dfives.com Open in urlscan Pro
2a02:4780:84:538e:e8b:76d3:5a59:4a83 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.dfives.com/
Effective URL:
https://dfives.com/
Submission: On November 01 via api (November 1st 2023, 12:55:42 am UTC) from NL — Scanned from NL

Summary HTTP 170 Redirects Behaviour Indicators

Summary

This website contacted 45 IPs in 9 countries across 44 domains to perform 170 HTTP transactions. The main IP is 2a02:4780:84:538e:e8b:76d3:5a59:4a83, located in Cyprus and belongs to AS-HOSTINGER, CY. The main domain is dfives.com.
TLS certificate: Issued by R3 on October 1st 2023. Valid for: 3 months.

This is the only time dfives.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2a02:4780:84:... 2a02:4780:84:aa35:ccb:7400:3238:371b	47583 (AS-HOSTINGER) (AS-HOSTINGER)
33	2a02:4780:84:... 2a02:4780:84:538e:e8b:76d3:5a59:4a83	47583 (AS-HOSTINGER) (AS-HOSTINGER)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3036::6815:5911	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:237... 2600:9000:237d:6200:15:5a3e:9d40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.140.151.8 18.140.151.8	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225b:4200:1e:5c56:d400:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:8e:... 2a04:4e42:8e::720	54113 (FASTLY) (FASTLY)
2	2a04:4e42:8d:... 2a04:4e42:8d::159	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81c::2016	15169 (GOOGLE) (GOOGLE)
2	108.138.36.8 108.138.36.8	16509 (AMAZON-02) (AMAZON-02)
2	104.17.168.6 104.17.168.6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	141.193.213.20 141.193.213.20	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2606:4700:10:... 2606:4700:10::6816:574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
5 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
7 17	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
4 8	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
12	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
1	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
4	78.46.23.46 78.46.23.46	24940 (HETZNER-AS) (HETZNER-AS)
2 2	52.29.206.161 52.29.206.161	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	3.127.91.113 3.127.91.113	16509 (AMAZON-02) (AMAZON-02)
1 1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1 2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1 4	88.99.165.19 88.99.165.19	24940 (HETZNER-AS) (HETZNER-AS)
3 6	99.80.154.46 99.80.154.46	16509 (AMAZON-02) (AMAZON-02)
1	23.210.125.176 23.210.125.176	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:3a1b:de73:79e7:85eb	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2600:9000:20c... 2600:9000:20c3:a000:1a:7c92:efc0:93a1	16509 (AMAZON-02) (AMAZON-02)
170	45

2 2a02:4780:84:aa35:ccb:7400:3238:371b (Cyprus) 2 redirects

ASN47583 (AS-HOSTINGER, CY)

www.dfives.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a02:4780:84:538e:e8b:76d3:5a59:4a83 (Cyprus)

ASN47583 (AS-HOSTINGER, CY)

dfives.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

west.statisticsplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:5911 (United States)

ASN13335 (CLOUDFLARENET, US)

syndication.gcdnanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:6200:15:5a3e:9d40:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.reuters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.140.151.8 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-151-8.ap-southeast-1.compute.amazonaws.com

finance.zohocorp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225b:4200:1e:5c56:d400:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:8e::720 (United States)

ASN54113 (FASTLY, US)

images.unsplash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8d::159 (United States)

ASN54113 (FASTLY, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.36.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-8.muc50.r.cloudfront.net

images.sarcasmtherapy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.168.6 (None, )

ASN13335 (CLOUDFLARENET, US)

blog.psacard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.193.213.20 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

sandhillssentinel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:574 (United States)

ASN13335 (CLOUDFLARENET, US)

magazine.artland.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Ulyanovsk, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.185.162 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.36.155 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.46 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.46.23.46 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.23.46.78.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.206.161 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-206-161.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.91.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-91-113.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.99.165.19 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de

hal900028.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.80.154.46 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-154-46.eu-west-1.compute.amazonaws.com

ti.tradetracker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.125.176 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-125-176.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Mossingen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:3a1b:de73:79e7:85eb (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20c3:a000:1a:7c92:efc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.tradetracker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	dfives.com 2 redirects www.dfives.com dfives.com	663 KB
33	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	371 KB
28	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 154 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439	80 KB
12	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	75 KB
9	tradetracker.net 3 redirects ti.tradetracker.net — Cisco Umbrella Rank: 168120 static.tradetracker.net — Cisco Umbrella Rank: 182039	142 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 38186 hal900028.redintelligence.net — Cisco Umbrella Rank: 226762	171 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	5 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	5 KB
6	gstatic.com fonts.gstatic.com	124 KB
5	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 8755	3 KB
5	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 4034	71 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1403	452 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	297 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 860 s.tribalfusion.com — Cisco Umbrella Rank: 2311	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 912	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	119 KB
2	sandhillssentinel.com sandhillssentinel.com	101 KB
2	wp.com i0.wp.com — Cisco Umbrella Rank: 3823	664 KB
2	psacard.com blog.psacard.com	2 MB
2	sarcasmtherapy.com images.sarcasmtherapy.com	546 KB
2	twimg.com pbs.twimg.com — Cisco Umbrella Rank: 1190	471 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	145 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 597	363 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	714 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5683	554 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533	586 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1824	172 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3451	104 B
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 18131	704 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 746	340 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 351	146 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 709	540 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1181	603 B
1	artland.com magazine.artland.com — Cisco Umbrella Rank: 659886
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 87	70 KB
1	unsplash.com images.unsplash.com — Cisco Umbrella Rank: 5433	2 MB
1	wixstatic.com static.wixstatic.com — Cisco Umbrella Rank: 5548	40 KB
1	zohocorp.com finance.zohocorp.com	46 KB
1	reuters.com www.reuters.com — Cisco Umbrella Rank: 20695	44 KB
1	gcdnanalytics.com syndication.gcdnanalytics.com	895 B
1	statisticsplatform.com west.statisticsplatform.com — Cisco Umbrella Rank: 166417	812 B
170	44

	Domain	Requested by
33	dfives.com	dfives.com
22	pagead2.googlesyndication.com	dfives.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
17	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
12	s0.2mdn.net	dfives.com s0.2mdn.net
11	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net dfives.com tpc.googlesyndication.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	ti.tradetracker.net	3 redirects dfives.com hal900028.redintelligence.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
5	mc.yandex.com	3 redirects dfives.com
5	mc.yandex.ru	2 redirects syndication.gcdnanalytics.com dfives.com
4	hal900028.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900028.redintelligence.net
4	hal9000.redintelligence.net	googleads.g.doubleclick.net hal900028.redintelligence.net
3	static.tradetracker.net	googleads.g.doubleclick.net hal900028.redintelligence.net
3	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	googleads4.g.doubleclick.net	dfives.com
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	match.adsrvr.org	googleads.g.doubleclick.net
2	pm.w55c.net	2 redirects
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	sandhillssentinel.com	dfives.com
2	i0.wp.com	dfives.com
2	blog.psacard.com	dfives.com
2	images.sarcasmtherapy.com	dfives.com
2	pbs.twimg.com	dfives.com
2	www.googletagmanager.com	dfives.com www.googletagmanager.com
2	fonts.googleapis.com	dfives.com hal900028.redintelligence.net
2	www.dfives.com	2 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	www.awin1.com	googleads.g.doubleclick.net
1	onetag-sys.com	1 redirects
1	x.bidswitch.net	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	ad.doubleclick.net	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	magazine.artland.com	dfives.com
1	i.ytimg.com	dfives.com
1	images.unsplash.com	dfives.com
1	static.wixstatic.com	dfives.com
1	finance.zohocorp.com	dfives.com
1	www.reuters.com	dfives.com
1	syndication.gcdnanalytics.com	dfives.com
1	west.statisticsplatform.com	dfives.com
170	53

This site contains no links.

Subject Issuer	Validity	Valid
dfives.com R3	`2023-10-01` - `2023-12-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
statisticsplatform.com GTS CA 1P5	`2023-10-10` - `2024-01-08`	3 months	crt.sh
gcdnanalytics.com E1	`2023-10-27` - `2024-01-25`	3 months	crt.sh
www.reuters.com COMODO RSA Organization Validation Secure Server CA	`2023-07-18` - `2024-07-17`	a year	crt.sh
academy.zohocorp.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-22` - `2023-12-22`	a year	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-03` - `2024-01-30`	6 months	crt.sh
images.unsplash.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-03-12` - `2024-04-12`	a year	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-08-20`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.sarcasmtherapy.com Amazon RSA 2048 M02	`2023-06-10` - `2024-07-08`	a year	crt.sh
*.psacard.com Go Daddy Secure Certificate Authority - G2	`2023-02-04` - `2024-03-07`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
sandhillssentinel.com Cloudflare Inc ECC CA-3	`2023-06-20` - `2024-06-18`	a year	crt.sh
artland.com GTS CA 1P5	`2023-09-10` - `2023-12-09`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
redintelligence.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.tradetracker.net Amazon RSA 2048 M02	`2023-09-19` - `2024-10-16`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://dfives.com/
Frame ID: 0809206C2656EBD74330D213DC550118
Requests: 77 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/zrt_lookup.html
Frame ID: 289CDCCD9859A46F14898BEEADCCE429
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9105688312729892&output=html&adk=1812271804&adf=3025194257&lmt=1698796535&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fdfives.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698800135447&bpp=163&bdt=418&idt=471&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4719032816092&frm=20&pv=2&ga_vid=1640348007.1698800136&ga_sid=1698800136&ga_hid=1650286243&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079231%2C44795921%2C44805932%2C44807334%2C31078297&oid=2&pvsid=3172815694495667&tmod=822020882&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=514
Frame ID: E7B47970A9B2F4100DA6DBAA14AE589B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4406873401428000&output=html&h=100&slotname=5971507018&adk=4091383590&adf=783313867&pi=t.ma~as.5971507018&w=750&lmt=1698796537&format=750x100&url=https%3A%2F%2Fdfives.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698800137000&bpp=2&bdt=1970&idt=2&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D899acace8958bf50-226e42d620e300c9%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MaKaxvphbvgJtaTMDCQIHBoyhWQXA&gpic=UID%3D00000cafafa213bd%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MbnUNV_VoVIUcv-4mixsauLEhdwCw&prev_fmts=0x0&nras=1&correlator=4719032816092&frm=20&pv=2&ga_vid=1640348007.1698800136&ga_sid=1698800136&ga_hid=1650286243&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=95&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079231%2C44795921%2C44805932%2C44807334%2C31078297&oid=2&pvsid=3172815694495667&tmod=822020882&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=ETl41fVS4b&p=https%3A//dfives.com&dtd=6
Frame ID: A9B5270DF01E1B1C53F55063FE3EAE9C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4406873401428000&output=html&h=180&slotname=6928154013&adk=3788297780&adf=804204008&pi=t.ma~as.6928154013&w=930&lmt=1698796537&format=930x180&url=https%3A%2F%2Fdfives.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698800137008&bpp=1&bdt=1979&idt=1&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D899acace8958bf50-226e42d620e300c9%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MaKaxvphbvgJtaTMDCQIHBoyhWQXA&gpic=UID%3D00000cafafa213bd%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MbnUNV_VoVIUcv-4mixsauLEhdwCw&prev_fmts=0x0%2C750x100&nras=1&correlator=4719032816092&frm=20&pv=1&ga_vid=1640348007.1698800136&ga_sid=1698800136&ga_hid=1650286243&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=2729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079231%2C44795921%2C44805932%2C44807334%2C31078297&oid=2&pvsid=3172815694495667&tmod=822020882&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=awQDrDYMA5&p=https%3A//dfives.com&dtd=5
Frame ID: 2BB7B48BB21C3BDFC6ADC921B079CDA3
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4406873401428000&output=html&h=180&slotname=6928154013&adk=710180592&adf=3587278330&pi=t.ma~as.6928154013&w=930&lmt=1698796537&format=930x180&url=https%3A%2F%2Fdfives.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698800137015&bpp=1&bdt=1985&idt=1&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D899acace8958bf50-226e42d620e300c9%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MaKaxvphbvgJtaTMDCQIHBoyhWQXA&gpic=UID%3D00000cafafa213bd%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MbnUNV_VoVIUcv-4mixsauLEhdwCw&prev_fmts=0x0%2C750x100%2C930x180&nras=1&correlator=4719032816092&frm=20&pv=1&ga_vid=1640348007.1698800136&ga_sid=1698800136&ga_hid=1650286243&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=4271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079231%2C44795921%2C44805932%2C44807334%2C31078297&oid=2&pvsid=3172815694495667&tmod=822020882&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XOxp2Zekao&p=https%3A//dfives.com&dtd=5
Frame ID: 7A13784A328EFE547B0A91F645DDFE2B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiB5bvGATAB&v=APEucNVuMFhdz4IA4bn-HHdGyT1D1-qhL8f7KK0fbQdxGai7fdfMvg0BmWNMJ3ggEffWiUh4Km_VN2J-zkSavEEZwLQz2C68Q8dF-A-yr2GLr0vhpvFRcerUie7dLHF6b45Y7JNrYWWz8yw--zbu9EA0hIOjWuXAJPwhuSyZIbdZj8ls5Npy1w8
Frame ID: F46647EECF50EB8EBF529CC3B3B35405
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEOOFn8MEGIbHm_EBMAE&v=APEucNUlcUm-rcRpq_UzuDL2nm4ffoZpUFDUzDmZX8CzFdm_ppDR5sXaepTIua-dgPE_MS86eAkD67P7HVUU7zzChbAldxtpbyod9Gmab1-cCzjxmowL6K9-cJ0Xc-GhWXJOjlCUTCk2hgT7i5v8IN_XKzl8A7OVYUOAQCte12SekqPdaSH5aU8
Frame ID: 2140E6118DFBE14DAB36A7C643BA4B32
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 355C6026E21B0F48264A8EADE3DB4280
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FC6FB38148DE15B8698378D91A78BC01
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4B96008D82EF79665DE29AC1F0D048CC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7078D2E896D2B2A488CB4712DA05E545
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7428B7BC5830A03D6AAEACF099A101F5
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250
Frame ID: C00286B1F2D407E0B7AA1592DA122862
Requests: 11 HTTP requests in this frame

Frame: https://hal900028.redintelligence.net/request_content.php?s=53251800007945504445410012495028&a=9291c37a
Frame ID: 362CFF385F757B17DE8870FAAF2E6BCB
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 89F325439CF7A0259A5008CF4670D01A
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home » Dfives

Page URL History Show full URLs

http://www.dfives.com/ HTTP 301
https://www.dfives.com/ HTTP 301
https://dfives.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

170
Requests

86 %
HTTPS

53 %
IPv6

44
Domains

53
Subdomains

45
IPs

9
Countries

7715 kB
Transfer

10816 kB
Size

48
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.dfives.com/ HTTP 301
https://www.dfives.com/ HTTP 301
https://dfives.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://mc.yandex.ru/watch/95390266 HTTP 302
https://mc.yandex.ru/watch/95390266/1?redirnss=1

Request Chain 59

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10172.vk4WYphuDyNEqj-p-DIRXWa3NwOiMeUr8mwSHTMxJq28qQU3Y9uVeMozTkADXBj3.xcviAUDTbNoZUT2Pjx4TdQhxdcs%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10172.jUybEgQDW8eeq0_LqSxou1L8p5O0VKueWiKtKLStcoSytki1wzbe8jEV4N9KWiBhOn74FmO_LH1vCVVrL_0UsXOBazSThcmoXemfbLGkcxfbiWHqcR-6QTz1ohGUeOe6gVpxnp41JPSwapWA1StskxaYoyxXmId0Gjp-plT8l41tCatpoVF-BUerr6mKXkzpG_oOw6xJ3uhtRuAGsP_NNQ8WGHBTmN3bNpmIFQrcAwg%2C.NRs3TQYHHUUXwL36di8yPc-TpHM%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10172.1h_Yd2_CXwEajrbB4SP2ymfiVIK9S8I1xKDVBNao4r75GOyQ3VO2ept2R2SVe04mIPK2Zl2QCnHLG5aogxpBQVznFvuNUSe4YSmApBSxDcPcxia-8E0yMDeaDJWcysumPVnWDiLGcWayQHCVn3SSSmsowiE4VZ_1_uqb59drwm-5w3UFF86EHr8MLHVyegBB0hiolIUKO1Iq1XBuvODQWQ%2C%2C.mhKVDxvY1wtpiEj4oW5qO2L-GVM%2C

Request Chain 65

https://mc.yandex.com/watch/95390266?wmode=7&page-url=https%3A%2F%2Fdfives.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A1492%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1142%3Acn%3A1%3Adp%3A0%3Als%3A434795883686%3Ahid%3A96633024%3Az%3A60%3Ai%3A20231101015536%3Aet%3A1698800137%3Ac%3A1%3Arn%3A1026453554%3Arqn%3A1%3Au%3A1698800137342919991%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C69%2C453%2C279%2C301%2C0%2C%2C431%2C1%2C%2C%2C%2C1587%3Aco%3A0%3Acpf%3A1%3Ans%3A1698800134148%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1698800137%3At%3AHome%20%C2%BB%20Dfives&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/95390266/1?wmode=7&page-url=https%3A%2F%2Fdfives.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A1492%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1142%3Acn%3A1%3Adp%3A0%3Als%3A434795883686%3Ahid%3A96633024%3Az%3A60%3Ai%3A20231101015536%3Aet%3A1698800137%3Ac%3A1%3Arn%3A1026453554%3Arqn%3A1%3Au%3A1698800137342919991%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C69%2C453%2C279%2C301%2C0%2C%2C431%2C1%2C%2C%2C%2C1587%3Aco%3A0%3Acpf%3A1%3Ans%3A1698800134148%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1698800137%3At%3AHome%20%C2%BB%20Dfives&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECMozaOWQnsI_2-ZNX_8bU&google_cver=1

Request Chain 95

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUGiCbkdaidem3Ls8HZRBwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECMozaOWQnsI_2-ZNX_8bU&google_cver=1

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEM-cy7d-lDNFZCld0Q4yCGQ&google_cver=1

Request Chain 97

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ3OTQ2NjU0NjY1NTYyMjc1Ng%3D%3D

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECMozaOWQnsI_2-ZNX_8bU&google_cver=1

Request Chain 113

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUGiCbkdaidem3Ls8HZRBwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECMozaOWQnsI_2-ZNX_8bU&google_cver=1

Request Chain 114

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEM-cy7d-lDNFZCld0Q4yCGQ&google_cver=1

Request Chain 115

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ3OTQ2NjU0NjY1NTYyMjc1Ng%3D%3D

Request Chain 116

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECwLdpF0Vq4wS7pju3BaZWg&google_cver=1&google_push=AXcoOmTIPqKQhFK_Fr0x-zsMTG7ydmvt72Q0srO3RjXxPVCy9Uwv8GeLYsnjNQhTIzaTMKneSNio7e45u5BsjERUVGblgV_LvdJ6K6eu HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECwLdpF0Vq4wS7pju3BaZWg&google_cver=1&google_push=AXcoOmTIPqKQhFK_Fr0x-zsMTG7ydmvt72Q0srO3RjXxPVCy9Uwv8GeLYsnjNQhTIzaTMKneSNio7e45u5BsjERUVGblgV_LvdJ6K6eu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N0h6WTBXQW0xUVhad2Q1&google_gid=CAESECwLdpF0Vq4wS7pju3BaZWg&google_cver=1&google_push=AXcoOmTIPqKQhFK_Fr0x-zsMTG7ydmvt72Q0srO3RjXxPVCy9Uwv8GeLYsnjNQhTIzaTMKneSNio7e45u5BsjERUVGblgV_LvdJ6K6eu

Request Chain 117

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMqLatua95Q3m8Zf9uRMLqg&google_cver=1&google_push=AXcoOmTSG7j0OX1t-jF-p3dgCqJoIsmcoTT6vqh18l8FoPKni-tQecRz-MTBYaZ1c2_kpvKdZeYf_AI_fYqaRZVSYjSAzRJ-6bp4jRVb&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTSG7j0OX1t-jF-p3dgCqJoIsmcoTT6vqh18l8FoPKni-tQecRz-MTBYaZ1c2_kpvKdZeYf_AI_fYqaRZVSYjSAzRJ-6bp4jRVb%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMqLatua95Q3m8Zf9uRMLqg&google_cver=1&google_push=AXcoOmTSG7j0OX1t-jF-p3dgCqJoIsmcoTT6vqh18l8FoPKni-tQecRz-MTBYaZ1c2_kpvKdZeYf_AI_fYqaRZVSYjSAzRJ-6bp4jRVb&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTSG7j0OX1t-jF-p3dgCqJoIsmcoTT6vqh18l8FoPKni-tQecRz-MTBYaZ1c2_kpvKdZeYf_AI_fYqaRZVSYjSAzRJ-6bp4jRVb%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 118

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEN0t9qV_o61WSjkoHj_eq78&google_cver=1&google_push=AXcoOmQzSyOSZMyO0oHnLMHE3DWytn8d3adgP3cPxZ6y8qrmBvGlV0ZaqucUbdhMXtqxFBiGCTpOClqsjQXcisnz-BpiVQs4-DwvP7OM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEN0t9qV_o61WSjkoHj_eq78&google_push=AXcoOmQzSyOSZMyO0oHnLMHE3DWytn8d3adgP3cPxZ6y8qrmBvGlV0ZaqucUbdhMXtqxFBiGCTpOClqsjQXcisnz-BpiVQs4-DwvP7OM

Request Chain 121

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKyZr5VzIvFOykHQUIttOCw&google_cver=1&google_push=AXcoOmTakAZVXWmnWalwYKnSZIKDx5YcT0lxGo5uKYd73JjjBOBMdLIjXF_ESSp1fi09AO5fM5ODjq_gwm-ZrCtlo3RjKTHmVjoEZoeh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTakAZVXWmnWalwYKnSZIKDx5YcT0lxGo5uKYd73JjjBOBMdLIjXF_ESSp1fi09AO5fM5ODjq_gwm-ZrCtlo3RjKTHmVjoEZoeh

Request Chain 122

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGZsjZAtZEkkNX3-Lz6h70A&google_cver=1&google_push=AXcoOmRXySn9D0RNV70PK4Dn3dj35z2zlraoSiTrqwJ8B_IZcukbWGQMJO78ORdQv7mEvRIVg-0xsdXqHdZ0J0UIETw1NRMl_Vv9oMHF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRXySn9D0RNV70PK4Dn3dj35z2zlraoSiTrqwJ8B_IZcukbWGQMJO78ORdQv7mEvRIVg-0xsdXqHdZ0J0UIETw1NRMl_Vv9oMHF HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 132

https://hal900028.redintelligence.net/request.php?zone=bq116kcjs2zi&nw=20&renderingType=javascript&namespace=3ea7c54634&subid=&uid=023bac493f09e975&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=930x180&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpFsuCaJBZZCIA9TAjuwPl9-zsAPM-YagaYO-x__3D_AuEAEgrNWbe2CRhKCFjBjIAQmpAio9lfqxurE-qAMByAObBKoEkQJP0Dzx8u4ID5mibvyR_aysjXsNNNI6JjDIqvmF5giNHe4jxqu3OGERxbnES07IKBmr01mDdv6Xe_PaJ-vyLd4T8qImsfO_VMKAicTWYXTq0ppcrk-3g9w5WlA1CObDjnm4VvR6Cm3Hi0c4nM_ej0bzu9Zo13GlMRdRYNWZRAWNhFrUXtDh4hizy1tHdFDPvhVJELfcfUXQf_riI3Va8CRFIrfVfO29H10JxoD8hIfAmvq_eBgLJfZeqNkhoENYXWGYr_AvVYcDpTbAkgK1UYkx1gPN9VA23P8kHkm1_eHTiwZBy134vV8tg2EmSaiDNGMGDqowDNxBFsYhcX64OuPFBROmnTig7xpan-dhIWTBj2HABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaN5eC0_qbPxvafMJJH_U5UEgVc0JlwdB3OxlRAEkOuaTpcmdtLgCzdXubZO_X1rDLpxi3M0-tbChgB%26sig%3DAOD64_0M88kdtctWIOtmGz88SlDaRj9OBA%26client%3Dca-pub-4406873401428000%26dbm_c%3DAKAmf-CFGP79AFxs6i9LZCKmGxva7Uh8-8wp8o0iNRTPTzPdAiGcHULHU_2ESJqbsGwAoLQ8KmO6b5OApU95Im73K2yC9uJK2ur71HlFoe9MLTLeAmQBQe95O2qYJYV_8BC9Cynhw-30MmpRM4KONQ0ThPlBUDAgaVsbiFGfDKrXqLTvYCbnw6WANVs4DTbOAN0G3tSKg2YDXmSzBdQjDdZ81hExejLcrQ%26cry%3D1%26dbm_d%3DAKAmf-DH0UzDXo3jKXxWz8wCMKX3EqLnQgyP_rPN_DCukIdgYu-QVvAU1BeTSSiS8wzbryL8hYf47YlAorB9emp8eNWOVkICuD_mCqpCo5cfxEyZ2zgErTbYUcuHCyla5LR5WTcMSXxDc3dM-GOhwrB0ji5n8TmxTMjxWR49K1Adj1_Kx6ou25PjvAMYOVwAvzoqxaATR_olMMq_GQ7SxRXbQdryN-h_UIvhqYEWaLit9hAn2WSDFz2F4oXypY0IhquncZUDQ8KIKAkb6nFBAWshB7DeLrWdEa818sviSWXHFPX_kD6ttyaOSqVyOaMGYpUhAKEn77qyuJm20iSUR4rnk8cXjXK0ijudBVzz_wkhlAQOkkYHVeAJ6FXrC_TJUPXeXLQg0nGq6VfXGQ2lq6d8cUPww1e0SMHdPpu-_Ri4xT_rl0DmdhKxjq72iHzZksKyB5lAkt8tdsXxM66hLg-9E19V91lposthZ0Z6XBc7poTUp3RLwSUVNYPtrMz2CR7y-F9-dD5LJWWdsxpVQ0B7My0KGvZnE0Ku8gHvRYlLhdqku-FIEg74XHsjcmFXjSgvCsCnlHv4%26adurl%3D&documentReferer=https%3A%2F%2Fdfives.com%2F&ancestorOrigins=https%3A%2F%2Fdfives.com&random=8494155337589&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900028.redintelligence.net/request.php?zone=bq116kcjs2zi&nw=20&renderingType=javascript&namespace=3ea7c54634&subid=&uid=023bac493f09e975&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=930x180&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpFsuCaJBZZCIA9TAjuwPl9-zsAPM-YagaYO-x__3D_AuEAEgrNWbe2CRhKCFjBjIAQmpAio9lfqxurE-qAMByAObBKoEkQJP0Dzx8u4ID5mibvyR_aysjXsNNNI6JjDIqvmF5giNHe4jxqu3OGERxbnES07IKBmr01mDdv6Xe_PaJ-vyLd4T8qImsfO_VMKAicTWYXTq0ppcrk-3g9w5WlA1CObDjnm4VvR6Cm3Hi0c4nM_ej0bzu9Zo13GlMRdRYNWZRAWNhFrUXtDh4hizy1tHdFDPvhVJELfcfUXQf_riI3Va8CRFIrfVfO29H10JxoD8hIfAmvq_eBgLJfZeqNkhoENYXWGYr_AvVYcDpTbAkgK1UYkx1gPN9VA23P8kHkm1_eHTiwZBy134vV8tg2EmSaiDNGMGDqowDNxBFsYhcX64OuPFBROmnTig7xpan-dhIWTBj2HABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaN5eC0_qbPxvafMJJH_U5UEgVc0JlwdB3OxlRAEkOuaTpcmdtLgCzdXubZO_X1rDLpxi3M0-tbChgB%26sig%3DAOD64_0M88kdtctWIOtmGz88SlDaRj9OBA%26client%3Dca-pub-4406873401428000%26dbm_c%3DAKAmf-CFGP79AFxs6i9LZCKmGxva7Uh8-8wp8o0iNRTPTzPdAiGcHULHU_2ESJqbsGwAoLQ8KmO6b5OApU95Im73K2yC9uJK2ur71HlFoe9MLTLeAmQBQe95O2qYJYV_8BC9Cynhw-30MmpRM4KONQ0ThPlBUDAgaVsbiFGfDKrXqLTvYCbnw6WANVs4DTbOAN0G3tSKg2YDXmSzBdQjDdZ81hExejLcrQ%26cry%3D1%26dbm_d%3DAKAmf-DH0UzDXo3jKXxWz8wCMKX3EqLnQgyP_rPN_DCukIdgYu-QVvAU1BeTSSiS8wzbryL8hYf47YlAorB9emp8eNWOVkICuD_mCqpCo5cfxEyZ2zgErTbYUcuHCyla5LR5WTcMSXxDc3dM-GOhwrB0ji5n8TmxTMjxWR49K1Adj1_Kx6ou25PjvAMYOVwAvzoqxaATR_olMMq_GQ7SxRXbQdryN-h_UIvhqYEWaLit9hAn2WSDFz2F4oXypY0IhquncZUDQ8KIKAkb6nFBAWshB7DeLrWdEa818sviSWXHFPX_kD6ttyaOSqVyOaMGYpUhAKEn77qyuJm20iSUR4rnk8cXjXK0ijudBVzz_wkhlAQOkkYHVeAJ6FXrC_TJUPXeXLQg0nGq6VfXGQ2lq6d8cUPww1e0SMHdPpu-_Ri4xT_rl0DmdhKxjq72iHzZksKyB5lAkt8tdsXxM66hLg-9E19V91lposthZ0Z6XBc7poTUp3RLwSUVNYPtrMz2CR7y-F9-dD5LJWWdsxpVQ0B7My0KGvZnE0Ku8gHvRYlLhdqku-FIEg74XHsjcmFXjSgvCsCnlHv4%26adurl%3D&documentReferer=https%3A%2F%2Fdfives.com%2F&ancestorOrigins=https%3A%2F%2Fdfives.com&random=8494155337589&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 156

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGL4iSbA6AtQPrkbA0IgDmk&google_cver=1&google_push=AXcoOmSHBG-tuaA41zL6fqGjCZQ80wTU0Hlo9lXTQV9Djuyg684huMOAxYo82rdDvzDYdTnqobbBMpzUXHvmOMrk5SGwSlIuSZA5Mg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NjI5MTAzNTE1NDA4NjA0Mg%3D%3D&google_push=AXcoOmSHBG-tuaA41zL6fqGjCZQ80wTU0Hlo9lXTQV9Djuyg684huMOAxYo82rdDvzDYdTnqobbBMpzUXHvmOMrk5SGwSlIuSZA5Mg

Request Chain 157

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJ0UNIlUu6zua2ajVDd1WpI&google_cver=1&google_push=AXcoOmQvh_VaVGacTp1hyUZoWARXxvK0fwh8cjk0x_92cJZpuEcHRQnuyEAdmjCxXBYFUJuti-rrrvdIZGLA1sXurPt6A3JF8LJKSg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=tLMDo1N2Rrwb4RKd0Ib7oA&google_push=AXcoOmQvh_VaVGacTp1hyUZoWARXxvK0fwh8cjk0x_92cJZpuEcHRQnuyEAdmjCxXBYFUJuti-rrrvdIZGLA1sXurPt6A3JF8LJKSg

Request Chain 158

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEq7TBTJ5sa5LQEsvMjQAIE&google_cver=1&google_push=AXcoOmTs2iMDbYqVvHNbH1jJBGp8jUypgLZpLWkM7rKBDlA_iVptErbSnGowK_szpOfNchw2TG40Tc56gjp4zIMAduZyI0NAO2f7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTs2iMDbYqVvHNbH1jJBGp8jUypgLZpLWkM7rKBDlA_iVptErbSnGowK_szpOfNchw2TG40Tc56gjp4zIMAduZyI0NAO2f7&google_hm=eS0uN1Z5YTBWRTJwRXZfYXYuMmEubFpOZDlta2pwZk55dn5B

Request Chain 165

https://ti.tradetracker.net/?c=36785&m=2147229&a=70002&r=53251800007945504445410012495028&t=html HTTP 302
https://static.tradetracker.net/nl/material_image/e8/b6b56d4db26a7ddae298f91033941ff8970f56.png

Request Chain 166

https://ti.tradetracker.net/?c=34211&m=2005487&a=70002&r=53251800007945504445410012495028&t=html HTTP 302
https://static.tradetracker.net/nl/material_image/70/4d264f3bae6f2b10db14dab5d6f5fef3ae51cc.jpg

Request Chain 172

https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=53251800007945504445410012495028&t=html HTTP 302
https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg

170 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
dfives.com/
Redirect Chain

http://www.dfives.com/
https://www.dfives.com/
https://dfives.com/

231 KB
56 KB

575ms
453ms

Document
text/html

2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://dfives.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn / PHP/7.4.33

Resource Hash

48adb7590f55a1ec7829692c36ef09c5214739cf4b389412550b7e90fcb172f2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 57248
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 01 Nov 2023 00:55:35 GMT
etag: "176450-1698643577;br"
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://dfives.com/wp-json/>; rel="https://api.w.org/" <https://dfives.com/wp-json/wp/v2/pages/16398>; rel="alternate"; type="application/json" <https://dfives.com/>; rel=shortlink
platform: hostinger
pragma: no-cache
server: hcdn
x-hcdn-cache-status: MISS
x-hcdn-request-id: 5da8510535ea413c4792a490fae11cf8-srv-edge2
x-hcdn-upstream-rt: 0.426
x-litespeed-cache: hit
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

Redirect headers

age: 1084
content-encoding: br
content-length: 5
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 01 Nov 2023 00:55:34 GMT
location: https://dfives.com/
platform: hostinger
server: hcdn
x-hcdn-cache-status: HIT
x-hcdn-request-id: 2476bc5a94200f5454b1e94215d3a776-srv-edge2
x-litespeed-cache: miss
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress
x-turbo-charged-by: LiteSpeed

GET
H2 200 style.min.css
dfives.com/wp-includes/css/dist/block-library/ 102 KB
13 KB 29ms
27ms Stylesheet
text/css 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://dfives.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4176
content-length: 12669
x-hcdn-cache-status: HIT
last-modified: Mon, 16 Oct 2023 05:20:18 GMT
server: hcdn
etag: "19824-652cc812-c68999608e240048;br"
x-hcdn-request-id: 26d345e10b9d218a9efb4bbb761e1cae-srv-edge2
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Thu, 31 Oct 2024 05:45:59 GMT

GET
H2 200 style.css
dfives.com/wp-content/plugins/td-composer/td-multi-purpose/ 36 KB
4 KB 48ms
46ms Stylesheet
text/css 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://dfives.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=810534ce963cec6bd2e7978db2c935c9x

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

d227e31ec93027f2b903fe5011b6ef0d67fd1fd8e0105843a2f56626e74f4322

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4176
content-length: 4339
x-hcdn-cache-status: HIT
last-modified: Mon, 15 Nov 2021 09:01:44 GMT
server: hcdn
etag: "91a4-619221f8-9576e0613755c219;br"
x-hcdn-request-id: 20c23b1a4dfb620a79cc23d7656f043d-srv-edge2
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Thu, 31 Oct 2024 05:45:59 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 122ms
44ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.3.2

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

515fbfeb51a45e120dc53c8bfda86c38d3b8e7f3163ff22515437237ea3ea0f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Nov 2023 00:55:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 00:13:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Nov 2023 00:55:35 GMT

GET
H2 200 style.css
dfives.com/wp-content/themes/Newspaper/ 146 KB
23 KB 48ms
47ms Stylesheet
text/css 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://dfives.com/wp-content/themes/Newspaper/style.css?ver=11.3.2

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

56a12e09823b7d1fd698d47ae84775579de54ef68317145b77f629882c729e39

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4176
content-length: 23147
x-hcdn-cache-status: HIT
last-modified: Mon, 15 Nov 2021 09:01:32 GMT
server: hcdn
etag: "24645-619221ec-d44635b2e0a0e797;br"
x-hcdn-request-id: b8816ee8e8780a041dfa05a3c564256e-srv-edge2
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Thu, 31 Oct 2024 05:45:59 GMT

GET
H2 200 td_legacy_main.css
dfives.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 155 KB
21 KB 48ms
47ms Stylesheet
text/css 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://dfives.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=810534ce963cec6bd2e7978db2c935c9x

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

bf77065b0e4b52c6ee71566850b3e6a1ecdfd6331427c5063a1116e347b85203

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4176
content-length: 21607
x-hcdn-cache-status: HIT
last-modified: Mon, 15 Nov 2021 09:01:40 GMT
server: hcdn
etag: "26bd7-619221f4-f89725abfc9e8a3a;br"
x-hcdn-request-id: 91648833522c0ee7c3455de73b4f8696-srv-edge2
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Thu, 31 Oct 2024 05:45:59 GMT

GET
H2 200 td_standard_pack_main.css
dfives.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 715 KB
54 KB 61ms
60ms Stylesheet
text/css 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://dfives.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=79f8a1d02f05c15c98a62e68cd419e0b

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

7a89d23287ae3c749a356c76da7ef88c34d0ed018c049701b05304c3f6601ab7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4176
content-length: 55355
x-hcdn-cache-status: HIT
last-modified: Mon, 15 Nov 2021 09:02:02 GMT
server: hcdn
etag: "b2ccc-6192220a-dc59718fdf8b3627;br"
x-hcdn-request-id: e42a770eaae1283218a003d9ff89548b-srv-edge2
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Thu, 31 Oct 2024 05:45:59 GMT

GET
H2 200 demo_style.css
dfives.com/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/college/ 413 B
292 B 61ms
60ms Stylesheet
text/css 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://dfives.com/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/college/demo_style.css?ver=11.3.2

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

ff099241aab30034b641871095d946669f5eebbd89988f4277c59399a28b151a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4176
content-length: 172
x-hcdn-cache-status: HIT
last-modified: Mon, 15 Nov 2021 09:01:41 GMT
server: hcdn
etag: "19d-619221f5-1a3cbbddaf8dd0cb;br"
x-hcdn-request-id: 5663feb11715fc6a8036a5a62a54e03f-srv-edge2
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Thu, 31 Oct 2024 05:45:59 GMT

GET
H2 200 jquery.min.js Show response
dfives.com/wp-includes/js/jquery/ 85 KB
29 KB 62ms
61ms Script
application/x-javascript 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://dfives.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4176
content-length: 29502
x-hcdn-cache-status: HIT
last-modified: Mon, 16 Oct 2023 05:20:16 GMT
server: hcdn
etag: "155ba-652cc810-f86363b22bce1e5;br"
x-hcdn-request-id: eb2a2453274120a00b797afd6ee154ef-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Thu, 31 Oct 2024 05:45:59 GMT

GET
H2 200 jquery-migrate.min.js Show response
dfives.com/wp-includes/js/jquery/ 13 KB
5 KB 62ms
61ms Script
application/x-javascript 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://dfives.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4176
content-length: 4671
x-hcdn-cache-status: HIT
last-modified: Mon, 16 Oct 2023 05:20:16 GMT
server: hcdn
etag: "3509-652cc810-ef7971ecd2a39998;br"
x-hcdn-request-id: 5e4ccf9b170f6bdf4cddee1fc98d0b04-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Thu, 31 Oct 2024 05:45:59 GMT

GET
BLOB 200
OK 0f8ed104-6cf9-48f8-9bd7-520b22d8669f
https://dfives.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://dfives.com/0f8ed104-6cf9-48f8-9bd7-520b22d8669f
Requested by: Host: dfives.com
URL: https://dfives.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 133ms
57ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09cbb2b248b331191547ac91f0b6997c26f6aebff2fd874ac6ac74d7866a6180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52312
x-xss-protection: 0
server: cafe
etag: 5665281356224338258
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 00:55:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 122ms
50ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-156903277-1

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

de98a1796215794caa85f85d250d28f0dc5e310162aa1c87f16fe83598d4366d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69026
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 00:23:37 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Nov 2023 00:55:35 GMT

POST
H2 200 stats Show response
west.statisticsplatform.com/ 1 B
812 B 253ms
176ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://west.statisticsplatform.com/stats?special=js
Requested by: Host: dfives.com
URL: https://dfives.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer: https://dfives.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=905fHvMUhpI2rJJsR%2BhEeD5qtfMQ%2FRxHbR4%2FtysjsqBS9HwWrsfdEBBDHBXwlSFyy3c1BxeGRjaDXCLTfxza3vmnulMoi8ovUeK7DMiukXf63h1Ksm%2FpQrHATbwOqPkoKehMnnibWCU2J8XxGmp0g%2BYwVmPN8RuvdGM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 81f02c4d68de06da-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 01 Nov 2023 00:55:35 GMT

GET
H2 200 / Show response
syndication.gcdnanalytics.com/ 780 B
895 B 161ms
87ms Script
application/javascript 2606:4700:3036::6815:5911
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.gcdnanalytics.com/
Requested by: Host: dfives.com
URL: https://dfives.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5911 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c8bb5cb6c500df244b676dd7e0895c8b2b544d8c55cd6a4542c4335c03dba8a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fk72g%2BAcdJNTBMYbMTD7TZus0pQhgkjsG7TK4KBDj0%2FgYEVpv4W1Lj2V12o5N2Ea64YNgn2wJAUi1JWOoxwb8DV1fNAtn%2BxDacujvwwijDAw56xqq9exQgCKpFEQKeZrU6exq8qH%2BWopu%2B1ZG1GjiO3Fh0h5zT%2BCUnWknA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cf-ray: 81f02c4f0b6e66d0-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 404 Untitled-4.png
dfives.com/wp-content/uploads/2021/02/ 119 KB
119 KB 1033ms
1032ms Image
text/html 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dfives.com/wp-content/uploads/2021/02/Untitled-4.png
Requested by: Host: dfives.com
URL: https://dfives.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn / PHP/7.4.33
Resource Hash: 3512361730e13fcac7d51987304534c6c6fff463c5706647f2b651c5b93793f8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:36 GMT
content-encoding: br
server: hcdn
x-powered-by: PHP/7.4.33
x-litespeed-cache: miss
x-hcdn-request-id: 3755fdbd2c8b1de18e20a7cc2b358ed2-srv-edge2
content-type: text/html; charset=UTF-8
x-litespeed-cache-control: public,max-age=3600
cache-control: no-store, no-cache, must-revalidate
x-turbo-charged-by: LiteSpeed
x-litespeed-tag: c91_HTTP.404,c91_404,c91_URL.d6d336ec5ad0fbd1b5448e4e4c58d444,c91_
platform: hostinger
link: <https://dfives.com/wp-json/>; rel="https://api.w.org/"
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 VF5N7CEDBJO2NM7U5HEVSNOERQ.jpg
www.reuters.com/resizer/qbVDfAC6hyQZVAOjflL-MzG73iQ=/960x0/filters:quality(80)/cloudfront-us-east-2.images.arcpublishing.com/reuters/ 42 KB
44 KB 220ms
101ms Image
image/avif 2600:9000:237d:6200:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reuters.com/resizer/qbVDfAC6hyQZVAOjflL-MzG73iQ=/960x0/filters:quality(80)/cloudfront-us-east-2.images.arcpublishing.com/reuters/VF5N7CEDBJO2NM7U5HEVSNOERQ.jpg

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:6200:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

a07342247ac03b7c5f7bd1fd33c93d9ad294574fcca0d05c584e5d40efb43b01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date: Wed, 01 Nov 2023 00:55:35 GMT
strict-transport-security: max-age=31536000
via: 1.1 91220e34cbdd95f669dbfd83e711fee6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
x-arc-request-id: 0.952a3517.1698800135.2fed99a2
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=26, origin; dur=0, ak_p; desc="1698800135594_389360277_804100514_2528_7617_1_0_-";dur=1
content-length: 43062
last-modified: Fri, 17 Feb 2023 14:09:25 GMT
server: Akamai Image Manager
etag: "a8a1faa9fe555056249bdd0ade3d15dbc4cd23f2"
x-edgeconnect-cache-status: 1
content-type: image/avif
cache-control: private, no-transform, max-age=29903237
x-amz-cf-id: 0uqPdfAes4qoJNVtpeFyQYz39EM2ZpfdUlnMiDN52zKLDC2KLJDq9A==
expires: Sat, 12 Oct 2024 03:22:52 GMT

GET
H/1.1 200
OK corporate-credit-card-800x400.jpeg
finance.zohocorp.com/wp-content/uploads/2019/10/ 46 KB
46 KB 581ms
183ms Image
image/jpeg 18.140.151.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finance.zohocorp.com/wp-content/uploads/2019/10/corporate-credit-card-800x400.jpeg

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.140.151.8 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-140-151-8.ap-southeast-1.compute.amazonaws.com

Software

Apache /

Resource Hash

909d3c87e81cd94f2ffd154793fe01fff434771f3f10aca86ef291c9d42bc581

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 00:55:36 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 29 Oct 2019 17:43:41 GMT
Server: Apache
ETag: "b6ac-5961028296d40"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 46764

GET
H2 200 file.jpg
static.wixstatic.com/media/51fa73_99e9946d492945339659699ce0ec0dae~mv2.jpg/v1/fit/w_853%2Ch_498%2Cal_c%2Cq_80/ 40 KB
40 KB 179ms
55ms Image
image/jpeg 2600:9000:225b:4200:1e:5c56:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/51fa73_99e9946d492945339659699ce0ec0dae~mv2.jpg/v1/fit/w_853%2Ch_498%2Cal_c%2Cq_80/file.jpg
Requested by: Host: dfives.com
URL: https://dfives.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:4200:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: 58aa9fb2bb8be995d02e0f974b1f302a4bafd08e360c8dc4546b8ca458a66f33

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-seen-by: image-manipulator-7c76496fbd-jltbz
date: Tue, 31 Oct 2023 18:26:02 GMT
via: 1.1 google, 1.1 6ef87569c26a159f552948d3c30a2be0.cloudfront.net (CloudFront)
server: openresty/1.21.4.1
x-amz-cf-pop: MUC50-P1
age: 23373
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15552000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: UWp5lIHZd7sM5pGD0s1y6JPloxMVLu4jye9vMUl2eqI4yqavdfAn5g==
content-length: 40849
wix-tracer: 2XXYCNv3X92zSwKyTMCNrufM5DQ

GET
H2 200 photo-1544926071-58d0526303b6
images.unsplash.com/ 2 MB
2 MB 136ms
39ms Image
image/jpeg 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unsplash.com/photo-1544926071-58d0526303b6?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=MnwxfDB8MXxyYW5kb218MHx8ZGF0YTppbWFnZS9qcGVnLGJhc2U2NCwvOWovNEFBUVNrWkpSZ0FCQVFBQUFRQUJBQUQvMndDRUFBa0dCeE1URXhZVEV4TVdGaFlXRmhnV0ZoZ1dHQllXRmhZWUZoWVlH

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

a145acdd03e1bf08d27d2b5150d920d14567667986db3c62135fcbf650cd1516

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
x-content-type-options: nosniff
age: 116834
x-cache: HIT, HIT
x-imgix-id: 4f9db48dc113473e12b72885c3c0be92199186b0
cross-origin-resource-policy: cross-origin
content-length: 2241016
x-served-by: cache-sjc10072-SJC, cache-fra-etou8220075-FRA
x-imgix-render-farm: 01.139848
last-modified: Mon, 30 Oct 2023 16:28:20 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 FaTErInX0AEVTnG.jpg
pbs.twimg.com/media/ 124 KB
124 KB 208ms
110ms Image
image/jpeg 2a04:4e42:8d::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FaTErInX0AEVTnG.jpg

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2a6860ddcbbf4c1633548caaf898cab67192b5ae5e40e4c592435026fbf7c6e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
date: Wed, 01 Nov 2023 00:55:35 GMT
x-content-type-options: nosniff
x-cache: HIT, MISS
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 127167
x-served-by: cache-lhr7374-LHR, cache-fra-eddf8230116-FRA, cache-tw-ZZZ1
last-modified: Tue, 16 Aug 2022 17:05:18 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 25a0a2cf3b70d874
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/zF2T-D3g7Pw/ 70 KB
70 KB 142ms
44ms Image
image/jpeg 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/zF2T-D3g7Pw/maxresdefault.jpg

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

236b4c423d4e7aa68b88b6801ba1734e18ae68c636ee9377465de19092ed14e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71197
x-xss-protection: 0
server: sffe
etag: "1650159091"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 01 Nov 2023 02:55:35 GMT

GET
H2 200 AdobeStock_45632318-324x235.jpeg
dfives.com/wp-content/uploads/2021/06/ 13 KB
13 KB 35ms
30ms Image
image/webp 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dfives.com/wp-content/uploads/2021/06/AdobeStock_45632318-324x235.jpeg
Requested by: Host: dfives.com
URL: https://dfives.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: b68930d2c9e1b16b4310bdd9d8c2d96f611e1d3bfbc47c350af19eef3c989e99

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
x-hcdn-cache-status: HIT
server: hcdn
age: 4170
x-hcdn-request-id: a3a3e5989e7b1c4aa7890453e7e0d15f-srv-edge2
content-type: image/webp
cache-control: public, max-age=31557600
x-hcdn-image-optimizer: f:webp q:85 w:1600
accept-ranges: bytes
content-length: 13554
expires: Thu, 31 Oct 2024 05:46:05 GMT

GET
H2 200 bedroom-1940169_960_720-324x235.jpg
dfives.com/wp-content/uploads/2019/07/ 12 KB
12 KB 35ms
30ms Image
image/webp 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dfives.com/wp-content/uploads/2019/07/bedroom-1940169_960_720-324x235.jpg
Requested by: Host: dfives.com
URL: https://dfives.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: c55cfc7d53060cadb707813a37ba0a35d407a9348415a647ba3cf19a34297101

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
x-hcdn-cache-status: HIT
server: hcdn
age: 4170
x-hcdn-request-id: 77e526c56d88754932a42d774de228c3-srv-edge2
content-type: image/webp
cache-control: public, max-age=31557600
x-hcdn-image-optimizer: f:webp q:85 w:1600
accept-ranges: bytes
content-length: 11848
expires: Thu, 31 Oct 2024 05:46:05 GMT

GET
H2 200 GettyImages-1339387076-1.jpg
images.sarcasmtherapy.com/prod/sarcasmtherapy/2022/12/07/02/62f049408e3be954512a773a9fa7b115/ 272 KB
273 KB 161ms
56ms Image
image/jpeg 108.138.36.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.sarcasmtherapy.com/prod/sarcasmtherapy/2022/12/07/02/62f049408e3be954512a773a9fa7b115/GettyImages-1339387076-1.jpg
Requested by: Host: dfives.com
URL: https://dfives.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-8.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d2a62e0e157ce34862c41674c427b3afba2acb7322b5414a8f681eba3a417c9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 01:42:59 GMT
x-amz-version-id: jd83nJnVYnGWAp51WCtRQh8uNpiEmDYJ
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 169957
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 278827
last-modified: Wed, 07 Dec 2022 14:33:16 GMT
server: AmazonS3
etag: "320b9dab6e068d2d8fed239206423b2c"
content-type: image/jpeg
cache-control: public,max-age=604800
accept-ranges: bytes
x-amz-cf-id: GhtP6POxUIn1pcenu70HbUa5crh7UKiKpz6CewEcFTpgzq4S_Myuig==

GET
H2 200 td_324x235.png
dfives.com/wp-content/plugins/td-standard-pack/Newspaper/assets/images/no-thumb/ 752 B
862 B 35ms
30ms Image
image/webp 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dfives.com/wp-content/plugins/td-standard-pack/Newspaper/assets/images/no-thumb/td_324x235.png
Requested by: Host: dfives.com
URL: https://dfives.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: f8507ac232f66466c72fab22c85e4a6b4fd11bc0f5bf02830632d8e60ab85c0f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
x-hcdn-cache-status: HIT
server: hcdn
age: 4169
x-hcdn-request-id: 3a8b7473ccb65501dc2bcb7b7665a84b-srv-edge2
content-type: image/webp
cache-control: public, max-age=31557600
x-hcdn-image-optimizer: f:webp q:85 w:1600
accept-ranges: bytes
content-length: 752
expires: Thu, 31 Oct 2024 05:46:06 GMT

GET
H/1.1 200
OK PSA-9122-02-PSA-Blog-Graphics-The-Evolution-of-Tiger-Woods-Autograph-1200x630-1-870x500.png
blog.psacard.com/wp-content/uploads/2019/05/ 777 KB
778 KB 819ms
721ms Image
image/png 104.17.168.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.psacard.com/wp-content/uploads/2019/05/PSA-9122-02-PSA-Blog-Graphics-The-Evolution-of-Tiger-Woods-Autograph-1200x630-1-870x500.png

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.17.168.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff048925f929c34d1c4de8a2c2a51833ca832246044a11b7ed287f2978fda58d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 00:55:36 GMT
Strict-Transport-Security: max-age=0; includeSubDomains; preload
CF-Cache-Status: MISS
Last-Modified: Mon, 13 May 2019 14:48:24 GMT
Server: cloudflare
ETag: "5cd983b8-c2307"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 81f02c5038b2b902-AMS
Content-Length: 795399
Expires: Sat, 29 Oct 2033 00:55:36 GMT

GET
H2 200 FrdN_JPWAAQTUy4.jpg:large
pbs.twimg.com/media/ 346 KB
347 KB 137ms
40ms Image
image/jpeg 2a04:4e42:8d::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FrdN_JPWAAQTUy4.jpg:large

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

45e3a305b99fb3d62023203eb463c41db88ddf2cc2896e718974d495a26aea44

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
date: Wed, 01 Nov 2023 00:55:35 GMT
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 354553
x-served-by: cache-lhr7370-LHR, cache-fra-eddf8230116-FRA, cache-tw-ZZZ1
last-modified: Fri, 17 Mar 2023 22:49:02 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: e74697459825efdb
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 lyfe-jennings-career.png
i0.wp.com/www.realrealitygossip.com/wp-content/uploads/2020/10/ 331 KB
332 KB 132ms
34ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.realrealitygossip.com/wp-content/uploads/2020/10/lyfe-jennings-career.png?resize=747%2C467

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

b562c12d7df7a1f40a9f046a42424303d62e7b345c0cf5152f00e177cf4f0093

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 5
date: Wed, 01 Nov 2023 00:55:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 31 Oct 2023 18:26:03 GMT
server: nginx
etag: "0cef56ef843e05f6"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.realrealitygossip.com/wp-content/uploads/2020/10/lyfe-jennings-career.png>; rel="canonical"
content-length: 339098
expires: Fri, 31 Oct 2025 06:26:03 GMT

GET
H2 200 Paragon-Sandhills-Lobby-SHS.jpg
sandhillssentinel.com/wp-content/uploads/2020/01/ 52 KB
52 KB 334ms
247ms Image
image/jpeg 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sandhillssentinel.com/wp-content/uploads/2020/01/Paragon-Sandhills-Lobby-SHS.jpg
Requested by: Host: dfives.com
URL: https://dfives.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a417e53b24ca685662dbf871a96aa8fa6f7c982ac6722e9b55b448921b80e309

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:36 GMT
cf-cache-status: MISS
last-modified: Mon, 20 Jan 2020 14:29:27 GMT
server: cloudflare
etag: "5e25b947-ce52"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 81f02c50b8145c43-AMS
alt-svc: h3=":443"; ma=86400
content-length: 52818

GET
H2 403 Auction-room-christies-cover.jpg
magazine.artland.com/wp-content/uploads/2022/07/ 0
0 222ms
114ms Image
text/html 2606:4700:10::6816:574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magazine.artland.com/wp-content/uploads/2022/07/Auction-room-christies-cover.jpg
Requested by: Host: dfives.com
URL: https://dfives.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 404 Untitled-7.png
dfives.com/wp-content/uploads/2019/10/ 64 KB
64 KB 1137ms
1134ms Image
text/html 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dfives.com/wp-content/uploads/2019/10/Untitled-7.png
Requested by: Host: dfives.com
URL: https://dfives.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn / PHP/7.4.33
Resource Hash: 3279a675fa3e542e26af09d9bc444b84145a14b4ac67177fd907f9ff5a3c33ad

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:36 GMT
content-encoding: br
server: hcdn
x-powered-by: PHP/7.4.33
x-litespeed-cache: miss
x-hcdn-request-id: fb16bf8996b15e8f7a41d1af94100a39-srv-edge2
content-type: text/html; charset=UTF-8
x-litespeed-cache-control: public,max-age=3600
cache-control: no-store, no-cache, must-revalidate
x-turbo-charged-by: LiteSpeed
x-litespeed-tag: c91_HTTP.404,c91_404,c91_URL.aa831c5acf323acb4f94f2d58c049b11,c91_
platform: hostinger
link: <https://dfives.com/wp-json/>; rel="https://api.w.org/"
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 underscore.min.js Show response
dfives.com/wp-includes/js/ 18 KB
7 KB 35ms
28ms Script
application/x-javascript 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://dfives.com/wp-includes/js/underscore.min.js?ver=1.13.4

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4175
content-length: 7150
x-hcdn-cache-status: HIT
last-modified: Mon, 16 Oct 2023 05:20:17 GMT
server: hcdn
etag: "4991-652cc811-5f44f58a42386399;br"
x-hcdn-request-id: e9f909db5c2834bb3c60b3946283e9df-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Thu, 31 Oct 2024 05:46:00 GMT

GET
H2 200 js_posts_autoload.min.js Show response
dfives.com/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
2 KB 35ms
29ms Script
application/x-javascript 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://dfives.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=2713a088559ff26084e8003394764364

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4175
content-length: 1846
x-hcdn-cache-status: HIT
last-modified: Mon, 15 Nov 2021 09:01:51 GMT
server: hcdn
etag: "14a0-619221ff-9fe9b0aad803a07c;br"
x-hcdn-request-id: 7e3b8c2203e82584e3af3fd31b86b47f-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Thu, 31 Oct 2024 05:46:00 GMT

GET
H2 200 tagdiv_theme.min.js Show response
dfives.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 258 KB
56 KB 35ms
29ms Script
application/x-javascript 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://dfives.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.3.2

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

a5442291e1c921abc633723ad82232f8388cde8206a5e27148d5904b08c7462b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4174
content-length: 57082
x-hcdn-cache-status: HIT
last-modified: Mon, 15 Nov 2021 09:01:40 GMT
server: hcdn
etag: "40698-619221f4-d20be86e268f8bfb;br"
x-hcdn-request-id: da338c4b7272af7e1330480b7f87e29c-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Thu, 31 Oct 2024 05:46:01 GMT

GET
H2 200 comment-reply.min.js Show response
dfives.com/wp-includes/js/ 3 KB
1 KB 35ms
29ms Script
application/x-javascript 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://dfives.com/wp-includes/js/comment-reply.min.js?ver=6.3.2

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4174
content-length: 1229
x-hcdn-cache-status: HIT
last-modified: Mon, 16 Oct 2023 05:20:17 GMT
server: hcdn
etag: "ba5-652cc811-f2a582943d7f5905;br"
x-hcdn-request-id: 4ccca77840c89213a02418b4ce99afc0-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Thu, 31 Oct 2024 05:46:01 GMT

GET
H2 200 instant_click.min.js Show response
dfives.com/wp-content/plugins/litespeed-cache/assets/js/ 4 KB
1 KB 35ms
30ms Script
application/x-javascript 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://dfives.com/wp-content/plugins/litespeed-cache/assets/js/instant_click.min.js?ver=4.4.7

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

ff58039976d62beef36f2d3750b639e7cd571662fe6c6c34cc67beb61647f312

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4174
content-length: 1166
x-hcdn-cache-status: HIT
last-modified: Thu, 17 Feb 2022 20:31:07 GMT
server: hcdn
etag: "e63-620eb08b-1d3b2cfa6d9aaaca;br"
x-hcdn-request-id: 26659093666b1af627c85b3f55c78822-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Thu, 31 Oct 2024 05:46:01 GMT

GET
H2 200 js_files_for_front.min.js Show response
dfives.com/wp-content/plugins/td-cloud-library/assets/js/ 37 KB
8 KB 36ms
30ms Script
application/x-javascript 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://dfives.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=2713a088559ff26084e8003394764364

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

bedcc92fa96a1549eec70158c56437af620ad5562b61b64bbf86dfc8bb30dec5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4174
content-length: 8113
x-hcdn-cache-status: HIT
last-modified: Mon, 15 Nov 2021 09:01:51 GMT
server: hcdn
etag: "92ce-619221ff-17cb17d40c6c942d;br"
x-hcdn-request-id: cb44679bf908ef86547f12974d7e44a4-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Thu, 31 Oct 2024 05:46:01 GMT

GET
H2 200 image.js Show response
dfives.com/wp-content/plugins/featured-image-from-url/includes/html/js/ 4 KB
1 KB 36ms
30ms Script
application/x-javascript 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://dfives.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.1.2

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

0891804a56327bacae315d5e5281bee36c729cabfe22697a28083eeb39eb8608

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4174
content-length: 915
x-hcdn-cache-status: HIT
last-modified: Sat, 24 Sep 2022 09:27:27 GMT
server: hcdn
etag: "ef2-632ecd7f-4abe971415ccf15;br"
x-hcdn-request-id: 020e61364eab1d62e713cb6389cb187b-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Thu, 31 Oct 2024 05:46:01 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/ 398 KB
135 KB 73ms
69ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9105688312729892&plah=dfives.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53f53dd4f6fe76e084de807f3e52422f2a2893313839d35e3cf7741d79e2d16b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138072
x-xss-protection: 0
server: cafe
etag: 14493312503074688307
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 00:55:35 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/ Frame 289C 10 KB
5 KB 288ms
58ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dfives.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 59485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 08:24:10 GMT
etag: 4569948109300706969
expires: Tue, 14 Nov 2023 08:24:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 53ms
50ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VNEXHG7TZX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-156903277-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb02be778f676292731a6b95e72ba1abcf2213f45ba668715630b829ea20f16c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79016
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 Nov 2023 00:55:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 253ms
70ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-156903277-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 23:51:32 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3844
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 01 Nov 2023 01:51:32 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 199 KB
69 KB 369ms
218ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: syndication.gcdnanalytics.com
URL: https://syndication.gcdnanalytics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

56170d5dc5e437edf605f64d0effd274f3e628db747d75fc412bb95637092e22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 31 Oct 2023 10:58:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6540ddce-11140"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 69952
expires: Wed, 01 Nov 2023 01:55:36 GMT

GET
H2

200

1
mc.yandex.ru/watch/95390266/
Redirect Chain

https://mc.yandex.ru/watch/95390266
https://mc.yandex.ru/watch/95390266/1?redirnss=1

43 B
84 B

534ms
534ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/95390266/1?redirnss=1

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:36 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 01-Nov-2023 00:55:36 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 01-Nov-2023 00:55:36 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:36 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 01-Nov-2023 00:55:36 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/95390266/1?redirnss=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Wed, 01-Nov-2023 00:55:36 GMT

GET
H2 404 9.jpg
dfives.com/wp-content/uploads/2020/01/ 64 KB
64 KB 1105ms
1105ms Image
text/html 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dfives.com/wp-content/uploads/2020/01/9.jpg
Requested by: Host: dfives.com
URL: https://dfives.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn / PHP/7.4.33
Resource Hash: 3279a675fa3e542e26af09d9bc444b84145a14b4ac67177fd907f9ff5a3c33ad

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:36 GMT
content-encoding: br
server: hcdn
x-powered-by: PHP/7.4.33
x-litespeed-cache: miss
x-hcdn-request-id: f364fdc88f02f6c0f3a2a93b6c5493d2-srv-edge2
content-type: text/html; charset=UTF-8
x-litespeed-cache-control: public,max-age=3600
cache-control: no-store, no-cache, must-revalidate
x-turbo-charged-by: LiteSpeed
x-litespeed-tag: c91_HTTP.404,c91_404,c91_URL.e3e322d8a9941644ed005d27cb4c86cd,c91_
platform: hostinger
link: <https://dfives.com/wp-json/>; rel="https://api.w.org/"
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 newspaper.woff
dfives.com/wp-content/themes/Newspaper/images/icons/ 24 KB
16 KB 49ms
48ms Font
application/font-woff 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://dfives.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?19

Requested by

Host: dfives.com
URL: https://dfives.com/wp-content/themes/Newspaper/style.css?ver=11.3.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://dfives.com/wp-content/themes/Newspaper/style.css?ver=11.3.2
Origin: https://dfives.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
content-security-policy: upgrade-insecure-requests
x-hcdn-cache-status: HIT
last-modified: Mon, 15 Nov 2021 09:01:32 GMT
server: hcdn
age: 4174
etag: W/"6120-619221ec-555987c8b99ce8f3;;;"
vary: Accept-Encoding
x-hcdn-request-id: b60e6d545915898ccffa11d50c41a94e-srv-edge2
content-type: application/font-woff
content-encoding: br
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
platform: hostinger
expires: Thu, 31 Oct 2024 05:46:01 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 171ms
83ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.3.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dfives.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:16:19 GMT
x-content-type-options: nosniff
age: 455956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:16:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 126ms
39ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.3.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dfives.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 26961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Oct 2024 17:26:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 127ms
40ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.3.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dfives.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 23:02:07 GMT
x-content-type-options: nosniff
age: 93208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Oct 2024 23:02:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 143ms
75ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.3.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dfives.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 18:18:43 GMT
x-content-type-options: nosniff
age: 110212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Oct 2024 18:18:43 GMT

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b22b92bba1432d1e62c819855bb3cb326676e0084bdf67dbe9bf771b13ed810a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 114 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 069e2abed69e2efcd6930c0615ae8c32c1cb9f76e6e9ffae45495bc6759a3f95

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 111 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 wp-emoji-release.min.js Show response
dfives.com/wp-includes/js/ 18 KB
5 KB 32ms
28ms Script
application/x-javascript 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://dfives.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:35 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4156
content-length: 4605
x-hcdn-cache-status: HIT
last-modified: Mon, 16 Oct 2023 05:20:17 GMT
server: hcdn
etag: "4904-652cc811-58ee38b51ae32270;br"
x-hcdn-request-id: 575ce7daba2480d1ed308239abba2371-srv-edge2
content-type: application/x-javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Thu, 31 Oct 2024 05:46:19 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 116ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VNEXHG7TZX&gtm=45je3au1v9108702538&_p=1650286243&gcd=11l1l1l1l1&cid=1640348007.1698800136&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1698800135&sct=1&seg=0&dl=https%3A%2F%2Fdfives.com%2F&dt=Home%20%C2%BB%20Dfives&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VNEXHG7TZX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dfives.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
603 B 126ms
52ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=dfives.com&callback=_gfp_s_&client=ca-pub-9105688312729892

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9105688312729892&plah=dfives.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72557cfcc2b26237aec10e1293bc7355a25f1b44b04184ab6b843d923cce1432

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E7B4 603 B
245 B 133ms
112ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9105688312729892&output=html&adk=1812271804&adf=3025194257&lmt=1698796535&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fdfives.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698800135447&bpp=163&bdt=418&idt=471&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4719032816092&frm=20&pv=2&ga_vid=1640348007.1698800136&ga_sid=1698800136&ga_hid=1650286243&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079231%2C44795921%2C44805932%2C44807334%2C31078297&oid=2&pvsid=3172815694495667&tmod=822020882&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=514

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dfives.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 00:55:36 GMT
expires: Wed, 01 Nov 2023 00:55:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
202 B 45ms
44ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1650286243&t=pageview&_s=1&dl=https%3A%2F%2Fdfives.com%2F&ul=en-us&de=UTF-8&dt=Home%20%C2%BB%20Dfives&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2090093608&gjid=1546982657&cid=1640348007.1698800136&tid=UA-156903277-1&_gid=780278754.1698800136&_r=1&gtm=457e3au1&gcd=11l1l1l1l1&jsscut=1&z=62618552

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dfives.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dfives.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10172.vk4WYphuDyNEqj-p-DIRXWa3NwOiMeUr8mwSHTMxJq28qQU3Y9uVeMozTkADXBj3.xcviAUDTbNoZUT2Pjx4TdQhxdcs%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10172.jUybEgQDW8eeq0_LqSxou1L8p5O0VKueWiKtKLStcoSytki1wzbe8jEV4N9KWiBhOn74FmO_LH1vCVVrL_0UsXOBazSThcmoXemfbLGkcxfbiWHqcR-6QTz1ohGUeOe6gVpxnp41JP...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10172.1h_Yd2_CXwEajrbB4SP2ymfiVIK9S8I1xKDVBNao4r75GOyQ3VO2ept2R2SVe04mIPK2Zl2QCnHLG5aogxpBQVznFvuNUSe4YSmApBSxDcPcx...

43 B
648 B

71ms
70ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10172.1h_Yd2_CXwEajrbB4SP2ymfiVIK9S8I1xKDVBNao4r75GOyQ3VO2ept2R2SVe04mIPK2Zl2QCnHLG5aogxpBQVznFvuNUSe4YSmApBSxDcPcxia-8E0yMDeaDJWcysumPVnWDiLGcWayQHCVn3SSSmsowiE4VZ_1_uqb59drwm-5w3UFF86EHr8MLHVyegBB0hiolIUKO1Iq1XBuvODQWQ%2C%2C.mhKVDxvY1wtpiEj4oW5qO2L-GVM%2C

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:36 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10172.1h_Yd2_CXwEajrbB4SP2ymfiVIK9S8I1xKDVBNao4r75GOyQ3VO2ept2R2SVe04mIPK2Zl2QCnHLG5aogxpBQVznFvuNUSe4YSmApBSxDcPcxia-8E0yMDeaDJWcysumPVnWDiLGcWayQHCVn3SSSmsowiE4VZ_1_uqb59drwm-5w3UFF86EHr8MLHVyegBB0hiolIUKO1Iq1XBuvODQWQ%2C%2C.mhKVDxvY1wtpiEj4oW5qO2L-GVM%2C
date: Wed, 01 Nov 2023 00:55:36 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
460 B 117ms
112ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:36 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 31 Oct 2023 10:58:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6540ddce-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 01 Nov 2023 01:55:36 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A9B5 106 KB
45 KB 318ms
317ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4406873401428000&output=html&h=100&slotname=5971507018&adk=4091383590&adf=783313867&pi=t.ma~as.5971507018&w=750&lmt=1698796537&format=750x100&url=https%3A%2F%2Fdfives.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698800137000&bpp=2&bdt=1970&idt=2&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D899acace8958bf50-226e42d620e300c9%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MaKaxvphbvgJtaTMDCQIHBoyhWQXA&gpic=UID%3D00000cafafa213bd%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MbnUNV_VoVIUcv-4mixsauLEhdwCw&prev_fmts=0x0&nras=1&correlator=4719032816092&frm=20&pv=2&ga_vid=1640348007.1698800136&ga_sid=1698800136&ga_hid=1650286243&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=95&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079231%2C44795921%2C44805932%2C44807334%2C31078297&oid=2&pvsid=3172815694495667&tmod=822020882&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=ETl41fVS4b&p=https%3A//dfives.com&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4807aa97bf191ec7666224e3a3be04b2aebfa220c5bf2f58cf35e0433b3d49be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dfives.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46019
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 00:55:37 GMT
expires: Wed, 01 Nov 2023 00:55:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2BB7 27 KB
12 KB 219ms
218ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4406873401428000&output=html&h=180&slotname=6928154013&adk=3788297780&adf=804204008&pi=t.ma~as.6928154013&w=930&lmt=1698796537&format=930x180&url=https%3A%2F%2Fdfives.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698800137008&bpp=1&bdt=1979&idt=1&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D899acace8958bf50-226e42d620e300c9%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MaKaxvphbvgJtaTMDCQIHBoyhWQXA&gpic=UID%3D00000cafafa213bd%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MbnUNV_VoVIUcv-4mixsauLEhdwCw&prev_fmts=0x0%2C750x100&nras=1&correlator=4719032816092&frm=20&pv=1&ga_vid=1640348007.1698800136&ga_sid=1698800136&ga_hid=1650286243&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=2729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079231%2C44795921%2C44805932%2C44807334%2C31078297&oid=2&pvsid=3172815694495667&tmod=822020882&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=awQDrDYMA5&p=https%3A//dfives.com&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de59f94358d4e2ba6ec0d2db822c45f703652869ee4b532113084aa349595a5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dfives.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12525
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 00:55:37 GMT
expires: Wed, 01 Nov 2023 00:55:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7A13 436 B
237 B 264ms
263ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4406873401428000&output=html&h=180&slotname=6928154013&adk=710180592&adf=3587278330&pi=t.ma~as.6928154013&w=930&lmt=1698796537&format=930x180&url=https%3A%2F%2Fdfives.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698800137015&bpp=1&bdt=1985&idt=1&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D899acace8958bf50-226e42d620e300c9%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MaKaxvphbvgJtaTMDCQIHBoyhWQXA&gpic=UID%3D00000cafafa213bd%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MbnUNV_VoVIUcv-4mixsauLEhdwCw&prev_fmts=0x0%2C750x100%2C930x180&nras=1&correlator=4719032816092&frm=20&pv=1&ga_vid=1640348007.1698800136&ga_sid=1698800136&ga_hid=1650286243&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=4271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079231%2C44795921%2C44805932%2C44807334%2C31078297&oid=2&pvsid=3172815694495667&tmod=822020882&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=XOxp2Zekao&p=https%3A//dfives.com&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

057c32f526b789c69104aae9492a1f7e3c12f708040b54c7c1b38e910160b2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dfives.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 00:55:37 GMT
expires: Wed, 01 Nov 2023 00:55:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 138ms
71ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231026&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d42a88d4d3618a336f6155ec10a0bc7fb94efdbd42ab2bc1be84c9be45f42f44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12327
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/95390266/
Redirect Chain

https://mc.yandex.com/watch/95390266?wmode=7&page-url=https%3A%2F%2Fdfives.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A1492%3Afu%3A0%3Aen%3Autf-8%3...
https://mc.yandex.com/watch/95390266/1?wmode=7&page-url=https%3A%2F%2Fdfives.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A1492%3Afu%3A0%3Aen%3Autf-8...

434 B
526 B

70ms
70ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/95390266/1?wmode=7&page-url=https%3A%2F%2Fdfives.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A1492%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1142%3Acn%3A1%3Adp%3A0%3Als%3A434795883686%3Ahid%3A96633024%3Az%3A60%3Ai%3A20231101015536%3Aet%3A1698800137%3Ac%3A1%3Arn%3A1026453554%3Arqn%3A1%3Au%3A1698800137342919991%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C69%2C453%2C279%2C301%2C0%2C%2C431%2C1%2C%2C%2C%2C1587%3Aco%3A0%3Acpf%3A1%3Ans%3A1698800134148%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1698800137%3At%3AHome%20%C2%BB%20Dfives&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

45b567a5b9598a7213393d57c5565d1bd326324e29a80ecc79164accf0e9a7b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 01-Nov-2023 00:55:37 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dfives.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 434
x-xss-protection: 1; mode=block
expires: Wed, 01-Nov-2023 00:55:37 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 01-Nov-2023 00:55:37 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/95390266/1?wmode=7&page-url=https%3A%2F%2Fdfives.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A1492%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1142%3Acn%3A1%3Adp%3A0%3Als%3A434795883686%3Ahid%3A96633024%3Az%3A60%3Ai%3A20231101015536%3Aet%3A1698800137%3Ac%3A1%3Arn%3A1026453554%3Arqn%3A1%3Au%3A1698800137342919991%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C69%2C453%2C279%2C301%2C0%2C%2C431%2C1%2C%2C%2C%2C1587%3Aco%3A0%3Acpf%3A1%3Ans%3A1698800134148%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1698800137%3At%3AHome%20%C2%BB%20Dfives&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://dfives.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 01-Nov-2023 00:55:37 GMT

GET
H2 200 bedroom-1940169_960_720-324x160.jpg
dfives.com/wp-content/uploads/2019/07/ 7 KB
7 KB 27ms
27ms Image
image/webp 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dfives.com/wp-content/uploads/2019/07/bedroom-1940169_960_720-324x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 42a782f90928ca08421ac227673542b55044a8cb102884863475088d2ffee731

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:37 GMT
x-hcdn-cache-status: HIT
server: hcdn
age: 4156
x-hcdn-request-id: b33a02b46b9a13a970e9b6fd219414b0-srv-edge2
content-type: image/webp
cache-control: public, max-age=31557600
x-hcdn-image-optimizer: f:webp q:85 w:1600
accept-ranges: bytes
content-length: 7472
expires: Thu, 31 Oct 2024 05:46:21 GMT

GET
H2 200 AdobeStock_45632318-741x486.jpeg
dfives.com/wp-content/uploads/2021/06/ 35 KB
36 KB 28ms
27ms Image
image/webp 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dfives.com/wp-content/uploads/2021/06/AdobeStock_45632318-741x486.jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: c93f2b199769425f50c94fac30e57e84be0a6a0621dc7e4af7b2e3166a71205e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:37 GMT
x-hcdn-cache-status: HIT
server: hcdn
age: 4157
x-hcdn-request-id: 76332a0278fa74bd54689fe2ca8926f4-srv-edge2
content-type: image/webp
cache-control: public, max-age=31557600
x-hcdn-image-optimizer: f:webp q:85 w:1600
accept-ranges: bytes
content-length: 36344
expires: Thu, 31 Oct 2024 05:46:20 GMT

GET
H/1.1 200
OK PSA-9122-02-PSA-Blog-Graphics-The-Evolution-of-Tiger-Woods-Autograph-1200x630-1-870x500.png
blog.psacard.com/wp-content/uploads/2019/05/ 777 KB
777 KB 41ms
41ms Image
image/png 104.17.168.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.psacard.com/wp-content/uploads/2019/05/PSA-9122-02-PSA-Blog-Graphics-The-Evolution-of-Tiger-Woods-Autograph-1200x630-1-870x500.png

Requested by

Host: dfives.com
URL: https://dfives.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.17.168.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff048925f929c34d1c4de8a2c2a51833ca832246044a11b7ed287f2978fda58d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 00:55:37 GMT
Strict-Transport-Security: max-age=0; includeSubDomains; preload
CF-Cache-Status: HIT
Age: 1
Connection: keep-alive
Content-Length: 795399
Last-Modified: Mon, 13 May 2019 14:48:24 GMT
Server: cloudflare
ETag: "5cd983b8-c2307"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
CF-RAY: 81f02c58ff55b902-AMS
Expires: Sat, 29 Oct 2033 00:55:37 GMT

GET
H2 200 GettyImages-1339387076-1.jpg
images.sarcasmtherapy.com/prod/sarcasmtherapy/2022/12/07/02/62f049408e3be954512a773a9fa7b115/ 272 KB
273 KB 48ms
47ms Image
image/jpeg 108.138.36.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.sarcasmtherapy.com/prod/sarcasmtherapy/2022/12/07/02/62f049408e3be954512a773a9fa7b115/GettyImages-1339387076-1.jpg
Requested by: Host: dfives.com
URL: https://dfives.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-8.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d2a62e0e157ce34862c41674c427b3afba2acb7322b5414a8f681eba3a417c9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 01:42:59 GMT
x-amz-version-id: jd83nJnVYnGWAp51WCtRQh8uNpiEmDYJ
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 169959
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 278827
last-modified: Wed, 07 Dec 2022 14:33:16 GMT
server: AmazonS3
etag: "320b9dab6e068d2d8fed239206423b2c"
content-type: image/jpeg
cache-control: public,max-age=604800
accept-ranges: bytes
x-amz-cf-id: zuJv2dzlgV-tidbk2y2o5MvnxjLrpu7R8aOvzYZxPrth_9Myr_5tZw==

GET
H2 200 lyfe-jennings-career.png
i0.wp.com/www.realrealitygossip.com/wp-content/uploads/2020/10/ 331 KB
332 KB 49ms
49ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.realrealitygossip.com/wp-content/uploads/2020/10/lyfe-jennings-career.png?resize=747%2C467

Requested by

Host: dfives.com
URL: https://dfives.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

b562c12d7df7a1f40a9f046a42424303d62e7b345c0cf5152f00e177cf4f0093

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 5
date: Wed, 01 Nov 2023 00:55:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 31 Oct 2023 18:26:03 GMT
server: nginx
etag: "0cef56ef843e05f6"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.realrealitygossip.com/wp-content/uploads/2020/10/lyfe-jennings-career.png>; rel="canonical"
content-length: 339098
expires: Fri, 31 Oct 2025 06:26:03 GMT

GET
H2 200 Paragon-Sandhills-Lobby-SHS.jpg
sandhillssentinel.com/wp-content/uploads/2020/01/ 49 KB
49 KB 53ms
52ms Image
image/jpeg 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sandhillssentinel.com/wp-content/uploads/2020/01/Paragon-Sandhills-Lobby-SHS.jpg
Requested by: Host: dfives.com
URL: https://dfives.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d1580840a03e77d08989d15a0d62a007a3ae689bf3a817dbe44d32d4a0044e3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:37 GMT
cf-cache-status: HIT
age: 2
cf-polished: origSize=52818
alt-svc: h3=":443"; ma=86400
content-length: 50348
cf-bgj: imgq:100,h2pri
last-modified: Mon, 20 Jan 2020 14:29:27 GMT
server: cloudflare
etag: "5e25b947-ce52"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 81f02c594d715c43-AMS

GET
H2 200 td_324x160.png
dfives.com/wp-content/plugins/td-standard-pack/Newspaper/assets/images/no-thumb/ 714 B
820 B 42ms
38ms Image
image/webp 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dfives.com/wp-content/plugins/td-standard-pack/Newspaper/assets/images/no-thumb/td_324x160.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 39e755dd319441e61e338b00aec055697238b2b1fdd7638ebe58f63d09b66a0e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:37 GMT
x-hcdn-cache-status: HIT
server: hcdn
age: 4155
x-hcdn-request-id: 496fcb8b8710cab4ea6a54308e3a4377-srv-edge2
content-type: image/webp
cache-control: public, max-age=31557600
x-hcdn-image-optimizer: f:webp q:85 w:1600
accept-ranges: bytes
content-length: 714
expires: Thu, 31 Oct 2024 05:46:22 GMT

GET
H2 200 increase-sales-online-value-proposition-218x150.jpg
dfives.com/wp-content/uploads/2021/01/ 8 KB
8 KB 39ms
38ms Image
image/webp 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dfives.com/wp-content/uploads/2021/01/increase-sales-online-value-proposition-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 17f7ff1a83e1f5d47cce9542ae7a2bfdad582ff16b489730856a51ffc2fe20ec

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:37 GMT
x-hcdn-cache-status: HIT
server: hcdn
age: 4155
x-hcdn-request-id: 22e7b0c5b49a5a6bbfddbb5e607a90f4-srv-edge2
content-type: image/webp
cache-control: public, max-age=31557600
x-hcdn-image-optimizer: f:webp q:85 w:1600
accept-ranges: bytes
content-length: 8168
expires: Thu, 31 Oct 2024 05:46:22 GMT

GET
H2 200 3-Money-Making-Factors-To-Display-Your-Newsletter-218x150.jpg
dfives.com/wp-content/uploads/2021/01/ 7 KB
7 KB 32ms
30ms Image
image/webp 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dfives.com/wp-content/uploads/2021/01/3-Money-Making-Factors-To-Display-Your-Newsletter-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 2751e5751af0a6529d5f04ca9901a32624755f99ec601906b15913594167e106

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:37 GMT
x-hcdn-cache-status: HIT
server: hcdn
age: 4155
x-hcdn-request-id: 5e155fc60818ee171f0bf258a9bac82e-srv-edge2
content-type: image/webp
cache-control: public, max-age=31557600
x-hcdn-image-optimizer: f:webp q:85 w:1600
accept-ranges: bytes
content-length: 7330
expires: Thu, 31 Oct 2024 05:46:22 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 136ms
47ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 00:55:37 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2BB7 42 B
63 B 72ms
71ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ddz5Gh8LbNRBSX2xWKxG6_yPzb8WJVgE3MnHJYIVA3sQG70xgxVQWiI-EgMzWaAO6C4V_jrP6e7YKbbETq2i6cgDxNOQv3swUC5h4bi4vu6nZ9hNU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4406873401428000&output=html&h=180&slotname=6928154013&adk=3788297780&adf=804204008&pi=t.ma~as.6928154013&w=930&lmt=1698796537&format=930x180&url=https%3A%2F%2Fdfives.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698800137008&bpp=1&bdt=1979&idt=1&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D899acace8958bf50-226e42d620e300c9%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MaKaxvphbvgJtaTMDCQIHBoyhWQXA&gpic=UID%3D00000cafafa213bd%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MbnUNV_VoVIUcv-4mixsauLEhdwCw&prev_fmts=0x0%2C750x100&nras=1&correlator=4719032816092&frm=20&pv=1&ga_vid=1640348007.1698800136&ga_sid=1698800136&ga_hid=1650286243&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=2729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079231%2C44795921%2C44805932%2C44807334%2C31078297&oid=2&pvsid=3172815694495667&tmod=822020882&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=awQDrDYMA5&p=https%3A//dfives.com&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2BB7 0
20 B 73ms
71ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2678086090011529141&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2BB7 89 KB
31 KB 53ms
51ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 00:55:37 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231030/r20110914/client/ Frame 2BB7 3 KB
1 KB 102ms
37ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231030/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 23:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 23:22:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231030/r20110914/client/ Frame 2BB7 20 KB
9 KB 119ms
32ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231030/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 23:22:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 23:22:33 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2BB7 0
0 142ms
40ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5F5vTo0pkrSHqum-L88vnRTIhFJt_R2mDNH1CAuQHMRS2q8onKRm4re5dx-jMD3gz0Oz3Y0Nss8HOqaEl8SXgutPJSw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4406873401428000&output=html&h=180&slotname=6928154013&adk=3788297780&adf=804204008&pi=t.ma~as.6928154013&w=930&lmt=1698796537&format=930x180&url=https%3A%2F%2Fdfives.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698800137008&bpp=1&bdt=1979&idt=1&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D899acace8958bf50-226e42d620e300c9%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MaKaxvphbvgJtaTMDCQIHBoyhWQXA&gpic=UID%3D00000cafafa213bd%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MbnUNV_VoVIUcv-4mixsauLEhdwCw&prev_fmts=0x0%2C750x100&nras=1&correlator=4719032816092&frm=20&pv=1&ga_vid=1640348007.1698800136&ga_sid=1698800136&ga_hid=1650286243&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=2729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079231%2C44795921%2C44805932%2C44807334%2C31078297&oid=2&pvsid=3172815694495667&tmod=822020882&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=awQDrDYMA5&p=https%3A//dfives.com&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2BB7 188 KB
59 KB 353ms
165ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 00:55:37 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F466 624 B
242 B 55ms
52ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiB5bvGATAB&v=APEucNVuMFhdz4IA4bn-HHdGyT1D1-qhL8f7KK0fbQdxGai7fdfMvg0BmWNMJ3ggEffWiUh4Km_VN2J-zkSavEEZwLQz2C68Q8dF-A-yr2GLr0vhpvFRcerUie7dLHF6b45Y7JNrYWWz8yw--zbu9EA0hIOjWuXAJPwhuSyZIbdZj8ls5Npy1w8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4406873401428000&output=html&h=180&slotname=6928154013&adk=3788297780&adf=804204008&pi=t.ma~as.6928154013&w=930&lmt=1698796537&format=930x180&url=https%3A%2F%2Fdfives.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698800137008&bpp=1&bdt=1979&idt=1&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D899acace8958bf50-226e42d620e300c9%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MaKaxvphbvgJtaTMDCQIHBoyhWQXA&gpic=UID%3D00000cafafa213bd%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MbnUNV_VoVIUcv-4mixsauLEhdwCw&prev_fmts=0x0%2C750x100&nras=1&correlator=4719032816092&frm=20&pv=1&ga_vid=1640348007.1698800136&ga_sid=1698800136&ga_hid=1650286243&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=2729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079231%2C44795921%2C44805932%2C44807334%2C31078297&oid=2&pvsid=3172815694495667&tmod=822020882&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=awQDrDYMA5&p=https%3A//dfives.com&dtd=5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 00:55:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bedroom-1940169_960_720-218x150.jpg
dfives.com/wp-content/uploads/2019/07/ 6 KB
6 KB 42ms
42ms Image
image/webp 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dfives.com/wp-content/uploads/2019/07/bedroom-1940169_960_720-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 8f12654203755cfbb43f2f123158949e9cd143cfb291edec062468862eafd5c5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:37 GMT
x-hcdn-cache-status: HIT
server: hcdn
age: 4155
x-hcdn-request-id: f735c7f3a5361b23aa5ffd6e437bb584-srv-edge2
content-type: image/webp
cache-control: public, max-age=31557600
x-hcdn-image-optimizer: f:webp q:85 w:1600
accept-ranges: bytes
content-length: 6014
expires: Thu, 31 Oct 2024 05:46:22 GMT

GET
H2 200 90966b3d14a81a0044f93402e07a26d0-218x150.jpg
dfives.com/wp-content/uploads/2020/01/ 7 KB
7 KB 34ms
27ms Image
image/webp 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dfives.com/wp-content/uploads/2020/01/90966b3d14a81a0044f93402e07a26d0-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 7f752c11d633622e82ef7ec24e8ae079948726c3dee9ceb7decd11d7f325cc30

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:37 GMT
x-hcdn-cache-status: HIT
server: hcdn
age: 4155
x-hcdn-request-id: 6f2bc0179daa2078e46eeefa08bb312f-srv-edge2
content-type: image/webp
cache-control: public, max-age=31557600
x-hcdn-image-optimizer: f:webp q:85 w:1600
accept-ranges: bytes
content-length: 6790
expires: Thu, 31 Oct 2024 05:46:22 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2BB7 0
20 B 69ms
68ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9537857705473&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2BB7 0
20 B 67ms
67ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9537857705473&version=m202309260101&ct=77&x=1&cor=2678086090011529000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2BB7 19 KB
13 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CVlKlw3Eztp_etlmWBBLldeWiHhbiTm_8VjtaV6gWCekdl6hsFyRStDTzA7kb0GFStHb6Uv8_Y6FPO-azmtpq2LWyjS1S8Gx6ILOFUpnqKx8zd6uVvjd0pRRbwcpdOWE-pnor4CNsPF7qJkeLey4rwpZguD85uGTUhtK7Jpt1D-ptjzDLYz-d4dPz0y5uAOM5V5nFmZ7u5PcZNCxVGsuWWZ1ybgQ&cry=1&dbm_d=AKAmf-BRQl9ckKcetuuZ2L-hg-dYzWG9qFNdUQhEqCLKdvCjMY_GAEcMlH0e7xLWJytFit0VzBkAv-CkizDdDUxkhwJ7HGuCxXHMMEcJiz9DQ-QIBG7fKz-VO4WuA6ChjOAx8AGlGdTUUTm8okHOEW12xz0The0d8vVQv9SyzWnIshbozDprWKZ2qS3x-tbUwDvzHaYKExEWpp7RMWMPAe6KzShGlqoPdhR_UHlc0L1Myesi71EhwN_y4h1dbAUPXIMVBw9cSMXRYU7C3WjlSwA_ILdNlBlV-dxJ_MxWOeRQPADkRUsvX5ZQXT4VO-4UChuDKzyyfgmLxvQbvpvzlbFEU4TIAW4WCs1hmaV4A4CvAEGXQbLrHGFYAMtdFiFbsSrbezOJn2ElX-i_AultxvtWgCXAjVE1wla2Jlu3ZmYo3sNNsVUfn6U7EZFqmnaKp2M365BhGKr04FX2mjTPWq0p0wYXyj607e8JV1Y1Cl1yOMNzGB8nswdBvPYlhgAMsNQTwUu04-Vc9F_z6w11xeOgY2dtYEHjKyvjq0gkXsVXaoVAd3WOTwmQrgXVw1OGsLjkLzMiARH0ssU4EJd7YYgab2OI6wEUhCotnizMfNsTalxE11jLIR9DcUW_m1-9CZyO-KIpIJIZhoAXAfE_cii5FO8laqNYXPVJo49-UDGTSRX4k8JoKFkqM8STuR8NLxQCwIjhXiCYf7FHlALLsKTO9i1u_-TXQGYY6zuip5mB1UVMY0IAuUEeCiIKZSX97k48T5h05lINwYkczXGSxljxN2aiReAc1hY82uMWFcwTU0djoDlMi6Mwmk02xlV8m1tg1-gUhjL5OvOOseJpqrNm2Wn45ErMx4fX1hg5Kes-jZE1GwCuZOGoJFgg_xZpsvU4yYWA0St4UZ7ifU6Ha1Nztb_srhK7JuYTQo6uSZKhnG3tjWDPLauGGQO9o1Z5QBhCJHXlvbyj6FAYkbbPBkax0NYXaEcO2JBIfyBSBSqaBEg_mkV_2k0HoLBCtshHAOlsA51mqS2gD8CXXWCsbUZWYsigd7XWXLAAC6r1I8XoG8_SYWvM-bl4V3PShGZxzZ2TMFrenzoAnFX8j3r4j-fmWysreKSYOTu-MnR7P9NeaseNd6ax3SUcdlIOl0u4nJxk8rK-zKjyEFvjHKeiRt198N6xcL0GctgXcgJMfL7LY0VRJYPMHBmfPILMnTEAKJzUj4tS3w3kEwsvOyPE9GXQKwgWA8WtCpG7tfduO8mswfBZ0IexSkzMyY7ET3VrOgmPiHCUJHhOA9rTZwabrCjFa1Rwzu_Bj10dkxOYW2XjwP6P3siAbI9HoaINiC0mKlD8RDr1vzf_kVN2MuaSJMRovTx1PcRzqiGepGECQQZu0fCHLWlA4NJCDxbSz7hXQmtoiXW3IeRDEFhX08fsshFcwvjQOYCA2g8_llo7jLp5JvcxNucwsq4cwLsavrkU4R4Xs0cidR03l_-rpPXi8A_VNfwPh1ATccGPjMYrXovdjE_L-D8ZjEERV2AQIgt-26hXCeKFAHSwM2AfG8wFMB-_2VAMHAj9lV9jVg5lDGHMeJa5AA21tWktpiBfDHb6w9Jlf4LevRfFOJBdt9d_pos1ki2TiKGKLKJ4v1gArkeuxbei7SZmQeiw2RgHQSXNEC9OpZjcV48pK46BdKGu51hQ8y_sJzQYN6urXgMRe2XPek39fls2gfknyeBxnQmFIEspyjEPsD27vdpGykz1CdFpkTBNyLfJhQBCvjZR2IkkQXjJD7fBdDnzkvJG1CGOA4cdEgYNXEupdpsNM_P0PNNZEBKaJMokUYRe8ON8ygXLhd5JeSf5HEUK9W5W2b_Ql5mtekORnPOdyWQ0JbmruLpRBuxyPmQIJhNl2b-DkEveHfkcCwnm3s-X9k3IUsKGCV7ycyMrgBXGJlUdeqYShuvKsqhdCHEuggHLc6WMjBeox36vncbhd-KdAmvNX4W6P1rduXzqjjARXq80MuMhYA-dxFQJRq9egaDjbpWALNXTsdvCuZQgM4hjgQfw9ucnbPK25AblgyV-6BMwOuQ47jCJs47x_oEdQDC8OPS6gMBRTznDABbl777TFxXXn4o9btuJvqHr5bl7IzPec8Vci5f8wFh9-ml6R1lGl9mpjiRbjVcnmExNGo1fMy0y5hPPm5QNlfUvN7J33UXu64aZfoP5ZEWRfMXsBgyRlnbepbkVaNyJVSmPLdqLs4V25ALXPJZ-2YINdZUT_RBrC7UGmoeEG88JEwgxN9tyhkITWIlfgKsiFvFG6lD0T-3a9km1WKSeBMmWovtbdUUYe-tGHpJuElvc1K1MVfpALKPYJACV-G1zEkd_Zld4gxsSRzUUfzo7ftbbhOmmRtanFP45U_GsDR2vEXREM0lS21uqPegZe5p4-3AeUuSlABA7rR__i0AHzPj-Hz-goKahbzZxV0lpn2lLm99xOY5j_569eAdjAmG0lU9_H9Ehp0ZZevifKjlyr3QwQ8LYbnmAxf3l9cUt0u_kA5PmdmQTCAqI4EFdl0PRvHkDzCaSv-hATa1YYo4QjFh0n5SBEzRk7Lv5JEx_HM69x6Wd0OWn-YzFoJh_76aXqWpfK7rHadDyNnSgFrV6rpqo0xllcKPi8df9pSUyHntjSUFH4mU3cNmLsv3_h-5Ixa6xbmVz0vzyVYnHor1NLhJusulqEjsoHLqzZlhZfP5zSwEWHOYFrzwA8RV8_KZWLx3stqB53FOf6kEZZuXcncOVnUoNk45PpJf6x6I2b3-oLtbBE0i7Ca-WiyMtNVT6xDoz6E5kMZBNxPJbbE3DW0jeUPW0Ks51mUUgfl2REATlGgiu5hpx0y1Qd8WN-sPWsyzjrQ0piHM_ZelEw0n7PXiLHIQr1VeuRnE__31vGOyttsB_409Oa-CnZUPQvjrbKC2NHJT8Wb8MBZLRZR9G8JvzMzT61j99mdirEplvMOc2gi916ciVKZlpGdql4ygecNUEKODdeldabjmK1Pukgs1oI-WMC6cLzHRIzCRjIdrRsMgp5iLtgIIVfFCIRixglZ8hdTdHpNWWXRx37EX23ZrvzGl0_2vF885uPoROIITZz73lq8w0uRjWtGw2DkscywvN7fqAtE3IS1AOsWV0OlsAluGOKDAX_D_OQvDpsq-m9fC8yVs-5w4CgjmtdESGJa6HYqyelLSB6iEZfE1p06fhvyGrYe391deGdO1YjEG5CKiexGwT_yOKTKFSVGyCK5D4Ldhllwr3hIFBnH_ymlutCsEBidQcjJoLtmtEqPhBjg6_BOR6aurpGINYWA_gybySP6I1aS8nuCnH67LEbjUPlrr1AxUy_a8P4mhKhmrMx0qTOnurFGFXClzR39E9l40FzAvEczgbKog1s9tRm5g_ZTBfBEKHyW7rXsa57FnvrfP8dNSgqbxwcor1vBwH5HjzRFQTMWGRUNLUakO4axXMQQRtxkMGPPWp49BbRxdC-GK40gJNOnilBj3FAeIW4EDpcsdSZwk2NO3lxbWE-lLJiVzQYcptzRpne2atkGwr4JiT000mgJHPjKm5C5jF3Nb-VvBEg5Gm2V4J4-L46iQZHB3Dv1kz6v3fqCt_-XBBH6YAZF-0_v_v-J6YQ9Y3JRHeKUSO9nJ769o0ivWL9C4s24kaEwFaAQQEwl-3d_NJs3TwFrGWSiON7_-a5UKFegXQjvNeUvsXrDojjgL7loYtJtE7qKfB1535ZgdMg-JiPEKnnVVFC2K-Z52jeQt8MJ3IfkLs09iGUUs6-YpSZ3LoXZr1xwuKqCCvh66FblxXqfLM-aYbHtu9-bxBXnMZKYdBz3E&cid=CAQSPADICaaN5eC0_qbPxvafMJJH_U5UEgVc0JlwdB3OxlRAEkOuaTpcmdtLgCzdXubZO_X1rDLpxi3M0-tbChgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fdfives.com%2F&ds=l&xdt=1&iif=1&cor=2678086090011529000&adk=250412560&idt=72&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8b2a8787593cfecbcd4ff91cf9438fffb729b65a6957eb368a88d75cf9c4250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4406873401428000&output=html&h=180&slotname=6928154013&adk=3788297780&adf=804204008&pi=t.ma~as.6928154013&w=930&lmt=1698796537&format=930x180&url=https%3A%2F%2Fdfives.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698800137008&bpp=1&bdt=1979&idt=1&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D899acace8958bf50-226e42d620e300c9%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MaKaxvphbvgJtaTMDCQIHBoyhWQXA&gpic=UID%3D00000cafafa213bd%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MbnUNV_VoVIUcv-4mixsauLEhdwCw&prev_fmts=0x0%2C750x100&nras=1&correlator=4719032816092&frm=20&pv=1&ga_vid=1640348007.1698800136&ga_sid=1698800136&ga_hid=1650286243&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=2729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079231%2C44795921%2C44805932%2C44807334%2C31078297&oid=2&pvsid=3172815694495667&tmod=822020882&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=awQDrDYMA5&p=https%3A//dfives.com&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13611
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A9B5 42 B
63 B 67ms
66ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BwsYmbJ1gfZWhfN8UFMx7SK_LGja45bfGsnwPdezuwSxOztNHR0Qhfm6PkNYQBEDzpZXNfuSXjQd60Tqqj2-b3KuSWzecX4U87ejYV5_VpAcRiXvk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4406873401428000&output=html&h=100&slotname=5971507018&adk=4091383590&adf=783313867&pi=t.ma~as.5971507018&w=750&lmt=1698796537&format=750x100&url=https%3A%2F%2Fdfives.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698800137000&bpp=2&bdt=1970&idt=2&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D899acace8958bf50-226e42d620e300c9%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MaKaxvphbvgJtaTMDCQIHBoyhWQXA&gpic=UID%3D00000cafafa213bd%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MbnUNV_VoVIUcv-4mixsauLEhdwCw&prev_fmts=0x0&nras=1&correlator=4719032816092&frm=20&pv=2&ga_vid=1640348007.1698800136&ga_sid=1698800136&ga_hid=1650286243&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=95&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079231%2C44795921%2C44805932%2C44807334%2C31078297&oid=2&pvsid=3172815694495667&tmod=822020882&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=ETl41fVS4b&p=https%3A//dfives.com&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231030/r20110914/client/ Frame A9B5 3 KB
1 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231030/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 23:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 23:22:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231030/r20110914/client/ Frame A9B5 20 KB
8 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231030/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 23:22:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 23:22:33 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A9B5 0
0 62ms
48ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSsSDfxU3eXCghMkQ2Dcv3f4bdiKvlB14MmFVSpqu77OPFsRKqDQ8eaLHmfhlWssHk1z7Dqhbrc0A0HRK4LCQ5La5k0uA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4406873401428000&output=html&h=100&slotname=5971507018&adk=4091383590&adf=783313867&pi=t.ma~as.5971507018&w=750&lmt=1698796537&format=750x100&url=https%3A%2F%2Fdfives.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698800137000&bpp=2&bdt=1970&idt=2&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D899acace8958bf50-226e42d620e300c9%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MaKaxvphbvgJtaTMDCQIHBoyhWQXA&gpic=UID%3D00000cafafa213bd%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MbnUNV_VoVIUcv-4mixsauLEhdwCw&prev_fmts=0x0&nras=1&correlator=4719032816092&frm=20&pv=2&ga_vid=1640348007.1698800136&ga_sid=1698800136&ga_hid=1650286243&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=95&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079231%2C44795921%2C44805932%2C44807334%2C31078297&oid=2&pvsid=3172815694495667&tmod=822020882&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=ETl41fVS4b&p=https%3A//dfives.com&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A9B5 188 KB
60 KB 166ms
71ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 00:55:37 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame F466
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECMozaOWQnsI_2-ZNX_8bU&google_cver=1

43 B
342 B

64ms
63ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECMozaOWQnsI_2-ZNX_8bU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiB5bvGATAB&v=APEucNVuMFhdz4IA4bn-HHdGyT1D1-qhL8f7KK0fbQdxGai7fdfMvg0BmWNMJ3ggEffWiUh4Km_VN2J-zkSavEEZwLQz2C68Q8dF-A-yr2GLr0vhpvFRcerUie7dLHF6b45Y7JNrYWWz8yw--zbu9EA0hIOjWuXAJPwhuSyZIbdZj8ls5Npy1w8
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jxIRGh24gJITW%2BNVbBR5uG1TrUq1HxtUTuojMSZbxZQM6%2B6b0%2B34Ku14jP91uL1AAJ%2FgkZPj2NaDY4oTKS%2BIPVwydXU8cfEx%2FqePLb1wCbjKjS5zKikM8Yri6VHbl9txae9P2O4DagWqEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81f02c5b9f88668d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECMozaOWQnsI_2-ZNX_8bU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F466
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUGiCbkdaidem3Ls8HZRBwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECMozaOWQnsI_2-ZNX_8bU&google_cver=1

43 B
728 B

50ms
50ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECMozaOWQnsI_2-ZNX_8bU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiB5bvGATAB&v=APEucNVuMFhdz4IA4bn-HHdGyT1D1-qhL8f7KK0fbQdxGai7fdfMvg0BmWNMJ3ggEffWiUh4Km_VN2J-zkSavEEZwLQz2C68Q8dF-A-yr2GLr0vhpvFRcerUie7dLHF6b45Y7JNrYWWz8yw--zbu9EA0hIOjWuXAJPwhuSyZIbdZj8ls5Npy1w8
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6k550tQYnf16g46hfdxsfkAj5zYXcbPzqICxePYaPxe55nvw7epuGiXX65GXEyXXSUyRxrBFm2A8U3l4adjia%2BfB9T%2B9KDt1E5cQL1VXyjAQ3FYcrIUAODdtNxTOpy5W1I9aufW0bQ1TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81f02c5c2daa6602-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECMozaOWQnsI_2-ZNX_8bU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame F466
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEM-cy7d-lDNFZCld0Q4yCGQ&google_cver=1

43 B
844 B

26ms
25ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEM-cy7d-lDNFZCld0Q4yCGQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiB5bvGATAB&v=APEucNVuMFhdz4IA4bn-HHdGyT1D1-qhL8f7KK0fbQdxGai7fdfMvg0BmWNMJ3ggEffWiUh4Km_VN2J-zkSavEEZwLQz2C68Q8dF-A-yr2GLr0vhpvFRcerUie7dLHF6b45Y7JNrYWWz8yw--zbu9EA0hIOjWuXAJPwhuSyZIbdZj8ls5Npy1w8

Protocol

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
an-x-request-uuid: efcff772-0e54-4955-8cd6-11031db7d129
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.153.46; 31.204.153.46; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEM-cy7d-lDNFZCld0Q4yCGQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F466
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ3OTQ2NjU0NjY1NTYyMjc1Ng%3D%3D

170 B
243 B

44ms
43ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ3OTQ2NjU0NjY1NTYyMjc1Ng%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
an-x-request-uuid: d473b477-cc4c-447c-8974-a1e0a5a9f224
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ3OTQ2NjU0NjY1NTYyMjc1Ng%3D%3D
x-proxy-origin: 31.204.153.46; 31.204.153.46; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2140 624 B
242 B 52ms
49ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEOOFn8MEGIbHm_EBMAE&v=APEucNUlcUm-rcRpq_UzuDL2nm4ffoZpUFDUzDmZX8CzFdm_ppDR5sXaepTIua-dgPE_MS86eAkD67P7HVUU7zzChbAldxtpbyod9Gmab1-cCzjxmowL6K9-cJ0Xc-GhWXJOjlCUTCk2hgT7i5v8IN_XKzl8A7OVYUOAQCte12SekqPdaSH5aU8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4406873401428000&output=html&h=100&slotname=5971507018&adk=4091383590&adf=783313867&pi=t.ma~as.5971507018&w=750&lmt=1698796537&format=750x100&url=https%3A%2F%2Fdfives.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698800137000&bpp=2&bdt=1970&idt=2&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D899acace8958bf50-226e42d620e300c9%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MaKaxvphbvgJtaTMDCQIHBoyhWQXA&gpic=UID%3D00000cafafa213bd%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MbnUNV_VoVIUcv-4mixsauLEhdwCw&prev_fmts=0x0&nras=1&correlator=4719032816092&frm=20&pv=2&ga_vid=1640348007.1698800136&ga_sid=1698800136&ga_hid=1650286243&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=95&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079231%2C44795921%2C44805932%2C44807334%2C31078297&oid=2&pvsid=3172815694495667&tmod=822020882&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=ETl41fVS4b&p=https%3A//dfives.com&dtd=6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 00:55:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame A9B5 111 KB
39 KB 128ms
33ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 02:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81195
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Nov 2023 02:22:22 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231030/r20110914/elements/html/ Frame A9B5 7 KB
3 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231030/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 23:31:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 23:31:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231030/r20110914/ Frame A9B5 23 KB
9 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231030/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 23:25:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5395
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9142
x-xss-protection: 0
server: cafe
etag: 3118617226516770384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 23:25:42 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame A9B5 41 KB
14 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 513191
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 02:22:26 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 355C 1 KB
643 B 32ms
31ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 81210
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 02:22:07 GMT
etag: 48472445140208031
expires: Wed, 01 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FC6F 13 KB
5 KB 33ms
32ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dfives.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 38790
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 14:09:07 GMT
expires: Wed, 30 Oct 2024 14:09:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4B96 829 B
1 KB 42ms
41ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5aa5ab237a5dcdb79f6e51929751585b4fff8cabfcc021d5694fdd72e8091992

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EEA4ppmmzT0vQ76rThgPuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dfives.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-EEA4ppmmzT0vQ76rThgPuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 00:55:37 GMT
expires: Wed, 01 Nov 2023 00:55:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 vape_hanging_out_of_pocket_3NL9TEh-218x150.jpg
dfives.com/wp-content/uploads/2020/01/ 7 KB
7 KB 27ms
27ms Image
image/webp 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dfives.com/wp-content/uploads/2020/01/vape_hanging_out_of_pocket_3NL9TEh-218x150.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 667e8b0c35c2059396010b7882c253e87f42d8a1388affe1e41698eaf77d3ff1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:37 GMT
x-hcdn-cache-status: HIT
server: hcdn
age: 4155
x-hcdn-request-id: 1bf8f3eaedee7b0ef93723c2ebd034b4-srv-edge2
content-type: image/webp
cache-control: public, max-age=31557600
x-hcdn-image-optimizer: f:webp q:85 w:1600
accept-ranges: bytes
content-length: 7030
expires: Thu, 31 Oct 2024 05:46:22 GMT

GET
DATA 200
OK truncated
/ Frame A9B5 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b787ad010f96066eb5d3523a628d4818918d10592d98c22e3f73b01811a8e35

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 2BB7 41 KB
14 KB 39ms
35ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CVlKlw3Eztp_etlmWBBLldeWiHhbiTm_8VjtaV6gWCekdl6hsFyRStDTzA7kb0GFStHb6Uv8_Y6FPO-azmtpq2LWyjS1S8Gx6ILOFUpnqKx8zd6uVvjd0pRRbwcpdOWE-pnor4CNsPF7qJkeLey4rwpZguD85uGTUhtK7Jpt1D-ptjzDLYz-d4dPz0y5uAOM5V5nFmZ7u5PcZNCxVGsuWWZ1ybgQ&cry=1&dbm_d=AKAmf-BRQl9ckKcetuuZ2L-hg-dYzWG9qFNdUQhEqCLKdvCjMY_GAEcMlH0e7xLWJytFit0VzBkAv-CkizDdDUxkhwJ7HGuCxXHMMEcJiz9DQ-QIBG7fKz-VO4WuA6ChjOAx8AGlGdTUUTm8okHOEW12xz0The0d8vVQv9SyzWnIshbozDprWKZ2qS3x-tbUwDvzHaYKExEWpp7RMWMPAe6KzShGlqoPdhR_UHlc0L1Myesi71EhwN_y4h1dbAUPXIMVBw9cSMXRYU7C3WjlSwA_ILdNlBlV-dxJ_MxWOeRQPADkRUsvX5ZQXT4VO-4UChuDKzyyfgmLxvQbvpvzlbFEU4TIAW4WCs1hmaV4A4CvAEGXQbLrHGFYAMtdFiFbsSrbezOJn2ElX-i_AultxvtWgCXAjVE1wla2Jlu3ZmYo3sNNsVUfn6U7EZFqmnaKp2M365BhGKr04FX2mjTPWq0p0wYXyj607e8JV1Y1Cl1yOMNzGB8nswdBvPYlhgAMsNQTwUu04-Vc9F_z6w11xeOgY2dtYEHjKyvjq0gkXsVXaoVAd3WOTwmQrgXVw1OGsLjkLzMiARH0ssU4EJd7YYgab2OI6wEUhCotnizMfNsTalxE11jLIR9DcUW_m1-9CZyO-KIpIJIZhoAXAfE_cii5FO8laqNYXPVJo49-UDGTSRX4k8JoKFkqM8STuR8NLxQCwIjhXiCYf7FHlALLsKTO9i1u_-TXQGYY6zuip5mB1UVMY0IAuUEeCiIKZSX97k48T5h05lINwYkczXGSxljxN2aiReAc1hY82uMWFcwTU0djoDlMi6Mwmk02xlV8m1tg1-gUhjL5OvOOseJpqrNm2Wn45ErMx4fX1hg5Kes-jZE1GwCuZOGoJFgg_xZpsvU4yYWA0St4UZ7ifU6Ha1Nztb_srhK7JuYTQo6uSZKhnG3tjWDPLauGGQO9o1Z5QBhCJHXlvbyj6FAYkbbPBkax0NYXaEcO2JBIfyBSBSqaBEg_mkV_2k0HoLBCtshHAOlsA51mqS2gD8CXXWCsbUZWYsigd7XWXLAAC6r1I8XoG8_SYWvM-bl4V3PShGZxzZ2TMFrenzoAnFX8j3r4j-fmWysreKSYOTu-MnR7P9NeaseNd6ax3SUcdlIOl0u4nJxk8rK-zKjyEFvjHKeiRt198N6xcL0GctgXcgJMfL7LY0VRJYPMHBmfPILMnTEAKJzUj4tS3w3kEwsvOyPE9GXQKwgWA8WtCpG7tfduO8mswfBZ0IexSkzMyY7ET3VrOgmPiHCUJHhOA9rTZwabrCjFa1Rwzu_Bj10dkxOYW2XjwP6P3siAbI9HoaINiC0mKlD8RDr1vzf_kVN2MuaSJMRovTx1PcRzqiGepGECQQZu0fCHLWlA4NJCDxbSz7hXQmtoiXW3IeRDEFhX08fsshFcwvjQOYCA2g8_llo7jLp5JvcxNucwsq4cwLsavrkU4R4Xs0cidR03l_-rpPXi8A_VNfwPh1ATccGPjMYrXovdjE_L-D8ZjEERV2AQIgt-26hXCeKFAHSwM2AfG8wFMB-_2VAMHAj9lV9jVg5lDGHMeJa5AA21tWktpiBfDHb6w9Jlf4LevRfFOJBdt9d_pos1ki2TiKGKLKJ4v1gArkeuxbei7SZmQeiw2RgHQSXNEC9OpZjcV48pK46BdKGu51hQ8y_sJzQYN6urXgMRe2XPek39fls2gfknyeBxnQmFIEspyjEPsD27vdpGykz1CdFpkTBNyLfJhQBCvjZR2IkkQXjJD7fBdDnzkvJG1CGOA4cdEgYNXEupdpsNM_P0PNNZEBKaJMokUYRe8ON8ygXLhd5JeSf5HEUK9W5W2b_Ql5mtekORnPOdyWQ0JbmruLpRBuxyPmQIJhNl2b-DkEveHfkcCwnm3s-X9k3IUsKGCV7ycyMrgBXGJlUdeqYShuvKsqhdCHEuggHLc6WMjBeox36vncbhd-KdAmvNX4W6P1rduXzqjjARXq80MuMhYA-dxFQJRq9egaDjbpWALNXTsdvCuZQgM4hjgQfw9ucnbPK25AblgyV-6BMwOuQ47jCJs47x_oEdQDC8OPS6gMBRTznDABbl777TFxXXn4o9btuJvqHr5bl7IzPec8Vci5f8wFh9-ml6R1lGl9mpjiRbjVcnmExNGo1fMy0y5hPPm5QNlfUvN7J33UXu64aZfoP5ZEWRfMXsBgyRlnbepbkVaNyJVSmPLdqLs4V25ALXPJZ-2YINdZUT_RBrC7UGmoeEG88JEwgxN9tyhkITWIlfgKsiFvFG6lD0T-3a9km1WKSeBMmWovtbdUUYe-tGHpJuElvc1K1MVfpALKPYJACV-G1zEkd_Zld4gxsSRzUUfzo7ftbbhOmmRtanFP45U_GsDR2vEXREM0lS21uqPegZe5p4-3AeUuSlABA7rR__i0AHzPj-Hz-goKahbzZxV0lpn2lLm99xOY5j_569eAdjAmG0lU9_H9Ehp0ZZevifKjlyr3QwQ8LYbnmAxf3l9cUt0u_kA5PmdmQTCAqI4EFdl0PRvHkDzCaSv-hATa1YYo4QjFh0n5SBEzRk7Lv5JEx_HM69x6Wd0OWn-YzFoJh_76aXqWpfK7rHadDyNnSgFrV6rpqo0xllcKPi8df9pSUyHntjSUFH4mU3cNmLsv3_h-5Ixa6xbmVz0vzyVYnHor1NLhJusulqEjsoHLqzZlhZfP5zSwEWHOYFrzwA8RV8_KZWLx3stqB53FOf6kEZZuXcncOVnUoNk45PpJf6x6I2b3-oLtbBE0i7Ca-WiyMtNVT6xDoz6E5kMZBNxPJbbE3DW0jeUPW0Ks51mUUgfl2REATlGgiu5hpx0y1Qd8WN-sPWsyzjrQ0piHM_ZelEw0n7PXiLHIQr1VeuRnE__31vGOyttsB_409Oa-CnZUPQvjrbKC2NHJT8Wb8MBZLRZR9G8JvzMzT61j99mdirEplvMOc2gi916ciVKZlpGdql4ygecNUEKODdeldabjmK1Pukgs1oI-WMC6cLzHRIzCRjIdrRsMgp5iLtgIIVfFCIRixglZ8hdTdHpNWWXRx37EX23ZrvzGl0_2vF885uPoROIITZz73lq8w0uRjWtGw2DkscywvN7fqAtE3IS1AOsWV0OlsAluGOKDAX_D_OQvDpsq-m9fC8yVs-5w4CgjmtdESGJa6HYqyelLSB6iEZfE1p06fhvyGrYe391deGdO1YjEG5CKiexGwT_yOKTKFSVGyCK5D4Ldhllwr3hIFBnH_ymlutCsEBidQcjJoLtmtEqPhBjg6_BOR6aurpGINYWA_gybySP6I1aS8nuCnH67LEbjUPlrr1AxUy_a8P4mhKhmrMx0qTOnurFGFXClzR39E9l40FzAvEczgbKog1s9tRm5g_ZTBfBEKHyW7rXsa57FnvrfP8dNSgqbxwcor1vBwH5HjzRFQTMWGRUNLUakO4axXMQQRtxkMGPPWp49BbRxdC-GK40gJNOnilBj3FAeIW4EDpcsdSZwk2NO3lxbWE-lLJiVzQYcptzRpne2atkGwr4JiT000mgJHPjKm5C5jF3Nb-VvBEg5Gm2V4J4-L46iQZHB3Dv1kz6v3fqCt_-XBBH6YAZF-0_v_v-J6YQ9Y3JRHeKUSO9nJ769o0ivWL9C4s24kaEwFaAQQEwl-3d_NJs3TwFrGWSiON7_-a5UKFegXQjvNeUvsXrDojjgL7loYtJtE7qKfB1535ZgdMg-JiPEKnnVVFC2K-Z52jeQt8MJ3IfkLs09iGUUs6-YpSZ3LoXZr1xwuKqCCvh66FblxXqfLM-aYbHtu9-bxBXnMZKYdBz3E&cid=CAQSPADICaaN5eC0_qbPxvafMJJH_U5UEgVc0JlwdB3OxlRAEkOuaTpcmdtLgCzdXubZO_X1rDLpxi3M0-tbChgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fdfives.com%2F&ds=l&xdt=1&iif=1&cor=2678086090011529000&adk=250412560&idt=72&cac=0&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 513191
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 02:22:26 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5ODgwMDEzNzM4NjA1OQogIHNlcnZlcl9pcDogMTM0MDU3MTE4CiAgcHJvY2Vzc19pZDogMTAwOTg0NDgxCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQz...
ad.doubleclick.net/ddm/activity/ Frame 2BB7 0
853 B 240ms
92ms Image
image/png 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5ODgwMDEzNzM4NjA1OQogIHNlcnZlcl9pcDogMTM0MDU3MTE4CiAgcHJvY2Vzc19pZDogMTAwOTg0NDgxCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQzCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9zb2JlcmJlcmxpbi5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogNDM4OTc0ODk4Mzc1NTAzMDE3NwpkZWJ1Z19rZXk6IDQyMDk2NTcyNjI5NzYzNDg0NTUKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTExLTAxIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIyMDU3NzkKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjYzODMwMjEwMQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIxNTY4MQogIH0KfQphcmNoZXR5cGVfaWQ6IDEKYXJjaGV0eXBlX2lkOiAzCmFyY2hldHlwZV9pZDogNAphcmNoZXR5cGVfaWQ6IDUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3NvYmVyYmVybGluLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDc1NDk3NDcyMAo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x36edf8af49058e1a0000000000000000","3":"0xa374a3bac02963ff0000000000000000","4":"0x7c16a22c5798d4670000000000000000","5":"0x39e47d61b1aa26eb0000000000000000"},"debug_key":"4209657262976348455","debug_reporting":true,"destination":"https://soberberlin.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["11868943"]},"priority":"0","source_event_id":"4389748983755030177"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bq116kcjs2zi Show response
hal9000.redintelligence.net/zone/ Frame 2BB7 11 KB
4 KB 180ms
55ms Script
text/html 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/bq116kcjs2zi?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpFsuCaJBZZCIA9TAjuwPl9-zsAPM-YagaYO-x__3D_AuEAEgrNWbe2CRhKCFjBjIAQmpAio9lfqxurE-qAMByAObBKoEkQJP0Dzx8u4ID5mibvyR_aysjXsNNNI6JjDIqvmF5giNHe4jxqu3OGERxbnES07IKBmr01mDdv6Xe_PaJ-vyLd4T8qImsfO_VMKAicTWYXTq0ppcrk-3g9w5WlA1CObDjnm4VvR6Cm3Hi0c4nM_ej0bzu9Zo13GlMRdRYNWZRAWNhFrUXtDh4hizy1tHdFDPvhVJELfcfUXQf_riI3Va8CRFIrfVfO29H10JxoD8hIfAmvq_eBgLJfZeqNkhoENYXWGYr_AvVYcDpTbAkgK1UYkx1gPN9VA23P8kHkm1_eHTiwZBy134vV8tg2EmSaiDNGMGDqowDNxBFsYhcX64OuPFBROmnTig7xpan-dhIWTBj2HABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaN5eC0_qbPxvafMJJH_U5UEgVc0JlwdB3OxlRAEkOuaTpcmdtLgCzdXubZO_X1rDLpxi3M0-tbChgB%26sig%3DAOD64_0M88kdtctWIOtmGz88SlDaRj9OBA%26client%3Dca-pub-4406873401428000%26dbm_c%3DAKAmf-CFGP79AFxs6i9LZCKmGxva7Uh8-8wp8o0iNRTPTzPdAiGcHULHU_2ESJqbsGwAoLQ8KmO6b5OApU95Im73K2yC9uJK2ur71HlFoe9MLTLeAmQBQe95O2qYJYV_8BC9Cynhw-30MmpRM4KONQ0ThPlBUDAgaVsbiFGfDKrXqLTvYCbnw6WANVs4DTbOAN0G3tSKg2YDXmSzBdQjDdZ81hExejLcrQ%26cry%3D1%26dbm_d%3DAKAmf-DH0UzDXo3jKXxWz8wCMKX3EqLnQgyP_rPN_DCukIdgYu-QVvAU1BeTSSiS8wzbryL8hYf47YlAorB9emp8eNWOVkICuD_mCqpCo5cfxEyZ2zgErTbYUcuHCyla5LR5WTcMSXxDc3dM-GOhwrB0ji5n8TmxTMjxWR49K1Adj1_Kx6ou25PjvAMYOVwAvzoqxaATR_olMMq_GQ7SxRXbQdryN-h_UIvhqYEWaLit9hAn2WSDFz2F4oXypY0IhquncZUDQ8KIKAkb6nFBAWshB7DeLrWdEa818sviSWXHFPX_kD6ttyaOSqVyOaMGYpUhAKEn77qyuJm20iSUR4rnk8cXjXK0ijudBVzz_wkhlAQOkkYHVeAJ6FXrC_TJUPXeXLQg0nGq6VfXGQ2lq6d8cUPww1e0SMHdPpu-_Ri4xT_rl0DmdhKxjq72iHzZksKyB5lAkt8tdsXxM66hLg-9E19V91lposthZ0Z6XBc7poTUp3RLwSUVNYPtrMz2CR7y-F9-dD5LJWWdsxpVQ0B7My0KGvZnE0Ku8gHvRYlLhdqku-FIEg74XHsjcmFXjSgvCsCnlHv4%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4406873401428000&output=html&h=180&slotname=6928154013&adk=3788297780&adf=804204008&pi=t.ma~as.6928154013&w=930&lmt=1698796537&format=930x180&url=https%3A%2F%2Fdfives.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698800137008&bpp=1&bdt=1979&idt=1&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D899acace8958bf50-226e42d620e300c9%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MaKaxvphbvgJtaTMDCQIHBoyhWQXA&gpic=UID%3D00000cafafa213bd%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MbnUNV_VoVIUcv-4mixsauLEhdwCw&prev_fmts=0x0%2C750x100&nras=1&correlator=4719032816092&frm=20&pv=1&ga_vid=1640348007.1698800136&ga_sid=1698800136&ga_hid=1650286243&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=2729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079231%2C44795921%2C44805932%2C44807334%2C31078297&oid=2&pvsid=3172815694495667&tmod=822020882&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=awQDrDYMA5&p=https%3A//dfives.com&dtd=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: cfa3431c2d52450cdd90f4b04d334908ec15cc1940345f42e65d16011095c9f7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 00:55:37 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4202
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 7078 38 KB
13 KB 34ms
32ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 405711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 08:13:46 GMT
expires: Sat, 26 Oct 2024 08:13:46 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2140
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECMozaOWQnsI_2-ZNX_8bU&google_cver=1

43 B
766 B

56ms
55ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECMozaOWQnsI_2-ZNX_8bU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEOOFn8MEGIbHm_EBMAE&v=APEucNUlcUm-rcRpq_UzuDL2nm4ffoZpUFDUzDmZX8CzFdm_ppDR5sXaepTIua-dgPE_MS86eAkD67P7HVUU7zzChbAldxtpbyod9Gmab1-cCzjxmowL6K9-cJ0Xc-GhWXJOjlCUTCk2hgT7i5v8IN_XKzl8A7OVYUOAQCte12SekqPdaSH5aU8
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l6%2BjxMg6Uzh8LieSGErs8EYMfkK4k5pk1pnuWGvFPFtx8V0Yz0ilexMuUTBisuGcRMtoxHyANfiP474jRPQ06inRPzuTqkqZbL01wmXq5MCZ3wvZKArp2pC0OCSCFJ%2FWvLoeG8Qrx1bT6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81f02c5bcd566602-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECMozaOWQnsI_2-ZNX_8bU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2140
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUGiCbkdaidem3Ls8HZRBwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECMozaOWQnsI_2-ZNX_8bU&google_cver=1

43 B
729 B

46ms
46ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECMozaOWQnsI_2-ZNX_8bU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEOOFn8MEGIbHm_EBMAE&v=APEucNUlcUm-rcRpq_UzuDL2nm4ffoZpUFDUzDmZX8CzFdm_ppDR5sXaepTIua-dgPE_MS86eAkD67P7HVUU7zzChbAldxtpbyod9Gmab1-cCzjxmowL6K9-cJ0Xc-GhWXJOjlCUTCk2hgT7i5v8IN_XKzl8A7OVYUOAQCte12SekqPdaSH5aU8
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ffNL8gc2gpayqbHEKZm9TjvoviC%2FpJE4XPzZ1xU8g47XdWc6dUo7t1FQ39DMduiZ2j1kxvPHtjM8EeZs2GMkmMVf3acqCM20Kqoqbh%2F6hmURNRMnORrV7ALUgLnVrSmKgqmiwooQipkaAw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81f02c5c2dab6602-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECMozaOWQnsI_2-ZNX_8bU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 2140
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEM-cy7d-lDNFZCld0Q4yCGQ&google_cver=1

43 B
844 B

26ms
25ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEM-cy7d-lDNFZCld0Q4yCGQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEOOFn8MEGIbHm_EBMAE&v=APEucNUlcUm-rcRpq_UzuDL2nm4ffoZpUFDUzDmZX8CzFdm_ppDR5sXaepTIua-dgPE_MS86eAkD67P7HVUU7zzChbAldxtpbyod9Gmab1-cCzjxmowL6K9-cJ0Xc-GhWXJOjlCUTCk2hgT7i5v8IN_XKzl8A7OVYUOAQCte12SekqPdaSH5aU8

Protocol

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
an-x-request-uuid: 6a123b9a-a24d-4a45-9bd2-f9421b8513d5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.153.46; 31.204.153.46; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEM-cy7d-lDNFZCld0Q4yCGQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2140
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ3OTQ2NjU0NjY1NTYyMjc1Ng%3D%3D

170 B
232 B

79ms
79ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ3OTQ2NjU0NjY1NTYyMjc1Ng%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
an-x-request-uuid: 70933e27-52c6-4a97-ac2d-7d5ceca4654d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ3OTQ2NjU0NjY1NTYyMjc1Ng%3D%3D
x-proxy-origin: 31.204.153.46; 31.204.153.46; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 355C
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECwLdpF0Vq4wS7pju3BaZWg&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECwLdpF0Vq4wS7pju3BaZWg&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N0h6WTBXQW0xUVhad2Q1&google_gid=CAESECwLdpF0Vq4wS7pju3BaZWg&google_cver=1&google_push=AXcoOmTIPqKQhFK_Fr0x-zsMTG7ydmvt72Q0srO3RjXxPVC...

170 B
188 B

44ms
43ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N0h6WTBXQW0xUVhad2Q1&google_gid=CAESECwLdpF0Vq4wS7pju3BaZWg&google_cver=1&google_push=AXcoOmTIPqKQhFK_Fr0x-zsMTG7ydmvt72Q0srO3RjXxPVCy9Uwv8GeLYsnjNQhTIzaTMKneSNio7e45u5BsjERUVGblgV_LvdJ6K6eu

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 00:55:37 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-791-gff05a1f#rel-ec2-master i-0237fe7a9d585a71c@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N0h6WTBXQW0xUVhad2Q1&google_gid=CAESECwLdpF0Vq4wS7pju3BaZWg&google_cver=1&google_push=AXcoOmTIPqKQhFK_Fr0x-zsMTG7ydmvt72Q0srO3RjXxPVCy9Uwv8GeLYsnjNQhTIzaTMKneSNio7e45u5BsjERUVGblgV_LvdJ6K6eu
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 355C
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMqLatua95Q3m8Zf9uRMLqg&google_cver=1&google_push=AXcoOmTSG7j0OX1t-jF-p3dgCqJoIsmcoTT6vqh18l8FoPKni-tQecRz-MTBYaZ1c2_kpvKdZeYf_AI_fYqaRZVSYjSAzRJ-6bp4j...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMqLatua95Q3m8Zf9uRMLqg&google_cver=1&google_push=AXcoOmTSG7j0OX1t-jF-p3dgCqJoIsmcoTT6vqh18l8FoPKni-tQecRz-MTBYaZ1c2_kpvKdZeYf_AI_fYqaRZVSYjSAzRJ-6bp...

43 B
434 B

219ms
186ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMqLatua95Q3m8Zf9uRMLqg&google_cver=1&google_push=AXcoOmTSG7j0OX1t-jF-p3dgCqJoIsmcoTT6vqh18l8FoPKni-tQecRz-MTBYaZ1c2_kpvKdZeYf_AI_fYqaRZVSYjSAzRJ-6bp4jRVb&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTSG7j0OX1t-jF-p3dgCqJoIsmcoTT6vqh18l8FoPKni-tQecRz-MTBYaZ1c2_kpvKdZeYf_AI_fYqaRZVSYjSAzRJ-6bp4jRVb%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4406873401428000&output=html&h=100&slotname=5971507018&adk=4091383590&adf=783313867&pi=t.ma~as.5971507018&w=750&lmt=1698796537&format=750x100&url=https%3A%2F%2Fdfives.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698800137000&bpp=2&bdt=1970&idt=2&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D899acace8958bf50-226e42d620e300c9%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MaKaxvphbvgJtaTMDCQIHBoyhWQXA&gpic=UID%3D00000cafafa213bd%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MbnUNV_VoVIUcv-4mixsauLEhdwCw&prev_fmts=0x0&nras=1&correlator=4719032816092&frm=20&pv=2&ga_vid=1640348007.1698800136&ga_sid=1698800136&ga_hid=1650286243&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=95&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079231%2C44795921%2C44805932%2C44807334%2C31078297&oid=2&pvsid=3172815694495667&tmod=822020882&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=ETl41fVS4b&p=https%3A//dfives.com&dtd=6
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81f02c5d08141b06-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 45
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMqLatua95Q3m8Zf9uRMLqg&google_cver=1&google_push=AXcoOmTSG7j0OX1t-jF-p3dgCqJoIsmcoTT6vqh18l8FoPKni-tQecRz-MTBYaZ1c2_kpvKdZeYf_AI_fYqaRZVSYjSAzRJ-6bp4jRVb&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTSG7j0OX1t-jF-p3dgCqJoIsmcoTT6vqh18l8FoPKni-tQecRz-MTBYaZ1c2_kpvKdZeYf_AI_fYqaRZVSYjSAzRJ-6bp4jRVb%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81f02c5bbf581b06-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 355C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEN0t9qV_o61WSjkoHj_eq78&google_push=AXcoOmQzSyOSZMyO0oHnLMHE3DWytn8d3adgP3cPxZ6y8qrmBvGlV0Zaqu...

170 B
188 B

42ms
42ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEN0t9qV_o61WSjkoHj_eq78&google_push=AXcoOmQzSyOSZMyO0oHnLMHE3DWytn8d3adgP3cPxZ6y8qrmBvGlV0ZaqucUbdhMXtqxFBiGCTpOClqsjQXcisnz-BpiVQs4-DwvP7OM

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-ams21065-AMS
pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1698800138.552467,VS0,VE85
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEN0t9qV_o61WSjkoHj_eq78&google_push=AXcoOmQzSyOSZMyO0oHnLMHE3DWytn8d3adgP3cPxZ6y8qrmBvGlV0ZaqucUbdhMXtqxFBiGCTpOClqsjQXcisnz-BpiVQs4-DwvP7OM
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 355C 70 B
149 B 144ms
43ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECZEG4c35sT7pWIlqxvykg8&google_cver=1&google_push=AXcoOmRi-xQ6y3tuwbfH4umdaJQFFihV91bYhJBkGvGbEHUqo186iJ7uzeCF4BqONcOFNv4liJ1FJrLKdvb3lDWwNpkuE4pzksZIewvT
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4406873401428000&output=html&h=100&slotname=5971507018&adk=4091383590&adf=783313867&pi=t.ma~as.5971507018&w=750&lmt=1698796537&format=750x100&url=https%3A%2F%2Fdfives.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698800137000&bpp=2&bdt=1970&idt=2&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D899acace8958bf50-226e42d620e300c9%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MaKaxvphbvgJtaTMDCQIHBoyhWQXA&gpic=UID%3D00000cafafa213bd%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MbnUNV_VoVIUcv-4mixsauLEhdwCw&prev_fmts=0x0&nras=1&correlator=4719032816092&frm=20&pv=2&ga_vid=1640348007.1698800136&ga_sid=1698800136&ga_hid=1650286243&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=95&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079231%2C44795921%2C44805932%2C44807334%2C31078297&oid=2&pvsid=3172815694495667&tmod=822020882&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=ETl41fVS4b&p=https%3A//dfives.com&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:37 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame 355C 43 B
146 B 244ms
31ms Image
image/gif 3.127.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDfs8_isYqpX01ABAamNS20&google_cver=1&google_push=AXcoOmTq-jsOd8ohHsKaLWh4C_ztxRv3uRwKsqTmVGyYtAcgSbwGlJYD6gyTC1JQt04z_Ni_k85C9CjUBaNmBjsGH_pxp-BAI4wMTf8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4406873401428000&output=html&h=100&slotname=5971507018&adk=4091383590&adf=783313867&pi=t.ma~as.5971507018&w=750&lmt=1698796537&format=750x100&url=https%3A%2F%2Fdfives.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698800137000&bpp=2&bdt=1970&idt=2&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D899acace8958bf50-226e42d620e300c9%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MaKaxvphbvgJtaTMDCQIHBoyhWQXA&gpic=UID%3D00000cafafa213bd%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MbnUNV_VoVIUcv-4mixsauLEhdwCw&prev_fmts=0x0&nras=1&correlator=4719032816092&frm=20&pv=2&ga_vid=1640348007.1698800136&ga_sid=1698800136&ga_hid=1650286243&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=95&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079231%2C44795921%2C44805932%2C44807334%2C31078297&oid=2&pvsid=3172815694495667&tmod=822020882&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=ETl41fVS4b&p=https%3A//dfives.com&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.91.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-91-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 355C
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKyZr5VzIvFOykHQUIttOCw&google_cver=1&google_push=AXcoOmTakAZVXWmnWalwYKnSZIKDx5YcT0lxGo5uKYd73JjjBOBMdLIjXF_ESSp1fi09AO5fM5ODjq_gwm-Z...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTakAZVXWmnWalwYKnSZIKDx5YcT0lxGo5uKYd73JjjBOBMdLIjXF_ESSp1fi09AO5fM5ODjq_gwm-ZrCtlo3RjKTHmVjoEZoeh

170 B
232 B

41ms
41ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTakAZVXWmnWalwYKnSZIKDx5YcT0lxGo5uKYd73JjjBOBMdLIjXF_ESSp1fi09AO5fM5ODjq_gwm-ZrCtlo3RjKTHmVjoEZoeh

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTakAZVXWmnWalwYKnSZIKDx5YcT0lxGo5uKYd73JjjBOBMdLIjXF_ESSp1fi09AO5fM5ODjq_gwm-ZrCtlo3RjKTHmVjoEZoeh
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 355C
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGZsjZAtZEkk...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRXySn9D0RNV70PK4Dn3dj35z2zlraoSiTrqwJ8B_IZcukbWGQMJO78ORdQv7mEvRIVg-0xsdXqHdZ0J0UIETw1NRMl_Vv9oMHF
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

58ms
57ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4406873401428000&output=html&h=100&slotname=5971507018&adk=4091383590&adf=783313867&pi=t.ma~as.5971507018&w=750&lmt=1698796537&format=750x100&url=https%3A%2F%2Fdfives.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698800137000&bpp=2&bdt=1970&idt=2&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D899acace8958bf50-226e42d620e300c9%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MaKaxvphbvgJtaTMDCQIHBoyhWQXA&gpic=UID%3D00000cafafa213bd%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MbnUNV_VoVIUcv-4mixsauLEhdwCw&prev_fmts=0x0&nras=1&correlator=4719032816092&frm=20&pv=2&ga_vid=1640348007.1698800136&ga_sid=1698800136&ga_hid=1650286243&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=95&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079231%2C44795921%2C44805932%2C44807334%2C31078297&oid=2&pvsid=3172815694495667&tmod=822020882&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=ETl41fVS4b&p=https%3A//dfives.com&dtd=6
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Wed, 01 Nov 2023 00:55:37 GMT
pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 355C 0
50 B 96ms
74ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LwPsIqWsiBiLq_K-IaSsgBhx5Tad3WILTdy882xKy0uTZIqPK4uZgDx96fngZ_RcyJ2vz_fg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 20161020043424-Travel-218x150.jpeg
dfives.com/wp-content/uploads/2020/02/ 7 KB
7 KB 29ms
29ms Image
image/webp 2a02:4780:84:538e:e8b:76d3:5a59:4a83
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dfives.com/wp-content/uploads/2020/02/20161020043424-Travel-218x150.jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:84:538e:e8b:76d3:5a59:4a83 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: f6be2f894f96a43d13528bcddd9148a1da02e3dece14d55781793001d102ff8f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:37 GMT
x-hcdn-cache-status: HIT
server: hcdn
age: 4154
x-hcdn-request-id: ca50d16fdac28349f4b70804969aefdf-srv-edge2
content-type: image/webp
cache-control: public, max-age=31557600
x-hcdn-image-optimizer: f:webp q:85 w:1600
accept-ranges: bytes
content-length: 7456
expires: Thu, 31 Oct 2024 05:46:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4B96 0
0 68ms
67ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231026&jk=3172815694495667&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame FC6F 38 KB
15 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 15:26:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 15:26:24 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 7428 38 KB
13 KB 33ms
32ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 405711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 08:13:46 GMT
expires: Sat, 26 Oct 2024 08:13:46 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 7078 38 KB
15 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 15:26:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 15:26:24 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 7428 38 KB
15 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 15:26:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 15:26:24 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2489025940379087204/ Frame C002 15 KB
4 KB 101ms
33ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fb7449fb43df3cbbffb84cff32c131114a1d0a87f8c485121f43a58c3476e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 403144
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3569
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 08:56:33 GMT
expires: Sat, 26 Oct 2024 08:56:33 GMT
last-modified: Wed, 19 Jul 2023 12:44:02 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A9B5 0
0 167ms
79ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvkVMROfkkJ38_fSWWEDmsmu6zux70VUoo4hjIwEtGkOX5ciRMg6imyeRgPVxzFDTKZLDMoe_4AXaygwY9PlgD3bJrEIs3aZ5cSf7akiJ6td0upjExj-llsux2Qi3VRgIgaupHIwATMO-dKhco6SeBP6HQqaN1AxIC_eu3eTAKSPoj956esasPC-wyAxbQplniaS07BqMufMB-R5dc774PQF4_k6y6H-QnrRnL-_GdASXhR9fZiORHy84NpKI5IKm67MTkdkwM01Zie47YWyTCz7axinuwMjFgDUAOWDgtkdZOnZMrSTOJ3bXpAr-VrS9vABiHCkoRp5h2CyiklAGLUGmEKNwTSUQpI5_1PJl8Hp1j_8p9j9Bb62lmN-VFWbBPc-_dzF8UmyDqJe8t7scJfvv8YOSRObRnfr209HW_kkc4T5lq-pRrK1mHYKP7fnIKzTQVjnQ4Ay-Ut6SIeQmdyVUNV1Rxmp4cPoNEjwigfYNQgd4T7YkeSNEZWXjlkVIeWJ1aOG_oR1taVm98F74rOJfqbAi3U025ugEOCtM6OehHGgVBOSN3jNJ5d__niHDliZ2DCG4j7aIEX71qv9ITJkMHyMWDeT0fGLdFLCuPc3sSoS_tTBExDnmPrgVR73Don3fh10iQgiMivYtQDw48QZAvjKmfFV4Pn97EblvGHP8NnWDcjFT7jw9jMUykmBSTpVD2wg148y-BlzTpltvQlHjZNNmAS7ZbKj3eSFfsDKR0d0npzwGx1EoFXmKUJTnt3cpDUrj4l_Gs8tWfKW79OoSXWynhNhzxOhMU-d9IQu8eH8JbqCPxWwiev79mPoY0tu_fGkvwarPkX_mn_ybYxIsCxWLR5QDX1z4dzqPN8dL2cbo-AKwR05Ovn6TicCo0sQoymm3mimKlTyeiTpBXhzr_-cw7ZsoOZ1VHt9RsC0rp_oA6bjnpKn6IAQVl5eOMnj7Pur_KBg7aa5waeeY28FnQ3UUg4xEn_D47Q1po-FdswXr_NtHIaX7mT9XOiAFzfo9tnBGYl4qIXuAwKiXC5WaCrL0SnXrM8vtPbH_DXq7YwkHDBkObgAR0Joz4bZHBBZ4KA8Dz3u6299XWfTHz2FjJINiOrrx-0fC2XQ-aMOc5vzV0gj9Mv3jGGFsNxdUYDSSMEy2rofxo8QzQMaqDEqocICA1wNmo9aOf7pykE8mlRKGOZ8Ax6ULu5KCgtFeA0D7R1daZRgK7kSwfsCEtrUOEkZZFYsrvktJgU3Nvcs5ZS58nWfZdoGD7Yl3jk5TURQKEbxVaFzOaHSRYG_baxsE-O7cpAuWkcY5m6WNsb5fH4nRX4YrCx7smyC82leqhyGfmvUnmXU64W6ZvOgz4xxmtMvZ1GeF3_xchyRRsGMZh9DuoA3I6ocqwQ&sai=AMfl-YTrfymIcSeSFKhNE_nKNpK4TRqwv-T5eVxUdpR-lalpEKpc6npQI__1ZiqH4AqE7Oue9HjshIZp_DlFqz8EDE4FxmZQMqsPSUrUkKmooAx-ylbm1W2YxGYo6CBSgqNGtGfbS41jr3_9UFg_WeB_31gxJMrdWF9MoyUHr2TPIuIwkZdo-L3qhnNRQXK7LceBzgaZCN4tayFMeE4_uWJfSvfr_UFCyDjL-HjgeUerHVKkMxUSDOiyf2xwkf9ZYdsJ_JIX09VUI2qSyGuh6iRAJKI5DYsg07lJ6oU_q3BRfaimlNlRz9yVKTDMb8isQ0bILiVOJomMH_qKCwXfiorY2YL-6J4-yhPuUR7yN7S8EbxwnR7qmZgwQeZqjCHB8MdcLBEohV1Wr7EJAb0WJDxcPaDm9nHi0eJ8B2xkfadvkCs7ikxfnz2UXTY&sig=Cg0ArKJSzIUQ7vuV-fwLEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=196&cbvp=1&cstd=193&cisv=r20231030.12421&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 01 Nov 2023 00:55:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal900028.redintelligence.net/ Frame 2BB7
Redirect Chain

https://hal900028.redintelligence.net/request.php?zone=bq116kcjs2zi&nw=20&renderingType=javascript&namespace=3ea7c54634&subid=&uid=023bac493f09e975&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900028.redintelligence.net/request.php?zone=bq116kcjs2zi&nw=20&renderingType=javascript&namespace=3ea7c54634&subid=&uid=023bac493f09e975&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

3 KB
2 KB

275ms
181ms

Script
application/x-javascript

88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/request.php?zone=bq116kcjs2zi&nw=20&renderingType=javascript&namespace=3ea7c54634&subid=&uid=023bac493f09e975&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=930x180&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpFsuCaJBZZCIA9TAjuwPl9-zsAPM-YagaYO-x__3D_AuEAEgrNWbe2CRhKCFjBjIAQmpAio9lfqxurE-qAMByAObBKoEkQJP0Dzx8u4ID5mibvyR_aysjXsNNNI6JjDIqvmF5giNHe4jxqu3OGERxbnES07IKBmr01mDdv6Xe_PaJ-vyLd4T8qImsfO_VMKAicTWYXTq0ppcrk-3g9w5WlA1CObDjnm4VvR6Cm3Hi0c4nM_ej0bzu9Zo13GlMRdRYNWZRAWNhFrUXtDh4hizy1tHdFDPvhVJELfcfUXQf_riI3Va8CRFIrfVfO29H10JxoD8hIfAmvq_eBgLJfZeqNkhoENYXWGYr_AvVYcDpTbAkgK1UYkx1gPN9VA23P8kHkm1_eHTiwZBy134vV8tg2EmSaiDNGMGDqowDNxBFsYhcX64OuPFBROmnTig7xpan-dhIWTBj2HABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaN5eC0_qbPxvafMJJH_U5UEgVc0JlwdB3OxlRAEkOuaTpcmdtLgCzdXubZO_X1rDLpxi3M0-tbChgB%26sig%3DAOD64_0M88kdtctWIOtmGz88SlDaRj9OBA%26client%3Dca-pub-4406873401428000%26dbm_c%3DAKAmf-CFGP79AFxs6i9LZCKmGxva7Uh8-8wp8o0iNRTPTzPdAiGcHULHU_2ESJqbsGwAoLQ8KmO6b5OApU95Im73K2yC9uJK2ur71HlFoe9MLTLeAmQBQe95O2qYJYV_8BC9Cynhw-30MmpRM4KONQ0ThPlBUDAgaVsbiFGfDKrXqLTvYCbnw6WANVs4DTbOAN0G3tSKg2YDXmSzBdQjDdZ81hExejLcrQ%26cry%3D1%26dbm_d%3DAKAmf-DH0UzDXo3jKXxWz8wCMKX3EqLnQgyP_rPN_DCukIdgYu-QVvAU1BeTSSiS8wzbryL8hYf47YlAorB9emp8eNWOVkICuD_mCqpCo5cfxEyZ2zgErTbYUcuHCyla5LR5WTcMSXxDc3dM-GOhwrB0ji5n8TmxTMjxWR49K1Adj1_Kx6ou25PjvAMYOVwAvzoqxaATR_olMMq_GQ7SxRXbQdryN-h_UIvhqYEWaLit9hAn2WSDFz2F4oXypY0IhquncZUDQ8KIKAkb6nFBAWshB7DeLrWdEa818sviSWXHFPX_kD6ttyaOSqVyOaMGYpUhAKEn77qyuJm20iSUR4rnk8cXjXK0ijudBVzz_wkhlAQOkkYHVeAJ6FXrC_TJUPXeXLQg0nGq6VfXGQ2lq6d8cUPww1e0SMHdPpu-_Ri4xT_rl0DmdhKxjq72iHzZksKyB5lAkt8tdsXxM66hLg-9E19V91lposthZ0Z6XBc7poTUp3RLwSUVNYPtrMz2CR7y-F9-dD5LJWWdsxpVQ0B7My0KGvZnE0Ku8gHvRYlLhdqku-FIEg74XHsjcmFXjSgvCsCnlHv4%26adurl%3D&documentReferer=https%3A%2F%2Fdfives.com%2F&ancestorOrigins=https%3A%2F%2Fdfives.com&random=8494155337589&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4406873401428000&output=html&h=180&slotname=6928154013&adk=3788297780&adf=804204008&pi=t.ma~as.6928154013&w=930&lmt=1698796537&format=930x180&url=https%3A%2F%2Fdfives.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698800137008&bpp=1&bdt=1979&idt=1&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D899acace8958bf50-226e42d620e300c9%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MaKaxvphbvgJtaTMDCQIHBoyhWQXA&gpic=UID%3D00000cafafa213bd%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MbnUNV_VoVIUcv-4mixsauLEhdwCw&prev_fmts=0x0%2C750x100&nras=1&correlator=4719032816092&frm=20&pv=1&ga_vid=1640348007.1698800136&ga_sid=1698800136&ga_hid=1650286243&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=2729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079231%2C44795921%2C44805932%2C44807334%2C31078297&oid=2&pvsid=3172815694495667&tmod=822020882&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=awQDrDYMA5&p=https%3A//dfives.com&dtd=5
Protocol: HTTP/1.1
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 74fd1cc32513885076978deda17fc1969ad604a91275e6ea277ade7e14451da3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 00:55:37 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 53251800007945504445410012495028
Connection: close
Content-Length: 1174
Expires: Wed, 01 Nov 2023 00:55:37 +0100

Redirect headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 00:55:37 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=bq116kcjs2zi&nw=20&renderingType=javascript&namespace=3ea7c54634&subid=&uid=023bac493f09e975&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=930x180&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpFsuCaJBZZCIA9TAjuwPl9-zsAPM-YagaYO-x__3D_AuEAEgrNWbe2CRhKCFjBjIAQmpAio9lfqxurE-qAMByAObBKoEkQJP0Dzx8u4ID5mibvyR_aysjXsNNNI6JjDIqvmF5giNHe4jxqu3OGERxbnES07IKBmr01mDdv6Xe_PaJ-vyLd4T8qImsfO_VMKAicTWYXTq0ppcrk-3g9w5WlA1CObDjnm4VvR6Cm3Hi0c4nM_ej0bzu9Zo13GlMRdRYNWZRAWNhFrUXtDh4hizy1tHdFDPvhVJELfcfUXQf_riI3Va8CRFIrfVfO29H10JxoD8hIfAmvq_eBgLJfZeqNkhoENYXWGYr_AvVYcDpTbAkgK1UYkx1gPN9VA23P8kHkm1_eHTiwZBy134vV8tg2EmSaiDNGMGDqowDNxBFsYhcX64OuPFBROmnTig7xpan-dhIWTBj2HABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaN5eC0_qbPxvafMJJH_U5UEgVc0JlwdB3OxlRAEkOuaTpcmdtLgCzdXubZO_X1rDLpxi3M0-tbChgB%26sig%3DAOD64_0M88kdtctWIOtmGz88SlDaRj9OBA%26client%3Dca-pub-4406873401428000%26dbm_c%3DAKAmf-CFGP79AFxs6i9LZCKmGxva7Uh8-8wp8o0iNRTPTzPdAiGcHULHU_2ESJqbsGwAoLQ8KmO6b5OApU95Im73K2yC9uJK2ur71HlFoe9MLTLeAmQBQe95O2qYJYV_8BC9Cynhw-30MmpRM4KONQ0ThPlBUDAgaVsbiFGfDKrXqLTvYCbnw6WANVs4DTbOAN0G3tSKg2YDXmSzBdQjDdZ81hExejLcrQ%26cry%3D1%26dbm_d%3DAKAmf-DH0UzDXo3jKXxWz8wCMKX3EqLnQgyP_rPN_DCukIdgYu-QVvAU1BeTSSiS8wzbryL8hYf47YlAorB9emp8eNWOVkICuD_mCqpCo5cfxEyZ2zgErTbYUcuHCyla5LR5WTcMSXxDc3dM-GOhwrB0ji5n8TmxTMjxWR49K1Adj1_Kx6ou25PjvAMYOVwAvzoqxaATR_olMMq_GQ7SxRXbQdryN-h_UIvhqYEWaLit9hAn2WSDFz2F4oXypY0IhquncZUDQ8KIKAkb6nFBAWshB7DeLrWdEa818sviSWXHFPX_kD6ttyaOSqVyOaMGYpUhAKEn77qyuJm20iSUR4rnk8cXjXK0ijudBVzz_wkhlAQOkkYHVeAJ6FXrC_TJUPXeXLQg0nGq6VfXGQ2lq6d8cUPww1e0SMHdPpu-_Ri4xT_rl0DmdhKxjq72iHzZksKyB5lAkt8tdsXxM66hLg-9E19V91lposthZ0Z6XBc7poTUp3RLwSUVNYPtrMz2CR7y-F9-dD5LJWWdsxpVQ0B7My0KGvZnE0Ku8gHvRYlLhdqku-FIEg74XHsjcmFXjSgvCsCnlHv4%26adurl%3D&documentReferer=https%3A%2F%2Fdfives.com%2F&ancestorOrigins=https%3A%2F%2Fdfives.com&random=8494155337589&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Wed, 01 Nov 2023 00:55:37 +0100

GET
H3 200 f1392a14826ddef15256a34960910a04.png
s0.2mdn.net/sadbundle/2489025940379087204/images/ Frame C002 18 KB
18 KB 35ms
34ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2489025940379087204/images/f1392a14826ddef15256a34960910a04.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323d244837d21d4cb380957be065e5bf6c462999f5c57e819d930eb72852cde3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 06:12:05 GMT
x-content-type-options: nosniff
age: 67412
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18109
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:44:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Oct 2024 06:12:05 GMT

GET
H3 200 38e2cd035594a7193224ccbf4fad213b.svg
s0.2mdn.net/sadbundle/2489025940379087204/images/ Frame C002 3 KB
1 KB 43ms
43ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2489025940379087204/images/38e2cd035594a7193224ccbf4fad213b.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3816defd14e327f4ec663434fb2d95f86a599d0060b111b0465f032a3db90da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 13:53:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385357
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1052
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:44:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Oct 2024 13:53:00 GMT

GET
H3 200 4a4a89a511e3c557e9470dc86cd630dc.svg
s0.2mdn.net/sadbundle/2489025940379087204/images/ Frame C002 3 KB
1 KB 41ms
40ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2489025940379087204/images/4a4a89a511e3c557e9470dc86cd630dc.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f11ca81090a5bce6acb554a079840e80405ee855da33aed367d2e9ebb3209dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 09:24:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 401466
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:44:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Oct 2024 09:24:31 GMT

GET
H3 200 a9e71ecec4a763ada736427c13f025e5.svg
s0.2mdn.net/sadbundle/2489025940379087204/images/ Frame C002 170 B
189 B 43ms
42ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2489025940379087204/images/a9e71ecec4a763ada736427c13f025e5.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e047f5f59595215030c40abe18de908fc34088e477a3844491b4e17a70de74c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 19:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365141
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 160
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:44:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Oct 2024 19:29:56 GMT

GET
H3 200 8189e80d56cc588c9c71dd4964c73ee4.svg
s0.2mdn.net/sadbundle/2489025940379087204/images/ Frame C002 29 KB
7 KB 36ms
35ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2489025940379087204/images/8189e80d56cc588c9c71dd4964c73ee4.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fde8181f0fd193c53c534eb5fed1ed29fe7a496930834c9a8119ea74cb945c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 12:24:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 390648
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7591
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:44:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Oct 2024 12:24:49 GMT

GET
H3 200 f68e5e7bca87e291529fb26f4062e323.svg
s0.2mdn.net/sadbundle/2489025940379087204/images/ Frame C002 3 KB
1 KB 41ms
40ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2489025940379087204/images/f68e5e7bca87e291529fb26f4062e323.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f62de547c38a73faa9cf610e7ec4a8c8a95fcff5b0fb1b97904d5d95be20fe8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 12:24:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 390648
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1188
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:44:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Oct 2024 12:24:49 GMT

GET
H3 200 51527a0bda754d19b1de6fc8c291c2b6.svg
s0.2mdn.net/sadbundle/2489025940379087204/images/ Frame C002 4 KB
2 KB 42ms
41ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2489025940379087204/images/51527a0bda754d19b1de6fc8c291c2b6.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7b2b54734106066914320438fe9105730c413a2876426ddf04e3c259d404b05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 382945
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1598
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:44:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Oct 2024 14:33:12 GMT

GET
H3 200 425b8ba6236740b0cb60926aef48113a.svg
s0.2mdn.net/sadbundle/2489025940379087204/images/ Frame C002 3 KB
1 KB 42ms
41ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2489025940379087204/images/425b8ba6236740b0cb60926aef48113a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06f004482e17cd781019152317a1e9d5a7d8ea0733b25ad2af8ad16429fbac03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 08:56:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403144
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1280
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:44:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Oct 2024 08:56:33 GMT

GET
H3 200 cfb7527e83685fd84ba2c757ae95728e.svg
s0.2mdn.net/sadbundle/2489025940379087204/images/ Frame C002 144 B
169 B 35ms
34ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2489025940379087204/images/cfb7527e83685fd84ba2c757ae95728e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0841b43610f53c5ab7259c11e0a8935c2c4e749fd0af052bfdd01fdb7f259897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 10:23:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 397931
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:44:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Oct 2024 10:23:26 GMT

GET
H3 200 be53ac0723efad8ca72eaae4df58884a.svg
s0.2mdn.net/sadbundle/2489025940379087204/images/ Frame C002 274 B
227 B 40ms
40ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2489025940379087204/images/be53ac0723efad8ca72eaae4df58884a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d124b41dad66f4b40e5aaecbc7fbb952b4b7cd38555ffa0cdafa0271d5acf76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 08:56:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403144
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:44:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Oct 2024 08:56:33 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FC6F 0
10 B 33ms
31ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?yfQePQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A9B5 0
0 76ms
75ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvkVMROfkkJ38_fSWWEDmsmu6zux70VUoo4hjIwEtGkOX5ciRMg6imyeRgPVxzFDTKZLDMoe_4AXaygwY9PlgD3bJrEIs3aZ5cSf7akiJ6td0upjExj-llsux2Qi3VRgIgaupHIwATMO-dKhco6SeBP6HQqaN1AxIC_eu3eTAKSPoj956esasPC-wyAxbQplniaS07BqMufMB-R5dc774PQF4_k6y6H-QnrRnL-_GdASXhR9fZiORHy84NpKI5IKm67MTkdkwM01Zie47YWyTCz7axinuwMjFgDUAOWDgtkdZOnZMrSTOJ3bXpAr-VrS9vABiHCkoRp5h2CyiklAGLUGmEKNwTSUQpI5_1PJl8Hp1j_8p9j9Bb62lmN-VFWbBPc-_dzF8UmyDqJe8t7scJfvv8YOSRObRnfr209HW_kkc4T5lq-pRrK1mHYKP7fnIKzTQVjnQ4Ay-Ut6SIeQmdyVUNV1Rxmp4cPoNEjwigfYNQgd4T7YkeSNEZWXjlkVIeWJ1aOG_oR1taVm98F74rOJfqbAi3U025ugEOCtM6OehHGgVBOSN3jNJ5d__niHDliZ2DCG4j7aIEX71qv9ITJkMHyMWDeT0fGLdFLCuPc3sSoS_tTBExDnmPrgVR73Don3fh10iQgiMivYtQDw48QZAvjKmfFV4Pn97EblvGHP8NnWDcjFT7jw9jMUykmBSTpVD2wg148y-BlzTpltvQlHjZNNmAS7ZbKj3eSFfsDKR0d0npzwGx1EoFXmKUJTnt3cpDUrj4l_Gs8tWfKW79OoSXWynhNhzxOhMU-d9IQu8eH8JbqCPxWwiev79mPoY0tu_fGkvwarPkX_mn_ybYxIsCxWLR5QDX1z4dzqPN8dL2cbo-AKwR05Ovn6TicCo0sQoymm3mimKlTyeiTpBXhzr_-cw7ZsoOZ1VHt9RsC0rp_oA6bjnpKn6IAQVl5eOMnj7Pur_KBg7aa5waeeY28FnQ3UUg4xEn_D47Q1po-FdswXr_NtHIaX7mT9XOiAFzfo9tnBGYl4qIXuAwKiXC5WaCrL0SnXrM8vtPbH_DXq7YwkHDBkObgAR0Joz4bZHBBZ4KA8Dz3u6299XWfTHz2FjJINiOrrx-0fC2XQ-aMOc5vzV0gj9Mv3jGGFsNxdUYDSSMEy2rofxo8QzQMaqDEqocICA1wNmo9aOf7pykE8mlRKGOZ8Ax6ULu5KCgtFeA0D7R1daZRgK7kSwfsCEtrUOEkZZFYsrvktJgU3Nvcs5ZS58nWfZdoGD7Yl3jk5TURQKEbxVaFzOaHSRYG_baxsE-O7cpAuWkcY5m6WNsb5fH4nRX4YrCx7smyC82leqhyGfmvUnmXU64W6ZvOgz4xxmtMvZ1GeF3_xchyRRsGMZh9DuoA3I6ocqwQ&sai=AMfl-YTrfymIcSeSFKhNE_nKNpK4TRqwv-T5eVxUdpR-lalpEKpc6npQI__1ZiqH4AqE7Oue9HjshIZp_DlFqz8EDE4FxmZQMqsPSUrUkKmooAx-ylbm1W2YxGYo6CBSgqNGtGfbS41jr3_9UFg_WeB_31gxJMrdWF9MoyUHr2TPIuIwkZdo-L3qhnNRQXK7LceBzgaZCN4tayFMeE4_uWJfSvfr_UFCyDjL-HjgeUerHVKkMxUSDOiyf2xwkf9ZYdsJ_JIX09VUI2qSyGuh6iRAJKI5DYsg07lJ6oU_q3BRfaimlNlRz9yVKTDMb8isQ0bILiVOJomMH_qKCwXfiorY2YL-6J4-yhPuUR7yN7S8EbxwnR7qmZgwQeZqjCHB8MdcLBEohV1Wr7EJAb0WJDxcPaDm9nHi0eJ8B2xkfadvkCs7ikxfnz2UXTY&sig=Cg0ArKJSzIUQ7vuV-fwLEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=435&vt=11&dtpt=239&dett=3&cstd=193&cisv=r20231030.12421&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: dfives.com
URL: https://dfives.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7078 0
20 B 67ms
67ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BaNbQCaJBZdPOAsyNjuwPg4OLiA4AAAAAOAHgBAI&bg=!hoWlhcrNAAbo5yKYyOc7ADQBe5WfOMoPDEHxIpKIblAR9c1_-Fzof204rjtWnzXuGH27JeNj68hAIRSRhj8Oz035WZLwAgAAARBSAAAABWgBB5kC3QTMJ57oHlEzthTA5rAK_-nybmwUjfcoAnezx4kKp34rlOWfT9tzk7Peyra3sXWZjVxFXVaQ7-9wWn6bZMjFhtUggIjAouRGjHmC7_LGEqPPkyBi1yfKsohT_y_BbFZDqPXA4F-tV7N4gxY8P-gR-zozcs7wNlMlf6fGgnhbGh3B4dieZMy0Vr8-afr9_CSRaysJI8C7DamSsEvUJomPgFuD-R41agSPh-JYIXe1DeOpKUAxgZLJGe4ul_IKPymyzNhhU8rKG8_UtB1o0GCPy3t7HoLQCZHC4W_nfIDrT7aV1q2NK9EKBQQ8zSOjQqWd2VFME_wDRJgxebRc-OnrdRGnonj-XTMVkv377HDVYu27VH8dn0hWEXbIxo-szdZGKjM4wqISIatCaLJPjsHJxWaosnP6xQmPs0m2lxTzGWH0nifBEcgsMBQIcR2w3EpJOoqqc-vTmB059hEZL_ya9Ki7KeX9smkXb4j6Ifx8IyV9TV7-aeCRyxdKSsAJOtbOFxTKxuxOGQYtspslI0wvRyHH7Cmrre-qfjHKXccBWq55-ps1zqz5Io0Ood7yH84lpn3DIYM9jSsJWJoqmzbxjcvLnRNd2_3zqauzN8lNa28tx0B5VXB69HUPAyYTGvO72uuU6v560EGnV_FaBNgNMpwtJIMoFPYd74Ctfn0fwamP9A1JuMCTWQ1lFkXVh9k0kWnftYyKLNAns9IEDHjdkDEu-UBVozfEFOKdKJIX8jyCgH6QYsrvyrrfanvklrw9NKpkmIgp3GF-OEq6O15SUpjOnKCrBqU0c9b6KxK4ectU2IAdcSmfaXMl8N1hsUcw8aWptBoFZwOC2JWL0BbspeTWM3Ao0OUKKj-2Ng4WeQKfDNvqOg8D64SqKTU5O5Xpsht6SDzuvBVlylX4gsZX1dL74EfPxTaAxrT5v2EPDdDEtLqZGH29pI40RpFwp6yUMnwhQhu6FdubjUFxUG4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7428 0
20 B 68ms
68ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bt33BCaJBZYvIF56Z9u8Poc2TMAAAAAA4AeAEAg&bg=!GxilGFfNAAbo5yKYyOc7ADQBe5WfOAamiYmJEN-tk8H6l0wcY5cQpA-7SYYc_Ttk3YWxWQsPghBCeVTkvzW7zWbgu-NmAgAAAN1SAAAABWgBB5kC6rbAeVSrYS6UZTxgPwvgEpzpInPscH5Jp3Mpe-q6Ke51F5FPQmH9egOIgWxCpGYa1yZz7UAad6Pv02F4UhJul0HMfWknKXmtxF6AI4NMRvO7U8rAuc7KiHP7ONK7o4W9_gsd6qImfIHrUo0D356eAO0gegWBNYFoID0WgcK6ypXtXMj4sCOsrRDBEKhlBZZdDlo5L42bOyPOAVbDOsN-yoSjZZ3vlps-wy8bfXhDUm_g7tdxvL_BomHuN4VCqRjr-ZERZFlqhV4StbzXkPsVDZ-C1FpWzbTerj1E4J69HxZIBVasCdrGT6Uqsa6mAqb9rr9m16biHWfFVzn_i_CGZvmcrZ-e28wlw16W6svZkbPAFjuhu0btfGDJhpwgMLado37huV_1X5qGmJZOyEr-8F8hGlww39kMd7-07dptLP_IHXNxgaybeMIJMKG2fMnOA_bhfKdK09Vdr6l-zKkew_9TQgIhCGv6tqMZn9xWvTuhIDYevdC1rukckuXQETgQ89togA3NrKMiHrvAAyJEdX6P7J9a_suKeTZo2tytWDgZtP_Y5Q_K49aqeYWYk7__OosXHve2Italqm-p7NKviyAo8DOZ7GBJzZKrXsY3euNWJpLH2u9lct60S_Rx8enC4MtxnjeVAGJKinaSFp6DBkwanRsd-2JkKgofiIFyGJVqbup39LTbagm02iACMNLLAG1XIAcHwz0fKPyuQjPFUq2YlCKnfqLjtfdBEceB6gRuy0Bt0ptBAJLct0dhUOCBZrVCTrHLya4eeP2eXKY7SvEVf1RpZFdIUOGw0gvnOFt5-OnZrkSqQp4zyy11TFInqZFVO_da82zHIrGv0BqszazPoa7OwUA3Y2LqmRyhwOeqxGt90IBpyjyFlLKLRZPUvzX8n_FDH1NTBPep6f1jNOC7FE_wFkFnbFlB6XQXDAPKenOWJoa9WUZBoMMrqLXeLj-iggN7AuGSdO3YOK2_hb685CeGueEuBWGM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ti.tradetracker.net/ Frame 2BB7 452 B
934 B 188ms
85ms Script
text/javascript 99.80.154.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ti.tradetracker.net/?c=36785&m=2147229&a=70002&r=53251800007945504445410012495028&t=js&wid=tt-58c86b
Requested by: Host: dfives.com
URL: https://dfives.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.154.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-154-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 85e9673e4ddcd0097c7df1f2ae7afab2113593ec09c453e4b24fe12d50fd8aa0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Wed, 01 Nov 2023 00:55:38 GMT
cache-control: no-cache, must-revalidate
server: nginx
content-type: text/javascript; charset=UTF-8

GET
H2 200 / Show response
ti.tradetracker.net/ Frame 2BB7 435 B
912 B 194ms
92ms Script
text/javascript 99.80.154.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ti.tradetracker.net/?c=34211&m=2005487&a=70002&r=53251800007945504445410012495028&t=js&wid=tt-7632cd
Requested by: Host: dfives.com
URL: https://dfives.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.154.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-154-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c166ccc4c240fec1772ff0ad39179a395c369eae897bef75bc9ac28c0819080f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Wed, 01 Nov 2023 00:55:38 GMT
cache-control: no-cache, must-revalidate
server: nginx
content-type: text/javascript; charset=UTF-8

GET
H/1.1 200
OK request_content.php Show response
hal900028.redintelligence.net/ Frame 362C 8 KB
3 KB 139ms
47ms Document
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/request_content.php?s=53251800007945504445410012495028&a=9291c37a
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=bq116kcjs2zi&nw=20&renderingType=javascript&namespace=3ea7c54634&subid=&uid=023bac493f09e975&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=930x180&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpFsuCaJBZZCIA9TAjuwPl9-zsAPM-YagaYO-x__3D_AuEAEgrNWbe2CRhKCFjBjIAQmpAio9lfqxurE-qAMByAObBKoEkQJP0Dzx8u4ID5mibvyR_aysjXsNNNI6JjDIqvmF5giNHe4jxqu3OGERxbnES07IKBmr01mDdv6Xe_PaJ-vyLd4T8qImsfO_VMKAicTWYXTq0ppcrk-3g9w5WlA1CObDjnm4VvR6Cm3Hi0c4nM_ej0bzu9Zo13GlMRdRYNWZRAWNhFrUXtDh4hizy1tHdFDPvhVJELfcfUXQf_riI3Va8CRFIrfVfO29H10JxoD8hIfAmvq_eBgLJfZeqNkhoENYXWGYr_AvVYcDpTbAkgK1UYkx1gPN9VA23P8kHkm1_eHTiwZBy134vV8tg2EmSaiDNGMGDqowDNxBFsYhcX64OuPFBROmnTig7xpan-dhIWTBj2HABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaN5eC0_qbPxvafMJJH_U5UEgVc0JlwdB3OxlRAEkOuaTpcmdtLgCzdXubZO_X1rDLpxi3M0-tbChgB%26sig%3DAOD64_0M88kdtctWIOtmGz88SlDaRj9OBA%26client%3Dca-pub-4406873401428000%26dbm_c%3DAKAmf-CFGP79AFxs6i9LZCKmGxva7Uh8-8wp8o0iNRTPTzPdAiGcHULHU_2ESJqbsGwAoLQ8KmO6b5OApU95Im73K2yC9uJK2ur71HlFoe9MLTLeAmQBQe95O2qYJYV_8BC9Cynhw-30MmpRM4KONQ0ThPlBUDAgaVsbiFGfDKrXqLTvYCbnw6WANVs4DTbOAN0G3tSKg2YDXmSzBdQjDdZ81hExejLcrQ%26cry%3D1%26dbm_d%3DAKAmf-DH0UzDXo3jKXxWz8wCMKX3EqLnQgyP_rPN_DCukIdgYu-QVvAU1BeTSSiS8wzbryL8hYf47YlAorB9emp8eNWOVkICuD_mCqpCo5cfxEyZ2zgErTbYUcuHCyla5LR5WTcMSXxDc3dM-GOhwrB0ji5n8TmxTMjxWR49K1Adj1_Kx6ou25PjvAMYOVwAvzoqxaATR_olMMq_GQ7SxRXbQdryN-h_UIvhqYEWaLit9hAn2WSDFz2F4oXypY0IhquncZUDQ8KIKAkb6nFBAWshB7DeLrWdEa818sviSWXHFPX_kD6ttyaOSqVyOaMGYpUhAKEn77qyuJm20iSUR4rnk8cXjXK0ijudBVzz_wkhlAQOkkYHVeAJ6FXrC_TJUPXeXLQg0nGq6VfXGQ2lq6d8cUPww1e0SMHdPpu-_Ri4xT_rl0DmdhKxjq72iHzZksKyB5lAkt8tdsXxM66hLg-9E19V91lposthZ0Z6XBc7poTUp3RLwSUVNYPtrMz2CR7y-F9-dD5LJWWdsxpVQ0B7My0KGvZnE0Ku8gHvRYlLhdqku-FIEg74XHsjcmFXjSgvCsCnlHv4%26adurl%3D&documentReferer=https%3A%2F%2Fdfives.com%2F&ancestorOrigins=https%3A%2F%2Fdfives.com&random=8494155337589&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 36e6cc844c445b8e67dc5333f2c7e1fae214beb729b92a0ba8a5326507e0f567

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2453
Content-Type: text/html; charset=utf-8
Date: Wed, 01 Nov 2023 00:55:38 GMT
Expires: Wed, 01 Nov 2023 00:55:38 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 2BB7 43 B
704 B 163ms
74ms Image
image/gif 23.210.125.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2224451&v=15314&q=344291&r=235229&pref1=53251800007945504445410012495028&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.210.125.176 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-125-176.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 00:55:38 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 89F3 1 KB
643 B 32ms
31ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 81211
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 02:22:07 GMT
etag: 48472445140208031
expires: Wed, 01 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2BB7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a03394da6eb193018889cb70977114403d0d666b37dfff1a27fc338f8b0169b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 89F3 0
104 B 142ms
50ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEO0jRLmlj8lMSFS0zpCrVfA&google_cver=1&google_push=AXcoOmRtFGXdj13-YQT0qwiXcZVlqAvq_NevpKlmTt68SQy-G6szOAdMT8beb_SYtjUovge0JsSu5zJyD9sxVfvrxLyfPmM_ArZmmw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4406873401428000&output=html&h=180&slotname=6928154013&adk=3788297780&adf=804204008&pi=t.ma~as.6928154013&w=930&lmt=1698796537&format=930x180&url=https%3A%2F%2Fdfives.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698800137008&bpp=1&bdt=1979&idt=1&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D899acace8958bf50-226e42d620e300c9%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MaKaxvphbvgJtaTMDCQIHBoyhWQXA&gpic=UID%3D00000cafafa213bd%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MbnUNV_VoVIUcv-4mixsauLEhdwCw&prev_fmts=0x0%2C750x100&nras=1&correlator=4719032816092&frm=20&pv=1&ga_vid=1640348007.1698800136&ga_sid=1698800136&ga_hid=1650286243&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=2729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079231%2C44795921%2C44805932%2C44807334%2C31078297&oid=2&pvsid=3172815694495667&tmod=822020882&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=awQDrDYMA5&p=https%3A//dfives.com&dtd=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:38 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 89F3 70 B
148 B 45ms
43ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOF0KnPfcneFZm51jrNE5T0&google_cver=1&google_push=AXcoOmQv5pp3P-T2qr8YyG3uh0V--KH0-PbAZOtzlWQtJdpxU_bXpCN220MyNxo_A17oPevYkO-n5luGAFHQKrNXI96-5c5Wa2zQQw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4406873401428000&output=html&h=180&slotname=6928154013&adk=3788297780&adf=804204008&pi=t.ma~as.6928154013&w=930&lmt=1698796537&format=930x180&url=https%3A%2F%2Fdfives.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698800137008&bpp=1&bdt=1979&idt=1&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D899acace8958bf50-226e42d620e300c9%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MaKaxvphbvgJtaTMDCQIHBoyhWQXA&gpic=UID%3D00000cafafa213bd%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MbnUNV_VoVIUcv-4mixsauLEhdwCw&prev_fmts=0x0%2C750x100&nras=1&correlator=4719032816092&frm=20&pv=1&ga_vid=1640348007.1698800136&ga_sid=1698800136&ga_hid=1650286243&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=2729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079231%2C44795921%2C44805932%2C44807334%2C31078297&oid=2&pvsid=3172815694495667&tmod=822020882&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=awQDrDYMA5&p=https%3A//dfives.com&dtd=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:38 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 89F3 0
172 B 109ms
30ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECRe7oQjB0PAvVxDntyoqE4&google_cver=1&google_push=AXcoOmSnJd4X85vA4UyKOhzWBjqFwPLaHtvULWx7nBJgeV5zkCo7ijZJl_P96rc-Lg3iqY-dt2ujavj_YSFPUiEZ-Ol_4OEoB8EkOw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4406873401428000&output=html&h=180&slotname=6928154013&adk=3788297780&adf=804204008&pi=t.ma~as.6928154013&w=930&lmt=1698796537&format=930x180&url=https%3A%2F%2Fdfives.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698800137008&bpp=1&bdt=1979&idt=1&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D899acace8958bf50-226e42d620e300c9%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MaKaxvphbvgJtaTMDCQIHBoyhWQXA&gpic=UID%3D00000cafafa213bd%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MbnUNV_VoVIUcv-4mixsauLEhdwCw&prev_fmts=0x0%2C750x100&nras=1&correlator=4719032816092&frm=20&pv=1&ga_vid=1640348007.1698800136&ga_sid=1698800136&ga_hid=1650286243&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=2729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079231%2C44795921%2C44805932%2C44807334%2C31078297&oid=2&pvsid=3172815694495667&tmod=822020882&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=awQDrDYMA5&p=https%3A//dfives.com&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:38 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 89F3
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGL4iSbA6AtQPrkbA0IgDmk&google_cver=1&google_push=AXcoOmSHBG-tuaA41zL6fqGjCZQ80wTU0Hlo9lXTQV9Djuyg684huMOAxYo82rdDvzDYdTnqobbBMpzUXHvmOM...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NjI5MTAzNTE1NDA4NjA0Mg%3D%3D&google_push=AXcoOmSHBG-tuaA41zL6fqGjCZQ80wTU0Hlo9lXTQV9Djuyg684huMOAxYo82rdDvzDYdTnqobbBMpzUXHvmOMrk5S...

170 B
188 B

42ms
42ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NjI5MTAzNTE1NDA4NjA0Mg%3D%3D&google_push=AXcoOmSHBG-tuaA41zL6fqGjCZQ80wTU0Hlo9lXTQV9Djuyg684huMOAxYo82rdDvzDYdTnqobbBMpzUXHvmOMrk5SGwSlIuSZA5Mg

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NjI5MTAzNTE1NDA4NjA0Mg%3D%3D&google_push=AXcoOmSHBG-tuaA41zL6fqGjCZQ80wTU0Hlo9lXTQV9Djuyg684huMOAxYo82rdDvzDYdTnqobbBMpzUXHvmOMrk5SGwSlIuSZA5Mg
Date: Wed, 01 Nov 2023 00:55:38 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 89F3
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJ0UNIlUu6zua2ajVDd1WpI&google_cver=1&google_push=AXcoOmQvh_VaVGacTp1hyUZoWARXxvK0fwh8cjk0x_92cJZpuEcHRQnuyEAdmjCxXBYFUJuti-rrrvdIZGLA1sXu...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=tLMDo1N2Rrwb4RKd0Ib7oA&google_push=AXcoOmQvh_VaVGacTp1hyUZoWARXxvK0fwh8cjk0x_92cJZpuEcHRQnuyEAdmjCxXBYFUJuti-rrrvdIZGLA1sXurPt6A3JF8LJKSg

170 B
188 B

41ms
41ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=tLMDo1N2Rrwb4RKd0Ib7oA&google_push=AXcoOmQvh_VaVGacTp1hyUZoWARXxvK0fwh8cjk0x_92cJZpuEcHRQnuyEAdmjCxXBYFUJuti-rrrvdIZGLA1sXurPt6A3JF8LJKSg

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 01 Nov 2023 00:55:38 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=tLMDo1N2Rrwb4RKd0Ib7oA&google_push=AXcoOmQvh_VaVGacTp1hyUZoWARXxvK0fwh8cjk0x_92cJZpuEcHRQnuyEAdmjCxXBYFUJuti-rrrvdIZGLA1sXurPt6A3JF8LJKSg
x-host: tde-deliveryengine-production-5597b7478c-5rqlq
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 89F3
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEq7TBTJ5sa5LQEsvMjQAIE&google_cver=1&google_push=AXcoOmTs2iMDbYqVvHNbH1jJBGp8jUypgLZpLWkM7rKBDlA_iVptErbSnGowK_szpOfNchw2TG40Tc56gjp4zIMAduZyI0N...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTs2iMDbYqVvHNbH1jJBGp8jUypgLZpLWkM7rKBDlA_iVptErbSnGowK_szpOfNchw2TG40Tc56gjp4zIMAduZyI0NAO2f7&google_hm=eS0uN1Z5YTBWRTJwRXZfYX...

170 B
188 B

41ms
41ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTs2iMDbYqVvHNbH1jJBGp8jUypgLZpLWkM7rKBDlA_iVptErbSnGowK_szpOfNchw2TG40Tc56gjp4zIMAduZyI0NAO2f7&google_hm=eS0uN1Z5YTBWRTJwRXZfYXYuMmEubFpOZDlta2pwZk55dn5B

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 01 Nov 2023 00:55:38 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTs2iMDbYqVvHNbH1jJBGp8jUypgLZpLWkM7rKBDlA_iVptErbSnGowK_szpOfNchw2TG40Tc56gjp4zIMAduZyI0NAO2f7&google_hm=eS0uN1Z5YTBWRTJwRXZfYXYuMmEubFpOZDlta2pwZk55dn5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 89F3 43 B
363 B 86ms
26ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTka1xQfbMpiVHmSNxvQRFcz8-1qwxJ-RMWcalnVpEY35mWUsy71sbj8sCFhWkZL6I_PKRi5wcLQQyeMW-AyCVvFhEtw5bq&google_gid=CAESEEtBkr5oEYeIuujL1vwS_BA&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:38 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 266080
expires: Wed, 01 Nov 2023 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 89F3 0
12 B 41ms
40ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IugWBU2u7bZmWptEKV9S4KzRugWioTBw2Efpx4n0d5zrB28YQAtyg0lXVa4ytIopsjTjfp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 css
fonts.googleapis.com/ Frame 362C 5 KB
778 B 46ms
43ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=53251800007945504445410012495028&a=9291c37a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Nov 2023 00:55:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 00:31:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Nov 2023 00:55:38 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 362C 50 KB
50 KB 264ms
171ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/72665/creativesup/image016.jpeg
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=53251800007945504445410012495028&a=9291c37a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 0e65d1d774a91775ecb1443e6bf807ff5f5ed3333b149b9b668130f4dd5432d4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 00:55:38 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 51270
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 362C 64 KB
64 KB 246ms
152ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/52703/creativesup/sfeerbanner_1200x672.jpg
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=53251800007945504445410012495028&a=9291c37a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 5568451a2b45bd740bc769ac00a6f62c01ab36fd039b6fbf46e576e9827dbcd5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 00:55:38 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 64950
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 362C 45 KB
45 KB 250ms
157ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/53619/creativesup/211221_banners_megekko_affiliate_image__1200x627.jpg
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=53251800007945504445410012495028&a=9291c37a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 38b43ff417c15a7d66fcec14de574e97b177d24b2d9258d1459af6755818bbf1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 00:55:38 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 45917
Vary: Accept-Encoding
Content-Type: image/png

GET
H2

200

b6b56d4db26a7ddae298f91033941ff8970f56.png
static.tradetracker.net/nl/material_image/e8/ Frame 2BB7
Redirect Chain

https://ti.tradetracker.net/?c=36785&m=2147229&a=70002&r=53251800007945504445410012495028&t=html
https://static.tradetracker.net/nl/material_image/e8/b6b56d4db26a7ddae298f91033941ff8970f56.png

28 KB
28 KB

150ms
54ms

Image
image/png

2600:9000:20c3:a000:1a:7c92:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tradetracker.net/nl/material_image/e8/b6b56d4db26a7ddae298f91033941ff8970f56.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4406873401428000&output=html&h=180&slotname=6928154013&adk=3788297780&adf=804204008&pi=t.ma~as.6928154013&w=930&lmt=1698796537&format=930x180&url=https%3A%2F%2Fdfives.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698800137008&bpp=1&bdt=1979&idt=1&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D899acace8958bf50-226e42d620e300c9%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MaKaxvphbvgJtaTMDCQIHBoyhWQXA&gpic=UID%3D00000cafafa213bd%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MbnUNV_VoVIUcv-4mixsauLEhdwCw&prev_fmts=0x0%2C750x100&nras=1&correlator=4719032816092&frm=20&pv=1&ga_vid=1640348007.1698800136&ga_sid=1698800136&ga_hid=1650286243&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=2729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079231%2C44795921%2C44805932%2C44807334%2C31078297&oid=2&pvsid=3172815694495667&tmod=822020882&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=awQDrDYMA5&p=https%3A//dfives.com&dtd=5
Protocol: H2
Server: 2600:9000:20c3:a000:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: eb287c371a9eb1ac498609fe9e83705d037dcdb9cb40946e4d4b8c48f3b5f56f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:52:14 GMT
via: 1.1 04033844f25f5e47de102de77d8b5f4c.cloudfront.net (CloudFront)
last-modified: Mon, 12 Dec 2022 10:49:56 GMT
server: nginx
x-amz-cf-pop: MUC50-C1
age: 237
etag: "63970754-708b"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 28811
x-amz-cf-id: 6_1OlNIHlBT3vzLm2yfQHTJnlBpECyto5kNYzmplAP8ptjUu3fedHw==

Redirect headers

location: https://static.tradetracker.net/nl/material_image/e8/b6b56d4db26a7ddae298f91033941ff8970f56.png
date: Wed, 01 Nov 2023 00:55:38 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
server: nginx
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

4d264f3bae6f2b10db14dab5d6f5fef3ae51cc.jpg
static.tradetracker.net/nl/material_image/70/ Frame 2BB7
Redirect Chain

https://ti.tradetracker.net/?c=34211&m=2005487&a=70002&r=53251800007945504445410012495028&t=html
https://static.tradetracker.net/nl/material_image/70/4d264f3bae6f2b10db14dab5d6f5fef3ae51cc.jpg

97 KB
97 KB

195ms
94ms

Image
image/jpeg

2600:9000:20c3:a000:1a:7c92:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tradetracker.net/nl/material_image/70/4d264f3bae6f2b10db14dab5d6f5fef3ae51cc.jpg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4406873401428000&output=html&h=180&slotname=6928154013&adk=3788297780&adf=804204008&pi=t.ma~as.6928154013&w=930&lmt=1698796537&format=930x180&url=https%3A%2F%2Fdfives.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698800137008&bpp=1&bdt=1979&idt=1&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D899acace8958bf50-226e42d620e300c9%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MaKaxvphbvgJtaTMDCQIHBoyhWQXA&gpic=UID%3D00000cafafa213bd%3AT%3D1698800136%3ART%3D1698800136%3AS%3DALNI_MbnUNV_VoVIUcv-4mixsauLEhdwCw&prev_fmts=0x0%2C750x100&nras=1&correlator=4719032816092&frm=20&pv=1&ga_vid=1640348007.1698800136&ga_sid=1698800136&ga_hid=1650286243&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=335&ady=2729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079231%2C44795921%2C44805932%2C44807334%2C31078297&oid=2&pvsid=3172815694495667&tmod=822020882&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=awQDrDYMA5&p=https%3A//dfives.com&dtd=5
Protocol: H2
Server: 2600:9000:20c3:a000:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4cceeda9854393610236e90cd30132b01a18980275937ffe553ec4e2f448afad

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:38 GMT
via: 1.1 04033844f25f5e47de102de77d8b5f4c.cloudfront.net (CloudFront)
last-modified: Tue, 21 Dec 2021 13:45:41 GMT
server: nginx
x-amz-cf-pop: MUC50-C1
age: 116
etag: "61c1da85-18254"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 98900
x-amz-cf-id: v4fXjrWHy0EpVrC-MqLJ7vF5y4iwdf_NLdruusTaXlr_91fZm3xuEQ==

Redirect headers

location: https://static.tradetracker.net/nl/material_image/70/4d264f3bae6f2b10db14dab5d6f5fef3ae51cc.jpg
date: Wed, 01 Nov 2023 00:55:38 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
server: nginx
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900028.redintelligence.net/ Frame 362C 0
150 B 139ms
47ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/viewability?s=53251800007945504445410012495028&a=49e6584a&vb=m
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=53251800007945504445410012495028&a=9291c37a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900028.redintelligence.net/request_content.php?s=53251800007945504445410012495028&a=9291c37a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 00:55:38 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 / Show response
ti.tradetracker.net/ Frame 362C 433 B
699 B 81ms
80ms Script
text/javascript 99.80.154.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=53251800007945504445410012495028&t=js&wid=tt-363ac
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=53251800007945504445410012495028&a=9291c37a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.154.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-154-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5cac346cb041710fc3e1c23eb421259a2ec7dc100b15fba84627b449ad5312eb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Wed, 01 Nov 2023 00:55:38 GMT
cache-control: no-cache, must-revalidate
server: nginx
content-type: text/javascript; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 362C 14 KB
15 KB 32ms
31ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900028.redintelligence.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:23:45 GMT
x-content-type-options: nosniff
age: 462713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 16:23:45 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 362C 15 KB
15 KB 35ms
34ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900028.redintelligence.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 09:02:57 GMT
x-content-type-options: nosniff
age: 402761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 09:02:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 69ms
68ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231026&jk=3172815694495667&bg=!TU6lTgHNAAbo5yKYyOc7ADQBe5WfOAgfeph0Dop5fy-vrYAEZ7yslz9p9CGYnwKhjJzlDFaoU7aMhuVwW5yyzX2JdvHIAgAAAR1SAAAAAmgBBwoAOuS65GSIftVulHtKt9xkCUSKzWiTpudVdlCxMU1fxAzCGpC4-oTh6F6dZ_riw_fN2fGAfvf2pG3uLqCZArk-EqLalEMZ8I6feYSVk_DwxwZF09y-c-kg3THna1u8olOLbljAOhXHHW_BVHXX1TSYpzSgIaKMXEOqQR1Z-0Y5RheCbtg4nrS67NsPa3tqHGDAkPaOrjNVoSxG3iMmvKvMgiaQOK9IBqVoJDHY5D8dOmU98XrWvZpLIv3vhpWRODx0s0zFmKpHHQDQsESzzsuDrU504tBFJ0gZzfuJnoDJ4iLabcFfC6Y-bFT1xBWqdf-dMD-38YildfduEVEAAd4edYkE7lbW4Xy4PiDXrfopp0mlNJ5bfdmx2t4u56cg3OVTsmyHpbC_Wq6TdH0pm4dwSuX0QkdQJkyqN-fLUGcJdoJQ129kXBrBBxjhJANmxiOLGFMpsi91iTllQl6RbV5yBN_sUxBCEJKmVKGREOE0pmcnP6TdRZmSulZDC77GP2fSkDbLjyki-TspOAMQy43dr8W9qb0RKw_SiXO9jGCRnKqZP43TqHLXaCnIrgLoKvrfGIVIy0LOW2q1b1_PPsw0DJ2PYdtzU-mynuN0Bdy7BMX6N6huYZEpNtzvFnH-TV_9ah9mpixL7GlAIBduwKsmvs6XY17n9-37FeMoefim1KKAAYjBtYlhdWMLk1635h73QCqsKpgcuxZfg7VzWDBeUHn0n2MEtRoagsrEvUXfLFDvBxhIouIboKnHMWK6BrwNFs73PzQCLnsuTtAEyoChTIQy_K3O9Xe0ncawBE42_5brBqCVxFKUL0jf6UwLRdSJSg4VT40mq58uep6Q9LHf7pCCiSQ10OFnkpck7JftdzFWt9tRzsW8X3iTKaJEDWUinr5eg7wT90epftHziJyvFqXw1GHB2SM-NSnAAR1n7Oo0PurSBnpfWkCUcNoQD23BxSQibg4gd9GBjmhTbfZTkwJju7SiQC6WLq1pz_I1ztOiQhQpnEGT
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dfives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2

200

1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
static.tradetracker.net/nl/material_image/49/ Frame 362C
Redirect Chain

https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=53251800007945504445410012495028&t=html
https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg

13 KB
13 KB

85ms
85ms

Image
image/jpeg

2600:9000:20c3:a000:1a:7c92:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=53251800007945504445410012495028&a=9291c37a
Protocol: H2
Server: 2600:9000:20c3:a000:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d731e6d3e38558377e2fa974639cabf5209d9cafa5f00e186b0e3faf0aea02b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:55:04 GMT
via: 1.1 04033844f25f5e47de102de77d8b5f4c.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2017 08:27:46 GMT
server: nginx
x-amz-cf-pop: MUC50-C1
age: 34
etag: "58ca4c82-335a"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 13146
x-amz-cf-id: xD2_A7uMMLHEmdMDPB54PL3VyMxTf_z2ZmC5fjbPABKxiIog_Kpt4g==

Redirect headers

location: https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
date: Wed, 01 Nov 2023 00:55:38 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
server: nginx
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A9B5 42 B
64 B 76ms
75ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJfLrAMsdxbjtnmbDZjr-NVXayTt8rYVjMxAV7deZnaq8FH6I4PQNcEOxcRDl91iSPMnaK2VkFKqk9rWjuvOuH4vghSRvZ6LX-pcOp-RL3eez1PWlfhTdqYgmOGHNVrRBhS1ot5iu_4KvT&sai=AMfl-YT1NP6D_f9TvOVFId9OehIvd74J42ieK9NXlPgULRClS0ZKYOT_OLN-b6ncnYiaeL5X7J2sRoHMAA15qvkd5uFTMSds7UYXis8dimn811ijD3ibszzEpHiyrV5D&sig=Cg0ArKJSzAg36Xf_cD4TEAE&cid=CAQSPADICaaNDAcGlas28uZ9_XJEakhG9-Yv2omhWIYi2K3SLEnQLPRaKlvyt7OanTCwxU7-jGFsnbZP28FUbBgB&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231030&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4091383590&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698800137007&rpt=712&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2BB7 0
20 B 65ms
65ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9537857705473&version=m202309260101&ct=77&x=1&cor=2678086090011529000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 00:55:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

201 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

48 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dfives.com/	1970-01-21 01:29:20	Name: _ga_VNEXHG7TZX Value: GS1.1.1698800135.1.0.1698800135.0.0.0
.dfives.com/	1970-01-21 01:14:56	Name: __gads Value: ID=899acace8958bf50-226e42d620e300c9:T=1698800136:RT=1698800136:S=ALNI_MaKaxvphbvgJtaTMDCQIHBoyhWQXA
.dfives.com/	1970-01-21 01:14:56	Name: __gpi Value: UID=00000cafafa213bd:T=1698800136:RT=1698800136:S=ALNI_MbnUNV_VoVIUcv-4mixsauLEhdwCw
.dfives.com/	1970-01-21 01:29:20	Name: _ga Value: GA1.2.1640348007.1698800136
.dfives.com/	1970-01-20 15:54:46	Name: _gid Value: GA1.2.780278754.1698800136
.dfives.com/	1970-01-20 15:53:20	Name: _gat_gtag_UA_156903277_1 Value: 1
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2083659821698800136
.psacard.com/	1970-01-20 15:53:21	Name: __cf_bm Value: JnBo4WhqooVEvrmo.09dMs3v.PPm6a8SZTwTBxsxlSw-1698800136-0-AePFEPIxNZHRC3gBsrm1w/vYxM5JPZ3qDjv1OhCJ3FD/Tz9RTJ+aqzYXLbnKhYIy0LCyei+SFRT9Z/DRuzyH7L5wI0FIgzmFTBlzbJNyvigC
.dfives.com/	1970-01-21 00:38:56	Name: _ym_uid Value: 1698800137342919991
.dfives.com/	1970-01-21 00:38:56	Name: _ym_d Value: 1698800137
dfives.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8ee88392a5af813c5f23814989c30b39
.mc.yandex.com/	1970-01-20 15:53:20	Name: sync_cookie_csrf Value: 2119557294fake
.yandex.com/	1970-01-21 01:29:20	Name: i Value: z8giq4KodG5PNPj6uni1m2T/KLoM4dzKc/qOwhVTfsKVD2SthsrIVEAS3yMWqu+2iPFkah7lhK/lEXZffH16NgQtF7s=
.yandex.com/	1970-01-21 00:38:56	Name: yandexuid Value: 2591002211698800136
.dfives.com/	1970-01-20 15:54:32	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 15:53:20	Name: sync_cookie_csrf Value: 691660541fake
.mc.yandex.com/	1970-01-20 15:54:46	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 01:29:20	Name: yandexuid Value: 2591002211698800136
.yandex.ru/	1970-01-21 01:29:20	Name: yuidss Value: 2591002211698800136
.yandex.ru/	1970-01-21 01:29:20	Name: i Value: z8giq4KodG5PNPj6uni1m2T/KLoM4dzKc/qOwhVTfsKVD2SthsrIVEAS3yMWqu+2iPFkah7lhK/lEXZffH16NgQtF7s=
.yandex.ru/	1970-01-21 01:29:20	Name: yp Value: 1698886536.yu.6245035941698800136
.yandex.ru/	1970-01-21 00:38:56	Name: ymex Value: 1701392136.oyu.6245035941698800136#1730336136.yrts.1698800136#1730336136.yrtsi.1698800136
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 544421791698800137
.yandex.com/	1970-01-21 00:38:56	Name: yuidss Value: 2591002211698800136
.yandex.com/	1970-01-21 00:38:56	Name: ymex Value: 1730336137.yrts.1698800137
.yandex.com/	1970-01-21 00:38:56	Name: bh Value: KgI/MA==
.dfives.com/	1970-01-20 15:53:21	Name: _ym_visorc Value: b
.doubleclick.net/	1970-01-21 01:14:56	Name: IDE Value: AHWqTUk0BW6r9Gnzhpmrmia1CZQ5sBT7uakpTYLDRiMCXL1Qdwpyd4ZFNjDPoSU08o0
.doubleclick.net/	1970-01-20 20:12:32	Name: APC Value: AfxxVi6Q66xZj0gBzx5ftgfB3pyZxHBRyHwYk9I0uDGRduvqtRrInw
.adnxs.com/	1970-01-20 18:02:56	Name: uuid2 Value: 2479466546655622756
.casalemedia.com/	1970-01-21 00:38:56	Name: CMID Value: ZUGiCbkdaidem3Ls8HZRBwAA
.casalemedia.com/	1970-01-20 18:02:56	Name: CMPS Value: 3248
.casalemedia.com/	1970-01-20 18:02:56	Name: CMPRO Value: 3248
.adnxs.com/	1970-01-20 18:02:56	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%9YaB.Z!1yIE`fS1ueD1W-044)d+]UfnVu=`!Y:>6(p<-3PTDB+>?]-Rm1.!:<H((RG9RFMZ9T5_m!x'x-)TVSM
.w55c.net/	1970-01-21 01:23:34	Name: wfivefivec Value: 7HzY0WAm1QXZwd5
.w55c.net/	1970-01-20 16:36:32	Name: matchgoogle Value: 5
.everesttech.net/	1970-01-21 00:38:56	Name: everest_g_v2 Value: g_surferid~ZUGiCQAAAE8hlwAj
.doubleclick.net/	1970-01-20 16:36:32	Name: ar_debug Value: 1
.redintelligence.net/	1970-01-20 18:02:56	Name: 8lcfmzhxc8d6_uid Value: cc2ba22980ffdfa4
.tribalfusion.com/	1970-01-20 18:02:56	Name: ANON_ID Value: aEntuJRZdySbAIUMnXUx7KZdrY5BZcO7tJ2tJZalZbnNHrxrFnCZcFIZdPdroWmZcHvvKRE9WCZbiB0D3OxVUcJ1tySdRdlZaV
.adfarm1.adition.com/	1970-01-20 18:02:56	Name: UserID1 Value: 7296291035154086042
.blismedia.com/	1970-01-21 00:39:00	Name: b Value: 6541A20ACCA2950787E20511BLIS
.awin1.com/	1970-01-20 15:57:39	Name: awpv15314 Value: 235229\|1698800138\|5f5e1730-7851-11ee-84cc-223908f3a6a6
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 344291:2224451
.travelaudience.com/	1970-01-21 01:23:34	Name: _tracker Value: %7B%22UUID%22%3A%22B4B303A3-5376-46BC-1BE1-129DD086FBA0%22%7D
.tradetracker.net/	1970-01-20 18:17:20	Name: pi Value: acccaaf44e235d906a7f962659bf263e
.tradetracker.net/	1970-01-21 00:40:22	Name: uf Value: iH6mKK3lp8q4uHmPd4H33jNmclF6aUdtVC9CeGN1UGdUTHQ4QkpCNndHOHdBcC90MUtZekFEejB2ZzMyZFpJYXA3RjNJc1JwU004Qi80NDYyclgrbmNxbHZISDRoekp0UGloZWx3PT0%3D
.yahoo.com/	1970-01-21 00:39:17	Name: A3 Value: d=AQABBAqiQWUCEMuUpfOa5MUVZhfwthJaHXYFEgEBAQHzQmVLZQAAAAAA_eMAAA&S=AQAAAlYyVTZbA_vRVO95RpnqhBI

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://magazine.artland.com/wp-content/uploads/2022/07/Auction-room-christies-cover.jpg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://dfives.com/wp-content/uploads/2021/02/Untitled-4.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dfives.com/wp-content/uploads/2020/01/9.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dfives.com/wp-content/uploads/2019/10/Untitled-7.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ads.travelaudience.com
blog.psacard.com
cm.g.doubleclick.net
dclk-match.dotomi.com
dfives.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
finance.zohocorp.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900028.redintelligence.net
i.ytimg.com
i0.wp.com
ib.adnxs.com
images.sarcasmtherapy.com
images.unsplash.com
magazine.artland.com
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
pm.w55c.net
pr-bh.ybp.yahoo.com
region1.google-analytics.com
s.tribalfusion.com
s0.2mdn.net
sandhillssentinel.com
static.tradetracker.net
static.wixstatic.com
sync-tm.everesttech.net
sync.teads.tv
syndication.gcdnanalytics.com
ti.tradetracker.net
tpc.googlesyndication.com
tr.blismedia.com
west.statisticsplatform.com
www.awin1.com
www.dfives.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.reuters.com
x.bidswitch.net
104.17.168.6
104.18.36.155
108.138.36.8
141.193.213.20
142.250.184.198
142.250.184.226
142.250.185.162
151.101.130.49
178.250.1.9
18.140.151.8
185.89.210.46
192.0.77.2
2001:4860:4802:32::36
23.210.125.176
23.35.237.56
2600:9000:20c3:a000:1a:7c92:efc0:93a1
2600:9000:225b:4200:1e:5c56:d400:93a1
2600:9000:237d:6200:15:5a3e:9d40:93a1
2606:4700:10::6816:574
2606:4700:3036::6815:5911
2606:4700::6812:19ad
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2016
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a02:4780:84:538e:e8b:76d3:5a59:4a83
2a02:4780:84:aa35:ccb:7400:3238:371b
2a02:6b8::1:119
2a02:fa8:8806:20::2010
2a04:4e42:8d::159
2a04:4e42:8e::720
2a05:d018:d29:3605:3a1b:de73:79e7:85eb
2a06:98c1:3120::3
3.127.91.113
34.96.105.8
35.190.0.66
35.71.131.137
51.89.9.253
52.29.206.161
78.46.23.46
85.114.159.93
88.99.165.19
99.80.154.46
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
057c32f526b789c69104aae9492a1f7e3c12f708040b54c7c1b38e910160b2e4
069e2abed69e2efcd6930c0615ae8c32c1cb9f76e6e9ffae45495bc6759a3f95
06f004482e17cd781019152317a1e9d5a7d8ea0733b25ad2af8ad16429fbac03
0841b43610f53c5ab7259c11e0a8935c2c4e749fd0af052bfdd01fdb7f259897
0891804a56327bacae315d5e5281bee36c729cabfe22697a28083eeb39eb8608
08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641
09cbb2b248b331191547ac91f0b6997c26f6aebff2fd874ac6ac74d7866a6180
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e65d1d774a91775ecb1443e6bf807ff5f5ed3333b149b9b668130f4dd5432d4
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17f7ff1a83e1f5d47cce9542ae7a2bfdad582ff16b489730856a51ffc2fe20ec
1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2
236b4c423d4e7aa68b88b6801ba1734e18ae68c636ee9377465de19092ed14e3
2751e5751af0a6529d5f04ca9901a32624755f99ec601906b15913594167e106
2a6860ddcbbf4c1633548caaf898cab67192b5ae5e40e4c592435026fbf7c6e5
2c8bb5cb6c500df244b676dd7e0895c8b2b544d8c55cd6a4542c4335c03dba8a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
323d244837d21d4cb380957be065e5bf6c462999f5c57e819d930eb72852cde3
3279a675fa3e542e26af09d9bc444b84145a14b4ac67177fd907f9ff5a3c33ad
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3512361730e13fcac7d51987304534c6c6fff463c5706647f2b651c5b93793f8
36e6cc844c445b8e67dc5333f2c7e1fae214beb729b92a0ba8a5326507e0f567
3816defd14e327f4ec663434fb2d95f86a599d0060b111b0465f032a3db90da2
38b43ff417c15a7d66fcec14de574e97b177d24b2d9258d1459af6755818bbf1
39e755dd319441e61e338b00aec055697238b2b1fdd7638ebe58f63d09b66a0e
3d124b41dad66f4b40e5aaecbc7fbb952b4b7cd38555ffa0cdafa0271d5acf76
42a782f90928ca08421ac227673542b55044a8cb102884863475088d2ffee731
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45b567a5b9598a7213393d57c5565d1bd326324e29a80ecc79164accf0e9a7b0
45e3a305b99fb3d62023203eb463c41db88ddf2cc2896e718974d495a26aea44
4807aa97bf191ec7666224e3a3be04b2aebfa220c5bf2f58cf35e0433b3d49be
48adb7590f55a1ec7829692c36ef09c5214739cf4b389412550b7e90fcb172f2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cceeda9854393610236e90cd30132b01a18980275937ffe553ec4e2f448afad
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fb7449fb43df3cbbffb84cff32c131114a1d0a87f8c485121f43a58c3476e1b
515fbfeb51a45e120dc53c8bfda86c38d3b8e7f3163ff22515437237ea3ea0f3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53f53dd4f6fe76e084de807f3e52422f2a2893313839d35e3cf7741d79e2d16b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5568451a2b45bd740bc769ac00a6f62c01ab36fd039b6fbf46e576e9827dbcd5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56170d5dc5e437edf605f64d0effd274f3e628db747d75fc412bb95637092e22
56a12e09823b7d1fd698d47ae84775579de54ef68317145b77f629882c729e39
58aa9fb2bb8be995d02e0f974b1f302a4bafd08e360c8dc4546b8ca458a66f33
5aa5ab237a5dcdb79f6e51929751585b4fff8cabfcc021d5694fdd72e8091992
5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5cac346cb041710fc3e1c23eb421259a2ec7dc100b15fba84627b449ad5312eb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
667e8b0c35c2059396010b7882c253e87f42d8a1388affe1e41698eaf77d3ff1
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6d2a62e0e157ce34862c41674c427b3afba2acb7322b5414a8f681eba3a417c9
6d731e6d3e38558377e2fa974639cabf5209d9cafa5f00e186b0e3faf0aea02b
72557cfcc2b26237aec10e1293bc7355a25f1b44b04184ab6b843d923cce1432
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
74fd1cc32513885076978deda17fc1969ad604a91275e6ea277ade7e14451da3
7a89d23287ae3c749a356c76da7ef88c34d0ed018c049701b05304c3f6601ab7
7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7b787ad010f96066eb5d3523a628d4818918d10592d98c22e3f73b01811a8e35
7f752c11d633622e82ef7ec24e8ae079948726c3dee9ceb7decd11d7f325cc30
85e9673e4ddcd0097c7df1f2ae7afab2113593ec09c453e4b24fe12d50fd8aa0
8a03394da6eb193018889cb70977114403d0d666b37dfff1a27fc338f8b0169b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f12654203755cfbb43f2f123158949e9cd143cfb291edec062468862eafd5c5
909d3c87e81cd94f2ffd154793fe01fff434771f3f10aca86ef291c9d42bc581
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9d1580840a03e77d08989d15a0d62a007a3ae689bf3a817dbe44d32d4a0044e3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a07342247ac03b7c5f7bd1fd33c93d9ad294574fcca0d05c584e5d40efb43b01
a145acdd03e1bf08d27d2b5150d920d14567667986db3c62135fcbf650cd1516
a417e53b24ca685662dbf871a96aa8fa6f7c982ac6722e9b55b448921b80e309
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a5442291e1c921abc633723ad82232f8388cde8206a5e27148d5904b08c7462b
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b22b92bba1432d1e62c819855bb3cb326676e0084bdf67dbe9bf771b13ed810a
b562c12d7df7a1f40a9f046a42424303d62e7b345c0cf5152f00e177cf4f0093
b68930d2c9e1b16b4310bdd9d8c2d96f611e1d3bfbc47c350af19eef3c989e99
bedcc92fa96a1549eec70158c56437af620ad5562b61b64bbf86dfc8bb30dec5
bf77065b0e4b52c6ee71566850b3e6a1ecdfd6331427c5063a1116e347b85203
c166ccc4c240fec1772ff0ad39179a395c369eae897bef75bc9ac28c0819080f
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c55cfc7d53060cadb707813a37ba0a35d407a9348415a647ba3cf19a34297101
c93f2b199769425f50c94fac30e57e84be0a6a0621dc7e4af7b2e3166a71205e
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cfa3431c2d52450cdd90f4b04d334908ec15cc1940345f42e65d16011095c9f7
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
d227e31ec93027f2b903fe5011b6ef0d67fd1fd8e0105843a2f56626e74f4322
d42a88d4d3618a336f6155ec10a0bc7fb94efdbd42ab2bc1be84c9be45f42f44
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de59f94358d4e2ba6ec0d2db822c45f703652869ee4b532113084aa349595a5e
de98a1796215794caa85f85d250d28f0dc5e310162aa1c87f16fe83598d4366d
e047f5f59595215030c40abe18de908fc34088e477a3844491b4e17a70de74c9
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd
eb287c371a9eb1ac498609fe9e83705d037dcdb9cb40946e4d4b8c48f3b5f56f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11ca81090a5bce6acb554a079840e80405ee855da33aed367d2e9ebb3209dd4
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f62de547c38a73faa9cf610e7ec4a8c8a95fcff5b0fb1b97904d5d95be20fe8d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6be2f894f96a43d13528bcddd9148a1da02e3dece14d55781793001d102ff8f
f7b2b54734106066914320438fe9105730c413a2876426ddf04e3c259d404b05
f8507ac232f66466c72fab22c85e4a6b4fd11bc0f5bf02830632d8e60ab85c0f
f8b2a8787593cfecbcd4ff91cf9438fffb729b65a6957eb368a88d75cf9c4250
fb02be778f676292731a6b95e72ba1abcf2213f45ba668715630b829ea20f16c
fde8181f0fd193c53c534eb5fed1ed29fe7a496930834c9a8119ea74cb945c96
ff048925f929c34d1c4de8a2c2a51833ca832246044a11b7ed287f2978fda58d
ff099241aab30034b641871095d946669f5eebbd89988f4277c59399a28b151a
ff58039976d62beef36f2d3750b639e7cd571662fe6c6c34cc67beb61647f312

dfives.com Open in urlscan Pro 2a02:4780:84:538e:e8b:76d3:5a59:4a83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

170 Requests

86 %HTTPS

53 %IPv6

44 Domains

53 Subdomains

45 IPs

9 Countries

7715 kBTransfer

10816 kBSize

48 Cookies

0 Outgoing links

Page URL History

Redirected requests

170 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

dfives.com Open in urlscan Pro
2a02:4780:84:538e:e8b:76d3:5a59:4a83 Public Scan

Screenshot
Live screenshot

Full Image

170
Requests

86 %
HTTPS

53 %
IPv6

44
Domains

53
Subdomains

45
IPs

9
Countries

7715 kB
Transfer

10816 kB
Size

48
Cookies

170 HTTP transactions
6 data transactions