f0qlfu5izZvU8fnoxOylRVJhGS1_VenIJ5Go8QXPDqKqbvkpClq5PzTYdmatjFwxLEP3WePCPpCst8xoedLO7peIHpPKF4WA-bOFZGCRgnX6-1bIHaQPOHXNbanreH62IR8iEGRf_3cAjZNKR7fCL-3ojp3E76JgIaf-d-P2FRRkDcY76ZpBVMXmFLQ5w0zS5-o68TM0nJCqlJqLOHPmp5eB28IIzo_Lw1eueXucH-au7z30xmhNiY6kcSfyHN_cMWM3cpYva05bQCBU_Rb8avFS0d-_inJfVInynF_iPJ7G0a6D4X3-vi5PaBOQloXxOc6u0Bw-IOESM5KbkR38rFd51jqrzzN7hEHTJsF3DEIvj-OXeZVaf8CU2K0Zq6_GM5q4Ab81cnLdPZjZQ6E0OI3xfo7UjyXOJZubZlHK2vTAw6uE6rxaOzbwj5Gm7QJsolIcizw-uCPYtbCwNOG7-5CP2-NFPJLO5utRnzVY5hRNiO4ggJp2tHqDtzfh47Z15XcpEsT46LT3XSrgb033iaxbGxU6CsajHmwGN78tfdkJ7Sy0aJX9h22lNSrLSI57ZUbAgjaAoq4IJYy7bYQ1GM-wgm2BZANTwUM8SXe_mxeh872UQ8I3ErbaT5WpsoMhHmPYxrRXW97e1IsoMMUF0c9Ozix7y-D9nAHg1YKpAZpXOt3lg0mSJLKOI5WcZcL9t7dxQYlQupSQMC5LMyjhjrzRHAn5N8pPiICJUap-rvYh1WQJIcnuUqdDE3of-xltpbDQbpQgNNhQu8BOMQ7ASV8XEgWRg-McTJuhDR0LBGLcoXbVBNTtRfe-3oRxwCSfhdmsLXT7qFtWZwM32zypP35W9CxSFPDdrfFTb8r7q1ytutbZKKFaegu7dU-g_wXue6-nMg1vnVm_t7Bqy4xc_qDDgZpPS3HLwD6Lr69odXH4d859cd6Ske2qKsuscBIp7V7ILhiGVALptNU8kfPgNr-BzdUHhH1xdhZPD75ZZkUTCNtwDPqjQwt6nW6BKdJsvR-poVd2jUZ2i6z-cIGFcGQV6gSFEtwAs2RUMJNIkKP6bu4BAGmlwLWLKoo0B5G2kUmRwGcPvpNzsYCjF9RIPIWTAP8FWHCQfPWqKCBGuPpJZHdb5B8r5HGLgEkw&sai=AMfl-YRBj_oYuF-C5V2TzU6hVaRHqlJRXF8F6XhIlgy9ODujrGCv-BbyziKLJM9WP7SBnzxkAWnyBBh4nsktDzdtSqv34aHxyv2e0rOzssAnSuJktWiJhhr7VcVUGGeWwU0xEWual9_XPGfx6spDeT6_LYV9ujDr7VxbpMuUMuVgVcUB3YLUxDa6BgOrzx4RGOMwzPDX9PX0bm76ahNV46WdzagOE_5OmaEvUv5Jlx5KOY_XnlCvTDL1oSShuciRTAooYlVdr2k&sig=Cg0ArKJSzGKFLYIS8bdcEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=823&vt=11&dtpt=588&dett=3&cstd=226&cisv=r20230913.88719&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 16:19:40 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 3C6F 7 B
380 B 105ms
22ms XHR
application/json 69.173.144.165

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: ef823186f233724f4775c0c4b9549d14
Expires: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 3749 14 KB
1 KB 44ms
43ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Sep 2023 16:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 14:35:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Sep 2023 16:19:40 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 3749 2 KB
892 B 22ms
22ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:46:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 3749 23 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 06:49:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 06:49:39 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 3749 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 11:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 11:19:51 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0291 1 KB
643 B 23ms
22ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 74131
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 19:44:09 GMT
etag: 48472445140208031
expires: Fri, 15 Sep 2023 19:44:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 3749 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:46:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3749 0
0 33ms
32ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSwd4OPVpbLJH0q5ihCT2G574zvb72HpVVFARyfSr5Gm3Ptp8E16X7rD0QMn2ZX9oi8m0vR4pQApiT6yenxZ8V91OhUcg
Requested by: Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3749 182 KB
57 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 16:19:40 GMT

GET
H2 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 3749 36 KB
15 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 17:48:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 17:57:26 GMT

GET
H2 200 data=AEUfINGo879OXNAkRWaivYJgkwgh_FzuCB18-cO8pjOEoj8iu4ZltALXq8QuaJ1uzcTAvsycYJmPqTxsNMFd1rJRWlS7dDS8-N7jMGdO3sBR_5_Gkww-mSZefE0
mts0.google.com/vt/ Frame 3749 32 KB
32 KB 35ms
34ms Image
image/png 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=AEUfINGo879OXNAkRWaivYJgkwgh_FzuCB18-cO8pjOEoj8iu4ZltALXq8QuaJ1uzcTAvsycYJmPqTxsNMFd1rJRWlS7dDS8-N7jMGdO3sBR_5_Gkww-mSZefE0

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ec9aa43009fa42c900f0aa790e0f48c117028f9aa375dd4b058802408af1351b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
date: Fri, 15 Sep 2023 16:07:59 GMT
x-content-type-options: nosniff
age: 701
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32417
x-xss-protection: 0
x-server-version-bin: CggIBBC1vIqoBg==
server: scaffolding on HTTPServer2
etag: 05096b54b2dc035a2
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Fri, 15 Sep 2023 17:07:59 GMT

GET
DATA 200
OK truncated
/ Frame 3749 244 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3749 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST cookie_sync
pbs.aniview.com/ 0
0

POST auction
pbs.aniview.com/openrtb2/ 0
0

POST
H2 204 translator
hbopenbid.pubmatic.com/ 0
116 B 217ms
26ms XHR
text/plain 185.64.189.112

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www1.ihdstreams.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www1.ihdstreams.xyz
date: Fri, 15 Sep 2023 16:19:40 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK bid
ap.lijit.com/rtb/ 24 B
406 B 23ms
23ms XHR
application/json 216.52.2.48

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.51.0
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www1.ihdstreams.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 15 Sep 2023 16:19:40 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www1.ihdstreams.xyz
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 204 c
prebid.a-mo.net/a/ 0
114 B 16ms
16ms XHR
text/plain 145.40.97.67
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://www1.ihdstreams.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Fri, 15 Sep 2023 16:19:40 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://www1.ihdstreams.xyz
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H2 204 c
prebid.a-mo.net/a/ 0
18 B 15ms
15ms XHR
text/plain 145.40.97.67
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://www1.ihdstreams.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Fri, 15 Sep 2023 16:19:40 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://www1.ihdstreams.xyz
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

GET
H3 200 Slide-3-horizontal.jpg
s0.2mdn.net/sadbundle/14177329759233795653/ Frame 3E6B 210 KB
210 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14177329759233795653/Slide-3-horizontal.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9706da5d502a2ca4a077567ff17436f9a823c908d33585c4cf5cd59cbc8ffd9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 11:50:16 GMT
x-content-type-options: nosniff
age: 102564
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 215028
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 11:44:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 13 Sep 2024 11:50:16 GMT

GET
H3 200 info_icon_green2-1.svg
s0.2mdn.net/sadbundle/14177329759233795653/ Frame 3E6B 955 B
452 B 33ms
32ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14177329759233795653/info_icon_green2-1.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a0fc06cad863bf4d0bc2fea3b3e88aade6454d848b1f089c717f93f25347640

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 11:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102564
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 418
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 11:44:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 13 Sep 2024 11:50:16 GMT

GET
H3 200 arrow_black-1-1.svg
s0.2mdn.net/sadbundle/14177329759233795653/ Frame 3E6B 952 B
441 B 33ms
32ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14177329759233795653/arrow_black-1-1.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6c3c5ac5900e2fdeeea6e3c9514871617b72608b224e33f329b0b4d8e91a85f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 11:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102564
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 407
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 11:44:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 13 Sep 2024 11:50:16 GMT

GET
H3 200 SpriteSheet-1-2.png
s0.2mdn.net/sadbundle/14177329759233795653/ Frame 3E6B 51 KB
51 KB 30ms
30ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14177329759233795653/SpriteSheet-1-2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40f5a2bfb90701e8fb4339729c5b8d4643988427cbfbefd5d81a347c073a4b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 11:50:16 GMT
x-content-type-options: nosniff
age: 102564
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52195
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 11:44:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 13 Sep 2024 11:50:16 GMT

GET
H3 200 Slide_3_728x90-1.png
s0.2mdn.net/sadbundle/14177329759233795653/ Frame 3E6B 64 KB
64 KB 25ms
25ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14177329759233795653/Slide_3_728x90-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d83f54da9832a6b5507c23e2d2b45016da72e2aec4c708c2643c0361fcd1e62e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 11:50:16 GMT
x-content-type-options: nosniff
age: 102564
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65922
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 11:44:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 13 Sep 2024 11:50:16 GMT

GET
H3 200 D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
pagead2.googlesyndication.com/bg/ Frame 3415 37 KB
14 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 01:36:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 225766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14739
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 01:36:54 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 274C 8 KB
6 KB 92ms
91ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e11302e1d00e457e97afac41407c2b08ba1df10e244ef4909d179e2d20ef9ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5851
x-xss-protection: 0

GET
H3 200 2307_prepaid_halbjahrespaket_vertikal.png
s0.2mdn.net/4528404/ Frame 274C 2 MB
2 MB 24ms
23ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/2307_prepaid_halbjahrespaket_vertikal.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=FJ3NQwLM1p&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 13:51:58 GMT
x-content-type-options: nosniff
age: 8862
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2076162
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 09:30:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Sep 2023 13:51:58 GMT

GET
H3 200 logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame 274C 5 KB
2 KB 28ms
27ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687521602712/logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=FJ3NQwLM1p&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83682
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:00:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Sep 2023 17:04:58 GMT

GET
H3 200 cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame 274C 2 KB
1 KB 29ms
28ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=FJ3NQwLM1p&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83682
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1134
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 07:30:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Sep 2023 17:04:58 GMT

GET
H3 200 logo-d0d80991.svg
s0.2mdn.net/sadbundle/6426159062837453930/ Frame 274C 5 KB
2 KB 29ms
28ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6426159062837453930/logo-d0d80991.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=FJ3NQwLM1p&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 09:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369985
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 16:26:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Sep 2024 09:33:15 GMT

GET
H3 200 t8GibRNARgYsE0Sx_-jM8Z9WBbCCL83x92A0C_FtaJU.js
pagead2.googlesyndication.com/bg/ Frame AB1E 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/t8GibRNARgYsE0Sx_-jM8Z9WBbCCL83x92A0C_FtaJU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14716
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Sep 2024 19:44:10 GMT

POST
H/1.1 204
No Content multitracking
ghb.aplhb.adipolo.com/adunit/ 0
230 B 25ms
24ms XHR
text/plain 2a0c:5c87:5241::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/dpklh/hbw_master_736354_16735.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash

Request headers

Referer: https://www1.ihdstreams.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www1.ihdstreams.xyz
Date: Fri, 15 Sep 2023 16:19:40 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 200 index_atlas_P_1.png
s0.2mdn.net/sadbundle/4254254474626114355/images/ Frame 7C37 19 KB
19 KB 26ms
26ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4254254474626114355/images/index_atlas_P_1.png

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72a0bfe74654a39eb0c6b6a9009ed69ffcc224eaf304306ca2c042f94e54438b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4254254474626114355/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 10:39:30 GMT
x-content-type-options: nosniff
age: 20410
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19411
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 11:47:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 14 Sep 2024 10:39:30 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E147 0
0 72ms
72ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst8Xu83OUkbcctGPY2q3GnGW1bDqejd_0quPBmXHqnkR-lfcfEytx6gxHHi7-34w2-o6aoMFg4gXol8H4Mnx-zFuBA5c8NCmYwE5lJ4Jjbqv79_S09vz7Vh1eXyxonMyk3BOWtJOjr_uEcwH5YVUCH9xZVFXAGHBJBilelajt4_Z28XrhWLko7qVGv33SnQRMWFoeCCHWFqqVzVnXj17A22EAt7lhSt-pzO1UW_5wBjGTBKD5Rv1xy4drn-VrJMakjvShT1bs8pdOGsbe_K8czODBOtRGz_EGV7g2FHHy_41YYXGAS0RcTvaT-PsB3XsZrDxVEtxHRb4tqpytyhMOyCpYRSbRazJNSm5mB8B5jsEq6m35N4NLmFTmExCHNLwWeyenZN_08S85SNcuHTHsWJisl-Abu_7CtG2j6eAjcJOt3p1oZ4qsmZuGLvWPOIkt8FmVSnQAoDelfZBxcHVSWIgW_OMDT3ncy6-0Mm2uNEFzjsTF6rO-suEV8zdG9pQBhdco-BQ1H9s5VrcGO7LSu-UO_Z4_3mWwQ8hJ1cKiZCUO2QGRoS2DmEggjn-iHVXg96hsOGh9pb7jhx2lX98wZnkuUOZOp9WRlf7i_QAa-YZFZSsWCt2Ho4X-aOs-rr5xvrW_-W3QoApA-gTR0s96fXhYHFz-ONB2jmPv4mIIpu0JCRolY7F693qHeeU2aQn9RbB_1mytyZ45sljiQxE_dPg_EGbaMEROEOTcvmU3zeGFMAgZLnn9Fu5LK3-ofarBoBGccA73dch12MeJZAj75T8TqYnXKGB64uWacJbRChV_XWEhIrKjU8y6EUFn-Nl8dhgvtihudNlqn7xsGuajvB6KlCaN1msGwm9trZFvt9C6uYue2wmOA64VyD-pj8rBsE8R9NY2oqktkTlAuBZHSn2nLQGWnrWOH9H9OMN7zMzYm9MEhHVbx9wP_cEnBH4EZWqI599wG5rs2pVgOA_Jf5VQ89lfSFZbfeOAWUyG7bXgMxW-IhxmzX_RqnT7pn6qt-Lj6K3b2_YMDMocl411rIgZ3l8nhu2GKioDUY7n5r7XqdhxmxoL1yYJbmAumNJIdPwCo42RUFSzv3Aa5y_bXJEyWG4B3Q0WRFvGCIgl4YtRlgxdPJDKlgikyhUjKoCjSdmYG2D8JsL0dXRZZeyIUKCV89Kn98YaSTR_Ek7qTpketfBCySuoLbckUh963gnEpA8QSZI7x0mkdg5DmNdPhUFcQc_pNBUv67_R8ViPRGN8Z5epSYVONVtErWBJLqBgxk0mVMxUVGkIbaxA9X0O0Kdt5qIY78DWDz1K8pGgCCrLnA&sai=AMfl-YS_gfY-0angirHwW76R1j6V9A8jWJtYXzFZqIh_LorKFK37b0gZMQIlrF6ZL-kuBbEi58v2tfdgktK4w07-ZjRbeAGkfo0Pasl7ScLTbGz1HSXdf-DYgeb0fmzyF9ytSpKMe4ugLg078g91CoCwsaSN2y0tkQzIdPq8zdR6AobEdihYpDbzzJAtrvHWEdYICddAUIcg4SQHjmVb5VBCrmRNIevQ7S5A9A3ExyMOEM8XoHJ5ojBk85moCAS5b0jPMFepFAI&sig=Cg0ArKJSzKRUC1hkIhUKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=860&vt=11&dtpt=357&dett=3&cstd=501&cisv=r20230913.57915&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 16:19:40 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0291
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENfzmNNuxeHz0YkzY1tsCmo&google_cver=1&google_push=AXcoOmQJfoB4M_AT6d38uqvQPNQHXzXsgpV8ui15bKrgZE7FJNEviuNtfQGEnirr0fHvP3IU7A0lW9cmw7vccSVeeyJQww9ODLi07g
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzg5MDM3MjQzODMxNTU3MzY4OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENfzmNNuxeHz0YkzY1tsCmo&google_cver=1

43 B
398 B

15ms
15ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENfzmNNuxeHz0YkzY1tsCmo&google_cver=1
Requested by: Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 15 Sep 2023 16:19:40 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENfzmNNuxeHz0YkzY1tsCmo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0291
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGGI8R-B0jzX3Kng6kzZzmA&google_cver=1&google_push=AXcoOmSPrXahx09NrP_VQ7U1-1RXn1ks72Z2E7GSThzETQPS8tsl_U1qIxAbZANfR_lhpfloJl_...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1LVDFZQ0YtMi04UUFN&google_push=AXcoOmSPrXahx09NrP_VQ7U1-1RXn1ks72Z2E7GSThzETQPS8tsl_U1qIxAbZANfR_lhpfloJl_8LqGLkcU3tyjXaaYsclSphC9iZw

170 B
188 B

29ms
29ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1LVDFZQ0YtMi04UUFN&google_push=AXcoOmSPrXahx09NrP_VQ7U1-1RXn1ks72Z2E7GSThzETQPS8tsl_U1qIxAbZANfR_lhpfloJl_8LqGLkcU3tyjXaaYsclSphC9iZw

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1LVDFZQ0YtMi04UUFN&google_push=AXcoOmSPrXahx09NrP_VQ7U1-1RXn1ks72Z2E7GSThzETQPS8tsl_U1qIxAbZANfR_lhpfloJl_8LqGLkcU3tyjXaaYsclSphC9iZw
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ef823186f233724f4775c0c4b9549d14
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0291
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDL-Z0RaqVjOJiULHMbNJjc&google_cver=1&google_push=AXcoOmToKrBM39qDmk1yuezj9QwGV4u6fu-XDNBtumuweKWTu-PQ2JyexaFGw1mlBVAtfjqnQKI7Q8rRjlVcELVxg...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmToKrBM39qDmk1yuezj9QwGV4u6fu-XDNBtumuweKWTu-PQ2JyexaFGw1mlBVAtfjqnQKI7Q8rRjlVcELVxgN7yZqX9pF4wTg&google_hm=HU3ztGZHuigyuU7mRbih...

170 B
188 B

30ms
30ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmToKrBM39qDmk1yuezj9QwGV4u6fu-XDNBtumuweKWTu-PQ2JyexaFGw1mlBVAtfjqnQKI7Q8rRjlVcELVxgN7yZqX9pF4wTg&google_hm=HU3ztGZHuigyuU7mRbihN1ow

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 15 Sep 2023 16:19:40 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmToKrBM39qDmk1yuezj9QwGV4u6fu-XDNBtumuweKWTu-PQ2JyexaFGw1mlBVAtfjqnQKI7Q8rRjlVcELVxgN7yZqX9pF4wTg&google_hm=HU3ztGZHuigyuU7mRbihN1ow
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame 0291 0
240 B 25ms
23ms Image
text/plain 2600:9000:211e:3a00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESED19rGRcliCix6tjUteVgkw&google_cver=1&google_push=AXcoOmSvlW2qs6EYrMhV0TQtCIij5G7iVb4mj2remzrCyoblYr2NmiHr7hrWvtreFhOiCE2L4gu8gXZyMioA3YGJzbk7fZz_F7md6A
Requested by: Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3a00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:39 GMT
via: 1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
age: 1
x-cache: Hit from cloudfront
cache-control: no-cache, must-revalidate
x-amz-cf-id: OsJPDPbITzhCqj69xnXAWK0pcU2SF1FW3N0UDC0vmngH2BBhP4toOQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0291
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEM7k6EHyW8v8Qbdy5vwR5sc&google_cver=1&google_push=AXcoOmTjhCUbAspY_8tjg02XkAUR1WIJFVpoZ_c8LI5iUEfD_G7hHQ1JnFS5b0kDSYZTP9Z9pY6DzITbyW-c...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTjhCUbAspY_8tjg02XkAUR1WIJFVpoZ_c8LI5iUEfD_G7hHQ1JnFS5b0kDSYZTP9Z9pY6DzITbyW-cwG6pLmbTeBSRaxsrPA

170 B
188 B

32ms
32ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTjhCUbAspY_8tjg02XkAUR1WIJFVpoZ_c8LI5iUEfD_G7hHQ1JnFS5b0kDSYZTP9Z9pY6DzITbyW-cwG6pLmbTeBSRaxsrPA

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTjhCUbAspY_8tjg02XkAUR1WIJFVpoZ_c8LI5iUEfD_G7hHQ1JnFS5b0kDSYZTP9Z9pY6DzITbyW-cwG6pLmbTeBSRaxsrPA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 ebda
match.360yield.com/match/ Frame 0291 43 B
199 B 136ms
30ms Image
image/gif 54.72.250.72

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESECQRv0WTWqFOlobQGp02JYk&google_cver=1&google_push=AXcoOmRGQtNA4Wcx1DrjqkJaepLb_Wpw7xc4ctVBKTxX9iNoEXggGwNEYeVhgbKx0MtPCYxAOsJedVXdFlEUZUmePmppBsIc_wUPSA
Requested by: Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.72.250.72 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 15 Sep 2023 16:19:41 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0291
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIWtCjwyqJcyPOMKLMcJh-g&google_cver=1&google_push=AXcoOmQW_OsJ537aqbaGhmdr-5qR4v0F9qfA9Ur0ukeFlEyoe58LP_gMPaH_BKYCd58Ozt9lJSp-usSl8UpFSnCgKg2wLaGSgVd0
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY5MjkzNzI2NzA3NzgyNzIwNzU2Mw%3D%3D&google_push=AXcoOmQW_OsJ537aqbaGhmdr-5qR4v0F9qfA9Ur0ukeFlEyoe58LP_gM...

170 B
188 B

31ms
31ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY5MjkzNzI2NzA3NzgyNzIwNzU2Mw%3D%3D&google_push=AXcoOmQW_OsJ537aqbaGhmdr-5qR4v0F9qfA9Ur0ukeFlEyoe58LP_gMPaH_BKYCd58Ozt9lJSp-usSl8UpFSnCgKg2wLaGSgVd0

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 16:19:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY5MjkzNzI2NzA3NzgyNzIwNzU2Mw%3D%3D&google_push=AXcoOmQW_OsJ537aqbaGhmdr-5qR4v0F9qfA9Ur0ukeFlEyoe58LP_gMPaH_BKYCd58Ozt9lJSp-usSl8UpFSnCgKg2wLaGSgVd0
date: Fri, 15 Sep 2023 16:19:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0291 0
12 B 45ms
44ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JAZgFm_aZPXiphsJZiidILDcW0C-YkBC0kPdAs1FjG75ROXU19uyG_ja24MS3taQP5id0Y

Requested by

Host: a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
URL: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C1F6 0
0 60ms
59ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJSxQ4-fabGV1IMJIf6q_wgvP7sX-E_VMwNbQ_GnywX40EKsH5oWGJsXZOzyVOXOgyDOZRTJFAG8vBqKdSiBuB5LkkjygMAR8_m8Yx6xg4FjeeVpYOTGkrpM6fUcFJeqZj6dd_C0_ijfrlHAZ8-Mwodfck6RacnfBVKckJVl59w6WnHQocn2RcxuZKowRJEEeaI4HZurTo82Dl6mf4RICNBooSnrSYWfa9K3E8gH23vHOJF429JAhQNd6_cS-nHw1ydu5ZkUrqA-Rr-07QXmXcTf_tjuMEkXcDi8IBuAnmfMYVUIxnLZZzrrAhRajZAdSWBy7xdM3lYNafVkbK-t_OOqhQR2pQzQtb5RyUI9oxGJPtqKCcHMcJ7GI-91BM4LmgnMFNcKZ2ffunoN2FSQ3XoOB45Yere3d3FOuKQTRO3_1kGW17rRLP8eLsu1OKhaI7HF5mzT_lwupSq4DGkOXXp0-UnbTO7rbgkrZ3rrZgdhddP7IFtPd1RG0Wc89KbgEBi8FTuzI3SOqq6nYKS1AOIoRIwxw08SQF9QInD7iCjwnz2oj9iEVO1zY5pmBH4EMP5l-pxwY7L678BJCV-HHy8xRoC0y0dN-v7fuvgixoqjlvB6VC6gwqeqTp-yJYfm1G-TD8IT14hFKsGeIpzHvaXNAOP4Mb2ckhCBGen_oZWnqpIFgp2Uv4_VOs2SLN5kpNEzQnQD8HOiUXpQQfAyzljwjtKWP3FhBuwoQGJfqfCtEgMOIQ8pDdB-4f6vLTMUijkUP7qvt0idUEOlxIT4bUr5mOWCFnBRomedlI08fw4hFu0aTH4neJhtq9Y_WGJW0561y-H3BWfFIfT8sQSlP19ATahNcUQG1uLDd8FeYNSXvb_oOBQzUeVdGa90O9xWtl1YM3MVFNeP78Vq-LoOEXRMaALO0_LALx0zXkN6cfd2OYuYr6x9UUVh3TdJn4raSI-wMNk4lwNyYgMu8ze19uvtmHsHEl4QqDjKv7TTg2tB2LftjBg15HT4ffd-kk2uoyZ8gRiqK9QDatzjun7I0ccu-Q5oHbu1MhsgYA3m65cuK09QMI2_qSROzq1JPiBB2tqvVgj5xKU3pkuwdbb25IJ0MVXMeID5Fu80AGci-f_oU75RsYBlYJaFvazA7h8HeNy7GZpaaUZ9nV_24Z0QQ8II7VE5ozE4RTATGO8C2Boz4LCFJhYgOMyyY_MJbxD2OWS61E3yAUkhroPhNp6UD3ervHO1nGRdZdG_z5LK5nCH44hEU9WWUBmW4t1HC2ULv3zuo6BlVC-5bqH7KT&sai=AMfl-YSPlJJeShzcBy-HJ3k_Xg3YyviwRjgoidbUPEcWMXWTSCW0QKZWYDNHd3D1GS2Gmd4q80pdBq_3_Dmvuv3VX3f8-dYJB6g4OgeJsJExa4bJjTZGr1nqsou-4wpV-X4wvWVE3mIbb6uURAsfcAl8qD_BInsX2H9ou4A4wKI70WnhvcBFwAeM_JQaWrP031ntseHkFNeGTlC5Gn4K5qZlyw1X8XFjJokjW2dHCmb9H-PJ51Vq_89Y-zZXjtzAn7r2URm2c9Q&sig=Cg0ArKJSzJM4BnAKcp1gEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=932&vt=11&dtpt=764&dett=3&cstd=167&cisv=r20230913.91547&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:19:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 16:19:41 GMT

GET
H3 200 info_icon_green2-1.svg
s0.2mdn.net/sadbundle/14177329759233795653/ Frame 3E6B 955 B
452 B 31ms
30ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14177329759233795653/info_icon_green2-1.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14177329759233795653/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 11:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102565
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 418
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 11:44:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 13 Sep 2024 11:50:16 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 614D 0
0

GET
H3 200 index_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/4254254474626114355/images/ Frame 7C37 112 KB
112 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4254254474626114355/images/index_atlas_NP_1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4254254474626114355/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 08:11:48 GMT
x-content-type-options: nosniff
age: 547673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114602
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 11:47:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Sep 2024 08:11:48 GMT

GET dt
dt.adsafeprotected.com/ Frame E147 0
0

GET sodar2.js
tpc.googlesyndication.com/sodar/ Frame 274C 0
0

GET
DATA 200
OK truncated
/ Frame 3749 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4cee5bc5f3aa2995c98cd2835beb00ca718dcee3c1ed6e2f2a122a0f864cbdbf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 3749 33 KB
33 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 558940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 05:04:01 GMT

GET
H3 200 InterstateCondensedBlack.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 274C 14 KB
14 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensedBlack.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6426159062837453930/index-be1f7599.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6426159062837453930/index-be1f7599.css
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:14:02 GMT
x-content-type-options: nosniff
age: 339
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14644
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 09:13:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Sep 2023 16:29:02 GMT

GET
H3 200 InterstateCondensed.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 274C 28 KB
28 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensed.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6426159062837453930/index-be1f7599.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6426159062837453930/index-be1f7599.css
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:05:46 GMT
x-content-type-options: nosniff
age: 835
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28596
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 09:13:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Sep 2023 16:20:46 GMT

GET
H3 200 2307_prepaid_halbjahrespaket_vertikal.png
s0.2mdn.net/4528404/ Frame 274C 1 MB
0 20ms
19ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/2307_prepaid_halbjahrespaket_vertikal.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6426159062837453930/index.html?e=69&leftOffset=0&topOffset=0&c=FJ3NQwLM1p&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 13:51:58 GMT
x-content-type-options: nosniff
age: 8863
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2076162
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 09:30:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Sep 2023 13:51:58 GMT

OPTIONS adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0

GET adview
securepubads.g.doubleclick.net/pagead/ Frame 3749 0
0

GET dc_oe=ChMIoa69xoKtgQMVldgRCB3gZAxkEAAYACCxmOVcQhMI4KmRxoKtgQMVBYN7Ch0cvQWH;stragg=1;&timestamp=1694794781193;str=nextSlide;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 614D 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif
URL: https://us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif/?gdpr=1&gdpr_consent=&us_privacy=1---&coppa=0&puid=1694794780024-960921239749-001175-007-002382&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D57%26auid%3D1694794780024-960921239749-001175-007-002382%26key%3D%24%7BUID%7D

Domain: pbs.aniview.com
URL: https://pbs.aniview.com/cookie_sync

Domain: pbs.aniview.com
URL: https://pbs.aniview.com/openrtb2/auction

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvRrGf94Kbbx8L4UUTJ_myfIStqQtidJXT-y1LWTcyoZEFMPLpOX10usFxVD7gcviLK5lhVeCfInTiQj6cOOZl0UwW_RBe6HNSZx7LOnyN4ZNl3PAouFnsN18Rim1ETvc8-K7pkcFkf9Tfb&sai=AMfl-YRfdQy7KETcLnOuGNcVhKUaVGP-Zh3EygrmPb7RAgnwOPvVU_o4Ch7WOzNRO-DS9vdAmD8ioodub9mk5zZzI-mHeax78-R52L9zf1flv4n3JmfG4s-YhgMK1Uzm&sig=Cg0ArKJSzCcavZwa-0d2EAE&cid=CAQSPABpAlJWgmxUcotL2Yx_l_18SY9pcrUpbaXW3yyD2j_90D5_ll6UE9J9Pu4IajuG1w6jprVNH-GPuV-12xgB&id=lidar2&mcvt=1039&p=1103,315,1193,1285&mtos=1039,1039,1039,1039,1039&tos=1039,0,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=135192340&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694794779240&rpt=731&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=3312221b-e440-873b-6837-0bdfd8de2527&tv=%7Bc:oiWOZm,pingTime:-10,time:754,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC42MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1694794781044%7C%7C254cbc8904e7e86fee3f3aaad8324751%7C%7C2e6de925b83fb1ba2705210ba8c28c4b%7C%7C49468714f08c917e6b837353b33ae148%7C%7Cae2b8e1643f04742f71f5495b85950c0%7C%7Ccec745df75f785888f6672a911158268%7C%7C6d1cc98cfb089723f4df95447da06ad6%7C%7C17bec031beb1b251b62cb996768e41ca%7C%7C1663701684,im:%7Bpci:%7Btdr:555%7D%7D%7D

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CUP4hG4QEZZSzOP6X1PIP7PGy4AfW4KTpctnxt-f-EbbCvt6FAhABILnb8yZglZKugrQHoAG32tzaA8gBCakC82NyyJDksT7gAgCoAwHIA8sEqgSUAk_QuNB8yXcBeB8VmAHp2SnGV-zB82H6DsOhIDyL0EGEGk1i1lXjO9EUZa0r5zX3h-FYa8-Nb2SSq3HitLuIl04ZHLAQiPdnPFL_uPqwMmZqu2fWt-FQYfZCFLwi6irRYbNy6qZj4z45UpA9hJAidrbHc3buIb7uLzNs53v1kbgfS6yaS2LQA9J1UL1rPj3ccA4g_bSXT7glZOlZbRsni1rDf4cKyoG8CHHcc78txSpfB1g995SU1sWP7iPapyIMgjMYTh-rVcA7ECPbMUr29jnAKwtg-OAdWs8eyciDEhJsC1-FNYDc0VigPyvtQ6xKbQbxB5ZYPu-hQf9vl8z5gOajrENG-jjIOOuOJuMIA9DPLloaV8AEkK_txJcE4AQBiAW3n5fAQJIFBAgEGAGSBQQIBRgEoAYugAexpaMlqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ-NMI0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJbGh0dHBzOi8vd3d3LmRlaG5lci5kZS9tYXJrZXQvP2VtX3NyYz1rdyZlbV9jbXA9Z29vZ2xlL25vbmJyYW5kL0RFXzAwM19NYXJrdC9ERV8wMDNfTWFya3RfUG1heC9sb2NhbF9jYW1wYWlnboAKA8gLAZgMupabjewDuBODBNgTDtAVAZgWAYAXAbIXHgocCAASFHB1Yi02NzM2MjU2NDczMjAyNzMzGOTDDg&sigh=60DYsdmJbP8&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWX0SgvPH-K7HyYIOXwVrr-geeZ5kHRIv0vTADym7Vj7jN-ZhsA1V-eq_J9s3pX4nfAUnS4T2cRhgB&template_id=515&cbvp=2&vis=1

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CUP4hG4QEZZSzOP6X1PIP7PGy4AfW4KTpctnxt-f-EbbCvt6FAhABILnb8yZglZKugrQHoAG32tzaA8gBCakC82NyyJDksT7gAgCoAwHIA8sEqgSUAk_QuNB8yXcBeB8VmAHp2SnGV-zB82H6DsOhIDyL0EGEGk1i1lXjO9EUZa0r5zX3h-FYa8-Nb2SSq3HitLuIl04ZHLAQiPdnPFL_uPqwMmZqu2fWt-FQYfZCFLwi6irRYbNy6qZj4z45UpA9hJAidrbHc3buIb7uLzNs53v1kbgfS6yaS2LQA9J1UL1rPj3ccA4g_bSXT7glZOlZbRsni1rDf4cKyoG8CHHcc78txSpfB1g995SU1sWP7iPapyIMgjMYTh-rVcA7ECPbMUr29jnAKwtg-OAdWs8eyciDEhJsC1-FNYDc0VigPyvtQ6xKbQbxB5ZYPu-hQf9vl8z5gOajrENG-jjIOOuOJuMIA9DPLloaV8AEkK_txJcE4AQBiAW3n5fAQJIFBAgEGAGSBQQIBRgEoAYugAexpaMlqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ-NMI0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJbGh0dHBzOi8vd3d3LmRlaG5lci5kZS9tYXJrZXQvP2VtX3NyYz1rdyZlbV9jbXA9Z29vZ2xlL25vbmJyYW5kL0RFXzAwM19NYXJrdC9ERV8wMDNfTWFya3RfUG1heC9sb2NhbF9jYW1wYWlnboAKA8gLAZgMupabjewDuBODBNgTDtAVAZgWAYAXAbIXHgocCAASFHB1Yi02NzM2MjU2NDczMjAyNzMzGOTDDg&sigh=60DYsdmJbP8&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWX0SgvPH-K7HyYIOXwVrr-geeZ5kHRIv0vTADym7Vj7jN-ZhsA1V-eq_J9s3pX4nfAUnS4T2cRhgB&template_id=515&cbvp=2&vis=1

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIoa69xoKtgQMVldgRCB3gZAxkEAAYACCxmOVcQhMI4KmRxoKtgQMVBYN7Ch0cvQWH;stragg=1;&timestamp=1694794781193;str=nextSlide;strtype=1

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www1.ihdstreams.xyz/	1970-01-20 23:32:10	Name: HstCfa2633223 Value: 1694794777871
www1.ihdstreams.xyz/	1970-01-20 23:32:10	Name: HstCla2633223 Value: 1694794777871
www1.ihdstreams.xyz/	1970-01-20 23:32:10	Name: HstCmu2633223 Value: 1694794777871
www1.ihdstreams.xyz/	1970-01-20 23:32:10	Name: HstPn2633223 Value: 1
www1.ihdstreams.xyz/	1970-01-20 23:32:10	Name: HstPt2633223 Value: 1
www1.ihdstreams.xyz/	1970-01-20 23:32:10	Name: HstCnv2633223 Value: 1
www1.ihdstreams.xyz/	1970-01-20 23:32:10	Name: HstCns2633223 Value: 1
www1.ihdstreams.xyz/	1970-01-20 15:29:46	Name: _pbjs_userid_consent_data Value: 3524755945110770
.ihdstreams.xyz/	1970-01-20 23:32:10	Name: _pubcid Value: d6233a3d-9a63-443f-b2a2-8a6763d545ce
.ihdstreams.xyz/	1970-01-21 00:08:10	Name: __gads Value: ID=bd063ec55863db59:T=1694794778:RT=1694794778:S=ALNI_MYsAtUEO78mtPoXUEyGbfLOzpalJA
.ihdstreams.xyz/	1970-01-21 00:08:10	Name: __gpi Value: UID=00000c7620e6de67:T=1694794778:RT=1694794778:S=ALNI_MY5jC4skREVyosNFkqTz1gRYIAuDA
.doubleclick.net/	1970-01-21 00:08:10	Name: IDE Value: AHWqTUm4Xy661ZGhpy6MtypdGKThupIiAKNMbq7rmKI5pOgzD9oAUGQCVo2pt34A
.adnxs.com/	1970-01-20 16:56:10	Name: uuid2 Value: 5753290968533005559
.doubleclick.net/	1970-01-20 19:05:46	Name: APC Value: AfxxVi6bk2Yv-K_2Z2MN9r-lN1Y95twIPh_LSMoYD4B2z6rDOOXe9Q
.casalemedia.com/	1970-01-20 23:32:10	Name: CMID Value: ZQSEGndQ1arKqetcfPJ-MwAA
.casalemedia.com/	1970-01-20 16:56:10	Name: CMPS Value: 3277
.casalemedia.com/	1970-01-20 16:56:10	Name: CMPRO Value: 3277
.travelaudience.com/	1970-01-21 00:16:49	Name: _tracker Value: %7B%22UUID%22%3A%22F3E5ED94-13BA-4332-3D91-7996443D6915%22%7D
.csync.loopme.me/	1970-01-20 16:57:37	Name: viewer_token Value: 500e7ef9-229e-4f1a-88c2-790c11aea531
.3lift.com/	1970-01-20 16:56:10	Name: tluid Value: 2692937267077827207563
.adnxs.com/	1970-01-20 16:56:10	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTwdRK=m!]tcw8i_iqf!oN/@E'zz<Z0QcQPwXBf)?/)2xir'XJf#'Xa1%Z/i%-OxS1<QG=%9sk@3@'s>T.!ZPZ
.w55c.net/	1970-01-21 00:16:49	Name: wfivefivec Value: A37J4Tg81QHbxF5
.w55c.net/	1970-01-20 15:29:46	Name: matchgoogle Value: 5
.googleadservices.com/	1970-01-20 16:56:10	Name: ar_debug Value: 1
.modoro360.com/	1970-01-20 15:15:22	Name: aniC Value: 1694794780024-960921239749-001175-007-002382
.blismedia.com/	1970-01-20 23:32:14	Name: b Value: 6504841CBD61DF40CC02C662BLIS
.ctnsnet.com/	1970-01-20 23:32:10	Name: cid_d4afab0e9a8a43c78645e48aa27c9eed Value: 1
.ctnsnet.com/	1970-01-20 23:32:10	Name: gid_CAESEMm8Rho2UYLCYNx4AUutgfY Value: 1
.pubmatic.com/	1970-01-20 14:48:01	Name: KTPCACOOKIE Value: YES
.turn.com/	1970-01-20 19:05:46	Name: uid Value: 7890372438315573688
.yahoo.com/	1970-01-20 23:32:32	Name: A3 Value: d=AQABBByEBGUCEIzuWpswkbeNRxRNmEAaGmcFEgEBAQHVBWUOZQAAAAAA_eMAAA&S=AQAAAmyV_y-Q1jXz5skh7p20IXg
.pubmatic.com/	1970-01-20 23:32:10	Name: KADUSERCOOKIE Value: 9B6E724F-B540-47F2-899B-7493898C41D5
.quantserve.com/	1970-01-20 16:56:10	Name: d Value: EEsBCQH6KYEA
.quantserve.com/	1970-01-21 00:16:49	Name: mc Value: 6504841c-85792-4f094-d0ffc
.lijit.com/	1970-01-20 23:32:10	Name: ljt_reader Value: HU3ztGZHuigyuU7mRbihN1ow
.adform.net/	1970-01-20 15:29:46	Name: C Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.profitabledisplaynetwork.com/3ca0f619c604ae8a19b9799a144e8ee5/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://www.effectivecreativeformat.com/0154b07ef3e758a91da6b0cd107ed2d2/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a0e8aeba47c2a98c81ac090b5b71ac27.safeframe.googlesyndication.com
ad.turn.com
ade.googlesyndication.com
adipolo.com
ads.pubmatic.com
ads.stickyadstv.com
ads.travelaudience.com
ap.lijit.com
buttons-config.sharethis.com
c1.adform.net
cdn-adipolo.urekamedia.com
cdnjs.cloudflare.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
content1.avplayer.com
count-server.sharethis.com
csync.loopme.me
dclk-match.dotomi.com
dis.criteo.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
feed.avplayer.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcm.ctnsnet.com
ghb.aplhb.adipolo.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
hbopenbid.pubmatic.com
ib.adnxs.com
image6.pubmatic.com
jscdn.greeter.me
l.sharethis.com
match.360yield.com
match.adsrvr.org
mts0.google.com
onetag-sys.com
pagead2.googlesyndication.com
pbs.aniview.com
pixel.rubiconproject.com
platform-api.sharethis.com
platform-cdn.sharethis.com
player.adtelligent.com
player.aniview.com
player.aplhb.adipolo.com
player.avplayer.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
r.turn.com
s.ad.smaato.net
s0.2mdn.net
s10.histats.com
s4.histats.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
serv.modoro360.com
servs.modoro360.com
servt.modoro360.com
ssbsync.smartadserver.com
static.adsafeprotected.com
sync-tm.everesttech.net
sync.1rx.io
sync.technoratimedia.com
tg1.modoro360.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
ups.analytics.yahoo.com
us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif
vid.vidoomy.com
www.effectivecreativeformat.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.profitabledisplaynetwork.com
www1.ihdstreams.xyz
x.bidswitch.net
ade.googlesyndication.com
dt.adsafeprotected.com
pagead2.googlesyndication.com
pbs.aniview.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif
142.250.181.226
145.40.97.67
151.101.194.49
172.217.16.194
172.64.148.101
173.233.137.36
178.250.7.11
18.200.74.55
18.211.144.199
185.64.189.112
185.86.139.102
185.89.210.153
192.243.61.227
198.47.127.19
2001:678:cb4:bbbb::11
205.185.216.10
216.52.2.48
23.201.255.110
23.227.151.194
23.32.184.192
23.50.131.94
2600:1f18:1aca:4282:fb64:6350:439:4507
2600:9000:211e:3a00:1b:5138:8a40:93a1
2600:9000:2246:cc00:1d:85c3:6640:93a1
2600:9000:2246:f400:8:48e:53c0:93a1
2600:9000:26da:da00:c:abe:f440:93a1
2603:c020:400d:3000:7130:bb0b:d7e:bee2
2606:4700:10::6814:81f
2606:4700::6811:190e
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:801::2001
2a00:1450:4001:809::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::200e
2a00:1450:4001:829::2004
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2002
2a02:26f0:480:25::1726:6216
2a02:26f0:480:7b5::2c79
2a02:26f0:480:f::213:7edc
2a02:6ea0:c700::11
2a02:6ea0:c700::19
2a02:fa8:8806:13::1400
2a05:d018:d29:3605:cca0:8b97:e855:348c
2a06:98c1:3120::3
2a0c:5c87:5241::2
3.126.78.53
3.160.212.52
3.75.2.61
3.75.62.37
3.76.65.13
34.193.218.65
34.96.105.8
35.186.193.173
35.190.0.66
35.214.202.28
37.157.2.229
37.157.4.29
45.133.44.4
46.228.174.117
51.89.9.253
52.223.40.198
52.29.224.243
54.165.18.101
54.39.156.32
54.72.250.72
69.16.175.10
69.16.175.42
69.173.144.138
69.173.144.165
76.223.111.18
95.101.149.233
99.86.159.59
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
09d0e69094559926ae000e4e09b7b29a73a7608b401440fd64794f7f5638a4f6
0a70b25b074c2b6c3ba5133d9f9b4c1facca92385b087263cf4a7a63461868b3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce8066915045fdbb4b35e1812c0e13134a2526ce27e67ca582279d51fff75ce
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1369dd61a5b93e7b0bcc278596036f11534f990d20d7c7b433725b18bccc04d1
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18885f689962e44a3391fec89f618dd64153567faba3bcb0bd83b63957611de0
18c184d76e0cedd386e5f9bbc3ce1a35b5f9954d1054ee180ebeabdc1d7e255f
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
1b765b0cbd95391f6db0b565988eeb70ea68aa77bb9f8f7c8a880d96474c2aa8
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
21569e6b56a5a15f76f1d99a1a13d7f7e920a847d34b887593adbc0be98eaae0
21d37f9066429269a82775b7e6c0f1322f99d5fb928f07aefdee839a4bd14cab
2319dbc0d652282694fa0847f099ecb17e4dca70baadde117a227a22e188860f
2542cd76df29fd9ac4615f66c62bf94aab8585d36d27c4e8af1354a9bf3a4a99
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
29828638d01d73bfd6bd1ff7c87772facd6910124912ebae7e0ac6429f347196
2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da
29df211ca119ba3caa6fde266dcd2ef349c4aa5ab63ec19af39505517c5fa084
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e11302e1d00e457e97afac41407c2b08ba1df10e244ef4909d179e2d20ef9ab
2eadf86ab162e1d578164338aea12323e59534a9d43fbd526d609a667965003d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
3415d1f3f46175bc47b0e1055fc044b0ca4743150abbdfb8ff2029b80029f36c
37aeb49d50cc7ad2b8f41bec5329dedcf7d9084d38615b898bb7295e1157a035
37b564138a8c782c7ef7f804054712a1bb75a63677dca0e6e186b82102aebb93
382f98ee9c7df50ab64c0a9b6973cd902eaf31198b4241f38bea7fac68d2f04d
397d7ba18ebf7d61f7cd07037782bf569312d34696918a9402adf48f382510e9
39b005c90a6bae6b19c7c6ad543b71cb9259e9fbc51025bc84c5a424dc0a9dba
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3c49942d851969cee2ed7c9d24370dfa247d7507c35af5218f2b47464eb14b2c
3c874a29529a82ab68a5e5eda52154b19b7d7ff03d27390c1c234cc043ad0047
3cbd24d65fca9b12a04b7d93a5c7f8facd8e872fb3e6a8b4071f2df07a496ac1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40f5a2bfb90701e8fb4339729c5b8d4643988427cbfbefd5d81a347c073a4b7a
4158b54efdf08733aa711bb66fd92ae8f1e135acfe926388252906e72bf569cd
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
4525cf0da0b491e3c08793830cd7c18e633350663ced0fadc7cd351d2019c272
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b68e773ed8021e4f036856493bd67105f694fb513aeae6bab12f111cc42269
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bbbfbd25b39d9661c8cf4cb0a135e44c1371f3f227ac8b138eaf1c26223a123
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768
4cee5bc5f3aa2995c98cd2835beb00ca718dcee3c1ed6e2f2a122a0f864cbdbf
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
535520dc8857dfcf9610d361f99e9d419786585dda328a3f6635eba5982803d4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
59848ac7fa952227246d55a015096752802cb43ca29d530e1309f770ee54ab7b
59b670a84df3508560213c77e2fd3a5e24de1aff579ea069ff8b6df28cb1cf29
5a68bd47337d24bfad49cda4c4427a9abdf8d09d1a52c09819dfeebb08442245
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
5d6d291dc916a0eef4f064df33e1d73fd8ef56e246916abad4e0313387966425
611ccbd49593ab8d0675006e364086ab5b05dd9dbfb7c0be953d4c7d32a97b64
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6cc2c1a95a7e8f130b0257b067e966e330281842777e500714d217d2e88b022b
6e62408fd9afbd35c8815924da942b59c6c160a0a93d59e741e23f85dd638b1d
6ed654d864a83081f65642d7c153595a722b58a0ab5776dba72f2c767b41930f
72a0bfe74654a39eb0c6b6a9009ed69ffcc224eaf304306ca2c042f94e54438b
75c6b260fee00db1fe67db954b335fcb5f19f4d339f33ba1228b90a54ea88042
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
8511af2c0e0f877701ecceabdb9833984f9e4539d05196c05dfd78251dc55a1b
86a9150b09ffc2b65bedc34da02a1e820e8c9bdc4e62f5249c1aca4c712fca3c
8b1533c110f944ceb2c80c16c5e4a3bfcc898890d33f0dd092b2e67acbddc0aa
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e315702c9965bdfe33cbd7906797e7151bb2b76bbb71293cc2d2156cfb86fcd
8f5ba267e4a28eeeeb5f692e2f89a08cb2d87be40ca4aca4a622c375939578fb
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94250774030be67093bb2b17844ecb5c73f9fd12afcdaca0fee1f279f709d32a
95cd0c0f4ec29744afef0d2b001f3affe95419106afff4f93339574c9067db51
9706da5d502a2ca4a077567ff17436f9a823c908d33585c4cf5cd59cbc8ffd9d
973a1edcabad76ff85ea8d54d0f0c173afc90cc6a2d19b8abd1dd254921942bb
9757415edc6793a3544240a995b7f19f49c96bacf8d6ae41b2657d9f7bac1be7
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9953f046235e5dff6ad5d40a6ee2927f53de1ab7c0a6e061e0551e69e9acddc4
99c65b45011c8cc1887a9028fb5f5baaa3a7983ca88598b3a45d6a25311ee93b
9a0fc06cad863bf4d0bc2fea3b3e88aade6454d848b1f089c717f93f25347640
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b43870639e0de5bfcc8e16864569716beca84bd2edae896183586f1ceecbd52
9e36fbe4836cfe620bd0f30443bca920191a5f0c99b5ea46738eae3168989ba5
9f66145fbaf681859fb04fc4cdedf358806d85dd27355199545b97db90d48829
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4d46096f5cf5db6a31885ebf494f092e00d82c16fabb21199546f987c012e9e
a6c3c5ac5900e2fdeeea6e3c9514871617b72608b224e33f329b0b4d8e91a85f
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b1139082f082fd158856deb7c46e548a7fef76ef754570668e7808e37e1dcfd4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3a4198aac2107c45dc0d5c25bb2e1ad3420efc9fcc02cd7c2fe7cfee0d2b880
b5b51d89a8486ee9a21480fef1232a4040f5362d7a13176e617a4cb6839166f4
b69aa3b1ddab3889f728d1e9f06b11390eaabacf8244bca766525354e55bd915
b7a5f34bfc3b16b958a632b06cd33df8321a9a255386eaabe240ec4e3dd9061a
b7c1a26d134046062c1344b1ffe8ccf19f5605b0822fcdf1f760340bf16d6895
b86e678f724241714425a98d49c80fcdee4cf52b93c913b56ae403d2e423d3e4
babfdd8d96853154749421058a8b281d3fa13dc64df98d8e57c477c7c56e41a4
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
bda45860b0d1edde875f3eb7dba062fd2b5df53522c146d496fb3cf16cfc4402
be1f75994e53be710e621d9552d7cc796a347e85622acc435325d94e076b6996
c5405507f60064936019190ea271bc88c1091e292754c602e058d3c0742cd127
c542012c84c6c9b8b31b62c0919d8c76fe2ceb18c8721646cb57f382f38d3020
c6bf29161757477e025d81d0e17eefd1282e6156be38bf5f50b42bee50082dd1
c80b9ca237cf6066c1aa40794a869ac00b7afcc0a9a5ad841428801d7f4117cc
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
cb9c4209cb9614d749efa807c0f454fc51136f7d5914ca629945cadad984edf7
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce1727ed068df20a4587a51a996eee3e98065d456b697426b43581c78c0e180f
cecdb772902480238ed72f56e63233f74af64e5db96706a47d8d40363e6f6332
cfcce6fbc676bcdc4c9f2e2cbdd40cee40a4b9066f829f4e9e400cbe142183f2
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d43319f37d6149f84a8b1c661b446b080d4ce518e7ead74776de1252cabbf3f1
d83f54da9832a6b5507c23e2d2b45016da72e2aec4c708c2643c0361fcd1e62e
da7f8222d3cbb5c3495963d53cda4860d4594ec9f6fe99cd7c5bbdd78148f088
dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba
e2b2f4721149b7cf101f7c539a1be0c2143e26cd7e001aa97b9a1e203dbb97f7
e3960f52a2cc71bfc791e2402be1ef0ec372cac4ef897b0738a61010aba73158
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4558415f627880263b408b58c30f1c9ae4765038c86beaf568d9c067b79c936
e579e03e953cb09cff8d7863bdfb5505077b5165c6ceeb7df1c8a71f66e27f1f
e6151b94a9260d9b6cb436a8aa892dfac39db60c16bff0de1b8fdd44a19b3f4e
e96925cfa6190eac469d3f484625593dcf175d2ea0932815cb32cc7bde252051
ec9aa43009fa42c900f0aa790e0f48c117028f9aa375dd4b058802408af1351b
eebf42462640284e64748eb62bae1f23ec54850e90ad8da736321b4427bfc5db
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4e851bde18d7fc0111215f4d6a622bc9f648b0b96700b2e98a67c2cd633799
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
f27d2c5f66b94230e004d6c66655d01a1cd15174edb43a04feced5daf4d5315f
f2ae46d06027e419f8569f53befe548397490a2cd0f8ece9322a1763e1678dbe
f320df46b193fc17ff43ad5b1bdf4d8096ca8be3eae2d0f782f0cf788bcc8699
f38ffc23580afc19794c4c4388f32fcf346b85367c6821a458ab296271798ca8
f9ae233e8c3c3cf459ffa8b7ae75983cf1ca35bf6eb21468716423cb30475d51
fa4ae93330f3a0b8e253e34bc6d66018d996fb5d56ef0802e6def0d91fd035c0
fca03541a50907237eb1c1872eed044c5a98c6049e9f6064419e08e9cc82af6c

www1.ihdstreams.xyz Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

334 Requests

85 %HTTPS

40 %IPv6

53 Domains

85 Subdomains

67 IPs

8 Countries

7089 kBTransfer

14084 kBSize

36 Cookies

3 Outgoing links

Redirected requests

334 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www1.ihdstreams.xyz Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

334
Requests

85 %
HTTPS

40 %
IPv6

53
Domains

85
Subdomains

67
IPs

8
Countries

7089 kB
Transfer

14084 kB
Size

36
Cookies

334 HTTP transactions
11 data transactions