bots.ondiscord.xyz Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://discordbots.io/
Effective URL:
https://bots.ondiscord.xyz/
Submission Tags: phishingrod
Submission: On November 07 via api (November 7th 2023, 4:24:01 am UTC) from DE — Scanned from NL

Summary HTTP 180 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 65 IPs in 6 countries across 57 domains to perform 180 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is bots.ondiscord.xyz.
TLS certificate: Issued by E1 on October 31st 2023. Valid for: 3 months.

This is the only time bots.ondiscord.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3034::6815:3f52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	162.159.133.233 162.159.133.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
3	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::ac43:2483	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.4 143.204.98.4	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:1691	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.225.78.47 13.225.78.47	16509 (AMAZON-02) (AMAZON-02)
1	54.75.92.23 54.75.92.23	16509 (AMAZON-02) (AMAZON-02)
1 3	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
4	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 5	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
5	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 4	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:ca00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.120.111.33 34.120.111.33	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	79.125.93.48 79.125.93.48	16509 (AMAZON-02) (AMAZON-02)
1	34.200.12.10 34.200.12.10	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
8 8	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	63.35.1.238 63.35.1.238	16509 (AMAZON-02) (AMAZON-02)
1	147.75.84.158 147.75.84.158	54825 (PACKET) (PACKET)
1	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2602:803:c003... 2602:803:c003:200::45	26667 (RUBICONPR...) (RUBICONPROJECT)
2	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2 5	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.166.1.9 69.166.1.9	27630 (AS-XFERNET) (AS-XFERNET)
1	54.194.173.136 54.194.173.136	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2602:803:c003... 2602:803:c003:200::37	26667 (RUBICONPR...) (RUBICONPROJECT)
1	184.30.17.243 184.30.17.243	16625 (AKAMAI-AS) (AKAMAI-AS)
3	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
4	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
10	2606:4700::68... 2606:4700::6811:ca6e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	2a02:2638:3::c 2a02:2638:3::c	() ()
1	2600:1901:0:8... 2600:1901:0:8344::	() ()
2	141.95.98.64 141.95.98.64	() ()
1	2606:4700:10:... 2606:4700:10::ac43:17ea	() ()
2	104.18.38.76 104.18.38.76	() ()
1	184.30.16.183 184.30.16.183	() ()
1	72.246.169.24 72.246.169.24	() ()
2 3	18.198.247.180 18.198.247.180	() ()
1 2	208.93.169.131 208.93.169.131	() ()
1 1	52.87.21.252 52.87.21.252	() ()
3	69.166.1.34 69.166.1.34	() ()
1 1	193.0.160.131 193.0.160.131	() ()
1	159.89.246.130 159.89.246.130	() ()
2 2	185.184.8.90 185.184.8.90	() ()
1	141.95.33.111 141.95.33.111	() ()
2	2a02:2638:3::3 2a02:2638:3::3	() ()
1 2	52.46.151.131 52.46.151.131	() ()
1	3.71.149.231 3.71.149.231	() ()
1	98.98.134.241 98.98.134.241	() ()
1	185.86.138.154 185.86.138.154	() ()
180	65

21 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

discordbots.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bots.ondiscord.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:3f52 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bots.discord.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 162.159.133.233 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.discordapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

hb.vntsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:2483 (United States)

ASN13335 (CLOUDFLARENET, US)

hb.vntsm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-4.fra50.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-47.fra2.r.cloudfront.net

cdn.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.75.92.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-92-23.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:c5a4:625:6563:a5bb (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.198.69.109 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

mydmp.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
load.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:ca00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.111.33 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.111.120.34.bc.googleusercontent.com

cdn.edkt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.125.93.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-93-48.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.200.12.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-12-10.compute-1.amazonaws.com

onsite-tag-logs.apps.nielsen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.226 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.35.1.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-1-238.eu-west-1.compute.amazonaws.com

track.venatusmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::45 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (New York, United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.9 (United States)

ASN27630 (AS-XFERNET, US)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.173.136 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-173-136.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1085f8ea7d1df457a81c99a0197c8745.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::37 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

beacon-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.17.243 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-243.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6811:ca6e (United States)

ASN13335 (CLOUDFLARENET, US)

c.bannerflow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (None, ) 1 redirects

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8344:: (None, )

ASN- ()

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.64 (None, )

ASN- ()

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:17ea (None, )

ASN- ()

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.38.76 (None, )

ASN- ()

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.16.183 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.246.169.24 (None, )

ASN- ()

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.198.247.180 (None, ) 2 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.93.169.131 (None, ) 1 redirects

ASN- ()

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.87.21.252 (None, ) 1 redirects

ASN- ()

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.166.1.34 (None, )

ASN- ()

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (None, ) 1 redirects

ASN- ()

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.246.130 (None, )

ASN- ()

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (None, ) 2 redirects

ASN- ()

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.111 (None, )

ASN- ()

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (None, )

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.151.131 (None, ) 1 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (None, )

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.241 (None, )

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.154 (None, )

ASN- ()

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	discordapp.com cdn.discordapp.com — Cisco Umbrella Rank: 2888	87 KB
21	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 1085f8ea7d1df457a81c99a0197c8745.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	130 KB
20	ondiscord.xyz bots.ondiscord.xyz	385 KB
15	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439	205 KB
10	bannerflow.net c.bannerflow.net — Cisco Umbrella Rank: 8923	103 KB
8	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 511 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625 ssum-sec.casalemedia.com	5 KB
8	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 513 beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 10151 eus.rubiconproject.com — Cisco Umbrella Rank: 602 token.rubiconproject.com — Cisco Umbrella Rank: 458	35 KB
6	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 757 gum.criteo.com mug.criteo.com	8 KB
6	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 246 acdn.adnxs.com	27 KB
5	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	1 KB
5	exelator.com 1 redirects cdn.exelator.com — Cisco Umbrella Rank: 25095 mydmp.exelator.com — Cisco Umbrella Rank: 18963 load.exelator.com — Cisco Umbrella Rank: 8059 loadm.exelator.com — Cisco Umbrella Rank: 1743	12 KB
4	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 1987 sync.go.sonobi.com	3 KB
4	clean.gg i.clean.gg — Cisco Umbrella Rank: 894	119 B
3	bidswitch.net 2 redirects x.bidswitch.net	1 KB
3	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 1245 pixel.quantserve.com — Cisco Umbrella Rank: 964 cms.quantserve.com	10 KB
3	vntsm.com hb.vntsm.com — Cisco Umbrella Rank: 29366	295 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1002	88 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	2 KB
2	criteo.net static.criteo.net	58 KB
2	creativecdn.com 2 redirects creativecdn.com	701 B
2	contextweb.com 1 redirects bh.contextweb.com	1 KB
2	indexww.com js-sec.indexww.com cdn.indexww.com	2 KB
2	id5-sync.com id5-sync.com	954 B
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	41 KB
2	lijit.com ap.lijit.com — Cisco Umbrella Rank: 683	504 B
2	venatusmedia.com track.venatusmedia.com — Cisco Umbrella Rank: 26371	333 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1523	26 KB
2	cpx.to p.cpx.to — Cisco Umbrella Rank: 9143 s.cpx.to — Cisco Umbrella Rank: 7825	2 KB
2	script.ac cadmus.script.ac — Cisco Umbrella Rank: 1421	93 KB
2	vntsm.io hb.vntsm.io — Cisco Umbrella Rank: 35268	956 B
1	smartadserver.com ssbsync.smartadserver.com	75 B
1	sitescout.com pixel-sync.sitescout.com	187 B
1	yahoo.com ups.analytics.yahoo.com	125 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com	278 B
1	serverbid.com e.serverbid.com	285 B
1	rfihub.com 1 redirects p.rfihub.com	734 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	1 KB
1	bluekai.com tags.bluekai.com	452 B
1	ad.gt id.hadron.ad.gt	341 B
1	33across.com lexicon.33across.com	252 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	60 KB
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4925	235 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 781	104 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 751	173 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1403	153 B
1	zeotap.com mwzeom.zeotap.com — Cisco Umbrella Rank: 3222
1	nielsen.com onsite-tag-logs.apps.nielsen.com — Cisco Umbrella Rank: 18086	264 B
1	edkt.io cdn.edkt.io — Cisco Umbrella Rank: 23171	8 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1212	1 KB
1	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 946	920 B
1	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 3275 api.rlcdn.com Failed	35 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	256 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	83 KB
1	discord.pw 1 redirects bots.discord.pw	434 B
1	discordbots.io 1 redirects discordbots.io	512 B
0	liadm.com Failed i.liadm.com Failed
180	57

	Domain	Requested by
26	cdn.discordapp.com	bots.ondiscord.xyz
20	bots.ondiscord.xyz	bots.ondiscord.xyz
15	pagead2.googlesyndication.com	securepubads.g.doubleclick.net cadmus.script.ac tpc.googlesyndication.com pagead2.googlesyndication.com bots.ondiscord.xyz
10	c.bannerflow.net	s0.2mdn.net c.bannerflow.net
8	cm.g.doubleclick.net	8 redirects
5	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
5	tpc.googlesyndication.com	cadmus.script.ac bots.ondiscord.xyz
5	match.adsrvr.org	cadmus.script.ac hb.vntsm.com ssum-sec.casalemedia.com
5	ib.adnxs.com	2 redirects cadmus.script.ac hb.vntsm.com acdn.adnxs.com
4	gum.criteo.com	1 redirects hb.vntsm.com cadmus.script.ac
4	eus.rubiconproject.com	bots.ondiscord.xyz eus.rubiconproject.com hb.vntsm.com
4	i.clean.gg	cadmus.script.ac
3	sync.go.sonobi.com
3	x.bidswitch.net	2 redirects
3	securepubads.g.doubleclick.net	hb.vntsm.com securepubads.g.doubleclick.net cadmus.script.ac
3	hb.vntsm.com	bots.ondiscord.xyz hb.vntsm.com
3	use.fontawesome.com	bots.ondiscord.xyz use.fontawesome.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	static.criteo.net	hb.vntsm.com
2	ssum-sec.casalemedia.com	js-sec.indexww.com ssum-sec.casalemedia.com
2	creativecdn.com	2 redirects
2	bh.contextweb.com	1 redirects
2	id5-sync.com	hb.vntsm.com
2	googleads4.g.doubleclick.net	bots.ondiscord.xyz
2	token.rubiconproject.com	eus.rubiconproject.com
2	s0.2mdn.net	bots.ondiscord.xyz
2	googleads.g.doubleclick.net	cadmus.script.ac
2	ap.lijit.com	hb.vntsm.com
2	track.venatusmedia.com	hb.vntsm.com
2	script.4dex.io	hb.vntsm.com script.4dex.io
2	mydmp.exelator.com	1 redirects
2	cadmus.script.ac	hb.vntsm.com cadmus.script.ac
2	hb.vntsm.io	hb.vntsm.com
1	mug.criteo.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	cms.quantserve.com	1 redirects
1	ssbsync.smartadserver.com	ssum-sec.casalemedia.com
1	pixel-sync.sitescout.com	ssum-sec.casalemedia.com
1	ups.analytics.yahoo.com	ssum-sec.casalemedia.com
1	lb.eu-1-id5-sync.com	hb.vntsm.com
1	e.serverbid.com
1	p.rfihub.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	tags.bluekai.com
1	acdn.adnxs.com	hb.vntsm.com
1	js-sec.indexww.com	hb.vntsm.com
1	id.hadron.ad.gt	hb.vntsm.com
1	lexicon.33across.com	hb.vntsm.com
1	www.googletagservices.com	bots.ondiscord.xyz
1	ad.yieldlab.net	googleads.g.doubleclick.net
1	beacon-ams3.rubiconproject.com	cadmus.script.ac
1	www.google.com	cadmus.script.ac
1	1085f8ea7d1df457a81c99a0197c8745.safeframe.googlesyndication.com	cadmus.script.ac
1	ad.360yield.com	hb.vntsm.com
1	apex.go.sonobi.com	hb.vntsm.com
1	htlb.casalemedia.com	hb.vntsm.com
1	fastlane.rubiconproject.com	hb.vntsm.com
1	bidder.criteo.com	hb.vntsm.com
1	prebid.a-mo.net	hb.vntsm.com
1	loadm.exelator.com
1	load.exelator.com
1	sync.teads.tv
1	mwzeom.zeotap.com
1	onsite-tag-logs.apps.nielsen.com	cdn.exelator.com
1	s.cpx.to	cadmus.script.ac
1	pixel.quantserve.com
1	cdn.edkt.io	hb.vntsm.com
1	rules.quantcount.com	cadmus.script.ac
1	secure.quantserve.com	hb.vntsm.com
1	p.cpx.to	hb.vntsm.com
1	cdn.exelator.com	hb.vntsm.com
1	ad-delivery.net	hb.vntsm.com
1	ats.rlcdn.com	hb.vntsm.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	bots.ondiscord.xyz
1	bots.discord.pw	1 redirects
1	discordbots.io	1 redirects
0	i.liadm.com Failed	ssum-sec.casalemedia.com
0	api.rlcdn.com Failed	hb.vntsm.com
180	79

This site contains links to these domains. Also see Links.

Domain
discord.gg
brussell.me
medium.com
discordservers.com

Subject Issuer	Validity	Valid
ondiscord.xyz E1	`2023-10-31` - `2024-01-29`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
discordapp.com Cloudflare Inc ECC CA-3	`2023-10-20` - `2024-10-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.vntsm.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-10` - `2024-04-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-07` - `2024-08-06`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
script.ac E1	`2023-10-31` - `2024-01-29`	3 months	crt.sh
cdn.exelator.com Amazon RSA 2048 M02	`2023-10-09` - `2024-11-04`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2023-01-12` - `2024-01-13`	a year	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2023-09-17` - `2023-12-16`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
api.edkt.io GTS CA 1D4	`2023-09-27` - `2023-12-26`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2023-01-12` - `2024-01-17`	a year	crt.sh
onsite-tag-logs.apps.nielsen.com Amazon RSA 2048 M01	`2023-04-09` - `2024-05-07`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.venatusmedia.com Amazon RSA 2048 M02	`2023-01-24` - `2024-02-22`	a year	crt.sh
*.a-mo.net R3	`2023-10-06` - `2024-01-04`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
lexicon.33across.com GTS CA 1D4	`2023-10-01` - `2023-12-30`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.consumableaudio.com R3	`2023-10-30` - `2024-01-28`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://bots.ondiscord.xyz/
Frame ID: E517FB197D65CC8F06C0841E2ADD4CD6
Requests: 77 HTTP requests in this frame

Frame: https://hb.vntsm.com/v3/live/ad-manager.min.js
Frame ID: 9F28E80172D10DE13CD1725049BB667F
Requests: 36 HTTP requests in this frame

Frame: https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Frame ID: 1296C971F8A3AD87E43238C96E612F4C
Requests: 1 HTTP requests in this frame

Frame: https://1085f8ea7d1df457a81c99a0197c8745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FDBB2F258FAFDB236BD464CFABFF5B0A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A4BE8187308D4E987CF6D4397E7399E7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 999665C3B0E962CA37220C42D0C9C203
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMu2VBCM4XAY5JjkvgEwAQ&v=APEucNXoS2IRo5Gb72nW4K28_kUnyZ8bFjHCZHrzxKTJ_eouH2KeqRA7fd_NlwROOTECKr0tg1rLGqPbC-Q3C6MwbX7JpmOtg-wB8ea6bVp06aE2KrIuQrF9X2Wir2H9s0Vw9nJ9bsVxZO1PljtZ3mPfcJQAoVh17lVtZcjRbPQ8086xijGxQf4
Frame ID: 67626A5161F1C95B3788CDF9EB3A829F
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 40322CD5AC6174C9C942197705DEC621
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=nl
Frame ID: D32CE039997526B03DDD01D37044D4EF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7497AD368899069E6A61EDA29BEC5908
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12950889301880602624/5.Auto_Prospecting_Besparen_USP_Vergelijknu-1-Dutch-728x90-637764744800027629-9d594784-610f-4f7a-9a9b-a7719e97e20c.html?ev=01_250
Frame ID: 9738963319CD2AF96E29F124B5FEE48B
Requests: 9 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/8e8fb51a-1119-4456-9e49-8cc5ba920966
Frame ID: 813BB67390E1F0B521A6A957CF57803D
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/independer/58b00b62657197058cc7e813/images/b4b21316-fafa-412d-af96-e51058af0f5a.svg
Frame ID: C0307DD74D7E19C6D7B7B8EA7CB0126A
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F7C0FB7A95BC04CBD0203FED83D6F12D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 04A1CECDBE18A6789DD3E1024960EA65
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1D3CC856636A0CAA30C652EB3A19A072
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13386848
Frame ID: 9E6C5E2EEA6ABB850CD337CB3329A4F4
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbots.ondiscord.xyz%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 27344DB8D18BF1FEB603614AE417B149
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=bots.ondiscord.xyz
Frame ID: 872D8784AE1E07908A77D8D473923F10
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bots on Discord

Page URL History Show full URLs

https://discordbots.io/ HTTP 302
https://bots.discord.pw/ HTTP 302
https://bots.ondiscord.xyz/ Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div [^>]*id="__nuxt"
/_nuxt/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

180
Requests

90 %
HTTPS

41 %
IPv6

57
Domains

79
Subdomains

65
IPs

6
Countries

1807 kB
Transfer

5449 kB
Size

25
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/bvm6vSv
Title: Join our Discord

Search URL Search Domain Scan URL

URL: https://brussell.me/
Title: Brussell

Search URL Search Domain Scan URL

URL: https://medium.com/on-discord
Title: Blog

Search URL Search Domain Scan URL

URL: https://discordservers.com/
Title: Find Discord Servers

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://discordbots.io/ HTTP 302
https://bots.discord.pw/ HTTP 302
https://bots.ondiscord.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d HTTP 307
https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d&xl8blockcheck=1

Request Chain 77

https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=MmM0ODlkNzg4YmFkM2FmMzcwN2VlOTdkNzQzZGRiODQ&&google_redir=https://load.exelator.com/load/?p=204&g=109 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=MmM0ODlkNzg4YmFkM2FmMzcwN2VlOTdkNzQzZGRiODQ&google_redir=https://load.exelator.com/load/?p=204&g=109&google_tc= HTTP 302
https://load.exelator.com/load/?p=204&g=109

Request Chain 78

https://ib.adnxs.com/getuid?https://loadm.exelator.com/load/?p=204&g=013&bi=$UID&j=0 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Floadm.exelator.com%2Fload%2F%3Fp%3D204%26g%3D013%26bi%3D%24UID%26j%3D0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=013&bi=1847208509865094125&j=0

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESENrcCe9UVD_rI8TFtHbNYyU&google_cver=1

Request Chain 106

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFJxbrQRARBMHSI6MTWrGo&google_cver=1

Request Chain 107

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUm73gdEGnITRHirpBtlRAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFJxbrQRARBMHSI6MTWrGo&google_cver=1

Request Chain 154

https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=aab3c460-31af-4af3-8cd2-a27d34ba9d3b&google_hm=YWFiM2M0NjAtMzFhZi00YWYzLThjZDItYTI3ZDM0YmE5ZDNi HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEH_I4gWveYTxnyMnbXof0ig&google_cver=1&ssp=sonobi&bsw_param=aab3c460-31af-4af3-8cd2-a27d34ba9d3b

Request Chain 156

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=13964341-2661-4562-9b9a-5ff8f9a07f6f&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=bWoxLVdIOFVxUU5WMk1ZcmVNYzdkUQ&gdpr=&gdpr_consent= HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEAGG8VztMvbxxnqRJTHRZIw&google_cver=1

Request Chain 157

https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=st&nuid=wqoj8rkwWL1e4RPr1eT5MB_MlnU

Request Chain 158

https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5109685630587368105

Request Chain 160

https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
https://creativecdn.com/cm-notify?pi=sonobi&tc=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=x791G7A01LdJWMtleQ7o&pi=sonobi&tc=1

Request Chain 167

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZUm73gdEGnITRHirpBtlRAAACFAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJ_ixmDc5wJr7Jb2tUBySXI&google_cver=1

Request Chain 168

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUm73gdEGnITRHirpBtlRAAACFAAAAAB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUm73gdEGnITRHirpBtlRAAACFAAAAAB&gpp=&gpp_sid=&dcc=t

Request Chain 169

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUm73gdEGnITRHirpBtlRAAA%262128&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUm73gdEGnITRHirpBtlRAAA%262128&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=1f5491b4ea974fc1be748495894d36f1

Request Chain 173

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=aGOnfjw09yNzZqB1bm--ImZupiJzN6R1amKuE6Qs

Request Chain 179

https://gum.criteo.com/sid/json?origin=publishertag&domain=ondiscord.xyz&sn=ChromeSyncframe&so=0&topUrl=bots.ondiscord.xyz&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=3k8_nnxhejhWKzliVnVLRXNiTVN3R1JBYTFWZ0o2aDN1WktsWThZY3hxSlNsdkFIVXA0Z1lDNVU5d0U1TXhKdm1OQlhIUTd1M01xVmoxdlVpVkVyaGlmTGthVFI0dmdXV2RyVzlEdTUvbFF2OFl5YkRVMS9IcEhLOVpESXBCQWlOY2FOZXV1WFQzQmNmU3pXUVNHK0o1a0tlamczLzVkelZkUlRuRlhyakJyNjdYTUt6T3ZoTk16YjNReVB6YW51dnZIMmxmak1mTVJXdTl1bHN6R09TbExXcFprMkcxQlVqMVNRZktyUnNobmtwNThObUd6MnMvVlRiRlQ1ODF3NmJsRldoMXV0V1VRbFRUaUp1R2lVRjBEbkttQT09fA&cppv=2

180 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
bots.ondiscord.xyz/
Redirect Chain

https://discordbots.io/
https://bots.discord.pw/
https://bots.ondiscord.xyz/

117 KB
23 KB

960ms
877ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bots.ondiscord.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96646ee880b78bf1b3dce850a241455556420111948fbecd108421428fe78f32

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8222cdb50eb01afe-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 07 Nov 2023 04:23:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erk1T79algaqplhOdSu1Irw4I0ze6Mn%2B9GAj5ia8N9ppScIpbjNwqWqxJPnpLJV6Xr6OS7Q1bDLtU6Agd9neTCDBGEZie3Xs7UlEZmpQ3MJbHw5ZcST8VM%2F9cMovoky1nwuVtnxA%2Fj3oLKvZmNR%2Fp3Y%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains
vary: User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8222cdb2cde16661-AMS
content-type: text/html
date: Tue, 07 Nov 2023 04:23:54 GMT
location: https://bots.ondiscord.xyz/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJFFciJe01pATG73kANVWzmW5Cdq5%2Bpl24XL9f5Fl6gNlbTaomlMF0yNRqft2fffqlmsNSSo1QC%2FnIjiN9%2B%2FbkdGur4hIry8KvJEoTTM%2B88wm96WHFfMoAyI0ouv4xvaCBR1hHXMnfqVQ0xqpNA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 all.css
use.fontawesome.com/releases/v5.10.2/css/ 55 KB
13 KB 107ms
33ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.10.2/css/all.css
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d

Request headers

Referer: https://bots.ondiscord.xyz/
Origin: https://bots.ondiscord.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9V67Y8GGTYK6M6BP
age: 2658905
alt-svc: h3=":443"; ma=86400
x-amz-id-2: GVkoY/2tKVbLn6HTvFXTUbi0btFvHs3DmODAOqimcJNdU7ADdDEZDqUnpmk+NRPT/XC34audZU7G8KBL3lFUFjjIevpQYNmnY5sXDA0WJ/w=
last-modified: Wed, 30 Jun 2021 15:36:08 GMT
server: cloudflare
etag: W/"164a58dcca37a5b00c22e06ee8e2fc68"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZ6nD2VvhtQGU4xUJRmJdcXqBaiJ6WZTFlylLfsPUKQckXuQBszPaCfSyGaTfvaAqEpbR%2FDXbAmyb%2F5D7OVVsB4fs7B5QjjQLmvgBU5iAst6LyN9ApUg7V5nuQtHBsl090K73G%2BRW7Om8YEs4BcTxr%2By"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 8222cdbaff1cb97a-AMS

GET
H2 200 brands.css
use.fontawesome.com/releases/v5.10.2/css/ 661 B
820 B 106ms
32ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.10.2/css/brands.css
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b833e64f47018606c3d2fc9bf21af4efa6611b95f052625efca08b880bcfc80a

Request headers

Referer: https://bots.ondiscord.xyz/
Origin: https://bots.ondiscord.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:44:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 440990
etag: W/"27c105d6b1d79b59f9c59e0916d5251b"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGVjRb5u%2B5SG0ClckSuWSjqG9fmrYBhcXWk%2BAt1OQtVXgWzvIOyUv57RKSLBb5Qxvy4uMqJZmTGZqIjmgp%2FE6tzuetEh3sAdgIDthYAE9fKH%2FGHxjM58ri7zXBiGJg3Se%2B9q7e6MAdQ3vYsdzvW7ddjN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 8222cdbaff1bb97a-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 911de2f.modern.js Show response
bots.ondiscord.xyz/_nuxt/ 5 KB
2 KB 36ms
35ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bots.ondiscord.xyz/_nuxt/911de2f.modern.js

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb54c6a8974743696550aefbf2f88e66d3a83df4160478d7ed0a318bc856ed72

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 591105
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Jun 2023 17:04:26 GMT
server: cloudflare
etag: W/"12fc-189081d0404"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xe%2FoTbmMDVzP0UGMLd1eC7ojnmrxtRgpQhzcWoMgSh7O0a9pY8ZbG7ThrKezVUlQMgkOOJztuM65H7ppW2ahp09KZdpe90IpDetfqJx4ni9kNVQ%2FgCLba%2BqmsZZlQLJxZjysKGNSWMhzi%2BPBD5b%2BPPc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 8222cdba88ba1afe-AMS

GET
H2 200 0aa937a.modern.js Show response
bots.ondiscord.xyz/_nuxt/ 175 KB
62 KB 41ms
39ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bots.ondiscord.xyz/_nuxt/0aa937a.modern.js

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c093fc45f2dfecacfb029b8e90a8c9c1f9c2337a24203dc943492a7509075a83

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 434976
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Jun 2023 17:04:25 GMT
server: cloudflare
etag: W/"2bc5c-189081cfe64"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2BCfZTeEt5qZCXWQMukn7JWVg5pYYS69A223B%2BE3xhfTRL%2FU%2Fjdfq1d0MK9heSfzwEM34zriS%2F9yUqwhlgBIzLCTIUQx%2BrgbKExkDYtNPq93gfav63ZBsMn2C3z4e%2BOm%2B%2F9%2Fa%2BBxN6fiUdgLAToO5Yo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 8222cdba88bb1afe-AMS

GET
H2 200 2f74d4b.modern.js Show response
bots.ondiscord.xyz/_nuxt/ 345 KB
79 KB 67ms
66ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bots.ondiscord.xyz/_nuxt/2f74d4b.modern.js

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

925b5ce50a57c701f6c06dc2da9e5f8d2095428ce6c0ef60f630ea12096d2494

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 434976
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Jun 2023 17:04:25 GMT
server: cloudflare
etag: W/"563f8-189081d00c4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pppXnbksacdFEFQ8Q4fxAMeoYFYYNKQ13IOa1hjMin7TASXVjyeZasS1FaBMTa%2BoAI5NJI1vi9atmNEH9JfOuP4jombAPTLeTAxGCpCYnKW89PtbVPInZ2CobvqtiFy6qOwv6XidbMtkrhv9jh7mK5I%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 8222cdba88bc1afe-AMS

GET
H2 200 002967f.css
bots.ondiscord.xyz/_nuxt/css/ 364 KB
49 KB 66ms
65ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bots.ondiscord.xyz/_nuxt/css/002967f.css

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8f8991096558823f299011392be10fd7fd8ef55ab3bd1245b8ee6e36c5d2501

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2123023
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Jun 2023 17:04:28 GMT
server: cloudflare
etag: W/"5af16-189081d0ab4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CeKRuY%2FL69UNRbE47nC0vkHTHRHe3FYXmYLP3%2F2v4VqOXYWPxoig0HPGhw%2BsgX7UO8k6VWrvR87gVKkMhjgRKqtH1lbAFxOUeM%2FOkGxCNyX7pBmkD73ucGD6ZPjkAxiKPl5nG69aBY0JW8NjjFbzPXw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 8222cdba88b71afe-AMS

GET
H2 200 7bd540a.modern.js Show response
bots.ondiscord.xyz/_nuxt/ 66 KB
20 KB 37ms
36ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bots.ondiscord.xyz/_nuxt/7bd540a.modern.js

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b8cfa2c3ba8719c8bd2fa1feb34f07317de0a38348fe2943792713d3b4aed59

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2642809
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Jun 2023 17:04:26 GMT
server: cloudflare
etag: W/"10675-189081d0328"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmChvoFhKHDS70ZSXNguFNa0s%2BnpscntbozXZfrNKNW2mMhSIwgKmChlCJa1QadZZnWckGHSSxKMnLccpmVF8pS1XlmkfvyPT3iXz8tXKDnPKwvTkXXeBtGVHZQIWrI%2FP7czT7DBOtB40W3X6GuayAg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 8222cdba88be1afe-AMS

GET
H2 200 1658f8c.css
bots.ondiscord.xyz/_nuxt/css/ 4 KB
1 KB 35ms
34ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bots.ondiscord.xyz/_nuxt/css/1658f8c.css

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac1cd51d9094856456e9f387c7a309d30908e88fc804ddabe47dc9c7e2318e0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23998560
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 17 Jul 2021 20:08:01 GMT
server: cloudflare
etag: W/"11c0-17ab615366b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQBi5PaHwka58NbLaHZduKZBbQxiWh%2FguVjnXlKICA3qyo5Gbh1fySdWhn2GV%2BNGGDQ8wtTA7eR0tc76nWobWtRE9T0oGHkvYM6mFEi0yIlvAA%2FN7e12jFL3llre38kBGgrr3a4GUTVtsAsUb69%2FxtQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 8222cdba88b81afe-AMS

GET
H2 200 a568c12.modern.js Show response
bots.ondiscord.xyz/_nuxt/ 8 KB
3 KB 36ms
35ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bots.ondiscord.xyz/_nuxt/a568c12.modern.js

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3801913cf0d87feb99cd7a6a929a9b6b2bca17199368ccd7b192b9e0d48b4949

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2624834
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Jun 2023 17:04:26 GMT
server: cloudflare
etag: W/"1f14-189081d04f8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OyMD2rjZgGtQxEC6JbZbcGvMSQJzoP64%2F7Ery3PHeKL2UF6dKOqy6Q2rfJIbIkzsB8phZl44cwtJimj4VZCO0auK8llAz3hQNrb8ZkBGZb7tyHeTDKW754ADSCuXOcoJaKA9%2F7laBa4zNmELIUPsrvo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 8222cdba88bf1afe-AMS

GET
H2 200 433d558.css
bots.ondiscord.xyz/_nuxt/css/ 6 KB
2 KB 34ms
33ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bots.ondiscord.xyz/_nuxt/css/433d558.css

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98c825df5264194d05cb4b1406d6f39027c18b2e673b3d87bff6c77d7585f2c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2624834
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Jun 2023 17:04:29 GMT
server: cloudflare
etag: W/"16ce-189081d0d48"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=orBjNLdhb3VAvT5bD8HYhneNnE4HaVWiIrZcsqqY91WBtPkxe%2FulygjEXxzk%2BvUCs6hkkUgBcKrUe6IYA4f5Ml4XkuetBOjZKqHComDatA6OazQzDN9Z%2FRMuc2VrvFElLSqEgeGZo8DytJDCKaBmoxU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 8222cdba88b91afe-AMS

GET
H2 200 392185a.modern.js Show response
bots.ondiscord.xyz/_nuxt/ 10 KB
3 KB 36ms
36ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bots.ondiscord.xyz/_nuxt/392185a.modern.js

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1d8a19cee967122b7d2cff4d03675d4a51a74a3d97bd587ced3fea103437b9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 600682
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Jun 2023 17:04:25 GMT
server: cloudflare
etag: W/"29eb-189081d0030"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xHLu3lb%2Fh4pYFQNfIoNb9Eh%2Fy7hQacuJjLVy7EIEJvUtODgbGQSq0%2BDHgrd%2B3NOHBy1nitPPG5r%2F71%2BU5O0fRYKfF6Ir8v4LyfRfQigkLe8SDYNA%2BSx5Bme%2BowgaL2cXvTIUDNSyoq6GvC24fdrYGA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 8222cdba88c01afe-AMS

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.10.2/webfonts/ 74 KB
74 KB 33ms
32ms Font
font/woff2 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.10.2/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.10.2/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff

Request headers

Referer: https://use.fontawesome.com/releases/v5.10.2/css/all.css
Origin: https://bots.ondiscord.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: W92YGCGFSMF3X8X5
age: 638115
alt-svc: h3=":443"; ma=86400
content-length: 75408
x-amz-id-2: 96/jY4lGYu272sdm+vWhXq/Gwg0c8YQo4eQ+CuGZJmkb8Go/ToNKLGITLbio0sz0xIehdGpuJuA=
last-modified: Wed, 30 Jun 2021 15:36:28 GMT
server: cloudflare
etag: "d6d8d5da9214dc7d46b297672a602d55"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCSAp230QTRmXE98l57JqJl%2FD33p1L0X1USQYOkWBcPi4sqKPFZ0cCFxFRU8MUaLl7Lk2i1J2eSImN%2FnjYZSSDA8B65JyGyEFxWIb18%2F2x7J8mZf7DP0gzTgE5YuQd3%2F%2BQVFXeKC9PTXHBSi63Lx2vg%2B"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8222cdbb5f4db97a-AMS

GET
H2 200 b50adff099924dd5e6b72d13f77eb9d7.webp
cdn.discordapp.com/avatars/159985870458322944/ 652 B
2 KB 113ms
42ms Image
image/webp 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/avatars/159985870458322944/b50adff099924dd5e6b72d13f77eb9d7.webp?size=128
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a726810ad110671e947f72e4fcf6375f0779fe3300031ab9d689570b65f2c9bc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 603922
alt-svc: h3=":443"; ma=86400
content-length: 652
last-modified: Fri, 05 Oct 2018 18:44:45 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NobkXft20%2FJ6GMXBgN2gEa6AyfTrIVXOrZdr03%2Fm7ZZBdJs7%2BLYBmDQMz9Ew7Qc7N99U0%2FLnua01Y%2FVYzSFs0OsQOLTAUJC66wxihpwT0ZXRVNOKrnypXlFir2nrQ8tXC%2F3E%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8222cdbc08e2b766-AMS
expires: Wed, 06 Nov 2024 04:23:55 GMT

GET
H2 200 19a5ee4114b47195fcecc6646f2380b1.webp
cdn.discordapp.com/avatars/155149108183695360/ 1 KB
2 KB 116ms
45ms Image
image/webp 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/avatars/155149108183695360/19a5ee4114b47195fcecc6646f2380b1.webp?size=128
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 852c198aef50fdd01a53040da120b23bd03b136b74e2e01ae370417d16165999

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 589755
alt-svc: h3=":443"; ma=86400
content-length: 1058
last-modified: Sat, 28 Mar 2020 22:17:43 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3n2th1VYUlLeU6TDiz5ftbujSa4l%2FhXeCchhiPBHY%2FkZvR0bKElERmuoIyu8l5EA00FjiPwrWA8kG%2FmOa7WC8%2Fd%2B4VA7ya3tpGHB3yvOwhQBQuhYkXYKp7cyoVm%2BajHTr5%2BjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8222cdbc08e1b766-AMS
expires: Wed, 06 Nov 2024 04:23:55 GMT

GET
H2 200 43fc1879641f6239d6e4038eaa7dabbc.webp
cdn.discordapp.com/avatars/172002275412279296/ 3 KB
3 KB 114ms
43ms Image
image/webp 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/avatars/172002275412279296/43fc1879641f6239d6e4038eaa7dabbc.webp?size=128
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be2c752f7a16ec5ad4a1534648ecf1440474f14bd94a4fc45c5ee782134b02d8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 423271
alt-svc: h3=":443"; ma=86400
content-length: 2620
last-modified: Sun, 08 Nov 2020 18:40:59 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXNSTotm9VSpV0J48pQVN5uRSXXChZ8uxoiJRlljKQfnM3ML%2FPRP%2F1j0LrbTQh9obzQvnRsFn6aEJxJMb62ep8k%2BgNDZ5Xb4XU5xPHqkkRq7Xl2fQ%2F3doIpC%2FhQTWrycGqsssg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8222cdbc08e0b766-AMS
expires: Wed, 06 Nov 2024 04:23:55 GMT

GET
H2 200 5131053ad6d3e35ef587c8fc3d471963.webp
cdn.discordapp.com/avatars/270904126974590976/ 5 KB
6 KB 115ms
44ms Image
image/webp 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/avatars/270904126974590976/5131053ad6d3e35ef587c8fc3d471963.webp?size=128
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ae55c888f7b56a326ff11ee983bd39df8accaa0af040497c7376e616a1bd5e2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 507052
alt-svc: h3=":443"; ma=86400
content-length: 4790
last-modified: Sun, 29 Oct 2023 21:41:54 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ZtbBesfRx4N3fqGQMCWSzwWtOTKL5XSqRCK5Hc%2FbfXijMvTcj4MQSCkX3RYfyHgTghAoPnNoS%2Bxxt5HlaSUv1704j%2Fx17JyJBfKkfHioS9Jy2ARYWwfGSyRavnVYy5P8w9jDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8222cdbc08deb766-AMS
expires: Wed, 06 Nov 2024 04:23:55 GMT

GET
H2 200 7e25f540b31d70360e69fea14dbd865a.webp
cdn.discordapp.com/avatars/184405311681986560/ 2 KB
3 KB 114ms
43ms Image
image/webp 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/avatars/184405311681986560/7e25f540b31d70360e69fea14dbd865a.webp?size=128
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acf825355b5a72b8ea6a94d5057f64dc997594afb1a63e561930939055c5de64

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 594723
alt-svc: h3=":443"; ma=86400
content-length: 2332
last-modified: Mon, 01 Apr 2019 20:23:47 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1dr5%2FeF1jvQ%2BxshYVrHSjjRR42mnROgM9f0qu1Kl2GIzR64xZyKy7HZrW5yxZgGNKFbGp17aQYbnAPzcuv02%2FNtAzG0OK%2BX%2BabmY16ercuNaXAlWdgGIeswtwUnUw0k%2FpdbUQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8222cdbc08ddb766-AMS
expires: Wed, 06 Nov 2024 04:23:55 GMT

GET
H2 200 156a0d2872579f1ffcaa5d2127239bfd.webp
cdn.discordapp.com/avatars/282859044593598464/ 834 B
1 KB 114ms
44ms Image
image/webp 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/avatars/282859044593598464/156a0d2872579f1ffcaa5d2127239bfd.webp?size=128
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab5cb72d0dc3f2b364bc90a42129a2508bba520c9f07b91d2c5e6e35ccc19f88

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 559559
alt-svc: h3=":443"; ma=86400
content-length: 834
last-modified: Mon, 15 Jul 2019 21:16:40 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KqB%2FBCW5gdS0AAQgo0SmP7uHznH0sbEwQ4Zt3d5LTasygcqDZGnSxT0HJVDAtND219qMsDypo22qs%2BRc9ZSKgdUbjvX1ahgLU%2F75bwnG2q8U6B6uvA06aBUJtuf7h110fBV4dA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8222cdbc08dfb766-AMS
expires: Wed, 06 Nov 2024 04:23:55 GMT

GET
H2 200 6d9fcf46739f6c14392423d203f0c4e4.webp
cdn.discordapp.com/avatars/472714545723342848/ 7 KB
7 KB 39ms
36ms Image
image/webp 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/avatars/472714545723342848/6d9fcf46739f6c14392423d203f0c4e4.webp?size=128
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51c833eb4e1738741e5ceee45dd2408feeb186c207e76bab7bd8afd355120e20

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 407616
alt-svc: h3=":443"; ma=86400
content-length: 7006
last-modified: Sat, 03 Oct 2020 21:15:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2e1okGPCmXQ6Db68hqQh6rYgkLJ8C2X9VP8yRbv9OlxzA683yWEKXvnZdBW8HFuTWyKSPsm9zB2l5zAj2Vk9pkTkqLuwYqEJUZs05UzQxpizC2pQUDVaZ3SIC08oGDNVL2MNfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8222cdbc58f3b766-AMS
expires: Wed, 06 Nov 2024 04:23:55 GMT

GET
H2 200 63fad9d9aeb168760079de9d011a8119.webp
cdn.discordapp.com/avatars/169678500893163520/ 4 KB
4 KB 226ms
224ms Image
image/webp 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/avatars/169678500893163520/63fad9d9aeb168760079de9d011a8119.webp?size=128
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a83f3e939edf8302a2e685fd5e673b485db451c16fb203e744ff79399d4d4ef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 4108
last-modified: Mon, 03 Apr 2023 02:39:34 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yeQ3zidUR6KVXMsnjspi5mbUZQ%2FA%2BjsKNGo07%2Fl0HemHl7VcbOvLRjcYgZ1Wqp4Ma8EU5qUBsV%2Bn3iUnaqXxUiRRcBGQjTnPPt9FilQ6lWmq9Oso9l%2BjYvoKke2MjW5nIWuDmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8222cdbc58f5b766-AMS
expires: Wed, 06 Nov 2024 04:23:55 GMT

GET
H2 200 a7869676741a453bcbdb163c90bb1230.webp
cdn.discordapp.com/avatars/464601463440801792/ 2 KB
2 KB 300ms
297ms Image
image/webp 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/avatars/464601463440801792/a7869676741a453bcbdb163c90bb1230.webp?size=128
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37eada03b306d7d7a5b385144da80183ffce075d0c0119fc31836efcd873c7d5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1718
last-modified: Tue, 04 Apr 2023 02:00:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WIHDalH0j9otxlcSM6w%2B4KxrN0bUX1tv863xIm9P12M5F7uzsaDsdkCcXsn9qKGuXrQn4HDea5wGFxIreGxwUn2xYnf%2FkANlm%2FIXMk6BU636JiIXFmL3QyhE%2BDIlZH%2BieGN8SA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8222cdbc58f6b766-AMS
expires: Wed, 06 Nov 2024 04:23:55 GMT

GET
H2 200 940b48dce08bb9eb2853c1755c891f93.webp
cdn.discordapp.com/avatars/564426594144354315/ 3 KB
3 KB 184ms
181ms Image
image/webp 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/avatars/564426594144354315/940b48dce08bb9eb2853c1755c891f93.webp?size=128
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef6cb737ac403147d56fbfb8d9e839dd60bc799c0754e64451d242f739636d07

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3018
last-modified: Tue, 03 Jan 2023 19:25:13 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=idBrnuHqZDPBxFqIEJLaNxdHIZ1Po2HQIq87yIdTiaK1Pw%2FVNzTTJ7Hsiw5YHWI8lch13fD3hcLtgy8vmkgN35IEWTYfpanIWGvniyl9NOWYdzZ7xY0drFPV7uw4HecUFaHIkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8222cdbc58f7b766-AMS
expires: Wed, 06 Nov 2024 04:23:55 GMT

GET
H2 200 0ffed042c787980bda7bd7c256337675.webp
cdn.discordapp.com/avatars/213271889760616449/ 5 KB
5 KB 39ms
37ms Image
image/webp 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/avatars/213271889760616449/0ffed042c787980bda7bd7c256337675.webp?size=128
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36fc0f2000290dbbdc63a4d0d64dfeab6046ad0e896533b358300fc7684ad677

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49354
alt-svc: h3=":443"; ma=86400
content-length: 4770
last-modified: Sat, 02 Jan 2021 16:26:13 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAbuDtiM7IK1pof5yWKL2IozvHhyjUCht086Dq1XSMEvlVdDrp4%2Fke6ODAuQkpgksj8C6l7KJzDbE6A96BaijX45EEJBESOprG4Mh9IWMrAuRRuyWLLF3xbYn6qk87MB3RrkRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8222cdbc58f8b766-AMS
expires: Wed, 06 Nov 2024 04:23:55 GMT

GET
H2 200 977c6dcf3184a031916e9a2c178918c2.webp
cdn.discordapp.com/avatars/125367104336691200/ 4 KB
4 KB 41ms
39ms Image
image/webp 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/avatars/125367104336691200/977c6dcf3184a031916e9a2c178918c2.webp?size=128
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfe4b2fa422fb3e55abe0aafac06d5a74bde1fd1aa4ae3c304c07b94305d26ad

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 503268
alt-svc: h3=":443"; ma=86400
content-length: 4242
last-modified: Tue, 08 Jan 2019 01:07:53 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=picMgdCAeh0cN50PgEpILApO1XkagsuuoX8aRbL%2BhpnpvXxhyVqxcV%2FQmdhbO2df7lohXjpWc7yJIJQQX8u3e8ZrTRnPNKBnKl3Z5FjAt3qccQUZNKEbJ33LExQVTgrUsn2oYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8222cdbc58f9b766-AMS
expires: Wed, 06 Nov 2024 04:23:55 GMT

GET
H2 200 676d05e3fa19c62ad3c5afa1a2663b61.webp
cdn.discordapp.com/avatars/384820232583249921/ 4 KB
4 KB 179ms
177ms Image
image/webp 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/avatars/384820232583249921/676d05e3fa19c62ad3c5afa1a2663b61.webp?size=128
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2a7192c11e4551ab661c51f9c3ed5f288a7175fc1feef7712df1443f772d834

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3858
last-modified: Mon, 01 Nov 2021 18:02:35 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqE5K219bReTPkgXSSUdqKXJKVeZiZWBcalgLZDAqs2nE%2F44orVGvtuqudvbuaDx3VhxBDeWkuTcTeUAjOt5EVAtHU0DdRf7VVwVpWDKizBlYEozLju9Ni%2BNXLBQnQAFRaS6jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8222cdbc58fab766-AMS
expires: Wed, 06 Nov 2024 04:23:55 GMT

GET
H2 200 9b29bfc497a70b6cc85bb2087936f8fd.webp
cdn.discordapp.com/avatars/235088799074484224/ 734 B
1 KB 43ms
41ms Image
image/webp 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/avatars/235088799074484224/9b29bfc497a70b6cc85bb2087936f8fd.webp?size=128
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b3d085444566482650e88aa2be1bf37c3dfb1e0275cf684c2d48c9f05af37d0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 409298
alt-svc: h3=":443"; ma=86400
content-length: 734
last-modified: Sun, 28 Feb 2021 21:38:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQBv6hu9mtbzEqho%2BrdEhtZgSPuMpEWNNS0tBXM25XLI%2FwajFyqaYM1D4j0aD8Cqy3zoDlR4s7JXzYIjdFF4Ctlxrmy0aiJejd9wd607wKamifHMEUpL6Sh3MKcNYmTMdK%2FCyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8222cdbc58fbb766-AMS
expires: Wed, 06 Nov 2024 04:23:55 GMT

GET
H2 200 7effa55f2ed60fc96ea13bf95b4c19cf.webp
cdn.discordapp.com/avatars/185476724627210241/ 5 KB
5 KB 79ms
77ms Image
image/webp 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/avatars/185476724627210241/7effa55f2ed60fc96ea13bf95b4c19cf.webp?size=128
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fe1378184b01736c3ca179fbba8a3cb60a091db97872b8e4b08f1388b270cc7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 368961
alt-svc: h3=":443"; ma=86400
content-length: 4730
last-modified: Sun, 04 Jun 2023 09:30:53 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBIJphsq5SCWx06Z8zu9XQCpKOPpK9RJ4STKBSZ%2BbalJuR%2Bu3esjhgIwRZIdPULO2RBxSw7BwaR9TJYDa7ZTEX4Yt9m9SHCJ59xeg6M28dNhfZj%2FVX%2BpNDm%2Bk0k5J4Z1ZYEpbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8222cdbc58fcb766-AMS
expires: Wed, 06 Nov 2024 04:23:55 GMT

GET
H2 200 c3e9022e815773f5f2d2ec66ed522579.webp
cdn.discordapp.com/avatars/431423978696081408/ 744 B
1 KB 185ms
183ms Image
image/webp 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/avatars/431423978696081408/c3e9022e815773f5f2d2ec66ed522579.webp?size=128
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1969272501ec336e2f17e71c6ec7886b4097f60ad495292b9d70ffbfd6cdf64

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 744
last-modified: Mon, 21 Sep 2020 16:00:58 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qmv98dyjgq3krut8%2FxQYxBta75xvvhsrwpw1if0GGBkYi3rVc2b2f0Otw3SrjBv9rmZDE4qFWSFDoV7f3RXFKQ7AxqDio3S66rOUr1o4QUGnVW5X0sCxBjr6DanZOI%2BGimtBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8222cdbc58fdb766-AMS
expires: Wed, 06 Nov 2024 04:23:55 GMT

GET
H2 200 795ed0c0b2da8d6c37c071dc61e0c77f.webp
cdn.discordapp.com/avatars/426787835044036610/ 866 B
1 KB 184ms
182ms Image
image/webp 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/avatars/426787835044036610/795ed0c0b2da8d6c37c071dc61e0c77f.webp?size=128
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 276ca42d64c33d31e62198735ffbbd2157ac986e09dd81622efc521d32930089

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 866
last-modified: Tue, 12 Oct 2021 23:22:33 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVhra9KqLoAfVd3gi1ue4zLqRdm80BCD8gxbA2DEz6t6zOFH2pF8Cg57iNtIBXTPs24LiglV2HkBB9TYuYgeCHMdgX0sIj5L0ZjsWyIhTpgMPt0OenuiNPxDy%2F2sYwn899sV%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8222cdbc58feb766-AMS
expires: Wed, 06 Nov 2024 04:23:55 GMT

GET
H2 200 54e4cbb551de9d9626271475cb8c89f0.webp
cdn.discordapp.com/avatars/383777390851260426/ 3 KB
3 KB 181ms
179ms Image
image/webp 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/avatars/383777390851260426/54e4cbb551de9d9626271475cb8c89f0.webp?size=128
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f84ee9095c47ab7f9e291e0bf2c5b20139120b6154869865f643dcf158abfae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2594
last-modified: Thu, 30 Jan 2020 05:04:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xp2D3uj57uEZ48DsUwoLgZMZ0KYITIoa4OEm%2BeJTECIxMT9A0Uxr2VVtJWH8IXKZuZLLieWTqOFEFHafNiLI909Ka88QrX26arqCattBUVu5kUkDFWIvsO%2B6OUKhHVHSQGVZuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8222cdbc58ffb766-AMS
expires: Wed, 06 Nov 2024 04:23:55 GMT

GET
H2 200 8d0c939cc20cb128d603268c3312f99e.webp
cdn.discordapp.com/avatars/673994042450903089/ 4 KB
4 KB 180ms
178ms Image
image/webp 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/avatars/673994042450903089/8d0c939cc20cb128d603268c3312f99e.webp?size=128
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ce82098bd4b9fef98645417574fecfdde5f5aa36eeaf5a0ff5d77c3fab2adb6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3680
last-modified: Sun, 05 Feb 2023 21:02:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5akiH6uoABEOEFCfdSc5haGkc9bCQ7KYtTXGuHrX8cmzj2X5DhbXVDOmTmfVpLakn5rz8IKqxgZMwUdc83LV%2BClube0firIrPuIBggY2NWjbCf6hwrkTn8YFDLy5lv1SevX2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8222cdbc5900b766-AMS
expires: Wed, 06 Nov 2024 04:23:55 GMT

GET
H2 200 b7dfcc0da7633dee024b77787f293913.webp
cdn.discordapp.com/avatars/497894401264058368/ 2 KB
2 KB 372ms
370ms Image
image/webp 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/avatars/497894401264058368/b7dfcc0da7633dee024b77787f293913.webp?size=128
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cea7c5128d7bd101addf2e3cc69c61eb4d30d37ea5b656ecb69906fbb5d273b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2114
last-modified: Mon, 14 Feb 2022 12:12:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tzVhYJpPzOpBLYBiR%2Be6wYhcaZCexYtyaNPy4%2FxZ6nZHGDCXgpxM7Csj5246EZZfNidqBTxP51%2FW3DGf%2BLWWRfrDj5vETFnDXFvG1ZfFnc%2BXGUUOCzQqedZqvCDAwiSykZqZAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8222cdbc5901b766-AMS
expires: Wed, 06 Nov 2024 04:23:55 GMT

GET
H2 404 91fb6f0d0544333ab46d9db88df2964e.webp
cdn.discordapp.com/avatars/440996323156819968/ 0
256 B 206ms
204ms Image
text/plain 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/avatars/440996323156819968/91fb6f0d0544333ab46d9db88df2964e.webp?size=128
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fb4ahIR09%2BNgHMSi9zlJAqus8y%2FX8SRm46vBruW21GNuKbUumfObtmjM3g8mjcuceYmxxlBxp9sQxtofn4OwnI8OcIb65W%2B9eC7h2JhmbFRbtzC1LfxvDZSRryUMl4UsGqDQlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8222cdbc5902b766-AMS
content-length: 0
alt-svc: h3=":443"; ma=86400
expires: Wed, 06 Nov 2024 04:23:55 GMT

GET
H2 200 14bb2ad792139ae16efb0c749cc9b6cf.webp
cdn.discordapp.com/avatars/369362004458078208/ 3 KB
4 KB 202ms
201ms Image
image/webp 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/avatars/369362004458078208/14bb2ad792139ae16efb0c749cc9b6cf.webp?size=128
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 381f1d9c7443e9228316c3b8bda3e4367b0bf35f53eaf98a0044d5f871528322

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3338
last-modified: Fri, 08 Jun 2018 21:46:34 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4E412Z2SLoE9%2F8tMn38Rw%2F0ZQml87AHxFLQUNg8sMu8hQM9YM4xbPZjfbow3AkgJfV40ICpb9yKOHhP%2F1KtL0zA6rs3hazPP1Ts3HSxBA2kNpWkeIrOgZy130Kh6mesvmk6g%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8222cdbc5903b766-AMS
expires: Wed, 06 Nov 2024 04:23:55 GMT

GET
H2 200 98bdd36f05fb452adeb6a37c1b5f0546.webp
cdn.discordapp.com/avatars/434556304661544960/ 5 KB
6 KB 44ms
42ms Image
image/webp 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/avatars/434556304661544960/98bdd36f05fb452adeb6a37c1b5f0546.webp?size=128
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c197d04ed78ea839fbe555c0cdf202558865e78303506f8d80a1f407b1fbc797

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22127
alt-svc: h3=":443"; ma=86400
content-length: 5454
last-modified: Fri, 08 Sep 2023 18:58:12 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BWjiN6%2Fa2NlE8IOE%2F%2Fs%2FYAQxCkOSF071vWuBgO6xX%2FpIhwQYgU8dqn3BIu3cXbgogf3Zhd5vR1ELPBoh8hO6l5wPoFAnhfXxEx5zGZkg4exfKgqn80xcEDRoP1eVsQUmoK0XqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8222cdbc5904b766-AMS
expires: Wed, 06 Nov 2024 04:23:55 GMT

GET
H2 200 fb6d2300a4d886032bc491c0e8269d13.webp
cdn.discordapp.com/avatars/438978127973318656/ 4 KB
5 KB 251ms
250ms Image
image/webp 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/avatars/438978127973318656/fb6d2300a4d886032bc491c0e8269d13.webp?size=128
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f37e3122e633840fdea4149de086a3cfb337f1e0be9633affda8a895d300972

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 4384
last-modified: Sat, 09 Jan 2021 21:48:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c6tggGQkrYosH3NtMKcbpLk2xloWA7RbgrebaT33Hk4xA1MpeZ9mAVSIR1sdqzUSjhc8lWTljsbhPdAqioiHLJoNO%2BmQTQUEncUneHtkZR9k4PA4G9b9URcxr89hW0ShVhclMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8222cdbc790db766-AMS
expires: Wed, 06 Nov 2024 04:23:55 GMT

GET
H2 200 84b83a87f8e7a1475f989cbbd76c48d8.webp
cdn.discordapp.com/avatars/213466096718708737/ 6 KB
7 KB 238ms
237ms Image
image/webp 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/avatars/213466096718708737/84b83a87f8e7a1475f989cbbd76c48d8.webp?size=128
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64d9f527c20617144ae91879044d0bd7a4a33b89043a4570209a59c2c6bb1056

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6638
last-modified: Sun, 10 Nov 2019 20:52:05 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h94jofjJ%2BD6VIdDkdjezEgHUSpgbZJ1QPKw7pTebaWjwyLVqSV5gI9S6RqFZmtobmMEtpCtqZC8zdiozZwYiwFjJ63UBTuUsmqJj1GFAYrl1gs3gEkIu3RcEYaanLMKtCjuTcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8222cdbc790eb766-AMS
expires: Wed, 06 Nov 2024 04:23:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
83 KB 122ms
48ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-22ZDVH10EC&l=dataLayer

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/_nuxt/2f74d4b.modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b789b0099a75ae7534a7aa0b6ea604762f1854574b7889f7c65d02fbe40c176b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84848
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 07 Nov 2023 04:23:55 GMT

GET
H/1.1 200
OK ad-manager.min.js Show response
hb.vntsm.com/v3/live/ Frame 9F28 998 KB
289 KB 134ms
30ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: e7c5597e016120dc62a12b39d743247757b04137995991365c908b58b7265923

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 04:23:55 GMT
Content-Encoding: gzip
Venatus-CDN-HB-Rule-Version: 1.1
x-amz-server-side-encryption: AES256
X-IP: 31.204.150.117
Connection: keep-alive
Content-Length: 295425
Last-Modified: Tue, 31 Oct 2023 11:39:03 GMT
ETag: "e02b07ea262bacb01924c16282872423"
X-HW: 1699331035.cds148.am5.hn,1699331035.cds268.am5.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Geo, Content-Type,x-bl,x-geo-subdivision
Cache-Control: max-age=48
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Geo,Content-Type,x-bl,x-geo-subdivision
X-Geo: NL

GET
H3 200 74bdde2.css
bots.ondiscord.xyz/_nuxt/css/ 5 KB
2 KB 39ms
38ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bots.ondiscord.xyz/_nuxt/css/74bdde2.css

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/_nuxt/911de2f.modern.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b162eb9b1aec97429267ca19ecd4d570dcfa81319ea067ac721b0766f6075ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 425397
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Jun 2023 17:04:28 GMT
server: cloudflare
etag: W/"1532-189081d0b98"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98MyeC928Ce2uR0c4i2UBTz8qMUHqAQTGySZxByivilJf2J870raoaI91a5oR4P8Jh8GYD8xSZVnrCkMFEHUXWo0mXAJnhxOqqzy9VafT0eY5h89QOHNaRtLzRdwG1cB%2Fdh4VTR8mmBjQdjmDPCLfuI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 8222cdbccb1b655e-AMS

GET
H3 200 a536ce6.modern.js Show response
bots.ondiscord.xyz/_nuxt/ 17 KB
6 KB 63ms
63ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bots.ondiscord.xyz/_nuxt/a536ce6.modern.js

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/_nuxt/911de2f.modern.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c58bc7b7e42f9b6989fbf9f898ade59b058c2aa4b3cd67bf11c9c1b11f8efaf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3080778
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Jun 2023 17:04:26 GMT
server: cloudflare
etag: W/"45b9-189081d04e4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J40n6AL%2FMiTeYly5BkRvJkiYB2m%2FYMBPbKftvwB%2B37vmshPqQdQrvjZuYAqfV0GvFF2HPALY%2BbyrL2PQjQc7kjD0MWq6m8L2%2BCAedyIi%2B9A0iRFBDCblOY51NCTFgLIg2wlGuXlBg3LFLDZJc0cpJ90%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 8222cdbccb1d655e-AMS

GET
H3 200 505731d.css
bots.ondiscord.xyz/_nuxt/css/ 1 KB
968 B 39ms
39ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bots.ondiscord.xyz/_nuxt/css/505731d.css

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/_nuxt/911de2f.modern.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

369947cc2d97d88aae069ee91c0beb194388fca51ebcb5e57532e8e275f85dc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20622851
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 17 Jul 2021 20:08:01 GMT
server: cloudflare
etag: W/"51d-17ab61535b3"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5GHDsNJm7HLaSXnUTC%2FSFfd6q1i0KdWM6PY7F2exQoz1hdBnptA8%2Fm%2FiazR5fN%2BxAKhCAV%2FX9St3kQIO2SNk4Wcps2lzRs49UgjuKbgBMa0o%2FQunVAEj5BNEDl87h%2FZDfxETCAL2qvUsQWX6cgPzik%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 8222cdbccb1e655e-AMS

GET
H3 200 a78004b.modern.js Show response
bots.ondiscord.xyz/_nuxt/ 6 KB
3 KB 39ms
39ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bots.ondiscord.xyz/_nuxt/a78004b.modern.js

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/_nuxt/911de2f.modern.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b84952afdc8a5690332be206eb49f6397086f76ba0b8e928d3f32877b12823f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11271803
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Jun 2023 17:04:26 GMT
server: cloudflare
etag: W/"164b-189081d0514"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1C7%2F550seluFk4QKwV5uS2Txcn%2BZf8IlRwEfyMWQz%2FFyhwikD91jazNArn7LNttq%2BCXJzfFN7V2GD%2FLIkbbb2opLaBr5n0ipL7p4oiGUzRw416opJJMMRyceGo3j8FUwnnYeC7uO%2BZ0I9zjKCo%2F2ec%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 8222cdbccb20655e-AMS

GET
H3 200 0bf1110.css
bots.ondiscord.xyz/_nuxt/css/ 333 B
656 B 40ms
40ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bots.ondiscord.xyz/_nuxt/css/0bf1110.css

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/_nuxt/911de2f.modern.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

808077d9874588fdf630260fb4ff110f27533b4d79dafe52d8141195b40d3cd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3080778
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Jun 2023 17:04:28 GMT
server: cloudflare
etag: W/"14d-189081d0a98"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oj%2Fr84jZGBQkb2On7E0sJHdrMvEspIDBVFjIOXdJRwItvETz0E5jkWKYJbGRYfzpUQgYG7XCMGi%2BJN98HS2vxndNHsRt7NaYFVvh3paCPrfDGK9MbaPk4S5XvWmavRDjdh1RI6qOdyV1%2Bzstadtz41I%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 8222cdbccb22655e-AMS

GET
H3 200 8566a6c.modern.js Show response
bots.ondiscord.xyz/_nuxt/ 2 KB
1 KB 39ms
38ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bots.ondiscord.xyz/_nuxt/8566a6c.modern.js

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/_nuxt/911de2f.modern.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1ea32c288c8caff6992542fee83decf318d4b6cd8d65b517a18b6d3401d360c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 606429
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Jun 2023 17:04:26 GMT
server: cloudflare
etag: W/"6e8-189081d03a4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDijDa2fvUFqkd%2BONwSTrEBT0GowVEXuFM%2FQ%2Br6caAIb35eIM1K8F94cIrmGhUfrIVJXrWhwKV%2B6N89UKpJtI3nVHPXjGnrMmuSDULEhMPhxwEHAXqO7DUlMmLLWWssVk22vgnxJ6SONbLKX3yywJCU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 8222cdbccb24655e-AMS

GET
H3 200 46fb1d0.modern.js Show response
bots.ondiscord.xyz/_nuxt/ 273 KB
85 KB 63ms
63ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bots.ondiscord.xyz/_nuxt/46fb1d0.modern.js

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/_nuxt/911de2f.modern.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b890a33d3d89e82d8f8fa44d51bf5f53a951c561c97010155a07651e6c74742c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 529815
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Jun 2023 17:04:26 GMT
server: cloudflare
etag: W/"444b9-189081d0264"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtma7Wab7cOrz0BgTdprlqNBqkewSvdgfplz%2FjJjVZGYLIMm5h%2FPs3QD81c8KSGJF0BzyUE7Ru9mnB%2FWDLTXkJqmqNh1mfHdn8BIZi4gGDMy%2B%2BZwQdMvs6SRM%2F9RJV7yMsqeGFTaiVIWIp0I%2BfSODBo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 8222cdbccb25655e-AMS

GET
H3 200 e63461c.modern.js Show response
bots.ondiscord.xyz/_nuxt/ 56 KB
21 KB 117ms
116ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bots.ondiscord.xyz/_nuxt/e63461c.modern.js

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/_nuxt/911de2f.modern.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88f9cffc12d1d60d1540474d63db5f88fd608ab94ca47cfd2c912b540b850923

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11272044
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Jun 2023 17:04:27 GMT
server: cloudflare
etag: W/"e095-189081d06b8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NW9HcKeKGOSgWMMJkB7axNP%2BssRd8616eqkmf%2BmBts5jNg7cRmyc0fhLq294D%2BaCHkS0kX%2BJrTANG3BT%2BUYKOJ%2BdJgsbsmB2EtPPXHQz6hVoucyd%2F9hgy3bBKdZVNixZ4RlsaSD%2FTRnAEgwO4U7Wpyk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 8222cdbccb26655e-AMS

GET
H3 200 7e05711.css
bots.ondiscord.xyz/_nuxt/css/ 17 KB
4 KB 39ms
39ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bots.ondiscord.xyz/_nuxt/css/7e05711.css

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/_nuxt/911de2f.modern.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82d2f03180c37b61b8a3111b8bf7bfc652a4e513070f522aec7608d725c55fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3092870
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Jun 2023 17:04:28 GMT
server: cloudflare
etag: W/"4598-189081d0c38"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lUwB1Iwjal3UmIU0k2BpAzi6M0YiYY%2FHVA6cVVNs4Wb0yeZ%2FvD2V6RJhdyq5D9s%2FlqDxBNxVgPg10iMHHE9ZeZySiozhltouhhzMheTTnLbVnI6WBgAmUc5aMiVbeF%2BDYpLEZfr5BnAlBJSdQ4fWRI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 8222cdbccb27655e-AMS

GET
H3 200 6fdedd3.modern.js Show response
bots.ondiscord.xyz/_nuxt/ 62 KB
16 KB 118ms
118ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bots.ondiscord.xyz/_nuxt/6fdedd3.modern.js

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/_nuxt/911de2f.modern.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

049f5ea5869d78b9cf51ba5cc27a16c51f3be88bec228214ea7d9c32e1b21793

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3046407
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Jun 2023 17:04:26 GMT
server: cloudflare
etag: W/"f7f8-189081d0318"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YtCZ86LFIkW5cyVnQAPlhdTe1OkhfrKY8GIjIJCpvqXM6qJ2zykVHy6Y%2FW3DxTmZUvvyAlAnywEkZKq%2BfgY6CoWNuDoT5tnefKmr6eq%2B8w0oAaGVMqf%2FdUGJIdyW8RLEmaL%2Fff1BHnK7X%2FZ%2FiHf2gQY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 8222cdbccb28655e-AMS

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 89ms
34ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-22ZDVH10EC&gtm=45je3b60v9130955397&_p=1699331035488&gcd=11l1l1l1l1&cid=1835142441.1699331036&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&ngs=1&_s=1&dt=index&dp=%2F&dl=https%3A%2F%2Fbots.ondiscord.xyz%2F&sid=1699331035&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2211
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-22ZDVH10EC&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:23:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bots.ondiscord.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 0.png
cdn.discordapp.com/embed/avatars/ 1 KB
2 KB 127ms
127ms Image
image/png 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.discordapp.com/embed/avatars/0.png

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b4a9c8f3fc1e08227a34e42518a289c6b1229bec46b32bd44e32a1038447d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1268
x-xss-protection: 1; mode=block
last-modified: Fri, 14 May 2021 01:14:12 GMT
server: cloudflare
etag: "1f0bfc0865d324c2587920a7d80c609b"
x-frame-options: DENY
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWMx%2FSnZbOPA%2BrGkLq5CIi67DDA9jQsE7qADlpgNnJATstzs5Zm5DpaI%2FYLmovzPY6hjMAS%2BzEkCSsCT1Q9mfVUaTHZekEmvoumnc8LdPQqz2p8p30M%2FPfvbO1Aqr%2FRdTTnfjg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
permissions-policy: interest-cohort=()
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 8222cdbdcf066566-AMS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp

GET
H2 200 content.html Show response
hb.vntsm.io/ Frame 9F28 32 B
665 B 532ms
449ms Fetch
text/html 2606:4700:10::ac43:2483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.io/content.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:56 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: 02EDRX1ZHAMB3WSR
content-length: 32
x-amz-id-2: Yyahx1p5e5Zqvgd1q9/2KvuptQ1G8dBVo89GD0vhSQhGnN1fZBfsz8HGkI/GUFbpysUMWP0qcEs=
geo: NL
geo-subdivision: NL-ZH
last-modified: Thu, 14 Oct 2021 10:47:47 GMT
server: cloudflare
etag: "2f58b9ff601fd509249a9e7628a21c33"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8222cdbebbcb06d8-AMS

GET
H/1.1 200
OK 5cffb1d8ee92ea1aac7a61be.enc Show response
hb.vntsm.com/v2/live/ Frame 9F28 26 KB
5 KB 99ms
45ms XHR
text/plain 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v2/live/5cffb1d8ee92ea1aac7a61be.enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: BunnyCDN-AMS1-879 /
Resource Hash: 68d8a8c0246dc64b70b76491f80c29080a995c3582fb83f0c4d8daf293398e69

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 04:23:55 GMT
Content-Encoding: br
cdn-edgestorageid: 883
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
cdn-cachedat: 11/03/2023 17:22:07
cdn-pullzone: 131999
Connection: keep-alive
Last-Modified: Thu, 13 Apr 2023 11:43:14 GMT
Server: BunnyCDN-AMS1-879
cdn-proxyver: 1.04
cdn-requestpullcode: 200
ETag: W/"a8143b0b627ba235e2f85f4253530def"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
cdn-cache: STALE
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
Access-Control-Expose-Headers: x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
Access-Control-Allow-Credentials: true
x-bl: 0, 0
Cache-Control: public, max-age=86400
cdn-requestid: 3db49ef12defff54c428e1f5cf65e0a1
X-HW: 1699331035.cds250.am5.hn,1699331035.cds250.am5.sl
cdn-requestcountrycode: US
Access-Control-Allow-Headers: cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK cookieTest.html Show response
hb.vntsm.com/ab/live/3pcookie/ Frame 1296 967 B
1 KB 30ms
30ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 5963155991ef6cccaa5ccde93b269c06161b4e36b2784be6028b78c954a3c569

Request headers

Referer: https://bots.ondiscord.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Geo,Content-Type,x-bl,x-geo-subdivision
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Geo, Content-Type,x-bl,x-geo-subdivision
Cache-Control: max-age=600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 420
Content-Type: text/html
Date: Tue, 07 Nov 2023 04:23:55 GMT
ETag: "d80b9831e6e7896aa97e84d70f49e545"
Last-Modified: Sun, 10 Sep 2023 14:04:21 GMT
Venatus-CDN-HB-Rule-Version: 1.1
X-Geo: NL
X-HW: 1699331035.cds148.am5.hn,1699331035.cds251.am5.c
X-IP: 31.204.150.117
x-amz-server-side-encryption: AES256

GET
H2 200 content.html Show response
hb.vntsm.io/ Frame 9F28 32 B
291 B 430ms
430ms Fetch
text/html 2606:4700:10::ac43:2483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.io/content.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:56 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: 02EDRX1ZHAMB3WSR
content-length: 32
x-amz-id-2: Yyahx1p5e5Zqvgd1q9/2KvuptQ1G8dBVo89GD0vhSQhGnN1fZBfsz8HGkI/GUFbpysUMWP0qcEs=
geo: NL
geo-subdivision: NL-ZH
last-modified: Thu, 14 Oct 2021 10:47:47 GMT
server: cloudflare
etag: "2f58b9ff601fd509249a9e7628a21c33"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8222cdbedbd506d8-AMS

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 110 KB
35 KB 120ms
37ms Script
text/javascript 143.204.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-4.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: x5VtTe.o38AhKNl9GXJ.IeIaII4uy0GZ
content-encoding: br
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
date: Mon, 06 Nov 2023 09:24:08 GMT
last-modified: Thu, 19 Oct 2023 08:25:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 68389
x-amz-server-side-encryption: AES256
etag: W/"b248cc9d0fdeb36bdeb7efabad1132ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 3yeVtaXAWPijd_JSB0_da7A0q53so_9ms5all7o12aV2g9XNAMlx8A==

GET
H2 200 px.gif Show response
ad-delivery.net/ Frame 9F28 43 B
920 B 107ms
35ms Fetch
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 537373
x-guploader-uploadid: ABPtcPr5SLhqqDvy-3NB0rR0x20GvLLhjdEti9bB1PEW9ZSI32Nmog4QSh6wBH-RXpQFqf_mQvPecoPf3Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWPbzBsw7u1FbcUVcDOFZT69rwBs6dsqg56%2BzEpX8UrqMUy0lrD1IJwUoBt%2FE839Evv5aIplzfP%2Fa4hs3ZqRZL77Rp3x%2FVgxrFKH7KokFa8hKgLskAALDKxDXYKjRFhkx85KorQ9mkmmIGHcCg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8222cdc22a7eb92a-AMS
expires: Tue, 31 Oct 2023 23:07:58 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 100 KB
31 KB 133ms
59ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71568a60c15b55d10dbd59382c6064cac66499b05d3f788e2db0a7d74a596c90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31263
x-xss-protection: 0
server: cafe
etag: 777 / 19668 / 31079372 / config-hash: 14006379532634456263
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 04:23:56 GMT

GET
H2 200 script.js Show response
cadmus.script.ac/d1oykxszdrgjgl/ 132 KB
47 KB 108ms
34ms Script
application/javascript 2606:4700::6812:1691
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab88e7c6f593fbee55363e747958c28063197ede0ac7e285e93d339ab2bda7c2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:56 GMT
content-encoding: gzip
last-modified: Mon, 06 Nov 2023 23:42:26 GMT
server: cloudflare
age: 0
etag: W/"10734d565678ddf2921d5ebb2074900f7f78b477"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 8222cdc3fa0e6646-AMS

GET
H2 200 static.min.js Show response
cdn.exelator.com/build/ 21 KB
8 KB 140ms
47ms Script
application/javascript 13.225.78.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.exelator.com/build/static.min.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a84968788428f98d340f10ada89ecab924a68eea26aaafc0c424edc981a7697e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: 13EhbDJXZCAdYoXnSII.9TQPnQd89SiV
content-encoding: gzip
via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
date: Tue, 07 Nov 2023 01:03:38 GMT
last-modified: Mon, 05 Sep 2022 22:25:32 GMT
server: AmazonS3
x-amz-request-id: BNX132RACVCCQ723
x-amz-cf-pop: FRA2-C2
etag: W/"a427037ef1482423da13ad8bf262d61a"
age: 12053
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Pr3usxSCa79IHLFntYDxKQzRsqgmyQA_tIDdNmT4ENmAxf_MRehjmw==
x-amz-id-2: 1jsU0lD/IkusNBR2NG2PoGRNvoCPiYUEOVXigc2vngb9GvMi38b1QUVvDMJembNzMklbL6cOLR4=

GET
H2 200 px.js Show response
p.cpx.to/p/13058/ 4 KB
2 KB 142ms
43ms Script
application/javascript 54.75.92.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/13058/px.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.75.92.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-92-23.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 961813c2cc407cc2f799d1d4b17e1bb11730d890608625f8b74513143614f9b2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:56 GMT
content-encoding: gzip
cache-control: max-age=7200, public
content-type: application/javascript; charset=UTF-8

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 135ms
32ms Script
application/javascript 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:56 GMT
content-encoding: gzip
etag: "0nVqEbFaTM2zzuiWgn9NwQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 14 Nov 2023 04:23:56 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/ 425 KB
134 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16a2002fe6073aa0708f1048d7e523b42f8043a72770e1c5782c7e1010ab03a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47028
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136527
x-xss-protection: 0
server: cafe
etag: 6152360919581633401
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 05 Nov 2024 15:20:08 GMT

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 177ms
111ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bots.ondiscord.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 07 Nov 2023 04:23:56 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 113ms
112ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bots.ondiscord.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Nov 2023 04:23:57 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
576 B 109ms
32ms Fetch
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:23:56 GMT
an-x-request-uuid: 5dfd7737-fa74-4cc8-8f23-29173c60e76f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bots.ondiscord.xyz
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.150.117; 31.204.150.117; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
424 B 139ms
43ms Fetch
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=0fkciot&fmt=json
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: bee76056c3723e2d41e467e1c0449067f594e9300ba287fdc5cd46d3cbbb931f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:56 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://bots.ondiscord.xyz
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Thu, 07 Dec 2023 04:23:56 GMT

POST
H2

200

/ Show response
mydmp.exelator.com/on-site-tag-load/
Redirect Chain

https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d
https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d&xl8blockcheck=1

2 KB
2 KB

44ms
43ms

XHR
application/x-javascript

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d&xl8blockcheck=1
Protocol: H2
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: b9759f1e125f4f7eea59286ecbeb593b693327e91cfc56eef697d5d3586f1294

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:57 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
access-control-allow-origin: https://bots.ondiscord.xyz
content-type: application/x-javascript;charset=UTF-8
cache-control: no-cache
access-control-allow-credentials: true

Redirect headers

date: Tue, 07 Nov 2023 04:23:56 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d&xl8blockcheck=1
access-control-allow-origin: https://bots.ondiscord.xyz
content-type: image/gif;charset=UTF-8
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 rules-p-Hwnr8j7tWA3Nu.js Show response
rules.quantcount.com/ 2 KB
1 KB 121ms
34ms Script
application/javascript 2600:9000:223c:ca00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-Hwnr8j7tWA3Nu.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ca00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b80a4d9175dc7cb05b42205ce1f8235139b7cc754653a82974f340dbb9bcf408

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 03:38:19 GMT
content-encoding: gzip
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2739
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 23:45:13 GMT
server: AmazonS3
etag: W/"25e2d4f54b5bb37c6c82b554454ef41a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: m1bBe8y60OgTMsOS4mJYHh5AOaFVEPIZM-W5A74NSIdCwHq17QpR8A==

GET
H2 200 edgekit.min.js Show response
cdn.edkt.io/rNn9xk/ Frame 9F28 23 KB
8 KB 94ms
28ms Script
text/javascript 34.120.111.33
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.edkt.io/rNn9xk/edgekit.min.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 33.111.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e6a480e9979510bf3e2106532dfdcc6e5ed40b8ac23cb4ab9db09b9292a33848

Request headers

Referer: https://bots.ondiscord.xyz/
Origin: https://bots.ondiscord.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 10:58:16 GMT
content-encoding: gzip
age: 62741
x-guploader-uploadid: ABPtcPowihwqXJ8oIKSJQjeNJfQ8jL7ZFbeUuvG8d8BWh_d5tfopOlKZMglgipdDZlRTgsnz5vZKyWSmj6BTVQ0UrMD3AsrF2OG_
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7873
last-modified: Tue, 31 Oct 2023 12:33:33 GMT
server: UploadServer
etag: "13bee7285781604020179f1a7e16fca2"
x-goog-generation: 1698755613237226
x-goog-hash: crc32c=ktXb6Q==, md5=E77nKFeBYEAgF58afhb8og==
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 7873
accept-ranges: bytes
expires: Tue, 07 Nov 2023 10:58:16 GMT

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame 9F28 4 KB
2 KB 110ms
34ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 04:23:57 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 06 Nov 2023 14:13:09 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 50119
ETag: W/"e90435520cec1363a82b67d8298d79a8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=603Ra7b74Er2UoEz5qtl8RrwaDIOrHiXxO5vltTVhx%2BlOwylg1xA6e4L4EUNAKWUNhjwfSnZUIFXRuLeBIfscnSLsC4JK%2FD1SMLD3ki9P7DcJkRxUgcM%2FtPtG%2FnHLm4pAE%2BkQPsFdrECgbsJ"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 8222cdc5a8260bea-AMS

GET
H2 200 pixel;r=10046592;labels=All.Author.Brussell%2CAll.Title.Home%2CAll.Type.website%2CAll.Description.Find%20the%20perfect%20Discord%20bot%20for%20your%20server%20with%20our%20easy%20to%20search%20bot%...
pixel.quantserve.com/ 35 B
371 B 42ms
33ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=10046592;labels=All.Author.Brussell%2CAll.Title.Home%2CAll.Type.website%2CAll.Description.Find%20the%20perfect%20Discord%20bot%20for%20your%20server%20with%20our%20easy%20to%20search%20bot%20list%2CAll.Description.Find%20the%20perfect%20Discord%20bot%20for%20your%20server%20with%20our%20easy%20to%20search%20bot%20list%2CAll.Site.Bots%20on%20Discord;rf=0;a=p-Hwnr8j7tWA3Nu;url=https%3A%2F%2Fbots.ondiscord.xyz%2F;uht=2;fpan=1;fpa=P0-1056198581-1699331036851;pbc=;ns=0;ce=1;qjs=1;qv=d48babbb-20231018122215;cm=;gdpr=0;ref=;d=ondiscord.xyz;dst=1;et=1699331036979;tzo=-60;ogl=type.website%2Ctitle.Home%2Cimage.https%3A%2F%2Fbots%252Eondiscord%252Exyz%2Ffavicon%2Fandroid-chrome-256x256%252Epng%2Clocale.en_US%2Cdescription.Find%20the%20perfect%20Discord%20bot%20for%20your%20server%20with%20our%20easy%20to%20search%20bot%20list%252E%2Csite_name.Bots%20on%20Discord;ses=b4f5b794-07ff-4ba9-9f97-db317e1a63c0;mdl=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:23:57 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 200 fire.js Show response
s.cpx.to/ 0
170 B 147ms
43ms Fetch 79.125.93.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cpx.to/fire.js?pid=13058&url=https%3A%2F%2Fbots.ondiscord.xyz%2F&hn_ver=72&fid=7c02112a-7ab4-4c59-b5e6-33d9465c3856&dsp=pub_common&dsp_uid=2660985c-95ce-4d5c-841b-56513435a70c
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.93.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-93-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bots.ondiscord.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://bots.ondiscord.xyz
date: Tue, 07 Nov 2023 04:23:57 GMT
access-control-allow-credentials: true
expires: Tue, 07 Nov 2023 04:23:57 GMT
content-length: 0
vary: Origin
p3p: CP="NOI DEV ADM"

POST
H2 200 log
onsite-tag-logs.apps.nielsen.com/ 0
264 B 361ms
110ms Ping
application/octet-stream 34.200.12.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://onsite-tag-logs.apps.nielsen.com/log
Requested by: Host: cdn.exelator.com
URL: https://cdn.exelator.com/build/static.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.12.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-12-10.compute-1.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bots.ondiscord.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Nov 2023 04:23:57 GMT
server: nginx/1.20.1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2 403 mw
mwzeom.zeotap.com/ 0
0 109ms
34ms Image
text/html 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=2c489d788bad3af3707ee97d743ddb84&zpartnerid=7&gdpr=&gdpr_consent=2c489d788bad3af3707ee97d743ddb84
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H2 200 sync
sync.teads.tv/ex/ 2 B
153 B 172ms
57ms Image
text/plain 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/ex/sync?gdpr=&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 07 Nov 2023 04:23:57 GMT
pragma: no-cache
date: Tue, 07 Nov 2023 04:23:57 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 2
content-type: text/plain; charset=UTF-8

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
148 B 44ms
43ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=exelate&;ttd_tpi=1&gdpr=&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:57 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
load.exelator.com/load/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=MmM0ODlkNzg4YmFkM2FmMzcwN2VlOTdkNzQzZGRiODQ&&google_redir=https://load.exelator.com/load/?p=204&g=109
https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=MmM0ODlkNzg4YmFkM2FmMzcwN2VlOTdkNzQzZGRiODQ&google_redir=https://load.exelator.com/load/?p=204&g=109&google_tc=
https://load.exelator.com/load/?p=204&g=109

134 B
134 B

44ms
33ms

Image
application/x-javascript

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load.exelator.com/load/?p=204&g=109
Protocol: H2
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: application/x-javascript;charset=UTF-8
date: Tue, 07 Nov 2023 04:23:57 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:23:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://load.exelator.com/load/?p=204&g=109
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://ib.adnxs.com/getuid?https://loadm.exelator.com/load/?p=204&g=013&bi=$UID&j=0
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Floadm.exelator.com%2Fload%2F%3Fp%3D204%26g%3D013%26bi%3D%24UID%26j%3D0
https://loadm.exelator.com/load/?p=204&g=013&bi=1847208509865094125&j=0

0
1 KB

44ms
34ms

Image
text/plain

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=013&bi=1847208509865094125&j=0
Protocol: H2
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:57 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:23:57 GMT
an-x-request-uuid: a0d2d652-9b17-46d0-9d8c-e5442b8d7f5b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://loadm.exelator.com/load/?p=204&g=013&bi=1847208509865094125&j=0
x-proxy-origin: 31.204.150.117; 31.204.150.117; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 script.js Show response
cadmus.script.ac/dahhc4ozyvjm6/ 132 KB
46 KB 32ms
31ms Script
application/javascript 2606:4700::6812:1691
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22a0472acda15e020a66b6b55bc450a70f902eef0effe44db5ac864f027c68ed

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:57 GMT
content-encoding: gzip
last-modified: Mon, 06 Nov 2023 23:42:26 GMT
server: cloudflare
age: 0
etag: W/"10734d565678ddf2921d5ebb2074900f7f78b477"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 8222cdc5db0c6646-AMS

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame 9F28 77 KB
24 KB 164ms
111ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61496aa1a9c3d26cfc292b41fc451a597a47468117c1fb258226a57296390433

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 04:23:57 GMT
Content-Encoding: br
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 06 Nov 2023 14:13:08 GMT
Server: cloudflare
ETag: W/"ccc354615ffb5b4afd96268bab4a6502"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8jJUzaZpCly1ifRD0nDJWWLyh7fayPmz2%2FKivh2qK%2FDrXkMzNXdC9jtiRLhY9OUQ%2FSA6BOlrQ%2BGjuCHuSy2MEEVCBCMl4n5TSZcwDXAmTmzPXPmNl8BdmJ1CznuKc8xOLAz%2FPmZnqohbl6zp"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 8222cdc63ee31cc2-AMS

POST
H2 200 track_enc Show response
track.venatusmedia.com/dual/ Frame 9F28 16 B
167 B 144ms
43ms XHR
application/json 63.35.1.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.venatusmedia.com/dual/track_enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.1.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-1-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://bots.ondiscord.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://bots.ondiscord.xyz
date: Tue, 07 Nov 2023 04:23:57 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

OPTIONS
H3 204 1a
i.clean.gg/ Frame 0
0 112ms
111ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bots.ondiscord.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 07 Nov 2023 04:23:57 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H3 200 1a Show response
i.clean.gg/ 0
15 B 113ms
112ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bots.ondiscord.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Nov 2023 04:23:57 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 9F28 0
173 B 98ms
26ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bots.ondiscord.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 7a
date: Tue, 07 Nov 2023 04:23:56 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://bots.ondiscord.xyz
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 9F28 0
197 B 80ms
27ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.35.0&cb=3806145973&lsavail=1

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://bots.ondiscord.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bots.ondiscord.xyz
date: Tue, 07 Nov 2023 04:23:56 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 9F28 12 KB
6 KB 299ms
115ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=2&alt_size_ids=55&rp_schain=1.0,1!venatus.com,5cffb063f44df421a04749fd,1,,,&eid_pubcid.org=31ec0396-8a6d-4931-b95a-3e0f17966884%5E1&rf=https%3A%2F%2Fbots.ondiscord.xyz%2F&tg_i.page=https%3A%2F%2Fbots.ondiscord.xyz%2F&tg_i.domain=bots.ondiscord.xyz&tk_flint=pbjs_lite_v7.35.0&x_source.tid=5d0ceb3d-f2ca-420e-ba0e-a4e76577239d&l_pb_bid_id=6cb292f4f5d977&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2FVM_5cffd4adcebc5d60c81f9292%2F1001&slots=1&rand=0.9747349878544085
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d07a56138007d1b4b4141755e07e1105cbe55ccde37b61a95d64d819a0c0e2a6

Request headers

Referer: https://bots.ondiscord.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:23:57 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://bots.ondiscord.xyz
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 9F28 94 B
504 B 145ms
84ms XHR
application/json 216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.35.0
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: cab81128d683b525fd463393a3345651877653d87070990027aa84bbfc1e6ef0

Request headers

Referer: https://bots.ondiscord.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 07 Nov 2023 04:23:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://bots.ondiscord.xyz
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame 9F28 36 B
549 B 113ms
52ms XHR
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=171882
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5830720f0eba5a4ceb378c5169f002d2c60a4e5e243863cc9094acb571b0a3d6

Request headers

Referer: https://bots.ondiscord.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:23:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjcJZYwpliNm3wPjj36e6Wnk5ikaMVrMZxusQjhRrUxWuryClsyL8dFgTRhuwDC0cT3qvKrpjK48U2qATeY%2FNalm%2FvQ3h2jvefMJjORziDC3NX7jhDYoZPQeJmPb8jk%2FtU%2Fs17T5"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://bots.ondiscord.xyz
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8222cdc6d9e206c8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 9F28 14 KB
7 KB 290ms
289ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4af91f30fc468ad26771dd6236f27863327ea3bdf382c78441c1ae928d1d8378

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bots.ondiscord.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:23:57 GMT
content-encoding: gzip
an-x-request-uuid: adfd46c4-7321-4949-a063-f6aeffaafa11
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bots.ondiscord.xyz
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.150.117; 31.204.150.117; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ Frame 9F28 1 KB
1 KB 326ms
104ms XHR
application/json 69.166.1.9
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221471a28c77241b2%22%3A%228e95c2151bcd41d7c724%7C728x90%2C970x90%7Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fbots.ondiscord.xyz%2F&s=60548bbe-aac4-44bc-a78f-115748b54c31&pv=6e287651-66dc-4366-a9b4-b8e8d8155358&vp=mobile&lib_name=prebid&lib_v=7.35.0&us=8&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fbots.ondiscord.xyz%2F%22%2C%22domain%22%3A%22bots.ondiscord.xyz%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ondiscord.xyz%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.105%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%225cffb063f44df421a04749fd%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%2231ec0396-8a6d-4931-b95a-3e0f17966884%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2231ec0396-8a6d-4931-b95a-3e0f17966884%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

5a8b2679fe5ad42e5de486f08b48a3bfee841c678f602d5bbce05c775e5119f6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bots.ondiscord.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:23:57 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-107
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: application/json
access-control-allow-origin: https://bots.ondiscord.xyz
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 524
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 pb Show response
ad.360yield.com/ Frame 9F28 0
104 B 143ms
42ms XHR
text/plain 54.194.173.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.194.173.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-173-136.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bots.ondiscord.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bots.ondiscord.xyz
date: Tue, 07 Nov 2023 04:23:57 GMT
access-control-allow-credentials: true

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 693 B
369 B 268ms
267ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=213383934110282&correlator=1351353328605669&eid=31079469%2C31079372%2C31079467&output=ldjh&gdfp_req=1&vrg=202311010101&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A21825766316%2CVM_5cffb1d8ee92ea1aac7a61be&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1699331037532&lmt=1699331037&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbots.ondiscord.xyz%2F&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=1835142441.1699331036&ga_sid=1699331038&ga_hid=580542761&ga_fc=true&dlt=1699331035263&idt=1671&prev_scp=hb_pb%3D0.09%26hb_adid%3D5cffd4adcebc5d60c81f9292-1001%26hb_iv%3D1%26sv%3D1%26re_ve%3D25c8b1af-v7.35.0%26pg_ld_id%3D4f3c641b-b69b-43a2-adb1-6fd700d7fb12%26mo%3Dscan%26ac_id%3D5cffb063f44df421a04749fd%26si_id%3D5cffb1d8ee92ea1aac7a61be%26pl_id%3D5cffd4adcebc5d60c81f9292%26co%3DUS%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2023-04-13%252011%253A43%253A13%26ta_si%3D728x90%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3D57714196-7171-43be-be95-f9fcc8b263d1%26tpcs%3Denabled%26st_ty%3Dhorb%26bf_br%3D31200000%26af_im%3D31200000&adks=63448233&frm=20

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38a209aafec14c64a67383f6d3c9cef3341f7f62a18dae03b7237de256351e15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:57 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 339
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bots.ondiscord.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 119ms
47ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311010101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311010101/pubads_impl.js?cb=31079372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcc9adf0759036dd15f1019cb54534e04e91db5080fdfea8b33e3e3c911cc5fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12145
x-xss-protection: 0

GET
H2 200 container.html Show response
1085f8ea7d1df457a81c99a0197c8745.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FDBB 6 KB
3 KB 203ms
59ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1085f8ea7d1df457a81c99a0197c8745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bots.ondiscord.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 04:23:57 GMT
expires: Wed, 06 Nov 2024 04:23:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 117ms
44ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 04:23:57 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A4BE 13 KB
5 KB 35ms
33ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bots.ondiscord.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 22745
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 22:04:52 GMT
expires: Tue, 05 Nov 2024 22:04:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9996 829 B
1 KB 194ms
70ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

93b4ab839417f8c723a349069dc12b99161bf02c2db42b9667aaa5930a99cee6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zCJF8vJwLRPXqm0Gvztk8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bots.ondiscord.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-zCJF8vJwLRPXqm0Gvztk8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 04:23:57 GMT
expires: Tue, 07 Nov 2023 04:23:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6762 479 B
535 B 117ms
44ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMu2VBCM4XAY5JjkvgEwAQ&v=APEucNXoS2IRo5Gb72nW4K28_kUnyZ8bFjHCZHrzxKTJ_eouH2KeqRA7fd_NlwROOTECKr0tg1rLGqPbC-Q3C6MwbX7JpmOtg-wB8ea6bVp06aE2KrIuQrF9X2Wir2H9s0Vw9nJ9bsVxZO1PljtZ3mPfcJQAoVh17lVtZcjRbPQ8086xijGxQf4

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6b39190993e85b1795a44137f4b4bd8ecc562296a6856436a493804b2c4510a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bots.ondiscord.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 179
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 04:23:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4032 89 KB
31 KB 124ms
57ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 04:23:57 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4032 42 B
63 B 146ms
79ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DxXMHWlg2sxL3BxrKZxVB4zInqZAaXqWa9eNKdxkf4rvyM3UL_hf5NNdw_BrcmaLCCLqd2U7P4CzLgZTW8GXSErAsvBqsWAfSQR6OggDK-RlnrPOU

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:23:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4032 0
20 B 146ms
79ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=18131844307717185421&x=8&ct=76

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:23:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b47c41f3-3a20-4fa9-a184-cdaa5db1ecc6
beacon-ams3.rubiconproject.com/beacon/d/ Frame 4032 43 B
227 B 163ms
28ms Image
image/avif 2602:803:c003:200::37
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/b47c41f3-3a20-4fa9-a184-cdaa5db1ecc6?oo=0&accountId=13762&siteId=160026&zoneId=767258&sizeId=2&e=6A1E40E384DA563BB98D7D90C1B2E82C55FAA0789C17ADB766AAC68643EDF150011DCA75CCD2DCF37A4EC88494F7E8C57A3220A15E3EC91D60D34A80C47128C2468845B93803F16E1B812100FDAD04F786E88ACB4336A1BF0CB24B8BEDDA2375204151E9FC48F45CC7EE2BBB14F7BF971F7CD3986C54CD8027A12157CAAC507B4E6FC96756E5E57134C9E0E0D3CD3F90E58DD6181FC8482475EC0A95753132A0ECAD71B4C57E6F13A6DFBBD7C32492DFE724129D654F43E7CDA10306204D320B

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c003:200::37 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:23:57 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame A4BE 38 KB
15 KB 87ms
33ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 20:13:02 GMT

POST
H2 200 track_enc Show response
track.venatusmedia.com/dual/ Frame 9F28 16 B
166 B 291ms
291ms XHR
application/json 63.35.1.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.venatusmedia.com/dual/track_enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.1.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-1-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://bots.ondiscord.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://bots.ondiscord.xyz
date: Tue, 07 Nov 2023 04:23:58 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame 6762
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESENrcCe9UVD_rI8TFtHbNYyU&google_cver=1

0
235 B

121ms
41ms

Image
text/plain

184.30.17.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESENrcCe9UVD_rI8TFtHbNYyU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMu2VBCM4XAY5JjkvgEwAQ&v=APEucNXoS2IRo5Gb72nW4K28_kUnyZ8bFjHCZHrzxKTJ_eouH2KeqRA7fd_NlwROOTECKr0tg1rLGqPbC-Q3C6MwbX7JpmOtg-wB8ea6bVp06aE2KrIuQrF9X2Wir2H9s0Vw9nJ9bsVxZO1PljtZ3mPfcJQAoVh17lVtZcjRbPQ8086xijGxQf4
Protocol: HTTP/1.1
Server: 184.30.17.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-243.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Nov 2023 04:23:58 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Mon, 06 Nov 2023 04:23:58 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:23:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESENrcCe9UVD_rI8TFtHbNYyU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 6762
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFJxbrQRARBMHSI6MTWrGo&google_cver=1

43 B
336 B

51ms
51ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFJxbrQRARBMHSI6MTWrGo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMu2VBCM4XAY5JjkvgEwAQ&v=APEucNXoS2IRo5Gb72nW4K28_kUnyZ8bFjHCZHrzxKTJ_eouH2KeqRA7fd_NlwROOTECKr0tg1rLGqPbC-Q3C6MwbX7JpmOtg-wB8ea6bVp06aE2KrIuQrF9X2Wir2H9s0Vw9nJ9bsVxZO1PljtZ3mPfcJQAoVh17lVtZcjRbPQ8086xijGxQf4
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:23:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0o%2BdmJ29ZW4PSt0oWy2paRtE7iHTagyNH1NZHBP1c0Py4o0tE5iHxkd5wNd0ErGxYqReSniL497oyMy0XHDEr3QIa0NRtqAdFLgAqct1fyrm8HXn%2BJUe1%2FoF%2FCy5GaHGWRkRRQViOuHZqg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8222cdcbed8b06c8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:23:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFJxbrQRARBMHSI6MTWrGo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6762
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUm73gdEGnITRHirpBtlRAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFJxbrQRARBMHSI6MTWrGo&google_cver=1

43 B
767 B

51ms
51ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFJxbrQRARBMHSI6MTWrGo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMu2VBCM4XAY5JjkvgEwAQ&v=APEucNXoS2IRo5Gb72nW4K28_kUnyZ8bFjHCZHrzxKTJ_eouH2KeqRA7fd_NlwROOTECKr0tg1rLGqPbC-Q3C6MwbX7JpmOtg-wB8ea6bVp06aE2KrIuQrF9X2Wir2H9s0Vw9nJ9bsVxZO1PljtZ3mPfcJQAoVh17lVtZcjRbPQ8086xijGxQf4
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:23:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irc74cZBGkCyRnJWcz3F5KZIlPCeeiqxkqK6UcaRjkrUyiNq05ReQ45mGFnCbqV5qmyjfj%2B91ldiSLOwqLXTWJPT7UN%2Fsu0k2DA1UWrU3sXt13zfVQgyoxYrroxdKKlOdtsVI3R20yQRHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8222cdcc991f662e-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:23:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECFJxbrQRARBMHSI6MTWrGo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4032 0
20 B 67ms
67ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5787800056680&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:23:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4032 0
20 B 67ms
67ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5787800056680&version=m202309260101&ct=76&x=8&cor=18131844307717186000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:23:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4032 92 KB
39 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DWhgX5pignuKzsle45zbhJQ4Gi5xe9ygGz5oWV0pw_moauZ7fUHaigqapArXLakE3eEmiay4XxHp-KC5bw-kxhJm9AyJ2execLq7exBx_c2O1VZf0L2BeAR9F-PFxe11B61Fc_jZrNNCifK772ab8svPAv3XdNI-Tek_a0Nfl0vj4WOcA&dbm_d=AKAmf-DE0lP6wEfqrxtUXosxGgJgPAhFfG88aWDZHGx0BRuaCHiNeB2pO658cb9L2YB2kNlW6IKAzRfu_VuqAX0f-uwNeikNr2FMNng2i6Lt6crJ-WROrYUIYtvP6BFEImCT7reZkGZAxbHo8VnDL5s6bU5on6VCKyPvbbMgB2kTnd630EdPjpxjW1YSfQOIz3yVzLFxDl3UeQzlLSyUSTCEz0w74x1VqLrOul5mLmAL9hbVvm0npEaJj-6jYpS8IWV8G16W-G5621UH1nXvuHsb40eoAV0L-nrCEMYBP9W3UUG84SsXpzqxB4RdSC9X9YRZKOAp5RoKQ1Sf6ZWA0dJR1B8VceCQ49THXU_dAh7AoL27FmiF0y5VvGaG8nnXxccVxTG4NHshO0hOIrmpKH95NRk4Ej4JWTGgBnipsopCuOkvMaS2pVqvzRaqC6i3xSTdrUQdLT0Kp0_m0qeTW2n73z60v3GYUpqQyFJQM7olSIL_YXaJm-KF4KTPQaP-iMf3IAPxJcfha9uPebaeBR2Se_Pm-yjzL_l0k87P1KQ7RMHp_F_IaDcf_cGnS7XoDaiuMh2iTgE6QKxm_jAsaj4EBby9GvzG4n5kUbhqRgJYgO5t1uRgtAcrVZw4yezOFzK_lRPMit7nGc6ptcszFtH5VpfqKziXmzeiZXKmNfYTXX-kNzTXr9-JS92EWIRUMQ5qiSBkHS7jUvXk-Tja8-BibUACJsU_5c3HIvfaTamxSzXb43WEA98Kvo6Bir7XMAOsrHUOcUvmPmVey-tLwV-B89vAtWMRJ9vWbI58rxRpJ1_jG9ANDhScxifx6EbGFKAF7GL80Iby0Qe9xjQBnHddfu_wGnCithpjDFsnL9tzWmsYBoONFFIL4KBnHuKC-y7pSeptAncXAWCzbsAxkJRvkeGFx6eBG8ht2hpMBKq_CItNdF-PdBOBauSY0qTxeF4G_KxlRU39OnxfyEnQGfKKzsegGlO7UfMXLbMQOel4A5jbK_fQTkFZUfsLUGP50K-zqI9TVXcSfXJ-J04u9c9aYWTJ0bkamduDOp2MuOirCdnGD83_X43VgdH76VCXAiqFZg-X0PNJ3zzUchVN_ewyELTDaU7xtttftmoW2MiPl5ZXi5L-SJAH2g9l299cE0NALlX951S3er5nxByBBxCcmh_pZ1wcZs3hbhGnFo0ReDRA_mrVPcTXiqKmtRFCwzIz_o_HT84rgQPvqUCh4elJCbBcluW-40sNnkrCaDKZdO_TjJWcMdtccwE7KlZfi32bc7IWabRiTef0DYlJCOpuSNZ02V5hNIfwLqMdX-mEuDnwGG6e7DjSjbsMMejfBmQcgJZ3VvL_a2X-DmSX23feqFNQv9bD-UeEUmu8bkstOgsDpZunEs2z9tv7hZhBZ9jOzZHDCM72igYJi0Nyrv6m7PaWE2pPSYJtLl8bGYYCdzFXdVS3JbFBQxdMjsefNbEhERcEGSY8f6Lc4ym5UeK9OpQt0Gh-mTNYYeem2_FU1_TTepbD9tszp4j-l-_xG-aOs4KHxjNqejXVTeOTbbhDcV5PB26fYTvE-rF_kPSgl7A0gKcoCqlLSas1ukeLAk32Yy3pb7giOtgk1oh8LYrRxpmkIrzKQVUk-pTcPY4zhTI6ERbuVeTdT7w6HaAOxA9droWDbnS9osnMUx4WW8DbAQcrBAVJePn5DV5Tjoq1YPzZU1AtTsw_Ncrpx6KcUEgiZuH-OmGJH9mXuP0CMN4hPa_sDkl7TzxUTlefaI-9QYoO5zO_Owg5Krlim-ALORoAZ1sCY1Sni3ert6vwxIdF30xOA1AXXWLrUKItKC7WyHGMn6K2oOJyUERciz_mEUuhYSsXQHnndk4epD7UogjK7tOa8rr7siIBtcPiy1kbjrPaFAaSnG1gb-PLuAUg51EU2V2tNt91yp9EkYYeXPdbTSgOCD6MasYhyVQMYe_DqwAzGkFnzae3CsVHXwYFU0qgklcdINK1UaDwlgA68O4ji6gr-ytwi46Ad4kn8EL0ia4hpsMguJXPaEk1HWweoXaT-IxglThKFALhiInvhAZlKZvXKeFHXvH3IQ026R6482N1dXNnRDBScLIFSKoCMijU-w1Y0gFH1_ov2LcFPlzwMi_y-ZIUaB06B9rMByIChirNBKyiUqKgH8UXTLIR9VfQ1B4AEFFYQd-_EgHWxub51y9W3pm-X5_m7jtMswqsnc4tH_ij5LVAhGecuL8y6v288XCX7W7mI-eICBk3-EDOY5I719PVyviP7oAalG_aOMgOfY_QuKZzny-mDrKg3OwViSt-xob9J_aHwa2eSVFjvQNLPKjAwmDjS6LQ4hSViHbflk9rt_STPkBocjoykh5g5u0NXsiszWQQSHsFn3Snjaoza85bU2mzOuhqy_cD-Uxh9EjvU1sRd259zB14SHYGvffKsUn7KNw6I232xy8-Jw14SgduWV3pEVIdmTDK-BM5P1M7xJ32EtFxbIePlOqjKzZK749jdD6l4uf0v55eOjBR1UtmyAx-AhzooChmZJZEldZuGwQW3m_x2-_YzHesMDhFEI0IvK776DUotO2tnKcdgy7ebwemMbFEEp1Nwte8JWTMZYK8JMJ60q-52GCrLgyNh7Ulu0LYDY6oSa4Aad3CInzw_XcRgR6Tc9J0bPk33Qsce1lEpCiQwxr7Slw-iaZyePmB3a1o6E0p7lx40WR_n97tyNznkO2_8g_D5L6-H-eqAHTsMiNDcjv_drGrwbW2CW_tgWVbXKvn9ghWuP2L_X3ytFP6NyJHeHC9XtMn2DZZJpXVwAfmZq_x16e6SGEghbUrAcNtFFVH8GnaMvSnxOsFsD0iAzlzYmBuyzqkM0fUPQAWa7HbQE8RvLs87TUrwwJ_LeftD_Izt7bQ2GKejZDNWxfpqZV9EmweMb_d8eyiVkjIiRb7ujBCzTTF_xwoUyusoWiKHFg2X18GQpNEXIAO1z1YsTrx9iyBWlABa8W_aqDsx9PI8mX7Uefd4TSiRSWKdco1xr7sEXpHAFrmfFtx21I3dEnIa3CoAudRrPFzjhgJwRVe3u2hCyRCMKKqkh8fiIhBXA0c44HfbCUFfssnECMo3K2BZTF5wiVeUpr-31EwKPN4kfA-qx6yx3u5HanAI44_9oxJFCe9WsBv5ihfnDSHq4AXm-E-eTamOj4N-AQc93SeJuNMb8vZ9s780t81kkENHQJIo8JOTkpiu4_gS0-f-lACtWtyT-c98bzoCy8NEootvDOAV8QWbwfbHVnYycrvxBOnUE6tzF8dVvw8snNsaHu91NN6EKOSfI5ZmIo3EnHOP_Kp2D4KXIXccCxf&pr=8%3A2BC04631BCFCF012&cid=CAQSMgDICaaN5qbXJJL9hzFes8Yg-1zyZxRIO6-HTz3A3KFj7gtcHFKRtqD-vWVdO0hpZl6aGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fbots.ondiscord.xyz%2F&ds=l&xdt=0&iif=1&cor=18131844307717186000&adk=3563376826&idt=146&cac=0&dtd=15

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e76d3690ce84416dffe717b20671d42b1db9d5b417bf75b5f844c8ea9cedc0a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:23:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39149
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9996 0
0 66ms
66ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311010101&jk=213383934110282&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A4BE 0
10 B 33ms
33ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0oZxEg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4032 111 KB
39 KB 134ms
32ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bots.ondiscord.xyz/
Origin: https://bots.ondiscord.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 02:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7296
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Nov 2023 02:22:22 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/ Frame 4032 11 KB
4 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/omrhp.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:48:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48907
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 14:48:51 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/ Frame 4032 31 KB
12 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/abg_lite.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 17:38:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38744
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11881
x-xss-protection: 0
server: cafe
etag: 5723174479369309319
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 17:38:14 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4032 41 KB
14 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Nov 2024 06:26:22 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame D32C 281 B
555 B 114ms
32ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=nl
Requested by: Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://bots.ondiscord.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 07 Nov 2023 04:23:58 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 7497 38 KB
13 KB 34ms
33ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bots.ondiscord.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 79056
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 06:26:22 GMT
expires: Tue, 05 Nov 2024 06:26:22 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 7497 38 KB
15 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 20:13:02 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D32C 46 KB
13 KB 34ms
33ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=nl
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 43b28e8c3e5b0d5d16164fa7f1157715d24011825c1f47bac04607f975b0f3e8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 04:23:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Nov 2023 13:55:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=34289
Connection: keep-alive
Content-Length: 13280
Expires: Tue, 07 Nov 2023 13:55:27 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame D32C 7 B
380 B 159ms
35ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4032 190 KB
60 KB 131ms
56ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 04:23:58 GMT

GET
H3 200 5.Auto_Prospecting_Besparen_USP_Vergelijknu-1-Dutch-728x90-637764744800027629-9d594784-610f-4f7a-9a9b-a7719e97e20c.html Show response
s0.2mdn.net/sadbundle/12950889301880602624/ Frame 9738 4 KB
1 KB 156ms
33ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12950889301880602624/5.Auto_Prospecting_Besparen_USP_Vergelijknu-1-Dutch-728x90-637764744800027629-9d594784-610f-4f7a-9a9b-a7719e97e20c.html?ev=01_250

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

150491054e2f9e12029d434af8217dfa346261c670c3c6d53ce59a4da5d9325c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bots.ondiscord.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 216525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1419
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 04 Nov 2023 16:15:13 GMT
expires: Sun, 03 Nov 2024 16:15:13 GMT
last-modified: Thu, 30 Dec 2021 15:21:37 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4032 0
0 255ms
107ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssa9mKacoiO9KcXKMVfSzW8qcY_M3LJr64qn2NTHgQcVGHp2M-vDtnupwN0XInc7EamCPoNgsKSZX706KV7eAo6LUTaxggbptXheNGhx2RNQ-2GNolpJKvdFsNbouS6V5h7YOegInp-GtI26dvlVvaCoPF3MSqEiOVabN4dwN9I3xc5guBlt3AafCJ6LSiouiZiJly7Zvg6Am5YSBy0yYR1CW0A042evIPba7JD7CU9-L81CmNcR-CCKbOLrfQA1vDrIbrT03m_wZQne2BRKJlm-fd0sKdghldYaUc3gp9BVFJVkhM5Z0whLqZAQc3lrN3qt-rFiDvr6hB06bDfhcNiLVJ21dXfJCfP4qYLAHPLTgNVXhxW8UudHMbYs6fLewqHKlgSSYcWeyendtFlQFQaXNEFh_5jZLHQZsIpHnEqcFaqh5vXdgxZHYzq-NrnnnQTHyQWfBPTLhszmu1b13ii9vZ67BCaLmBpPCjcbNjRUMPI-jQn7Y1SRlLom3xgjSz04BMh9E66NsVnfctdkPheOWuxvMja9v6DFpKNNPz9tDsmX9SEvEqE-PLmHx2wr0IVEPL93NP6uOHtNSjKjeVcpWiRJwbitT0_2QN5zm2bxYmJdODTg9UQV75Pr-7VCF5Yyg9Cp2SIolNt_TGHrlqnK0laxKAxBn7dxZ7fSLDu9kcHw6Ac6xO4imriWHrvVEbcCU5NMhhH4mqQ9FXMoqpzh_6thMudrAPT0UhllG-79Jw6024og1gdYWooko3n6hoIU0Bk0gIgeg6nN7xNRDUDoqTHrQxnRYFzjc0nA9Sh3dpgx4iv-LfNhAHmC-R61ZrpKL2IE2wayNfwzBVBOHwXZjuEAgbG_pP6QCp7YRihSRhU-_cBcKoBPmJFIpnTM_Ab-BojXYYFoLB0_PPl5OA2KShUzfzsYNGMPNOtgK6uVA9jXxRpoC3RrjrEfGsDyfinPVz0AwpyqMSBuilZ9cpruWQ6bcjpX5GR2MqKaJtQ5IEGdSauRPhU1YX03WXX0qkTdM6nKBFulplq0W7-rT0CxdonGy37mpE4sDiJGT4GT7OvvyhUzE9T6SOeNLmd5hUWuebBprw0EdM1BNU3Z75CambYJ_bhopAmGk2TV1PHvTZhyriCrc0BGIgVIuW5bWp2ssVyX2qqS6BHnzPlay1UObGlsvshnTLLPO8tpQjujYj6c3OAhQ5EeDk3LAaajRroi7xVUa_147Xpkr7kiCevS2ycXbE-KPVWk9Iztqxz0PwD10hznvGaTfrF32KjeVjJgNW3nQ&sai=AMfl-YRocjRtQEvMcE1x7lNj2DEviIYnz5Ql6dBrP1mHPa7woHtQnxQn5UvII-3Ijzp8G_sK3pjDtE0gvN5OH6KzdJHAR5rlP6SwhEcG8vbTU9T6zi1GtdiZh2gomKxVNMTYDFVVKP4A0QIpYlS3qHvnxsIDsk3-ZqHybw__R_qq-F92KzNLIsa1kkmo0NowNnPN_6cSnmxLYqBLKXec55MPO8pcKwApE4DYzodRLHZOE907mfN65HYHB_D8Hz9Yg1Z1P-ZgeYZ3wG00UyLoDA&sig=Cg0ArKJSzN0gsAYZlc3sEAE&uach_m=[UACH]&pr=8:2BC04631BCFCF012&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=212&cbvp=1&cstd=209&cisv=r20231102.42295&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 07 Nov 2023 04:23:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7497 0
20 B 70ms
69ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B0Htu3rtJZbPAA5u69u8PtvWgoAMAAAAAOAHgBAI&bg=!8vGl8b7NAAb4oU7C2KE7ADQBe5WfOGgaOjU6xOF3NwziyTnHOIGk6BwN4GgRc3RnPaqXrwOkgqBoc4L16so8MVw1Di20AgAAAE5SAAAABmgBB5kDFE3l8jIfJyMpDGuQfUyqm8Gwrmu58WtsOUcXIQj2_Way2hjTNyMgvzycOXi2MGu_uOseWxxd7RHe4S6GOAtE-n_7KPNAZnfGos4-a5C7iba9o7UqykQgax_zzGSYELsiPFXkghbapYQISlPC2e7gn861NeNonJ7xqzRl0AlqY2S0bliUnggweqhofY-l55jtfzpGYfHgNKszJFwsFD1mV6q0T0HtcMpEK8i1Z1vKJ9DIiGnfmdrgdsYOkQszHV5XudO2cxmb506s2LEH1kOoW1abUjSd9mIaKvNavFM5hBRRH2_csvq6xRJdkrqEZol20wNtZdMWd67WZbR5Qb6voEcEDbKMigRRoYc2lU0TzcvQfFa4s8iMlHDgK91AQYRxSQ7i1h6fhVDgciI88l1FWD24_69XPv603RN1tlE8YhRlEZC6p-DzeibPqRSzf-V_o6u3xDJ1cK77AKH7mzp4giWkAuDqkYFi18rnmknLXxuInp-yQ4VjSsK8fjRGGVMvSUNWeI2EfebHf04uACcNBQs1xEb1KpyxM6NeV4kCYHBwaUI_WuSM6SCTCWjmgBtNSIu2ya08ufezZ-44gf8UxTZyhRJY8FGKIAYAN782et9RfQD7XUnZuUxlHXWMgIY5AXhNUljXLfCGoxVRda2dPKpvVGvcKVIOAYPyMPLqxXoZNzpsn4NxI163I0EGZDjfHO8i0ACtRVKpM1fwFjjOOC7bBDc2Or7d-6zWrXkYcacbnjQP4nHdHbk9ZELTTIzuFMKY6bsbmxCAKRNI4PbTPpGdMHTc0xIM21wMtqhy7pPqmfFXgH8CEX_KwUsXJk7Bex_DBSI3ed5dSmp7ffsVggnMHAUXtkRtl5nOwAl0ZrFW5DtBzMO4KMZGmawZ1-CVomQVYegRmfzpDjlLtKxjCyINkNGcSrhRK6fzGnTpZY2wMbh47ApkNcP6ukFX4GgYUqTLn7qPPuJzu3fAcolO9jPKt78kPKiPt-5QLPaVDUgKxx-18LsTyO6yzZuKIUW-3QLr07DaPSN07HDysrj-p4jLuQmJ

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:23:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4032 0
0 97ms
96ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssa9mKacoiO9KcXKMVfSzW8qcY_M3LJr64qn2NTHgQcVGHp2M-vDtnupwN0XInc7EamCPoNgsKSZX706KV7eAo6LUTaxggbptXheNGhx2RNQ-2GNolpJKvdFsNbouS6V5h7YOegInp-GtI26dvlVvaCoPF3MSqEiOVabN4dwN9I3xc5guBlt3AafCJ6LSiouiZiJly7Zvg6Am5YSBy0yYR1CW0A042evIPba7JD7CU9-L81CmNcR-CCKbOLrfQA1vDrIbrT03m_wZQne2BRKJlm-fd0sKdghldYaUc3gp9BVFJVkhM5Z0whLqZAQc3lrN3qt-rFiDvr6hB06bDfhcNiLVJ21dXfJCfP4qYLAHPLTgNVXhxW8UudHMbYs6fLewqHKlgSSYcWeyendtFlQFQaXNEFh_5jZLHQZsIpHnEqcFaqh5vXdgxZHYzq-NrnnnQTHyQWfBPTLhszmu1b13ii9vZ67BCaLmBpPCjcbNjRUMPI-jQn7Y1SRlLom3xgjSz04BMh9E66NsVnfctdkPheOWuxvMja9v6DFpKNNPz9tDsmX9SEvEqE-PLmHx2wr0IVEPL93NP6uOHtNSjKjeVcpWiRJwbitT0_2QN5zm2bxYmJdODTg9UQV75Pr-7VCF5Yyg9Cp2SIolNt_TGHrlqnK0laxKAxBn7dxZ7fSLDu9kcHw6Ac6xO4imriWHrvVEbcCU5NMhhH4mqQ9FXMoqpzh_6thMudrAPT0UhllG-79Jw6024og1gdYWooko3n6hoIU0Bk0gIgeg6nN7xNRDUDoqTHrQxnRYFzjc0nA9Sh3dpgx4iv-LfNhAHmC-R61ZrpKL2IE2wayNfwzBVBOHwXZjuEAgbG_pP6QCp7YRihSRhU-_cBcKoBPmJFIpnTM_Ab-BojXYYFoLB0_PPl5OA2KShUzfzsYNGMPNOtgK6uVA9jXxRpoC3RrjrEfGsDyfinPVz0AwpyqMSBuilZ9cpruWQ6bcjpX5GR2MqKaJtQ5IEGdSauRPhU1YX03WXX0qkTdM6nKBFulplq0W7-rT0CxdonGy37mpE4sDiJGT4GT7OvvyhUzE9T6SOeNLmd5hUWuebBprw0EdM1BNU3Z75CambYJ_bhopAmGk2TV1PHvTZhyriCrc0BGIgVIuW5bWp2ssVyX2qqS6BHnzPlay1UObGlsvshnTLLPO8tpQjujYj6c3OAhQ5EeDk3LAaajRroi7xVUa_147Xpkr7kiCevS2ycXbE-KPVWk9Iztqxz0PwD10hznvGaTfrF32KjeVjJgNW3nQ&sai=AMfl-YRocjRtQEvMcE1x7lNj2DEviIYnz5Ql6dBrP1mHPa7woHtQnxQn5UvII-3Ijzp8G_sK3pjDtE0gvN5OH6KzdJHAR5rlP6SwhEcG8vbTU9T6zi1GtdiZh2gomKxVNMTYDFVVKP4A0QIpYlS3qHvnxsIDsk3-ZqHybw__R_qq-F92KzNLIsa1kkmo0NowNnPN_6cSnmxLYqBLKXec55MPO8pcKwApE4DYzodRLHZOE907mfN65HYHB_D8Hz9Yg1Z1P-ZgeYZ3wG00UyLoDA&sig=Cg0ArKJSzN0gsAYZlc3sEAE&uach_m=[UACH]&pr=8:2BC04631BCFCF012&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=379&vt=11&dtpt=167&dett=3&cstd=209&cisv=r20231102.42295&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 61cd8879225a7f6c40361352 Show response
c.bannerflow.net/a/ Frame 9738 89 KB
29 KB 119ms
48ms Script
application/javascript 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/61cd8879225a7f6c40361352?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstK3012JITDhJ4e9oK2i5hflYtnR9YrmZgb-8YJ6USBm_FnEM94kucV5zWHiRJofXLY7M6QxRgnjPANQyspTjHsD5pJpoctSeeCo3Rp6NcWUZB-niqKGQ6anCNYr-pgpWbj-WSrFiPvU0bdV6f_apFbYr0avzdWrWOZnvBp_U7zkFgZ4TnqDaqhfM6qKiCRLPY4Nlw3wpzw6k2gtWwADIjPDMJlACEFlLe3EHYTNethv9RCwv9V25g53ZtQ1twjdqbRqkOMCw3oO1bQxrbtpAQ3YUCY8Qeco6G9hKH0rYhLKva1TqZAzgALTi_L9J3J3VUzvaRVONMHdaPJJPCxhp7S46A5uK34gY3AD6zFxJ5TButc3W-32hubSwi8niZr8EdzaK2t7d7Q8XW3QSe5Z-LWP2YrpnvmGUvAxggx_Au4tFOZEFX3p32zHoOzOGNDoX9X4R1qX3m7oMqBj4rjo3Ancv5PMhiAbY1sLNBk1VLXuXd122pMUFNVcYKtUxQs-Mvu9rcA7XANW0QhRWTf9h5qXafB32wNxzH5h-PFDffC1moM66RtoYXlGChAk5kChqyS_1cGtl10RK2msGbF6Jj3hxsIhF86W-u6g9hLWXtlj0TjWJPMU0pTU1mDMN_ZOGMruBKI9W6naFV3Vw_aLE2oa0nK3l0T6xdqnq2GLy38hvpXRptgNkZM6EdaU9dS0-XlKDfDJn0omS0wZj2cu7qIYGeP1FzA6mVQqsJ98JYK-2OxL93zTKw2aPyEh6gEi8pXY_6mH_PJU-Dsr3qyGIBK3bBIvRmPzbuP3tn2rx-pPRpkgwq4QnnvuC3D_-x2EZuDDKIvo95-y0auc4xx4o6N78lv1bQZwKuKJcrwHhBOiBrqsPRQJjgwUF0c2CegtmUHx1SLcCtMDMwVYg-I8aqxdIwyoGAO0OF5tt30QlAqRuejS5Oqq0a2bZBBUPmpUMjDFfwDxFFDtr9_PJo_mUXlCsXPbQkasqJ1hPuWvK3z_D296H9CHJFCQceK2hhUcFCjbSgq_QfoVzIwB0d40offzNsv7zsHaOU3Zs-KWqYoYTnnbwaFKpnm4FOlkwVEqKuA3AY5D2nvvMi5uqaCNjny8ljM2Ukj5Hter_d_VN2nN0taM8iB0_DqrgHX41vPP1W7DHdMbDGbpKBqr2X8MAtBKE8SCbI2Y4Son6D3mTUlxgqVsASio4d0S6jqxW_YfztkPy8lSmdWDO3bkh-3J24TdcFY7N6erTH3CiqYeQXQpmQ4iEmRJhNKfcT-3X9lRuq69CWX7tvo_ZxlWUmbxtF4J0Ejl39HFMvM6oaR87_2HJQNxFnPgEkjiiEpZLdUec0yAtbCJdKu-9NG4QcLFkVb0JxuKJJ03yWEoNjRcg1qAS0orGxBif0VGS0%26sai%3DAMfl-YQ6YGc2SioBqO7zqSxVz4cE9EGPGbsi-1xxS-3axtvAkJgYVciHh4C1u-IxZw6GgZhRf15Z4uqXeCRur--ivuJw7jnd6CpW0SIAtQwHs10iZdpOiXMO_qfdTLqo6wXpto_vVBeIKXmjGANiJtxMtxr0y4TvjBXRpdJtkEQkHIaBysKYEztAszWgdXDo7OGTq5gIdZ-re4d-AIeLDecpc-AQeb_XxAPCMt5xYx1bY4UDWVHcoI74OKUEeQsEj3QeUvM2zCERxJVlwh8R1GrHeVLQzi_i%26sig%3DCg0ArKJSzF59C2nIvrOKEAE%26pr%3D8%3A2BC04631BCFCF012%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5026253%26adurl%3Dhttps%253A%252F%252Fwww.independer.nl%252Fautoverzekering%252Fintro.aspx%253Frefer%253Ddvprogrammatic-ron-prospecting-display-auto-auto-prospecting-besparen-usp%2526utm_source%253Ddv-programmatic%2526utm_medium%253Dron%2526utm_campaign%253Dauto-prospecting%2526utm_content%253Dbanner-auto-prospecting-besparen-usp%2526dclid%253D%2525edclid!
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12950889301880602624/5.Auto_Prospecting_Besparen_USP_Vergelijknu-1-Dutch-728x90-637764744800027629-9d594784-610f-4f7a-9a9b-a7719e97e20c.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14d8e954784024642047a44b9deb98ff56055fc3f74ac57649035c004f1f517e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 04:23:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, s-maxage=10
cf-ray: 8222cdcfdab10e5c-AMS
request-context: appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 70ms
70ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311010101&jk=213383934110282&bg=!trWltfrNAAb4oU7C2KE7ADQBe5WfODEwdlK6TADt8bz45b0KTZU2XCdwhO4dFhvr6uvMbKox9GJtHCHAUJdkSgV8LPZjAgAAAFpSAAAABWgBB5kC3wYNVn12j_jlqUZTqKOysrkYMOd0xXSmwiYDm4EVaMQCx2Iq3mcYexgrWD1ZIPhcYCEBw-dL6C0ZnOa0e55AqqrU0naNODtnmmIJ__bPq0Otbi__cGgbCdCoKWTedPmR8WQoSVzGUjtoahKEtUqoViTUgcA8I2iBMvLq-3YSqoum83rSN9qZxsG0JSlk7UpJf4tAQ_D6TdRszE5S5L1xfM_DE4EEGADHdqIBfErRMM0RqBChntAY4KIUPs8GCOcDgIsx_Z_zWPNNGUNVpk1Xwd1BxV_pplCI9_2foPw0L3z1l0_YifYIn0JrqOvnk1axV3570W7voXzkBEW0MKOiInou5Fl7BPU41fIfMaKJpTT7vz1Gi0aQsSiM5iuw8SxBt-O4x94AWrr6Qd90aHDs3aR8kaIm81Om62b1md0ZfEtQlHNpUBUv4a2Y7AB3JZVG_ovsoA1dmvFEzAk1UWQSmOYWVTPdjDHwlc1yRq-QPR879R9PfKxJT2VpvKoEpmtGwz1zzR8bWMhEHpP3i3jMhtqqHZFWKC6PGFsvaER7Ev8vegGkgakQNBJeM5eOP73WjnFGEq0uJnmZRdHAHmMnnr1ukD23VDQsi_j_pfxcotaiM9US7qj7UiRiX6MuMpJcE0rTaJICm2OC7rLcZWAPgnj1tXNcPWja-KpgKCq60iuCFMRKe1PVHPnoI7lG-0ZIdWNUOBWc64rdwM5pwA7gTs8F9FYr8_GzzhKKyn6YbUrvPUnc-jnA6KkdLamFUG8p5HyChKnDrqfDcdMbFAZklj8aDrZl6eo279bF4ffaPYVmG4gKTY-MViIhtBW5jHsh2ud3pB0IqSMS8wGgXANUTqM4o007pCDBvG76r7jw493Tl-7l2TyLlUdLqmeDu1VTUwmZWgFKDYU26ERJm6H7lheSEkazB903S5QsgqXfI3N9UyGADajfr-0ZUj_E7B0GLe__NzVp4C2ZyBLevZXwuw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H2 200 document.d0a4497697.js Show response
c.bannerflow.net/accounts/independer/58b00b62657197058cc7e813/published/1555230/1869786/ Frame 9738 20 KB
4 KB 33ms
32ms Script
application/javascript 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/independer/58b00b62657197058cc7e813/published/1555230/1869786/document.d0a4497697.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/61cd8879225a7f6c40361352?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstK3012JITDhJ4e9oK2i5hflYtnR9YrmZgb-8YJ6USBm_FnEM94kucV5zWHiRJofXLY7M6QxRgnjPANQyspTjHsD5pJpoctSeeCo3Rp6NcWUZB-niqKGQ6anCNYr-pgpWbj-WSrFiPvU0bdV6f_apFbYr0avzdWrWOZnvBp_U7zkFgZ4TnqDaqhfM6qKiCRLPY4Nlw3wpzw6k2gtWwADIjPDMJlACEFlLe3EHYTNethv9RCwv9V25g53ZtQ1twjdqbRqkOMCw3oO1bQxrbtpAQ3YUCY8Qeco6G9hKH0rYhLKva1TqZAzgALTi_L9J3J3VUzvaRVONMHdaPJJPCxhp7S46A5uK34gY3AD6zFxJ5TButc3W-32hubSwi8niZr8EdzaK2t7d7Q8XW3QSe5Z-LWP2YrpnvmGUvAxggx_Au4tFOZEFX3p32zHoOzOGNDoX9X4R1qX3m7oMqBj4rjo3Ancv5PMhiAbY1sLNBk1VLXuXd122pMUFNVcYKtUxQs-Mvu9rcA7XANW0QhRWTf9h5qXafB32wNxzH5h-PFDffC1moM66RtoYXlGChAk5kChqyS_1cGtl10RK2msGbF6Jj3hxsIhF86W-u6g9hLWXtlj0TjWJPMU0pTU1mDMN_ZOGMruBKI9W6naFV3Vw_aLE2oa0nK3l0T6xdqnq2GLy38hvpXRptgNkZM6EdaU9dS0-XlKDfDJn0omS0wZj2cu7qIYGeP1FzA6mVQqsJ98JYK-2OxL93zTKw2aPyEh6gEi8pXY_6mH_PJU-Dsr3qyGIBK3bBIvRmPzbuP3tn2rx-pPRpkgwq4QnnvuC3D_-x2EZuDDKIvo95-y0auc4xx4o6N78lv1bQZwKuKJcrwHhBOiBrqsPRQJjgwUF0c2CegtmUHx1SLcCtMDMwVYg-I8aqxdIwyoGAO0OF5tt30QlAqRuejS5Oqq0a2bZBBUPmpUMjDFfwDxFFDtr9_PJo_mUXlCsXPbQkasqJ1hPuWvK3z_D296H9CHJFCQceK2hhUcFCjbSgq_QfoVzIwB0d40offzNsv7zsHaOU3Zs-KWqYoYTnnbwaFKpnm4FOlkwVEqKuA3AY5D2nvvMi5uqaCNjny8ljM2Ukj5Hter_d_VN2nN0taM8iB0_DqrgHX41vPP1W7DHdMbDGbpKBqr2X8MAtBKE8SCbI2Y4Son6D3mTUlxgqVsASio4d0S6jqxW_YfztkPy8lSmdWDO3bkh-3J24TdcFY7N6erTH3CiqYeQXQpmQ4iEmRJhNKfcT-3X9lRuq69CWX7tvo_ZxlWUmbxtF4J0Ejl39HFMvM6oaR87_2HJQNxFnPgEkjiiEpZLdUec0yAtbCJdKu-9NG4QcLFkVb0JxuKJJ03yWEoNjRcg1qAS0orGxBif0VGS0%26sai%3DAMfl-YQ6YGc2SioBqO7zqSxVz4cE9EGPGbsi-1xxS-3axtvAkJgYVciHh4C1u-IxZw6GgZhRf15Z4uqXeCRur--ivuJw7jnd6CpW0SIAtQwHs10iZdpOiXMO_qfdTLqo6wXpto_vVBeIKXmjGANiJtxMtxr0y4TvjBXRpdJtkEQkHIaBysKYEztAszWgdXDo7OGTq5gIdZ-re4d-AIeLDecpc-AQeb_XxAPCMt5xYx1bY4UDWVHcoI74OKUEeQsEj3QeUvM2zCERxJVlwh8R1GrHeVLQzi_i%26sig%3DCg0ArKJSzF59C2nIvrOKEAE%26pr%3D8%3A2BC04631BCFCF012%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5026253%26adurl%3Dhttps%253A%252F%252Fwww.independer.nl%252Fautoverzekering%252Fintro.aspx%253Frefer%253Ddvprogrammatic-ron-prospecting-display-auto-auto-prospecting-besparen-usp%2526utm_source%253Ddv-programmatic%2526utm_medium%253Dron%2526utm_campaign%253Dauto-prospecting%2526utm_content%253Dbanner-auto-prospecting-besparen-usp%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c6d2d881a87fcc3155e27f990552a7d672d3c0b00161be4ea47e79bc3884080

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 07 Nov 2023 04:23:58 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 0KRJdpeu4NgooQ9FzOrRew==
age: 30824527
cf-polished: origSize=22610
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Mon, 10 Jan 2022 11:41:41 GMT
server: cloudflare
etag: W/"0x8D9D42E2B8C8EB3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 12a5f102-101e-009a-04d9-f873ff000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 8222cdd03ade0e5c-AMS

GET
H2 200 animated-creative.09125c52bb074e7ae7c8.js Show response
c.bannerflow.net/scripts/ Frame 9738 141 KB
48 KB 38ms
38ms Script
application/javascript 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.09125c52bb074e7ae7c8.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/61cd8879225a7f6c40361352?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstK3012JITDhJ4e9oK2i5hflYtnR9YrmZgb-8YJ6USBm_FnEM94kucV5zWHiRJofXLY7M6QxRgnjPANQyspTjHsD5pJpoctSeeCo3Rp6NcWUZB-niqKGQ6anCNYr-pgpWbj-WSrFiPvU0bdV6f_apFbYr0avzdWrWOZnvBp_U7zkFgZ4TnqDaqhfM6qKiCRLPY4Nlw3wpzw6k2gtWwADIjPDMJlACEFlLe3EHYTNethv9RCwv9V25g53ZtQ1twjdqbRqkOMCw3oO1bQxrbtpAQ3YUCY8Qeco6G9hKH0rYhLKva1TqZAzgALTi_L9J3J3VUzvaRVONMHdaPJJPCxhp7S46A5uK34gY3AD6zFxJ5TButc3W-32hubSwi8niZr8EdzaK2t7d7Q8XW3QSe5Z-LWP2YrpnvmGUvAxggx_Au4tFOZEFX3p32zHoOzOGNDoX9X4R1qX3m7oMqBj4rjo3Ancv5PMhiAbY1sLNBk1VLXuXd122pMUFNVcYKtUxQs-Mvu9rcA7XANW0QhRWTf9h5qXafB32wNxzH5h-PFDffC1moM66RtoYXlGChAk5kChqyS_1cGtl10RK2msGbF6Jj3hxsIhF86W-u6g9hLWXtlj0TjWJPMU0pTU1mDMN_ZOGMruBKI9W6naFV3Vw_aLE2oa0nK3l0T6xdqnq2GLy38hvpXRptgNkZM6EdaU9dS0-XlKDfDJn0omS0wZj2cu7qIYGeP1FzA6mVQqsJ98JYK-2OxL93zTKw2aPyEh6gEi8pXY_6mH_PJU-Dsr3qyGIBK3bBIvRmPzbuP3tn2rx-pPRpkgwq4QnnvuC3D_-x2EZuDDKIvo95-y0auc4xx4o6N78lv1bQZwKuKJcrwHhBOiBrqsPRQJjgwUF0c2CegtmUHx1SLcCtMDMwVYg-I8aqxdIwyoGAO0OF5tt30QlAqRuejS5Oqq0a2bZBBUPmpUMjDFfwDxFFDtr9_PJo_mUXlCsXPbQkasqJ1hPuWvK3z_D296H9CHJFCQceK2hhUcFCjbSgq_QfoVzIwB0d40offzNsv7zsHaOU3Zs-KWqYoYTnnbwaFKpnm4FOlkwVEqKuA3AY5D2nvvMi5uqaCNjny8ljM2Ukj5Hter_d_VN2nN0taM8iB0_DqrgHX41vPP1W7DHdMbDGbpKBqr2X8MAtBKE8SCbI2Y4Son6D3mTUlxgqVsASio4d0S6jqxW_YfztkPy8lSmdWDO3bkh-3J24TdcFY7N6erTH3CiqYeQXQpmQ4iEmRJhNKfcT-3X9lRuq69CWX7tvo_ZxlWUmbxtF4J0Ejl39HFMvM6oaR87_2HJQNxFnPgEkjiiEpZLdUec0yAtbCJdKu-9NG4QcLFkVb0JxuKJJ03yWEoNjRcg1qAS0orGxBif0VGS0%26sai%3DAMfl-YQ6YGc2SioBqO7zqSxVz4cE9EGPGbsi-1xxS-3axtvAkJgYVciHh4C1u-IxZw6GgZhRf15Z4uqXeCRur--ivuJw7jnd6CpW0SIAtQwHs10iZdpOiXMO_qfdTLqo6wXpto_vVBeIKXmjGANiJtxMtxr0y4TvjBXRpdJtkEQkHIaBysKYEztAszWgdXDo7OGTq5gIdZ-re4d-AIeLDecpc-AQeb_XxAPCMt5xYx1bY4UDWVHcoI74OKUEeQsEj3QeUvM2zCERxJVlwh8R1GrHeVLQzi_i%26sig%3DCg0ArKJSzF59C2nIvrOKEAE%26pr%3D8%3A2BC04631BCFCF012%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5026253%26adurl%3Dhttps%253A%252F%252Fwww.independer.nl%252Fautoverzekering%252Fintro.aspx%253Frefer%253Ddvprogrammatic-ron-prospecting-display-auto-auto-prospecting-besparen-usp%2526utm_source%253Ddv-programmatic%2526utm_medium%253Dron%2526utm_campaign%253Dauto-prospecting%2526utm_content%253Dbanner-auto-prospecting-besparen-usp%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 497a8954ee824ea26081e06abebcef88515fade256aa3114af672950b6dd93ac

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 07 Nov 2023 04:23:58 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: gE3HqvQfxKUJXxsLXgVdRQ==
age: 514130
cf-polished: origSize=144587
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Fri, 10 Dec 2021 11:29:02 GMT
server: cloudflare
etag: W/"0x8D9BBD0447D0217"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e7bae0a4-701e-0025-1085-0c445a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 8222cdd03adf0e5c-AMS

GET
DATA 200
OK truncated
/ Frame 9738 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK 8e8fb51a-1119-4456-9e49-8cc5ba920966 Show response
https://s0.2mdn.net/ Frame 813B 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://s0.2mdn.net/8e8fb51a-1119-4456-9e49-8cc5ba920966
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.09125c52bb074e7ae7c8.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Length: 668
Content-Type

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 9738 3 KB
3 KB 92ms
39ms Font
font/woff 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F550abe329445702310657a53%2F58b00b62657197058cc7e813%2F91d4dc52-df14-4072-ac45-aa024d96bf3a.woff&t=%20Vegijklnru
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12950889301880602624/5.Auto_Prospecting_Besparen_USP_Vergelijknu-1-Dutch-728x90-637764744800027629-9d594784-610f-4f7a-9a9b-a7719e97e20c.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 573a6dd3781223443de52b3d61735dc3db750f63f3b8348e9d2cdc6bb12bbadc

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:59 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Nov 2023 04:14:21 GMT
server: cloudflare
age: 518978
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=91d4dc52-df14-4072-ac45-aa024d96bf3a-subset.woff
cf-ray: 8222cdd1bcb90bda-AMS
expires: Thu, 31 Oct 2024 04:14:21 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 9738 10 KB
10 KB 32ms
32ms Font
font/woff 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F58b00a5ccc269b0e807d983b%2F08da8463-920b-4bab-a0c2-a0c0ed8554c2.woff&t=%20Baegijknoprstuvz
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12950889301880602624/5.Auto_Prospecting_Besparen_USP_Vergelijknu-1-Dutch-728x90-637764744800027629-9d594784-610f-4f7a-9a9b-a7719e97e20c.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7514a1940229f864b0a0f75e526ebda7f3e497bad368cfd4d7817e18fb06a133

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:59 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Nov 2023 03:02:38 GMT
server: cloudflare
age: 523281
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=08da8463-920b-4bab-a0c2-a0c0ed8554c2-subset.woff
cf-ray: 8222cdd20cd90bda-AMS
expires: Thu, 31 Oct 2024 03:02:38 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 9738 5 KB
5 KB 31ms
31ms Font
font/woff 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F550abe329445702310657a53%2F58b00b62657197058cc7e813%2F2ee52b76-4cb8-44e9-88c4-6acc9efd8002.woff&t=%20%2CDGVabcdefgijklnoprstuvz
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12950889301880602624/5.Auto_Prospecting_Besparen_USP_Vergelijknu-1-Dutch-728x90-637764744800027629-9d594784-610f-4f7a-9a9b-a7719e97e20c.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6804fc4bfce5383241757e1a68e3d7c0db494ad84e415d8adb72013af4f3068

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:59 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Nov 2023 01:53:27 GMT
server: cloudflare
age: 527432
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=2ee52b76-4cb8-44e9-88c4-6acc9efd8002-subset.woff
cf-ray: 8222cdd23cf20bda-AMS
expires: Thu, 31 Oct 2024 01:53:27 GMT

GET
H2 200 b4b21316-fafa-412d-af96-e51058af0f5a.svg
c.bannerflow.net/accounts/independer/58b00b62657197058cc7e813/images/ Frame C030 249 B
516 B 33ms
32ms Image
image/svg+xml 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/independer/58b00b62657197058cc7e813/images/b4b21316-fafa-412d-af96-e51058af0f5a.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28a8ed608b395c81a1f2710fd1a8da7e7f47e68a1398927b5e544df7f4094522

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 07 Nov 2023 04:23:59 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: SBnZz/Jhy+7ISkwyPEOVMQ==
age: 1148
x-ms-lease-status: unlocked
last-modified: Tue, 07 Dec 2021 11:26:59 GMT
server: cloudflare
etag: W/"0x8D9B9747C21706D"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 88c17732-c01e-0030-650c-f553e9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 8222cdd27c0c0e5c-AMS

GET
H2 200 a86bf905-1d57-4510-a0b2-249598424665.svg
c.bannerflow.net/accounts/independer/58b00b62657197058cc7e813/images/ Frame C030 8 KB
3 KB 34ms
33ms Image
image/svg+xml 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/independer/58b00b62657197058cc7e813/images/a86bf905-1d57-4510-a0b2-249598424665.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68cabacb7b77c7b360cbf8367d3260e238278020da37c94ddf0387d3e4a4b69c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 07 Nov 2023 04:23:59 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 8urcD2CKISvRgGCJ1Ya9Eg==
age: 4348
x-ms-lease-status: unlocked
last-modified: Wed, 01 Dec 2021 13:24:32 GMT
server: cloudflare
etag: W/"0x8D9B4CDE9002B7A"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 2f0e68a5-301e-0056-6581-0c1cc9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 8222cdd27c0d0e5c-AMS

GET
H2 200 1ab20f77-4611-4861-8961-e27e338e2c75.svg
c.bannerflow.net/accounts/independer/58b00b62657197058cc7e813/images/ Frame C030 343 B
404 B 34ms
34ms Image
image/svg+xml 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/independer/58b00b62657197058cc7e813/images/1ab20f77-4611-4861-8961-e27e338e2c75.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b668d52805ad6302ebdde93a53b52bba3a58ac817085e14577b3a8cdf3e6d879

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 07 Nov 2023 04:23:59 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: eBZKpiNllqKJw69aOxqcbw==
age: 1655
x-ms-lease-status: unlocked
last-modified: Fri, 03 Dec 2021 13:59:52 GMT
server: cloudflare
etag: W/"0x8D9B6652DCDDA2E"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 09510e02-c01e-001f-1e65-0f5e22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 8222cdd27c0f0e5c-AMS

POST
H2 200 58b00b62657197058cc7e813
c.bannerflow.net/tr/v2/pixel/ Frame 9738 0
81 B 36ms
36ms Ping
text/plain 2606:4700::6811:ca6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel/58b00b62657197058cc7e813
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/61cd8879225a7f6c40361352?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstK3012JITDhJ4e9oK2i5hflYtnR9YrmZgb-8YJ6USBm_FnEM94kucV5zWHiRJofXLY7M6QxRgnjPANQyspTjHsD5pJpoctSeeCo3Rp6NcWUZB-niqKGQ6anCNYr-pgpWbj-WSrFiPvU0bdV6f_apFbYr0avzdWrWOZnvBp_U7zkFgZ4TnqDaqhfM6qKiCRLPY4Nlw3wpzw6k2gtWwADIjPDMJlACEFlLe3EHYTNethv9RCwv9V25g53ZtQ1twjdqbRqkOMCw3oO1bQxrbtpAQ3YUCY8Qeco6G9hKH0rYhLKva1TqZAzgALTi_L9J3J3VUzvaRVONMHdaPJJPCxhp7S46A5uK34gY3AD6zFxJ5TButc3W-32hubSwi8niZr8EdzaK2t7d7Q8XW3QSe5Z-LWP2YrpnvmGUvAxggx_Au4tFOZEFX3p32zHoOzOGNDoX9X4R1qX3m7oMqBj4rjo3Ancv5PMhiAbY1sLNBk1VLXuXd122pMUFNVcYKtUxQs-Mvu9rcA7XANW0QhRWTf9h5qXafB32wNxzH5h-PFDffC1moM66RtoYXlGChAk5kChqyS_1cGtl10RK2msGbF6Jj3hxsIhF86W-u6g9hLWXtlj0TjWJPMU0pTU1mDMN_ZOGMruBKI9W6naFV3Vw_aLE2oa0nK3l0T6xdqnq2GLy38hvpXRptgNkZM6EdaU9dS0-XlKDfDJn0omS0wZj2cu7qIYGeP1FzA6mVQqsJ98JYK-2OxL93zTKw2aPyEh6gEi8pXY_6mH_PJU-Dsr3qyGIBK3bBIvRmPzbuP3tn2rx-pPRpkgwq4QnnvuC3D_-x2EZuDDKIvo95-y0auc4xx4o6N78lv1bQZwKuKJcrwHhBOiBrqsPRQJjgwUF0c2CegtmUHx1SLcCtMDMwVYg-I8aqxdIwyoGAO0OF5tt30QlAqRuejS5Oqq0a2bZBBUPmpUMjDFfwDxFFDtr9_PJo_mUXlCsXPbQkasqJ1hPuWvK3z_D296H9CHJFCQceK2hhUcFCjbSgq_QfoVzIwB0d40offzNsv7zsHaOU3Zs-KWqYoYTnnbwaFKpnm4FOlkwVEqKuA3AY5D2nvvMi5uqaCNjny8ljM2Ukj5Hter_d_VN2nN0taM8iB0_DqrgHX41vPP1W7DHdMbDGbpKBqr2X8MAtBKE8SCbI2Y4Son6D3mTUlxgqVsASio4d0S6jqxW_YfztkPy8lSmdWDO3bkh-3J24TdcFY7N6erTH3CiqYeQXQpmQ4iEmRJhNKfcT-3X9lRuq69CWX7tvo_ZxlWUmbxtF4J0Ejl39HFMvM6oaR87_2HJQNxFnPgEkjiiEpZLdUec0yAtbCJdKu-9NG4QcLFkVb0JxuKJJ03yWEoNjRcg1qAS0orGxBif0VGS0%26sai%3DAMfl-YQ6YGc2SioBqO7zqSxVz4cE9EGPGbsi-1xxS-3axtvAkJgYVciHh4C1u-IxZw6GgZhRf15Z4uqXeCRur--ivuJw7jnd6CpW0SIAtQwHs10iZdpOiXMO_qfdTLqo6wXpto_vVBeIKXmjGANiJtxMtxr0y4TvjBXRpdJtkEQkHIaBysKYEztAszWgdXDo7OGTq5gIdZ-re4d-AIeLDecpc-AQeb_XxAPCMt5xYx1bY4UDWVHcoI74OKUEeQsEj3QeUvM2zCERxJVlwh8R1GrHeVLQzi_i%26sig%3DCg0ArKJSzF59C2nIvrOKEAE%26pr%3D8%3A2BC04631BCFCF012%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5026253%26adurl%3Dhttps%253A%252F%252Fwww.independer.nl%252Fautoverzekering%252Fintro.aspx%253Frefer%253Ddvprogrammatic-ron-prospecting-display-auto-auto-prospecting-besparen-usp%2526utm_source%253Ddv-programmatic%2526utm_medium%253Dron%2526utm_campaign%253Dauto-prospecting%2526utm_content%253Dbanner-auto-prospecting-besparen-usp%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s0.2mdn.net/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Nov 2023 04:23:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8222cdd2bc350e5c-AMS
content-length: 0
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4032 42 B
174 B 70ms
69ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsseqcwwZU20GnFbSfSm5OqxuTtklHgNPJujUvN7zMRVNespROrqHwCzg1jA7-zExlWdUHs13zxslhunaw7vcCe_uzuqxCtGfTpSQo8eVzZ5KB6ewVo5-NeXRq_H&sig=Cg0ArKJSzHe51w70thmbEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231106&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699331037818&rpt=773&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: bots.ondiscord.xyz
URL: https://bots.ondiscord.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:23:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4032 0
20 B 67ms
67ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5787800056680&version=m202309260101&ct=76&x=8&cor=18131844307717186000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:23:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 79ms
26ms Preflight
application/json 2a02:2638:3::c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbots.ondiscord.xyz%2F&domain=bots.ondiscord.xyz&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://bots.ondiscord.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://bots.ondiscord.xyz
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 07 Nov 2023 04:24:00 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 204564
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ Frame 9F28 49 B
252 B 419ms
364ms XHR
application/json 2600:1901:0:8344::

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=7.35.0
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://bots.ondiscord.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Nov 2023 04:24:00 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://bots.ondiscord.xyz
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 9F28 2 B
377 B 77ms
25ms XHR
application/json 2a02:2638:3::c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbots.ondiscord.xyz%2F&domain=bots.ondiscord.xyz&cw=1&lsw=1

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://bots.ondiscord.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:24:00 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bots.ondiscord.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 213035
expires: 0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ Frame 9F28 135 B
419 B 120ms
38ms XHR
application/json 141.95.98.64

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 -, , ASN (),

Reverse DNS

Software

Resource Hash

8ef51c3a9a54b187c1cbc44cb7f6788c5e0fb022040e9e0880cd3473c7ee425b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://bots.ondiscord.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bots.ondiscord.xyz
date: Tue, 07 Nov 2023 04:24:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 9F28 63 B
423 B 43ms
43ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=zwqtqe4&fmt=json
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: d7a8d01432080896d66b0f289a58ff2c0e2eb062d6ce26b31365e45ca163be46

Request headers

Referer: https://bots.ondiscord.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Nov 2023 04:24:00 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://bots.ondiscord.xyz
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Thu, 07 Dec 2023 04:24:00 GMT

GET envelope
api.rlcdn.com/api/identity/ Frame 9F28 0
0

GET
H2 200 pbhid Show response
id.hadron.ad.gt/api/v1/ Frame 9F28 227 B
341 B 108ms
36ms XHR
application/json 2606:4700:10::ac43:17ea

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/pbhid?partner_id=288&_it=prebid
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 6814fd06e3003ae0a0970fdd3a7b59e91cf3e8afa3fec26ef2efa38f73cb3d72

Request headers

Referer: https://bots.ondiscord.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Nov 2023 04:24:00 GMT
content-encoding: gzip
server: cloudflare
allow: POST, OPTIONS, GET
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 8222cddbcfb8b942-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame F7C0 3 KB
2 KB 102ms
34ms Document
text/html 104.18.38.76

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://bots.ondiscord.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 65
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 8222cddbce49b891-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 07 Nov 2023 04:24:00 GMT
expires: Tue, 07 Nov 2023 08:24:00 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 04A1 281 B
555 B 32ms
32ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://bots.ondiscord.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 07 Nov 2023 04:24:00 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 1D3C 52 KB
17 KB 160ms
49ms Document
text/html 184.30.16.183

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://bots.ondiscord.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 07 Nov 2023 04:24:00 GMT
ETag: "623de86a-cf34"
Expires: Wed, 08 Nov 2023 04:24:02 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
X-Akamai-EW-Subworker: 8096267

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 9E6C 0
0 26ms
26ms Document
text/plain 216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13386848
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://bots.ondiscord.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date: Tue, 07 Nov 2023 04:24:00 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap7ams1

GET
H2 200 30907
tags.bluekai.com/site/ Frame 9F28 62 B
452 B 263ms
174ms Image
image/gif 72.246.169.24

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/30907?id=13964341-2661-4562-9b9a-5ff8f9a07f6f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.24 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 07 Nov 2023 04:24:00 GMT
content-length: 62
content-type: image/gif

GET
H2

200

sync
x.bidswitch.net/ Frame 9F28
Redirect Chain

https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=aab3c460-31af-4af3-8cd2-a27d34ba9d3b&google_hm=YWFiM2M0NjAtMzFhZi00YWYzLThjZDItYTI3ZDM0YmE5ZDNi
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEH_I4gWveYTxnyMnbXof0ig&google_cver=1&ssp=sonobi&bsw_param=aab3c460-31af-4af3-8cd2-a27d34ba9d3b

43 B
145 B

32ms
32ms

Image
image/gif

18.198.247.180

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEH_I4gWveYTxnyMnbXof0ig&google_cver=1&ssp=sonobi&bsw_param=aab3c460-31af-4af3-8cd2-a27d34ba9d3b
Protocol: H2
Server: 18.198.247.180 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:24:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:24:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEH_I4gWveYTxnyMnbXof0ig&google_cver=1&ssp=sonobi&bsw_param=aab3c460-31af-4af3-8cd2-a27d34ba9d3b
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 359
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 9F28 70 B
148 B 45ms
43ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=116da9d98c&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:24:00 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

rtset
bh.contextweb.com/bh/ Frame 9F28
Redirect Chain

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=13964341-2661-4562-9b9a-5ff8f9a07f6f&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=bWoxLVdIOFVxUU5WMk1ZcmVNYzdkUQ&gdpr=&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEAGG8VztMvbxxnqRJTHRZIw&google_cver=1

49 B
486 B

27ms
27ms

Image
image/gif

208.93.169.131

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEAGG8VztMvbxxnqRJTHRZIw&google_cver=1

Protocol

Server

208.93.169.131 -, , ASN (),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: nl-NL
content-type: image/gif;charset=iso-8859-1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-59d47cf7f8-7hdhf
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:24:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEAGG8VztMvbxxnqRJTHRZIw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

us.gif
sync.go.sonobi.com/ Frame 9F28
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=286
https://sync.go.sonobi.com/us.gif?nw=st&nuid=wqoj8rkwWL1e4RPr1eT5MB_MlnU

49 B
444 B

103ms
102ms

Image
image/gif

69.166.1.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=st&nuid=wqoj8rkwWL1e4RPr1eT5MB_MlnU

Protocol

Server

69.166.1.34 -, , ASN (),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:24:01 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-107
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://sync.go.sonobi.com/us.gif?nw=st&nuid=wqoj8rkwWL1e4RPr1eT5MB_MlnU
Date: Tue, 07 Nov 2023 04:24:00 GMT
Connection: keep-alive
Content-Length: 99
Content-Type: text/html; charset=utf-8

GET
H2

200

us.gif
sync.go.sonobi.com/ Frame 9F28
Redirect Chain

https://p.rfihub.com/cm?pub=35683&in=1
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5109685630587368105

49 B
368 B

311ms
101ms

Image
image/gif

69.166.1.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5109685630587368105

Protocol

Server

69.166.1.34 -, , ASN (),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:24:00 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-107
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5109685630587368105
Date: Tue, 07 Nov 2023 04:24:00 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 match
e.serverbid.com/udb/9969/ Frame 9F28 35 B
285 B 375ms
138ms Image
image/gif 159.89.246.130

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.246.130 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:24:00 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://bots.ondiscord.xyz
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

GET
H2

200

us.gif
sync.go.sonobi.com/ Frame 9F28
Redirect Chain

https://creativecdn.com/cm-notify?pi=sonobi
https://creativecdn.com/cm-notify?pi=sonobi&tc=1
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=x791G7A01LdJWMtleQ7o&pi=sonobi&tc=1

49 B
369 B

320ms
101ms

Image
image/gif

69.166.1.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=rh&nuid=x791G7A01LdJWMtleQ7o&pi=sonobi&tc=1

Protocol

Server

69.166.1.34 -, , ASN (),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:24:00 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-107
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://sync.go.sonobi.com/us.gif?nw=rh&nuid=x791G7A01LdJWMtleQ7o&pi=sonobi&tc=1
pragma: no-cache
date: Tue, 07 Nov 2023 04:24:00 GMT, Tue, 07 Nov 2023 04:24:00 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 04A1 46 KB
13 KB 38ms
38ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 43b28e8c3e5b0d5d16164fa7f1157715d24011825c1f47bac04607f975b0f3e8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 04:24:00 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Nov 2023 13:55:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=34287
Connection: keep-alive
Content-Length: 13280
Expires: Tue, 07 Nov 2023 13:55:27 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 04A1 7 B
380 B 34ms
34ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 2734 2 KB
1 KB 55ms
49ms Document
text/html 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbots.ondiscord.xyz%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc05bafcc195624a8ce88a896124f9689f5132dbf567a6a34c777bd3ca6da5ae

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8222cddc180706c8-AMS
content-encoding: br
content-type: text/html
date: Tue, 07 Nov 2023 04:24:00 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1yzU7CFbHAdSj7Jg5prr%2F09%2BYBJCRIIPXnr6y%2FWcEyrIC3iIoyXbRnsALZPZ0Yakux%2BSfMDxaFANfawqH6kg2GYTvP1ngVO1i5vS899WJ%2FtFUVOcyJgzn%2FQP3Nw1Y1Q%2BI7t62uyjjMxZ5g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame 9F28 33 B
278 B 120ms
37ms XHR
application/json 141.95.33.111

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 -, , ASN (),

Reverse DNS

Software

Resource Hash

4cfb8c23f110f17326c727d9ec5d4d7b60cdc41e40d1c2530d569157d9979d18

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://bots.ondiscord.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bots.ondiscord.xyz
date: Tue, 07 Nov 2023 04:23:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 publishertag.prebid.134.js Show response
static.criteo.net/js/ld/ Frame 9F28 89 KB
29 KB 104ms
51ms Script
text/javascript 2a02:2638:3::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.134.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:24:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:15:33 GMT
server: nginx
etag: W/"642e8db5-162ff"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 04:24:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 2734 70 B
148 B 43ms
43ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbots.ondiscord.xyz%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:24:00 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 2734
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZUm73gdEGnITRHirpBtlRAAACFAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJ_ixmDc5wJr7Jb2tUBySXI&google_cver=1

43 B
732 B

47ms
47ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJ_ixmDc5wJr7Jb2tUBySXI&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbots.ondiscord.xyz%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:24:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Jyzi%2FiXq11GBHmYTAt1bLzqoYb5SmAHzpQo357bUChFXlEOBi0YNVC7KKcVk9GcqY2QYM6uPJoFQQMmUgA3sZl8Rr4dg%2Fkp1JT0CJHzQhVGwOtk4vvadEidLjfQf5GxODy2vdHx5h%2BhIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8222cddcd839662e-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:24:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJ_ixmDc5wJr7Jb2tUBySXI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 2734
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUm73gdEGnITRHirpBtlRAAACFAAAAAB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUm73gdEGnITRHirpBtlRAAACFAAAAAB&gpp=&gpp_sid=&dcc=t

43 B
855 B

137ms
137ms

Image
image/gif

52.46.151.131

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUm73gdEGnITRHirpBtlRAAACFAAAAAB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbots.ondiscord.xyz%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.151.131 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Nov 2023 04:24:01 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6FHT9FKJPJEZJM80KH8H
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Nov 2023 04:24:00 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AKFZ4VKN2N56AG0BE5ZT
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUm73gdEGnITRHirpBtlRAAACFAAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET

31327
i.liadm.com/s/ Frame 2734
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUm73gdEGnITRHirpBtlRAAA%262128&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUm73gdEGnITRHirpBtlRAAA%262128&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=1f5491b4ea974fc1be748495894d36f1

0
0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55940/ Frame 2734 0
125 B 121ms
36ms Image
text/plain 3.71.149.231

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZUm73gdEGnITRHirpBtlRAAACFAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbots.ondiscord.xyz%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 -, , ASN (),

Reverse DNS

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:24:00 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 2734 0
187 B 94ms
25ms Image
text/plain 98.98.134.241

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbots.ondiscord.xyz%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 -, , ASN (),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Tue, 07 Nov 2023 04:24:00 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 2734 0
75 B 175ms
36ms Image
text/plain 185.86.138.154

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbots.ondiscord.xyz%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.154 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:23:59 GMT
content-length: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2734
Redirect Chain

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=aGOnfjw09yNzZqB1bm--ImZupiJzN6R1amKuE6Qs

43 B
734 B

45ms
45ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=aGOnfjw09yNzZqB1bm--ImZupiJzN6R1amKuE6Qs
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbots.ondiscord.xyz%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:24:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4bLruIKzxH7Ckdt32eGYvjmlt8RPISAXaBkhgrGkB%2BuNvhnSC9XA0O%2FBUulY%2BPFDM1sNJVW227E2Sd7Xie%2FHKkPplJynMnQzZ9CtyZMleQTmvLbIPPT2OCE5Iwtop0g3Rryu0CdtaZr4LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8222cddca81f662e-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:24:00 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=aGOnfjw09yNzZqB1bm--ImZupiJzN6R1amKuE6Qs
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 2734 43 B
229 B 43ms
36ms Image
image/gif 104.18.38.76

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZUm73gdEGnITRHirpBtlRAAA%262128
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbots.ondiscord.xyz%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:24:00 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 43448
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8222cddc7e87b891-AMS
content-length: 43
expires: Wed, 08 Nov 2023 04:24:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 1D3C 0
596 B 32ms
32ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:24:00 GMT
an-x-request-uuid: 64817ab9-bdd2-49c9-8dd2-c0cdba84d8ca
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.150.117; 31.204.150.117; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 258.json Show response
id5-sync.com/g/v2/ Frame 9F28 251 B
535 B 117ms
38ms XHR
application/json 141.95.98.64

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/258.json

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 -, , ASN (),

Reverse DNS

Software

Resource Hash

44a9c03024b07508955be7dd66148c6f82d53fb7568cf61997d734e379c116ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://bots.ondiscord.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bots.ondiscord.xyz
date: Tue, 07 Nov 2023 04:24:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 872D 15 KB
6 KB 30ms
30ms Document
text/html 2a02:2638:3::c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=bots.ondiscord.xyz

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://bots.ondiscord.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 04:24:00 GMT
server: Kestrel
server-processing-duration-in-ticks: 293022
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.134.js Show response
static.criteo.net/js/ld/ Frame 9F28 89 KB
29 KB 102ms
51ms XHR
text/javascript 2a02:2638:3::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.134.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bots.ondiscord.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 04:24:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:15:33 GMT
server: nginx
etag: W/"642e8db5-162ff"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 04:24:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 872D
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=ondiscord.xyz&sn=ChromeSyncframe&so=0&topUrl=bots.ondiscord.xyz&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=3k8_nnxhejhWKzliVnVLRXNiTVN3R1JBYTFWZ0o2aDN1WktsWThZY3hxSlNsdkFIVXA0Z1lDNVU5d0U1TXhKdm1OQlhIUTd1M01xVmoxdlVpVkVyaGlmTGthVFI0dmdXV2RyVzlEdTUvbFF2OFl5YkRVMS9IcEhLOVpESX...

439 B
656 B

30ms
29ms

Fetch
application/json

2a02:2638:3::c

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=3k8_nnxhejhWKzliVnVLRXNiTVN3R1JBYTFWZ0o2aDN1WktsWThZY3hxSlNsdkFIVXA0Z1lDNVU5d0U1TXhKdm1OQlhIUTd1M01xVmoxdlVpVkVyaGlmTGthVFI0dmdXV2RyVzlEdTUvbFF2OFl5YkRVMS9IcEhLOVpESXBCQWlOY2FOZXV1WFQzQmNmU3pXUVNHK0o1a0tlamczLzVkelZkUlRuRlhyakJyNjdYTUt6T3ZoTk16YjNReVB6YW51dnZIMmxmak1mTVJXdTl1bHN6R09TbExXcFprMkcxQlVqMVNRZktyUnNobmtwNThObUd6MnMvVlRiRlQ1ODF3NmJsRldoMXV0V1VRbFRUaUp1R2lVRjBEbkttQT09fA&cppv=2

Protocol

Server

2a02:2638:3::c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

fba4c23a8555957ca900e7d407cf77b385eb9db630923c80c7bc8ca453b6ac13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:24:00 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2792659
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 04:24:00 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=3k8_nnxhejhWKzliVnVLRXNiTVN3R1JBYTFWZ0o2aDN1WktsWThZY3hxSlNsdkFIVXA0Z1lDNVU5d0U1TXhKdm1OQlhIUTd1M01xVmoxdlVpVkVyaGlmTGthVFI0dmdXV2RyVzlEdTUvbFF2OFl5YkRVMS9IcEhLOVpESXBCQWlOY2FOZXV1WFQzQmNmU3pXUVNHK0o1a0tlamczLzVkelZkUlRuRlhyakJyNjdYTUt6T3ZoTk16YjNReVB6YW51dnZIMmxmak1mTVJXdTl1bHN6R09TbExXcFprMkcxQlVqMVNRZktyUnNobmtwNThObUd6MnMvVlRiRlQ1ODF3NmJsRldoMXV0V1VRbFRUaUp1R2lVRjBEbkttQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 246313
content-length: 0
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=2173

Domain: i.liadm.com
URL: https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUm73gdEGnITRHirpBtlRAAA%262128&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=1f5491b4ea974fc1be748495894d36f1

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.discordapp.com/	1970-01-20 16:02:12	Name: __cf_bm Value: WOL2CsJ3sHWiGv2tkUTO3872oaMLlOycAvXwyCvAfhE-1699331035-0-AVvlh7WiCV4Opgv/y18YOpkaBreHmhKEKLU6H3PuP2kYaEpHkWRtPmc8ZbIcTHr3G/kN/I3Enb4L9+pxksKrfuU=
.discordapp.com/	1969-12-31 23:59:59	Name: _cfuvid Value: plsBeslKC6syJh9JJFXU1viFzUAXu0BeUqs5anJacwM-1699331035538-0-604800000
.ondiscord.xyz/	1970-01-21 01:38:11	Name: _ga_22ZDVH10EC Value: GS1.1.1699331035.1.0.1699331035.0.0.0
.ondiscord.xyz/	1970-01-21 01:38:11	Name: _ga Value: GA1.1.1835142441.1699331036
.script.ac/	1970-01-20 16:02:12	Name: __cf_bm Value: 4Nt3PXJ5.VLm0bb7Wal6Jx.Z5dmOESnx_vpwYkS.Rqc-1699331036-0-AVgoqT7c1ekxv4Z5TVRA/NkxbtMeuFp3jEYnGMdRbcnPJsOU57BwEkt9zjaob1vVbX4WnhvEY6v6uUCf3G8kFSw=
bots.ondiscord.xyz/	1970-01-20 16:45:23	Name: _pbjs_userid_consent_data Value: 3524755945110770
.exelator.com/	1970-01-20 18:54:59	Name: EE Value: "2c489d788bad3af3707ee97d743ddb84"
.quantserve.com/	1970-01-21 01:32:25	Name: mc Value: 6549bbdd-03209-e885e-a7244
.ondiscord.xyz/	1970-01-21 01:26:39	Name: __qca Value: P0-1056198581-1699331036851
.exelator.com/	1970-01-20 18:54:59	Name: ud Value: "eJxrXxzq6XKLQcEo2cTCMsXcwiIpMcU4Mc3Y3MA8NdXSPMXcxDglJcnCZHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQckl%252BUWb6Ij%252BfxUUpaQyLSopPBR%252B9wgwAuuIqjg%253D%253D"
.adnxs.com/	1970-01-20 18:11:47	Name: uuid2 Value: 1847208509865094125
.doubleclick.net/	1970-01-21 01:23:47	Name: IDE Value: AHWqTUnfx6kMbw7HhDYNI0zeXVt69oHVKk_AlPx6-382CVIXFm_yT8O3qcQZ48u4CKA
.adnxs.com/	1970-01-20 18:11:47	Name: icu Value: ChgIjYddEAoYASABKAEw3femqgY4AUABSAEQ3femqgYYAA..
.rubiconproject.com/	1970-01-21 00:47:47	Name: khaos Value: LONTTO75-E-94TR
.rubiconproject.com/	1970-01-21 00:47:47	Name: audit Value: 1\|naVuGyos1qqlUUmijEzoKOfhqFI7AU9U903mtsHdljAzGV0kST+Yv0luJDAHnfJICLYJEq5q/Q2QZPSUWvK94jD1/FRT7b/Hpt9eXq8UfEUhkTnGhAX54b7FQD2yB//h3OlDu/ORdD8=
.go.sonobi.com/	1970-01-20 16:45:23	Name: __uis Value: 13964341-2661-4562-9b9a-5ff8f9a07f6f
.go.sonobi.com/	1970-01-20 16:03:37	Name: _usd_bots.ondiscord.xyz Value: 6e287651-66dc-4366-a9b4-b8e8d8155358
.go.sonobi.com/	1970-01-20 16:02:11	Name: __uih Value: 1
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86107\|ZUm74
.ondiscord.xyz/	1970-01-21 01:23:47	Name: __gads Value: ID=ccb1a75cbac58adf:T=1699331037:RT=1699331037:S=ALNI_MYBTfxB-GGwvInxVy_oltxu_WSPKg
.ondiscord.xyz/	1970-01-21 01:23:47	Name: __gpi Value: UID=00000cb7489863bb:T=1699331037:RT=1699331037:S=ALNI_MbUww8HBjAs88UHD7UAAPlJBAyJHQ
.casalemedia.com/	1970-01-21 00:47:47	Name: CMID Value: ZUm73gdEGnITRHirpBtlRAAA
.casalemedia.com/	1970-01-20 18:11:47	Name: CMPS Value: 2128
.casalemedia.com/	1970-01-20 18:11:47	Name: CMPRO Value: 2128
.doubleclick.net/	1970-01-20 20:21:23	Name: APC Value: AfxxVi7NzddOosQk2NVR9NndEZ9SHjvxIba75R9lRtoe45jmFrkuQA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.discordapp.com/avatars/440996323156819968/91fb6f0d0544333ab46d9db88df2964e.webp?size=128 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mwzeom.zeotap.com/mw?cid=2c489d788bad3af3707ee97d743ddb84&zpartnerid=7&gdpr=&gdpr_consent=2c489d788bad3af3707ee97d743ddb84 Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://bots.ondiscord.xyz/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=2173' from origin 'https://bots.ondiscord.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=2173 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1085f8ea7d1df457a81c99a0197c8745.safeframe.googlesyndication.com
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.yieldlab.net
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
ats.rlcdn.com
beacon-ams3.rubiconproject.com
bh.contextweb.com
bidder.criteo.com
bots.discord.pw
bots.ondiscord.xyz
c.bannerflow.net
cadmus.script.ac
cdn.discordapp.com
cdn.edkt.io
cdn.exelator.com
cdn.indexww.com
cm.g.doubleclick.net
cms.quantserve.com
creativecdn.com
discordbots.io
dsum-sec.casalemedia.com
e.serverbid.com
eus.rubiconproject.com
fastlane.rubiconproject.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.vntsm.com
hb.vntsm.io
htlb.casalemedia.com
i.clean.gg
i.liadm.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lexicon.33across.com
load.exelator.com
loadm.exelator.com
match.adsrvr.org
mug.criteo.com
mwzeom.zeotap.com
mydmp.exelator.com
onsite-tag-logs.apps.nielsen.com
p.cpx.to
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.quantserve.com
prebid.a-mo.net
region1.google-analytics.com
rules.quantcount.com
s.amazon-adsystem.com
s.cpx.to
s0.2mdn.net
script.4dex.io
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.criteo.net
sync.go.sonobi.com
sync.srv.stackadapt.com
sync.teads.tv
tags.bluekai.com
token.rubiconproject.com
tpc.googlesyndication.com
track.venatusmedia.com
ups.analytics.yahoo.com
use.fontawesome.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
api.rlcdn.com
i.liadm.com
104.18.36.155
104.18.38.76
104.75.89.75
13.225.78.47
141.95.33.111
141.95.98.64
142.250.185.226
143.204.98.4
147.75.84.158
151.139.128.10
159.89.246.130
162.159.133.233
172.217.18.2
172.64.151.101
18.198.247.180
18.198.69.109
184.30.16.183
184.30.17.243
185.184.8.90
185.86.138.154
193.0.160.131
2001:4860:4802:34::36
208.93.169.131
216.52.2.39
2600:1901:0:8344::
2600:9000:223c:ca00:6:44e3:f8c0:93a1
2602:803:c003:200::37
2602:803:c003:200::45
2606:4700:10::ac43:17ea
2606:4700:10::ac43:2483
2606:4700:10::ac43:db6
2606:4700:20::681a:346
2606:4700:20::681a:9a9
2606:4700:3034::6815:3f52
2606:4700:3036::6815:1b98
2606:4700::6811:ca6e
2606:4700::6812:1691
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2008
2a00:1450:4001:80b::2001
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2002
2a00:1450:4001:829::2001
2a00:1450:4001:830::2006
2a00:1450:4001:831::2002
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a06:98c1:3121::3
3.33.220.150
3.71.149.231
34.120.111.33
34.200.12.10
34.95.69.49
37.252.173.215
52.46.151.131
52.87.21.252
54.194.173.136
54.75.92.23
63.35.1.238
69.166.1.34
69.166.1.9
69.173.144.139
72.246.169.24
79.125.93.48
95.101.149.233
98.98.134.241
049f5ea5869d78b9cf51ba5cc27a16c51f3be88bec228214ea7d9c32e1b21793
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0f37e3122e633840fdea4149de086a3cfb337f1e0be9633affda8a895d300972
13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9
14d8e954784024642047a44b9deb98ff56055fc3f74ac57649035c004f1f517e
150491054e2f9e12029d434af8217dfa346261c670c3c6d53ce59a4da5d9325c
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16a2002fe6073aa0708f1048d7e523b42f8043a72770e1c5782c7e1010ab03a0
1ce82098bd4b9fef98645417574fecfdde5f5aa36eeaf5a0ff5d77c3fab2adb6
22a0472acda15e020a66b6b55bc450a70f902eef0effe44db5ac864f027c68ed
276ca42d64c33d31e62198735ffbbd2157ac986e09dd81622efc521d32930089
28a8ed608b395c81a1f2710fd1a8da7e7f47e68a1398927b5e544df7f4094522
2b4a9c8f3fc1e08227a34e42518a289c6b1229bec46b32bd44e32a1038447d3b
2f84ee9095c47ab7f9e291e0bf2c5b20139120b6154869865f643dcf158abfae
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
369947cc2d97d88aae069ee91c0beb194388fca51ebcb5e57532e8e275f85dc1
36fc0f2000290dbbdc63a4d0d64dfeab6046ad0e896533b358300fc7684ad677
37eada03b306d7d7a5b385144da80183ffce075d0c0119fc31836efcd873c7d5
3801913cf0d87feb99cd7a6a929a9b6b2bca17199368ccd7b192b9e0d48b4949
381f1d9c7443e9228316c3b8bda3e4367b0bf35f53eaf98a0044d5f871528322
38a209aafec14c64a67383f6d3c9cef3341f7f62a18dae03b7237de256351e15
3a83f3e939edf8302a2e685fd5e673b485db451c16fb203e744ff79399d4d4ef
3c6d2d881a87fcc3155e27f990552a7d672d3c0b00161be4ea47e79bc3884080
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43b28e8c3e5b0d5d16164fa7f1157715d24011825c1f47bac04607f975b0f3e8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a9c03024b07508955be7dd66148c6f82d53fb7568cf61997d734e379c116ef
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
497a8954ee824ea26081e06abebcef88515fade256aa3114af672950b6dd93ac
4ae55c888f7b56a326ff11ee983bd39df8accaa0af040497c7376e616a1bd5e2
4af91f30fc468ad26771dd6236f27863327ea3bdf382c78441c1ae928d1d8378
4cfb8c23f110f17326c727d9ec5d4d7b60cdc41e40d1c2530d569157d9979d18
51c833eb4e1738741e5ceee45dd2408feeb186c207e76bab7bd8afd355120e20
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
573a6dd3781223443de52b3d61735dc3db750f63f3b8348e9d2cdc6bb12bbadc
5830720f0eba5a4ceb378c5169f002d2c60a4e5e243863cc9094acb571b0a3d6
5963155991ef6cccaa5ccde93b269c06161b4e36b2784be6028b78c954a3c569
5a8b2679fe5ad42e5de486f08b48a3bfee841c678f602d5bbce05c775e5119f6
61496aa1a9c3d26cfc292b41fc451a597a47468117c1fb258226a57296390433
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64d9f527c20617144ae91879044d0bd7a4a33b89043a4570209a59c2c6bb1056
6814fd06e3003ae0a0970fdd3a7b59e91cf3e8afa3fec26ef2efa38f73cb3d72
68cabacb7b77c7b360cbf8367d3260e238278020da37c94ddf0387d3e4a4b69c
68d8a8c0246dc64b70b76491f80c29080a995c3582fb83f0c4d8daf293398e69
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
71568a60c15b55d10dbd59382c6064cac66499b05d3f788e2db0a7d74a596c90
7514a1940229f864b0a0f75e526ebda7f3e497bad368cfd4d7817e18fb06a133
7b84952afdc8a5690332be206eb49f6397086f76ba0b8e928d3f32877b12823f
7fe1378184b01736c3ca179fbba8a3cb60a091db97872b8e4b08f1388b270cc7
808077d9874588fdf630260fb4ff110f27533b4d79dafe52d8141195b40d3cd3
80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82d2f03180c37b61b8a3111b8bf7bfc652a4e513070f522aec7608d725c55fa1
852c198aef50fdd01a53040da120b23bd03b136b74e2e01ae370417d16165999
88f9cffc12d1d60d1540474d63db5f88fd608ab94ca47cfd2c912b540b850923
8cea7c5128d7bd101addf2e3cc69c61eb4d30d37ea5b656ecb69906fbb5d273b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ef51c3a9a54b187c1cbc44cb7f6788c5e0fb022040e9e0880cd3473c7ee425b
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
925b5ce50a57c701f6c06dc2da9e5f8d2095428ce6c0ef60f630ea12096d2494
93b4ab839417f8c723a349069dc12b99161bf02c2db42b9667aaa5930a99cee6
961813c2cc407cc2f799d1d4b17e1bb11730d890608625f8b74513143614f9b2
96646ee880b78bf1b3dce850a241455556420111948fbecd108421428fe78f32
98c825df5264194d05cb4b1406d6f39027c18b2e673b3d87bff6c77d7585f2c8
9b3d085444566482650e88aa2be1bf37c3dfb1e0275cf684c2d48c9f05af37d0
9b8cfa2c3ba8719c8bd2fa1feb34f07317de0a38348fe2943792713d3b4aed59
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2a7192c11e4551ab661c51f9c3ed5f288a7175fc1feef7712df1443f772d834
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f
a726810ad110671e947f72e4fcf6375f0779fe3300031ab9d689570b65f2c9bc
a84968788428f98d340f10ada89ecab924a68eea26aaafc0c424edc981a7697e
ab5cb72d0dc3f2b364bc90a42129a2508bba520c9f07b91d2c5e6e35ccc19f88
ab88e7c6f593fbee55363e747958c28063197ede0ac7e285e93d339ab2bda7c2
ac1cd51d9094856456e9f387c7a309d30908e88fc804ddabe47dc9c7e2318e0a
acf825355b5a72b8ea6a94d5057f64dc997594afb1a63e561930939055c5de64
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b162eb9b1aec97429267ca19ecd4d570dcfa81319ea067ac721b0766f6075ef8
b1d8a19cee967122b7d2cff4d03675d4a51a74a3d97bd587ced3fea103437b9e
b1ea32c288c8caff6992542fee83decf318d4b6cd8d65b517a18b6d3401d360c
b668d52805ad6302ebdde93a53b52bba3a58ac817085e14577b3a8cdf3e6d879
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b789b0099a75ae7534a7aa0b6ea604762f1854574b7889f7c65d02fbe40c176b
b80a4d9175dc7cb05b42205ce1f8235139b7cc754653a82974f340dbb9bcf408
b833e64f47018606c3d2fc9bf21af4efa6611b95f052625efca08b880bcfc80a
b890a33d3d89e82d8f8fa44d51bf5f53a951c561c97010155a07651e6c74742c
b9759f1e125f4f7eea59286ecbeb593b693327e91cfc56eef697d5d3586f1294
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a
be2c752f7a16ec5ad4a1534648ecf1440474f14bd94a4fc45c5ee782134b02d8
bee76056c3723e2d41e467e1c0449067f594e9300ba287fdc5cd46d3cbbb931f
c093fc45f2dfecacfb029b8e90a8c9c1f9c2337a24203dc943492a7509075a83
c1969272501ec336e2f17e71c6ec7886b4097f60ad495292b9d70ffbfd6cdf64
c197d04ed78ea839fbe555c0cdf202558865e78303506f8d80a1f407b1fbc797
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c58bc7b7e42f9b6989fbf9f898ade59b058c2aa4b3cd67bf11c9c1b11f8efaf0
c6b39190993e85b1795a44137f4b4bd8ecc562296a6856436a493804b2c4510a
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cab81128d683b525fd463393a3345651877653d87070990027aa84bbfc1e6ef0
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe4b2fa422fb3e55abe0aafac06d5a74bde1fd1aa4ae3c304c07b94305d26ad
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d07a56138007d1b4b4141755e07e1105cbe55ccde37b61a95d64d819a0c0e2a6
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d7a8d01432080896d66b0f289a58ff2c0e2eb062d6ce26b31365e45ca163be46
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a480e9979510bf3e2106532dfdcc6e5ed40b8ac23cb4ab9db09b9292a33848
e76d3690ce84416dffe717b20671d42b1db9d5b417bf75b5f844c8ea9cedc0a0
e7c5597e016120dc62a12b39d743247757b04137995991365c908b58b7265923
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6cb737ac403147d56fbfb8d9e839dd60bc799c0754e64451d242f739636d07
f6804fc4bfce5383241757e1a68e3d7c0db494ad84e415d8adb72013af4f3068
f8f8991096558823f299011392be10fd7fd8ef55ab3bd1245b8ee6e36c5d2501
fb54c6a8974743696550aefbf2f88e66d3a83df4160478d7ed0a318bc856ed72
fba4c23a8555957ca900e7d407cf77b385eb9db630923c80c7bc8ca453b6ac13
fc05bafcc195624a8ce88a896124f9689f5132dbf567a6a34c777bd3ca6da5ae
fcc9adf0759036dd15f1019cb54534e04e91db5080fdfea8b33e3e3c911cc5fa

bots.ondiscord.xyz Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

180 Requests

90 %HTTPS

41 %IPv6

57 Domains

79 Subdomains

65 IPs

6 Countries

1807 kBTransfer

5449 kBSize

25 Cookies

4 Outgoing links

Page URL History

Redirected requests

180 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bots.ondiscord.xyz Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

180
Requests

90 %
HTTPS

41 %
IPv6

57
Domains

79
Subdomains

65
IPs

6
Countries

1807 kB
Transfer

5449 kB
Size

25
Cookies

180 HTTP transactions
1 data transactions