cqty1.bhuefbfrvbn.workers.dev Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cqty1.bhuefbfrvbn.workers.dev/
Submission: On July 04 via api (July 4th 2024, 5:43:46 pm UTC) from US — Scanned from NL

Summary HTTP 209 Redirects Links 67 Behaviour Indicators

Summary

This website contacted 32 IPs in 6 countries across 19 domains to perform 209 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is cqty1.bhuefbfrvbn.workers.dev.
TLS certificate: Issued by WE1 on June 20th 2024. Valid for: 3 months.

This is the only time cqty1.bhuefbfrvbn.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 69	172.67.216.21 172.67.216.21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.160.150.71 3.160.150.71	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:206... 2600:9000:206f:c000:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
3	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	3.125.67.51 3.125.67.51	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
10	102.130.121.238 102.130.121.238	328364 (Host-Afri...) (Host-Africa-AS)
3	172.67.216.245 172.67.216.245	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
70	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1f::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
11	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.164 142.250.186.164	15169 (GOOGLE) (GOOGLE)
1	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
2 4	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
2	188.114.96.9 188.114.96.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.161 142.250.185.161	15169 (GOOGLE) (GOOGLE)
209	32

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cqty1.bhuefbfrvbn.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 172.67.216.21 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dctboyojy.578333.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.150.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-71.fra60.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

old.carmag.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:c000:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.67.51 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-67-51.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 102.130.121.238 (South Africa)

ASN328364 (Host-Africa-AS, ZA)

image.blob.ix.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.216.245 (United States)

ASN13335 (CLOUDFLARENET, US)

highburyads.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

70 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a78e7b7cd0d35b1ba316b63e4ad47ddb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1f::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.164 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.96.9 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

cqty1.bhuefbfrvbn.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
85	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 137 a78e7b7cd0d35b1ba316b63e4ad47ddb.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 177	2 MB
69	578333.xyz 1 redirects dctboyojy.578333.xyz	1 MB
10	ix.co.za image.blob.ix.co.za	2 MB
10	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 stats.g.doubleclick.net — Cisco Umbrella Rank: 136 ad.doubleclick.net — Cisco Umbrella Rank: 164 Failed googleads.g.doubleclick.net — Cisco Umbrella Rank: 70	177 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 844	236 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	370 KB
4	workers.dev cqty1.bhuefbfrvbn.workers.dev	26 KB
3	google.nl www.google.nl — Cisco Umbrella Rank: 10567	581 B
3	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3125 www.google.com — Cisco Umbrella Rank: 5	87 B
3	highburyads.co.za highburyads.co.za	212 KB
3	gstatic.com fonts.gstatic.com	47 KB
3	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 5168 buttons-config.sharethis.com — Cisco Umbrella Rank: 5857 l.sharethis.com — Cisco Umbrella Rank: 5781	48 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71	21 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	2 KB
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 493	431 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 133	2 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1073	7 KB
1	carmag.co.za old.carmag.co.za	28 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 324	31 KB
209	19

	Domain	Requested by
72	pagead2.googlesyndication.com	cqty1.bhuefbfrvbn.workers.dev pagead2.googlesyndication.com securepubads.g.doubleclick.net
69	dctboyojy.578333.xyz	1 redirects cqty1.bhuefbfrvbn.workers.dev dctboyojy.578333.xyz
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
10	image.blob.ix.co.za	cqty1.bhuefbfrvbn.workers.dev dctboyojy.578333.xyz
4	ad.doubleclick.net	cqty1.bhuefbfrvbn.workers.dev
4	cdn.taboola.com	cqty1.bhuefbfrvbn.workers.dev cdn.taboola.com
4	www.googletagmanager.com	cqty1.bhuefbfrvbn.workers.dev www.googletagmanager.com
4	cqty1.bhuefbfrvbn.workers.dev	cqty1.bhuefbfrvbn.workers.dev static.cloudflareinsights.com
3	www.google.nl	cqty1.bhuefbfrvbn.workers.dev
3	highburyads.co.za	cqty1.bhuefbfrvbn.workers.dev
3	fonts.gstatic.com	fonts.googleapis.com
3	securepubads.g.doubleclick.net	cqty1.bhuefbfrvbn.workers.dev securepubads.g.doubleclick.net
2	www.google.com	1 redirects cqty1.bhuefbfrvbn.workers.dev
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	cqty1.bhuefbfrvbn.workers.dev
1	googleads.g.doubleclick.net	1 redirects
1	region1.analytics.google.com	www.googletagmanager.com
1	gum.criteo.com	cdn.taboola.com
1	a78e7b7cd0d35b1ba316b63e4ad47ddb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.googleadservices.com	www.googletagmanager.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	static.cloudflareinsights.com	cqty1.bhuefbfrvbn.workers.dev
1	old.carmag.co.za	cqty1.bhuefbfrvbn.workers.dev
1	www.googletagservices.com	cqty1.bhuefbfrvbn.workers.dev
1	platform-api.sharethis.com	cqty1.bhuefbfrvbn.workers.dev
209	27

This site contains links to these domains. Also see Links.

Domain
dctboyojy.578333.xyz
www.joburgetc.com
www.capetownetc.com
www.africaninsider.com
www.youtube.com
www.facebook.com
www.instagram.com
twitter.com
wordpress.org
highburyads.co.za

Subject Issuer	Validity	Valid
bhuefbfrvbn.workers.dev WE1	`2024-06-20` - `2024-09-18`	3 months	crt.sh
578333.xyz GTS CA 1P5	`2024-06-03` - `2024-09-01`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M03	`2024-04-19` - `2025-05-17`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
image.blob.ix.co.za R3	`2024-05-22` - `2024-08-20`	3 months	crt.sh
highburyads.co.za WE1	`2024-06-22` - `2024-09-20`	3 months	crt.sh
*.googleadservices.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-18` - `2024-09-17`	3 months	crt.sh
*.google.nl WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://cqty1.bhuefbfrvbn.workers.dev/
Frame ID: 08382EF11E654C2A53FE51277146D526
Requests: 125 HTTP requests in this frame

Frame: https://a78e7b7cd0d35b1ba316b63e4ad47ddb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 357952B507C71DA637478354E00AEDAE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: 57A4EF5AD44C8DFA9C2E4FAF9D4661E3
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.399082428;dc_pre=COOM0-X3jYcDFUShgwcd1joLMg;dc_trk_aid=590604620;dc_trk_cid=218283907;ord=1788559956;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?nis=6
Frame ID: 4DEC10FF31C6381539F7B96A12D9FD61
Requests: 11 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.398689291;dc_pre=COWI0-X3jYcDFSaMgwcdorkBtw;dc_trk_aid=590688921;dc_trk_cid=218283907;ord=1998590239;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?nis=6
Frame ID: 2A8384A44167A21F469BBF52F505530F
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsskEO83R4GBsfsql7RP93qbtDhIOTvi5eeHTL8wm2jhCmq7K7vmff14xvDpD8XdEGXoR7vW5OmcYmqK9FZjJY81nFxxdXMx7JTj5Kn81ioX1diJgcbssoxcMKpwyvPJLZRIB92q5kcR-MEhnFaKkYVIXUuEoWHWr5lDy0yseMicDuwXXjlkLLksp2xgmwTPE_tSwM2PW86_bqvx1DSoqEnuNUGz5M2P-l7i1QYj-N4o_AWUkmXqsmi7zPxxJ4MLQU3w7gvl8BgzahqvnWhBlmIB98KnM2ucS7Vz4XzaPa0OiSvx1NPUBRknO7BrimPwQIFSCNV3gQ6HcoFlq6AQPfHQU17rdVB1qkT3Jmcz_-Uh85z0-sWFb3j_rZ7jrgzQ&sig=Cg0ArKJSzGPlQPvFhuv2EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 4DBD8AB04D8653BB5480ED512FE25F3D
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvyTUToCvB3Q5cHF_37qJXLHMxZA7VXI9cyrcBlXQyFbRAcjqxMs95pe-onWqV7vVJCyydcWGv1SKjZobEMIcZfGZF1F25zaEFXBnqcDY2H-sZCu9xdj5Rq2ipuh7S9p-9OKV5DGn7j-fqxra1wnToJPuqZ_Iu5-KSg_owtfxgKAUFipChZaWjQwknSA3tf5vavJt5CFotRM2p2LcKtRB0MTy7_l-hz6vbp6Vfq1APDIW_jAevG8YWcZjOsCnwncLblc4Jdg9kZqpeOpMG5Y4re1cG3e8GxB7UPGrJ7perBE0-CN3eYjTPDD2U2FQe0o-Irx1NDKcFrjayJeTxd8DkjZnfjHmXaD4hnz2XdmEjf-AaHTXlyDPkN&sig=Cg0ArKJSzGy5wq228TY6EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: D75B9460385D7D2D035F090939AA8557
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsu4FNexCa-hpl4UKB9tezIt3s-BouyzbDO6SIYd-vY1xunSzv5WY_B2e5tPTafLz1xUsn847O5PgfTZwn1oJ_3Z1JidITJ_jUV44KjzJ5T2lY6FCbIaJgCnn3lGb5ub5yARZ7_bZ9We3FOxE3BJ__azn7bWwqTXjBl64A3o-im0PH6eJNV_PiarXUjjeDaJtrRYCnxK_8R8u1k8W345gb5K7W6Az4il9kECkecEuWze5Wqdz8L7JdOrO-r2WzdW2j9gIUu71WNm5Re8xn7uWXa8WsPKDJxGhWih70rn5fDVXRmZ7WHKMZYH-areC2Kp6wpqkJtUQ_kH5js42EoBS7EmhR-8wVz6JmNfDZQCe-f9pX0Ivq81VIo&sig=Cg0ArKJSzAFN2L1R4Vx6EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: F3004A417A4BB90DD7D17B5D37C8327F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssv28c5a0dYFYOgrsVemV61SZR9amLfYpfE4yN4GiA4s2cT_dUEwulE56HnMLQKpK3TwiSBnWaU3M_DsevWP8SlFjxzBas3iksXsi-ZzEcluP1SclEezrRQNEFxM9WcosqC0RqgC08brx6Vo_D5fGsFl_k-YT4aQPAkBZYrTQ4PmSXGJDNrVtxQHhITg4EAEhTiI7w2i4fGrFyO9kYgVHkzOFWRZ8jPr9wNbeIx_NZUEULhuLCgqfFAIJUOEm-FXjoQcFLwHAlmDTYcgxQL2P-Lu4DVXKPVqTG6XtzuUZUrR54l1yQs_jCEDWlJrQaFFfhm0NMB979epDrAOiig9hBgTJsVZoB-kosRoMXX92gSnJpRXR4se9Y&sig=Cg0ArKJSzGuvmuPIWPc0EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 4479F2C31235107D8405D53B5DCEBA8E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuxzoodeKXXEDtbbQLws_96jPmuPe2UZ-9fcz1yH88rD0qvGtXqMw8gHlu2vT-E0bgnJqQmZ3ROO6Qv9onfA5kEGzPYqt187qBZYAPvLCbfTyYw7IuSL_b_YxuA-P5aByjH_BcmEKqFW53Wk00hAL3v-7W0waPFRdGP7QgDwoFb8QWvPp1LnylwwjrTZ7BAnzatkFo3pKp2ZVRsB9i94NpwtMpfBxlHTH2SfZdLXKKYUjnqJmThEOXQgVPlstvjOik3iZng3aoAPyV1JQtWfQzNp5d9buLp8hxq6RstoD2VtnqHQJFEBUCCFIZdoNkKXQhlWFRtPWBvldPt_XL-07y3vXk_-HFGNu0kszxNz4VD3cpYXTp4lyg&sig=Cg0ArKJSzH90xCH7A9_7EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 8BD6B5A14EA09F51553279CEAF4F7DBE
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstT-sRXoFsei8UXlNklFZfYz1SnYH2VeNGPuikqb7pU-sAgMGy-tmkow6AzyPR7ytxohse_UGtDkvFC8oRgw-B0I5k2tcYR2k4fyZZUaQo_s3d-yrr5t-rGAI6r-ttYe46fAgWN-0nGjvf2kBlqnfDQ-7n9HJ08MUdFqTbRV-Wu3ThY82AEaVNS5Qyw2dSwOMXu2mManPy013H-OxomPc5Hqh5xGs0aIuLvOfjK322WmeOwUCMa-QDwW8lz7EpjNrPpT5URrOJm4LfT0Z1zlP3OiorsxFSuEYucoPtArg5-bN8GJNzrlCtjPwC8BRcBQMooPCxYnkIpbTw6N_hqhq4Ut0e6a-umTf68LQYv39CFS3k1h6jGgJU&sig=Cg0ArKJSzBhia_TwoTHVEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: FBEF26BF706F60AFACB85F79F310337A
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstX2vyUSgRvdPT-C-qY1JDvutdS63GOhnA41HmdSbPfHVTpWrZEdPcololqfVRx8DYa6FnxVEVQljfHX_aG_Te7IRjXyKySVYZxYyonR944NpDuDvRb88cT7bazJ9T3AwGh5esJMi-AWf51qY44X3A2dCiW2QYO7F44SIx5fNzmaKspbwCzvRe10cpU3-5yucz3cHAd_kZ3OQEK1fq1MEuX4MXFpRD0qI3lZE9sCu1MNPuCVjY6gIHuDMjgq6CcH0SdYxjU_uAUlL18iV9_fFOv8fWQyaOsghOi0C6acpEjofwXu_tzbZNcaBbsWiUFRAElDhnMqCNKhV_7E64227O6yUehEBckldKWsEGjYOogfAiFFPagdKnB&sig=Cg0ArKJSzLZpfZlYJn7wEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: EEF4D5F0231A4829BE069A630B32CBCA
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240702/r20110914/zrt_lookup_fy2021.html
Frame ID: 90B9AE83B1FF438FF4A22D020A876FEF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7073370864490749&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1720115019&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&pra=5&wgl=1&easpi=1&aihb=0&asro=0&ailel=27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=27_15~29_10~30_19&aiixl=27_3~29_5~30_6&aslmct=0.7&asamct=0.7&aisaib=1&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720115018928&bpp=6&bdt=1836&idt=602&shv=r20240702&mjsv=m202407010101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7602808998987&frm=20&pv=2&ga_vid=1177745697.1720115019&ga_sid=1720115019&ga_hid=1541978497&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532524%2C95330410%2C95330414%2C95331696%2C95331833%2C95334511%2C95334525%2C31085041%2C31084184%2C31078663%2C31078668%2C31078670&oid=2&pvsid=332987106770839&tmod=1368909087&uas=0&nvt=1&fsapi=1&fc=1920&brdim=240%2C240%2C240%2C240%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=622
Frame ID: E3AB1651370BAE577CF57CD4C93D2B63
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstONH645Q_yCV8XsUg3V0esiOmWzzfQ_44WY_kvqMf-nKzNzwpT6-3Bx8AWoU26GcqW7fVla41xU2UmQdJkKwfUGRR4GTguq37oIAGAoM74AT52qBloO-aDWas_XlC2EWWe6vNB4G_ouglSb1AuGrJ4NKrBJgLrTSx2YFm5MxAlYv7GY9xpwEewYb760roPYgGXZRBO6LaMIiEYOm131wFLT7EapGBCMvYZPHOrPXkJw85-O5nbpssgGuLn6KeWEs-7c5hQyvPZbNaU46oFQAR43qVGxjBW3nhiDHMfWJ1LkK5n67N4MLI3slCRi8l0FPclhFBTky0ALS7bdA4-T5L1tYG8qWueuxVZqxPy2jxGNYLvsKSNZ30x&sig=Cg0ArKJSzMpMBOdJtcNDEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 8A8D541BF8DEDA6414C105FF56169548
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8BD0BC58E50E7F1C9BCE98640C8EB10C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Car News, Car Videos, Car Reviews, Car Road Tests, Car Industry News, Car Rumours, and much more | CAR Magazine

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

209
Requests

96 %
HTTPS

47 %
IPv6

19
Domains

27
Subdomains

32
IPs

6
Countries

6404 kB
Transfer

12923 kB
Size

7
Cookies

67 Outgoing links

These are links going to different origins than the main page.

URL: https://dctboyojy.578333.xyz/

Search URL Search Domain Scan URL

URL: https://www.joburgetc.com/news/
Title: News in Johannesburg

Search URL Search Domain Scan URL

URL: https://www.capetownetc.com/
Title: News in Cape Town

Search URL Search Domain Scan URL

URL: https://www.africaninsider.com/
Title: News in Africa

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/
Title: Reviews

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/bakkies-for-sale/
Title: Bakkies For Sale

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/elite-cars/
Title: Elite Cars

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/news/industry-news/tesla-south-africa/
Title: Tesla

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/bikes-for-sale/
Title: Bikes For Sale

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-valuation-report/
Title: Car Valuation

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-insurance/
Title: Finance Calculator

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/news/industry-news/natis-online-booking/
Title: Natis Online Booking

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-dealer/
Title: Car Dealer

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/videos/dashcams/
Title: Dashcams

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-price-guide/
Title: Price Guide

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/news/industry-news/fiat-500-turns-67-years-old-today/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/news/industry-news/top-10-best-selling-passenger-vehicles-june-2024/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/news/new-models/hyundais-refreshed-i20-hatchback-available-in-south-africa-pricing-and-spec/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/news/industry-news/top-5-exporters-june-2024/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/used-2023-volkswagen-light-commercial-new-caddy-kwazulu-natal-pinetown/7081146/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/used-2024-volkswagen-light-commercial-new-amarok-kwazulu-natal-pinetown/7081145/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/used-2023-volkswagen-light-commercial-new-amarok-kwazulu-natal-pinetown/7081144/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/used-2024-volkswagen-light-commercial-new-amarok-kwazulu-natal-pinetown/7081143/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/used-2024-volkswagen-light-commercial-transporter-crew-bus-kwazulu-natal-pinetown/7081152/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/used-2023-volkswagen-light-commercial-transporter-crew-bus-kwazulu-natal-pinetown/7081151/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/used-2022-volkswagen-light-commercial-new-caddy-kombi-kwazulu-natal-pinetown/7081150/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/used-2023-volkswagen-light-commercial-new-caddy-kombi-kwazulu-natal-pinetown/7081149/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/used-2023-volkswagen-light-commercial-new-caddy-kombi-kwazulu-natal-pinetown/7081148/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/used-2024-volkswagen-light-commercial-new-caddy-kwazulu-natal-pinetown/7081147/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/news/all-of-the-car-magazine-top-12-best-buys-for-2024/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/fuel-consumption-test-volkswagen-polo-gti/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/ineos-grenadier-3-0td-trialmaster-edition/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-mini-countryman-s-all4/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-toyota-hilux-gr-sport-iii/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-toyota-hilux-raider-2-8-gd-6-48v/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-ford-transit-custom/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-haval-jolion-pro-1-5t-s-ultra-lux-7dct/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/kia-sonet-1-0t-ex-dct-review/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/review-mercedes-benz-e220d/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-opel-corsa-gs-line/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/videos/zwartkops-rebound-round-3-2024-gr-cup-ep-4/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/videos/drag-race-mercedes-amg-c63-e-performance-vs-v8-c63/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/videos/suv-shootout-2024/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/videos/david-mashabela-shares-details-on-his-mint-ford-mustang/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/videos/sheldon-van-der-linde-crashes-out-of-contention-for-24h-nurburgring/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-toyota-land-cruiser-76-2-8-gd-6-station-wagon-lx/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-bmw-520d-m-sport/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-mazda-cx-60-3-3-takumi/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/fuel-consumption-test-gwm-tank-300-hev/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-porsche-panamera-4-e-hybrid/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/living-with-it-volkswagen-polo-life-1-0-tsi-mt-introduction/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-ldv-t60-max-luxe/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-jac-t9-4x4-super-lux/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/living-with-it-suzuki-xl6-1-5-glx-update-2/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-range-rover-evoque-p300-dynamic-hse/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/CARSouthAfrica

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CARmagazineSA

Search URL Search Domain Scan URL

URL: https://www.instagram.com/carmagazineSA/

Search URL Search Domain Scan URL

URL: https://twitter.com/CARmagSA

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/contact-us/
Title: Contact us

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/advertise-with-us/
Title: Advertise with us

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/terms-and-conditions/
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/competition-rules-2/
Title: Competition Rules

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/privacy-policy/#cookies
Title: We use cookies

Search URL Search Domain Scan URL

URL: http://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: https://highburyads.co.za/www/delivery/ck.php?oaparams=2__bannerid=6127__zoneid=1599__cb=ca85c89660__oadest=https%3A%2F%2Fwoobox.com%2F4tmhg4

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://dctboyojy.578333.xyz/wp-content/uploads/2022/04/Volkswagen-Polo-Vivo-407x230.jpg HTTP 302
https://old.carmag.co.za/wp-content/uploads/2022/04/Volkswagen-Polo-Vivo-407x230.jpg

Request Chain 108

https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.399082428;dc_trk_aid=590604620;dc_trk_cid=218283907;ord=1788559956;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?nis=6 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.399082428;dc_pre=COOM0-X3jYcDFUShgwcd1joLMg;dc_trk_aid=590604620;dc_trk_cid=218283907;ord=1788559956;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?nis=6

Request Chain 114

https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.398689291;dc_trk_aid=590688921;dc_trk_cid=218283907;ord=1998590239;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?nis=6 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.398689291;dc_pre=COWI0-X3jYcDFSaMgwcdorkBtw;dc_trk_aid=590688921;dc_trk_cid=218283907;ord=1998590239;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?nis=6

Request Chain 164

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981195317/?random=619165635&cv=11&fst=1720115018985&bg=ffffff&guid=ON&async=1&gtm=45be4730v9181219265za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&label=tlaeCPvm4sIBELW079MD&hn=www.googleadservices.com&frm=0&tiba=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&gtm_ee=1&npa=1&pscdl=noapi&auid=491984248.1720115019&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI-N2-5feNhwMVOWgeAh1xzjrhMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Jmh0dHBzOi8vY3F0eTEuYmh1ZWZiZnJ2Ym4ud29ya2Vycy5kZXYv HTTP 302
https://www.google.com/pagead/1p-conversion/981195317/?random=619165635&cv=11&fst=1720115018985&bg=ffffff&guid=ON&async=1&gtm=45be4730v9181219265za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&label=tlaeCPvm4sIBELW079MD&hn=www.googleadservices.com&frm=0&tiba=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&gtm_ee=1&npa=1&pscdl=noapi&auid=491984248.1720115019&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI-N2-5feNhwMVOWgeAh1xzjrhMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Jmh0dHBzOi8vY3F0eTEuYmh1ZWZiZnJ2Ym4ud29ya2Vycy5kZXYv&is_vtc=1&cid=CAQSGwDaQooL_iOhRpeMCx2OqKLZ9ZMsoBZYqZR1iQ&random=374397141 HTTP 302
https://www.google.nl/pagead/1p-conversion/981195317/?random=619165635&cv=11&fst=1720115018985&bg=ffffff&guid=ON&async=1&gtm=45be4730v9181219265za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&label=tlaeCPvm4sIBELW079MD&hn=www.googleadservices.com&frm=0&tiba=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&gtm_ee=1&npa=1&pscdl=noapi&auid=491984248.1720115019&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI-N2-5feNhwMVOWgeAh1xzjrhMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Jmh0dHBzOi8vY3F0eTEuYmh1ZWZiZnJ2Ym4ud29ya2Vycy5kZXYv&is_vtc=1&cid=CAQSGwDaQooL_iOhRpeMCx2OqKLZ9ZMsoBZYqZR1iQ&random=374397141&ipr=y

Request Chain 190

https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.398689291;dc_trk_aid=590688921;dc_trk_cid=218283907;ord=1998590239;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?nis=6 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.398689291;dc_pre=CNiQ7eX3jYcDFfOCOAodeYADhQ;dc_trk_aid=590688921;dc_trk_cid=218283907;ord=1998590239;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?nis=6

Request Chain 191

https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.399082428;dc_trk_aid=590604620;dc_trk_cid=218283907;ord=1788559956;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?nis=6 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.399082428;dc_pre=CPGS7eX3jYcDFQKW_QcdVOILlA;dc_trk_aid=590604620;dc_trk_cid=218283907;ord=1788559956;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?nis=6

209 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cqty1.bhuefbfrvbn.workers.dev/ 156 KB
23 KB 1336ms
1227ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eaa199e6df93b23ab22115fbad4827a7e9c5d6378a31a8e22af6afd1c96d6d7

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 89e0eb2118749ff3-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 04 Jul 2024 17:43:37 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://www.carmag.co.za/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w6imsAMTw8QTUUTiAGrBIpvpgE3M92k1aoryyI%2F3TaiFighpBV10tBG%2FofLYJDl0DuVtxNgF4V4qE3RkdF2QjRxinaL%2Fx9DlC3p8HJ%2FmGptNjNV%2F%2Byj86OnupBQTV0xnDFJX"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 style.min.css
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/ 208 KB
38 KB 1147ms
1062ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/style.min.css?ver=xxx
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c69f5786e5a533373cb05708984f7a43045904d333bcbb50fb754659eaeddef4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 26 Jun 2024 08:32:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667bd214-33e78"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pdk%2FX%2FXXCgdGC0tX96KciKJBKGXxX7p%2FyoUcU64HB%2FDrLfPKy3wXFUmaXdfqRMDVfNyOwFZpj9mEvx1Q8dgwRjBO%2BBP08GYeOyoCsQILMRZ7diuVLlPHA8RcUn5UXU%2FbjEUU"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb296b819fd0-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 cfs-advanced-search.css
dctboyojy.578333.xyz/wp-content/plugins/cfs-advanced-search/dist/ 15 KB
3 KB 1004ms
921ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/cfs-advanced-search/dist/cfs-advanced-search.css?ver=04-07-2024-1720114757
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8a700630a179fb4e70f040a3dcb2334833dce7788f25a09f64542557615d41e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 15 Apr 2024 09:56:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661cf9da-3b19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xUunJSE1WCfCs2jkEK5a9zt%2F6xMyvf0m4eCcY6irvdBQ6CJgufi3g2gMab8DT3apFxyNJvZq8byua6uFZt6DFSKvtNnIpj2fzIxpJeAVPsm90FOuBnDdGSbOjQ17e64VC57c"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb296b789fd0-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 custom-widgets.css
dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/css/ 50 KB
8 KB 1197ms
1114ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/css/custom-widgets.css?ver=04-07-2024-1720114757
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70619499e4709f4bc53d884a45e4895660c497295228bc928ae17ae694494c48

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 15 Nov 2023 11:38:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6554adad-c8cd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g3l0%2B6SN3xE%2FRhv43BHVAlID6JIZ6PexjnCm%2BHFsO82V2%2FVDQpn%2FLNig0D4O%2BGf6dKqlAhbgNxjR8XjYRNlKZkbfJP3BM%2Bl%2BwM5MnISijrkRMrO9oF3D%2BZ%2FxrpqqlB76DBK4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb296b7f9fd0-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 swiper.min.css
dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/css/ 13 KB
4 KB 996ms
914ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/css/swiper.min.css?ver=04-07-2024-1720114757
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dea3c2d66b0679ee2db67a21c0a434f3e14d6ac8a2af06877a711151fc32b56d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:26:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6375fe42-356e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9fMIdIN4Qk60h98PFv13QW4FvbxwbLtnBZ19jqQV3pwP%2Fn1%2F4HDrFrBj%2FvGiaVFOtmO4knUxS0FT4dxsmhcrKceHXChRMX%2FJ65CBBfUHXaRjAyDwNGEb4zE60X0wwDsWxXyq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb296b759fd0-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 cars-for-sale.css
dctboyojy.578333.xyz/wp-content/plugins/display-cars-for-sale/css/ 94 KB
17 KB 582ms
499ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/display-cars-for-sale/css/cars-for-sale.css?ver=312
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2866e98ae386469948188b57264807622938fd4c2f1a251b93473669c03497b1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:37 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=125033
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 16 Nov 2023 08:30:48 GMT
server: cloudflare
etag: W/"6555d338-1e869"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BiRN%2F5q5MhYoOIFHIjFLRFGsRrRbI3IooLpyHm0S4DtevmEwne8x6aYi5KHIeJyax15D8gB2wiG44XDIRgZgzJOqWG5ypDBd9bGIQ%2FW70dwiMhUcn6wapG%2B9qHu3zltKmIgi"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb296b7e9fd0-AMS

GET
H3 200 google-fonts.css
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/fonts/ 5 KB
933 B 580ms
498ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/fonts/google-fonts.css?ver=1.1
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b352e35f5413292120165ce13962b3cead65738da4191b43286c6592d81e3a9e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:37 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=6670
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:28:49 GMT
server: cloudflare
etag: W/"6375fed1-1a0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dZx9qOf9B1hv0v54F6pcMfcmCjVf6cuMIYDopTRLyuwDvN8vKiaOIufbhdLLX2tULKYjnUwjbURESzOIRsxtJey1mNCkwFzhMjw6bRyiRXiWlG3CXj26HMqPS6SjFFHjmHWW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb296b7a9fd0-AMS

GET
H3 200 font-awesome.css
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/font-awesome-4.7.0/css/ 30 KB
7 KB 691ms
611ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/font-awesome-4.7.0/css/font-awesome.css?ver=1
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:37 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=37414
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:31:48 GMT
server: cloudflare
etag: W/"6375ff84-9226"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cofRYi5ICg8iJapDABWawaVqNh1aLy7bQlKU0yDRNJ6PWtHWp4W1VMf9PkS866ya3JuqNdh8Ka0pmjJ2ufweTl6rquUds0momdAmteDPn1f%2BC1LfYIQVUnm8dBCbACLIopWq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb296b6e9fd0-AMS

GET
H3 200 jquery.min.js Show response
dctboyojy.578333.xyz/wp-includes/js/jquery/ 86 KB
31 KB 610ms
542ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:37 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 11 Apr 2024 14:30:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6617f402-15601"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bsh5102cXxZ6kVwC0sFPZeXRpHIjmHGsAEZeSVWv95XKXZD3W17JjbbZMUOl33usAOP3sYmGPX1OvOyvMOJNCSx7grsxjjqtdyTSKfNrz3UnfILfZrZMrQzBWHla%2BE22WYpv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb296b669fd0-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery-migrate.min.js Show response
dctboyojy.578333.xyz/wp-includes/js/jquery/ 13 KB
5 KB 715ms
647ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:37 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 11 Apr 2024 14:30:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6617f402-3509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uziJ2ULBVSD579PFk9hnt7uNjSrAnqYN5elXEFJSmX%2FRfJerSLzPmhhdjGM%2BV1WLtaKNpVvovKxFeZD4yE2mRqHt7UVvvmOMBMS8OpDnXxv5PcyAkbvmV6KOHUnT6mV%2BCkTm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb296b729fd0-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.menufication.min.js Show response
dctboyojy.578333.xyz/wp-content/plugins/menufication/js/ 13 KB
4 KB 690ms
623ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/menufication/js/jquery.menufication.min.js?ver=6.5.2
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 716cb523fa841c30059a51fb52757884a4e5ddaaf9fdd33bd4fe4b6561421fe0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:37 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 17 Nov 2022 09:27:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6375fe7a-3265"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gi2d4QUfDkUknht8WHzUT5bpr1LRUA%2FeX6vYoaDbcvky4UQN6otavepgFTgP2EtvNxvrl7s%2BAzYrGqahH3aVEickhTDnkZEr4p71%2FQWDU8Rsv8Xa%2B5CA92m3Wcrs55rGktPL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb296b719fd0-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 menufication-setup.js Show response
dctboyojy.578333.xyz/wp-content/plugins/menufication/js/ 2 KB
1 KB 676ms
610ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/menufication/js/menufication-setup.js?ver=6.5.2
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e0c66741dfec2c3002fe92915499f6808da0a9ce99d34916bd9e7883d0f8074

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:37 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3588
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:27:22 GMT
server: cloudflare
etag: W/"6375fe7a-e04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rifnpKXTyIj%2BhIo%2FEaQ0jcwdlGau9Rc4nUVcbNyl5vJnFJOald%2FSOtPI5F7q4jeQYEtddAoATETaM06U4YgyoH2YOTJ%2FILakLRhT3ih7njfCKYNhObawQoWO7jiEvs7LexQF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb296b6b9fd0-AMS

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 206 KB
46 KB 117ms
29ms Script
text/javascript 3.160.150.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js?ver=1.5.7

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.150.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-150-71.fra60.r.cloudfront.net

Software

Resource Hash

98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:42:08 GMT
content-encoding: gzip
via: 1.1 1903071a927324e2fb28199ee96c4bb2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P7
age: 103
etag: W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: E0ybzYkzwlnaplkN7awIsviHWAi5kXG9mRTdtnvOE1RDmvGZrMm7vw==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 97 KB
31 KB 165ms
64ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d99c72f264d18c9d1662da5ef0a404172f8a33ace805ce8ce424f4b52f9629d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31332
x-xss-protection: 0
server: cafe
etag: 151 / 19908 / 31085076 / config-hash: 7963625485320637285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Jul 2024 17:43:38 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
31 KB 154ms
72ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

512a89fdc2c43dda1abf995d77a6b6514f8f9302fe7bb7a7ade16a78f777b495

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31513
x-xss-protection: 0
server: cafe
etag: 549 / 19908 / 31085077 / config-hash: 7963625485320637285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Jul 2024 17:43:38 GMT

GET
H3 200 style.min.css
dctboyojy.578333.xyz/wp-includes/css/dist/block-library/ 111 KB
15 KB 595ms
586ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 11 Apr 2024 14:30:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6617f40f-1bae5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sK3D7x5hoEvu%2BtJnrf9cyEVfgjlN3AXk%2FSWDotXhe7RWlbChIwFSYhgOC7NEhwXIecYKyIvz3rCLkXfRcB5ML%2FJoJQBdiQJiRib4lvHkLJpbvBJwveH3vFxOJtpBMX%2F%2BnPnW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb312f9d9fd0-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 drivers-test.css
dctboyojy.578333.xyz/wp-content/plugins/drivers-test/css/ 2 KB
943 B 1081ms
1072ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/drivers-test/css/drivers-test.css?ver=04-07-2024-1720114757
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 432eb81d99e6c7f947e6e9f30ca98503157b92ae8fdf6e21a2da6ea143fbf3f9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 13 Oct 2023 10:25:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65291b1b-638"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yeBI%2BNO9auAO6WdmPkCkUhJcr0SXuGKUxwAo6UStEli7Ejaeatlk3ejhaeTljTGE5FSx93fW2uKyYaKFaKh3X7yaFDWcxomDyHXuT6X9GQCjEzjwd4PnuS0DVSyyu1Hyn4mu"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb312fa09fd0-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 mu-style.css
dctboyojy.578333.xyz/wp-content/plugins/sharethis-share-buttons/css/ 0
485 B 600ms
592ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/sharethis-share-buttons/css/mu-style.css?ver=1668677260
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=26
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:27:40 GMT
server: cloudflare
etag: W/"6375fe8c-1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iaPI3o71KWEMA15ThvbwBb%2FJs7hNuQOl5NF1iFMzz4LidwVInlaES0t%2B9lSXSv0CPeyHXn9%2BeFiHh%2Fu85pjyGwJpiDpGdIH1T%2FXdO%2FfKQAY4tDEqFkp3Fi%2BxmhoR0ke8lYxT"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb312fa29fd0-AMS

GET
H3 200 article-view-slick.css
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/css/ 1 KB
914 B 737ms
728ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/css/article-view-slick.css?ver=1.0
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1776
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:28:48 GMT
server: cloudflare
etag: W/"6375fed0-6f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PzOq6j6OxbKN8WmHxUyazcvtjvu9ls9OZaFngxZeg3ZAq0Nxz9%2Bbf3QRc1VySKQmDNsSVhgZyBvU8PCrHoyj64Z6zEq%2Bl%2BAXVHaw%2FBvHr1UPs%2Bro49Jz0J66bNM7NgxQ5CeD"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb312fa39fd0-AMS

GET
H3 200 article-view-slick-theme.css
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/css/ 2 KB
1 KB 591ms
583ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/css/article-view-slick-theme.css?ver=1.0
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8b0220980de4339ca04d32bc5656435847fecb3a47f2eac38e33277e18eddc8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3145
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:28:48 GMT
server: cloudflare
etag: W/"6375fed0-c49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tLOsN1o1VJ%2ByC9lSrpV0twj2kSHf6yM1%2FJmtRIyidQSpHZMBxbBTmSBkMt3E9IDNT5xKyEa8VuVTukBH2JTx0wBw%2BxVD5Xryt6dUu3tuSchdJrtgTA1DrycPyYHMgqXOKd7I"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb312fa59fd0-AMS

GET
H3 200 magnific-gallery-styles.css
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/css/ 6 KB
2 KB 592ms
584ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/css/magnific-gallery-styles.css?ver=1.0
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65d43fc1d47bdab6bb9a4f5add734f8b9d059f9e773c431a350b3804bfe38a7f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=7437
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:28:48 GMT
server: cloudflare
etag: W/"6375fed0-1d0d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YzCaq7dH4Vsb1k1tAmErTEmN9ceujWgGQ3n8e5eyzQE72WCulSkYHksFjKPRH55exyo%2FBK8oKfO0fs0Tx5pTHjXtRNOTLB%2BZ7dh43tu4RKkKSK019qfEuDEJgw4JfkAnLPWs"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb312fa89fd0-AMS

GET
H3 200 styles.min.css
dctboyojy.578333.xyz/wp-content/plugins/scroll-triggered-boxes/assets/css/ 1 KB
903 B 534ms
526ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/scroll-triggered-boxes/assets/css/styles.min.css?ver=2.2.1
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1b0f6dee1e2b4b439e62daffe536db30431a1ca3d0628aa134b6ed7d689b91b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Jun 2024 11:17:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"665ef7ac-4f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=90KPQvbUbNiXw1ywqM5oigl9UUa8Et1mKXa2e0jfXFRxUvHgvOU%2BYIQoZk7IJDcV%2BN2mRpL1Pz4brlN4lQ8YNbxvaWyil9iEw7VrrDEc2oKOMBIkE2Z%2BRPl45C9VTpX%2FK092"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb30ef329fd0-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 menufication.min.css
dctboyojy.578333.xyz/wp-content/plugins/menufication/css/ 29 KB
4 KB 526ms
518ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/menufication/css/menufication.min.css?ver=6.5.2
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f55c1dbc04d02e68da4ad12c1b703a08b9582e56154f5d18ee1ff792cf0648a0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 17 Nov 2022 09:27:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6375fe7a-723c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dH3Kh5gofPR2Ap2PYTsSaPZg2fsnYyNC5turCQHK5OzyfofYM7485MHqaiqKysnJBXJa6gBcaQWZGoT%2FJXFC472ITIngFbMLdze0QSogaUzNmYCssglwqvS8E31zeXj4w54m"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb30ef339fd0-AMS
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 86648359-164f-4835-8c15-35be241c5827
https://cqty1.bhuefbfrvbn.workers.dev/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://cqty1.bhuefbfrvbn.workers.dev/86648359-164f-4835-8c15-35be241c5827
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
76 KB 184ms
84ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-11411975-1

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e43a51b5fa30a1b48aa577fab5da41d16a14d0db67354406abb9d1b961554ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76923
x-xss-protection: 0
last-modified: Thu, 04 Jul 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Jul 2024 17:43:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
93 KB 295ms
195ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-981195317

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b859b5fb3c5558944bbb1a8a7114ad85a435a1e095d93dbf07b237f75b113b53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94776
x-xss-protection: 0
last-modified: Thu, 04 Jul 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Jul 2024 17:43:38 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
746 B 133ms
63ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Arvo:wght@400;700&family=Roboto&display=swap

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4200e8df2c5f52c2bf9bd2f41ed424edd48c54b7534071a9e61f5ee4602b742f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 Jul 2024 17:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 Jul 2024 17:43:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Jul 2024 17:43:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 131ms
61ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

42e3aa6d662901ad9a1a467a06d2ea7514451ad93b1fda75bc093374aba78290

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 Jul 2024 17:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 Jul 2024 17:11:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Jul 2024 17:43:37 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
52 KB 496ms
95ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7073370864490749

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03df2760c74b699fcd718a2651cfaa549ca25c3b11b893522f1a66627e025d12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Origin: https://cqty1.bhuefbfrvbn.workers.dev
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52848
x-xss-protection: 0
server: cafe
etag: 7532984570075866132
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 04 Jul 2024 17:43:38 GMT

GET
H2 200 carmag-logo.svg
cqty1.bhuefbfrvbn.workers.dev/wp-content/uploads/logos/ 2 KB
1 KB 565ms
541ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cqty1.bhuefbfrvbn.workers.dev/wp-content/uploads/logos/carmag-logo.svg
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df2dbe77839fc3cb86552ed81b59456e25e95c65882976aa5fa7280e2f734f3a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 02 Dec 2022 14:12:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"638a07da-7e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JQ9SKRBuUdCknTBAP%2BR2YhVjQcQZBa%2FmfC9zJGs1jAHfNsv%2BUHCcHB8CgSTOZDzpxmBbH6Py8L%2FyyS5trFDlsE9kJBfKpjWP4PzH6HMzJ2lNlymPJuZIwV5cMSLzar7xqMPC"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb30e81c9ff3-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 F-1-832x499.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/07/ 69 KB
70 KB 1486ms
1485ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/07/F-1-832x499.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce5a12910ffe5ef0556412f2e8c73ed6a64fe175e2e8b48cbb5931fab972bcaa

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: MISS
last-modified: Thu, 04 Jul 2024 12:18:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6686931e-114c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=boYjXC7zTVwLos1MOsT0ALdo8AjfjN2YjHqj1Dltqjf4IURwASRe425iTYegHERTfk%2Fo5dTtrGVB9Ps248Ge6HctSFxA2PbRHzJsxPxbOnqEaeYajNZKAtX%2BaAdqyKSAj3gh"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb2c98a39fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 70852

GET
H3

200

Volkswagen-Polo-Vivo-407x230.jpg
old.carmag.co.za/wp-content/uploads/2022/04/
Redirect Chain

https://dctboyojy.578333.xyz/wp-content/uploads/2022/04/Volkswagen-Polo-Vivo-407x230.jpg
https://old.carmag.co.za/wp-content/uploads/2022/04/Volkswagen-Polo-Vivo-407x230.jpg

28 KB
28 KB

110ms
44ms

Image
image/jpeg

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://old.carmag.co.za/wp-content/uploads/2022/04/Volkswagen-Polo-Vivo-407x230.jpg
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30899df5473a47171d0e3d8d81bfbfcd35545bdfb60a1d392cead5173176c524

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8822
alt-svc: h3=":443"; ma=86400
content-length: 28234
last-modified: Thu, 07 Apr 2022 06:58:41 GMT
server: cloudflare
etag: "624e8ba1-6e4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l78MUCpsqRd1tyGOnZiN5LGvHCN15CaA8J3fdFE6%2F6%2FEQQaWpb3h1BmOEFhCwjslc2yh4m9jWIOvwsHF4ouCvbY5JuBGt1B%2F22xTZWuUIh1GPCqC1V0N0zs9Zj27nwDhbwlX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 89e0eb324fd366f2-AMS
priority: u=1,i
expires: Thu, 11 Jul 2024 15:16:06 GMT

Redirect headers

date: Thu, 04 Jul 2024 17:43:38 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LEdHrI4mvjOdEcZ3zgjxCBGeJcoh7aAVrWKxNBV0TchwUDNglguTshDmcwyscrkp4IMUSSRnxhd3HiUyQn1rxHpliqqI4GnPuHYfn0F35YnL%2F6wm7%2FXNLFpC6BLab8wdYbLo"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://old.carmag.co.za/wp-content/uploads/2022/04/Volkswagen-Polo-Vivo-407x230.jpg
access-control-allow-origin: *
cf-ray: 89e0eb2c98a59fd0-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 i20NLine_FRONT_01-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/07/ 10 KB
11 KB 944ms
943ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/07/i20NLine_FRONT_01-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecf56fbeca3f7453d1ef1ddbeb5648b38a139f16093b25bbbda8fdb24ed460c8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: MISS
last-modified: Thu, 04 Jul 2024 09:23:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66866a1d-29a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rCUQWu0%2Fw9RRqI4vYKnm0dTnRdGUFdsZU%2BMN21mWTHtSdLJpthzbRaHHVhtr72N1mGKvMZlxTvJhS3qLRYTiji%2FJaPuHnjg58xLIVZ5AMYdualy7HJiyWVfMixga6c8MHGoC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb310f559fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 10664

GET
H3 200 MB-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/07/ 18 KB
18 KB 988ms
986ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/07/MB-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5a9544e336f963d2f5dca65c17d3796d92c6c6053dd6b027ec9bcf8b04049de

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: MISS
last-modified: Tue, 02 Jul 2024 08:47:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6683bea0-479a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UKw1nb07Hly5J60zye8IQq5Ons%2F9F6rv2yt1mfioVWWlOPNaSGrwHB%2B0KBGLLn4AO1CNkUEsquJswkYe8aQ2d%2FManf%2BWFHhFvPW4q9%2FhcyI6ajX%2FNrYLvLp938rXcsaXDIfY"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb310f589fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 18330

GET
H3 200 F-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/07/ 22 KB
23 KB 1215ms
1211ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/07/F-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 596a57cc128dd8f281e11250bce08d84bdab06c01c18b8f6a8dbab8603c3586e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
cf-cache-status: MISS
last-modified: Thu, 04 Jul 2024 12:18:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6686931f-5940"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3s%2BLDd%2FN8dQKCtv6Gtgqlt2FneqwGL1vPMSmBtCQ1HQjaK6TX7kMmD4ESoFF7oVo9cGXiCRxL1%2BGWi6%2FlL9XRftPgDwz6gmhrs2gSaWoZmK70quSTChwlL%2F2zOw%2FagWvO8qk"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb299bb69fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 22848

GET
H3 200 Top-12-overall-winners-jpg.webp
dctboyojy.578333.xyz/wp-content/uploads/2023/11/ 159 KB
160 KB 538ms
523ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2023/11/Top-12-overall-winners-jpg.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ad9bd21fb6717d406acb28c063cb8ff0969564cb1c3cf5089496f2ea4f0fbb1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 07 Nov 2023 13:03:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "654a3585-27d12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4NcLq0KA%2Fk3pFRMOoeYSjNPKq2i%2FYaUufQTsQGTA3xQS%2BO%2FJv0nTR%2BAXKY0w8CVjeU9PXkGOFyWYciZeEMATOL%2Fmc%2FjsEWb95I%2Frl8b9tobVMQcQ0IFOqW2Xa7xXf9Gzu%2FeV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb30ef219fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 163090

GET
H3 200 carmag-locate-dealer.png
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/images/ 1 KB
2 KB 538ms
523ms Image
image/png 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/images/carmag-locate-dealer.png
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 754eb49a3151007ffe99db087e166fc6637651c12f614ac8696fbe76e7dca78e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:28:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6375fed2-54c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SMLkqfgon7dWuaD4dehJM6tSd28vkz9bSqbAyqFbtC3CIkxB0oYklYkmLu7hvEmg0%2B0U2OGlY7XH%2FCvc9ON5SssUDz0y%2BqEOtZuUK2YL205q6J74axFJyJ%2B7mDb%2FRf1DZ4WW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb30ef229fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1356

GET
H3 200 Toyota-Hilux-Hybrid-156-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 12 KB
13 KB 937ms
923ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/Toyota-Hilux-Hybrid-156-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba502317dc356ef143de5cd60838339f7dc5f235d5441b9fb5eb4c15855c6f69

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: MISS
last-modified: Fri, 28 Jun 2024 10:28:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667e903e-3048"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NaUxbAIsQGlbkbYfXAmiPcU7ilmcNRuSk16yzgi6p%2F%2FcVZ0UMIT5puM5siVrZNQG%2FZGAOySC3GObUGCfSWBS2PKuY0w2XOwzpllmiO3fHi2W2Q8%2F24N%2BJhsNQUEWHxS8fQuY"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb30ef259fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 12360

GET
H3 200 F-3-3-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 9 KB
10 KB 902ms
887ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/F-3-3-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a05703fc249f3bf3f44cb427cfbfbd8460c05692880495ef7f62db393218156

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 20 Jun 2024 18:09:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6674704b-2468"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lboA4mZYGf%2BCj8GJvvJD0tJU%2BpmHYynnus%2FoGOs0F5StshN1w8FLrESQoBTmWBXGSVVD%2BhxVu2ned9hzU6Shu1eZcTG1r9gBTZ8DMrdnN1GGky9iPcsJTVSwvtgnqxmIfx0Y"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb30ef269fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 9320

GET
H3 200 H-5-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 21 KB
22 KB 922ms
908ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/H-5-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3c900b1f74a688dce1d47b538040ea7c8b243ae8a3e25de58482041b6feb2b8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 20 Jun 2024 18:08:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66747023-55c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UK3Ji1poV%2B5nKTet%2FReaysYESxvxPC%2Bwcx1KmNdZPaJ0UGgsDlBRcl1kiLbkou%2BM2Bnh8hx3g0MzA3BkNyhndhrMTIHkFgkctlU1ycqAnDtIPYwqfWXGm%2BI%2Fy6f5rLxmhXEM"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb30ef279fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 21958

GET
H3 200 Tunnel-Exterior-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 12 KB
13 KB 727ms
714ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/Tunnel-Exterior-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 744267d0ad832cbc545f4f9bd5cecd0cf51a0ed600fcca68883255dd0fc55591

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 20 Jun 2024 07:01:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6673d3c8-30e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N4VZ1qGLe49Q%2Bjq4sd7IhHP9IdShhBB9FMVhMi7DwqfYsLuu%2FEhLY4uEW9ojFvu2284BBH5I52CcGnMAFXV6KJyVW3gQs%2Bepg2ZPnRJ2TlIBT3URDd%2FTCzWIAhWlxJp5E6cG"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb30ef2b9fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 12520

GET
H3 200 3-5-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 14 KB
14 KB 952ms
939ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/3-5-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 038bd21e20a795956bc2d76c39c26c38247beb41cb859a05aaea1c76e027ebae

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 20 Jun 2024 07:55:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6673e08f-3656"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PIYNH8rufBsHodqaoMdyz5iiN1JIwNhH4i57Ny9IH214WuyPyF%2FueWwIOqvLhGG0Jj%2BaBDYooW8koRrjquqHu7Djei5Y2psWfw7MsaUO3p2sD13H9oYfI3AU75brPPAZYFoW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb311f709fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 13910

GET
H3 200 PP-2-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 14 KB
14 KB 916ms
904ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/PP-2-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee243c73addc0685d8bf52fe27cf4483488a8445f727e1cd4ddc3bd0fda866f1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 13 Jun 2024 16:36:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "666b200c-37cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I7EUp7jZ4MOoElwDijdSDTMNHTC8IQTxmuwci23Z3ttgYPRkzB7poM7F1KRgta43kWZ2g%2F1Cx0T7TDbLdeSe3yHHZboCPDhlcFl8oq87pKZ28u1QeaKzX5sMmNNbqTWKwcqq"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb311f739fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 14284

GET
H3 200 VV-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 10 KB
10 KB 901ms
889ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/VV-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa8d490fd9b2d65029f9c3ffd4e5fc299fbb9e4e3106c03adf81d24e9973d378

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 11 Jun 2024 15:15:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66686a2b-2680"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aHskHl1pg5o3aOldsPCGukS4k6yezT%2B%2BDexLL0c%2FH%2BCn6dPiXpF3kB%2B47mVTuRJvdIGFcc7lv81D5wQHGl0vfjzooPSR0CvKsioZ5WuMvCfx0E5ugIZqvpvndbJ64Li9bRtd"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb312f7d9fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 9856

GET
H3 200 20240321car-8-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 11 KB
11 KB 937ms
924ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/20240321car-8-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc609c8f86bcf6bdcdbb981b7cd50421337712a899c0e0ab721d152406245314

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 11 Jun 2024 09:12:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "666814e9-2bc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zKoBGARrlj15dvKqAhBd14ukcQYAUnntVCojgUI5D6XLeeblZ4BurDJtUXf5HoOisfAogU4TEMwIoM7tVRgXIYkdVGsqr%2BETvLMHFhFJQEYr7LuP5bI8%2Fq2%2FOmItyw%2BigowJ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb312f809fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 11202

GET
H3 200 Countryman_1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 15 KB
15 KB 901ms
889ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/Countryman_1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f83d55dba8d6d1b574e5c34d4bca4548520c8fdaefcf860f44af33ca0258b11

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 11 Jun 2024 14:02:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "666858f4-3ad0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jo6w5RtanEXc7ZpQxokIV7ycMazNfBVtHd3PH0VZW7EJrLQpdp1jrh1jDfKlUITXKKQqilZp5rGyiE27i74SIK2MQxacDlbFrHRRqTWdbZgQqN5mX%2FZZ9TE1stEbyHFpQgKA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb30ef2c9fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 15056

GET
H3 200 aqcs7zpv8bkyvoitifje-copy-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 17 KB
18 KB 729ms
716ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/aqcs7zpv8bkyvoitifje-copy-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16e665c3ab8d60d214580dbdce0cd84d27cdad903593a86574d230efe90c4952

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 21 May 2024 11:59:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664c8c9b-4522"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H1IgCWZZd6cNl%2FrAS29s4%2FYDzhzlRz2pGhMsFB2SYw8N3l9u02NKm%2FUyem6yPZWLwjS5elif7VbX%2FNnAtlp50pPvWvJY4yhkDcJRQA1Hp4pU3k8bWz1LMctTjm2pqsibqYZ9"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb30ef2d9fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 17698

GET
H3 200 CC-1-1-832x499.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 42 KB
42 KB 879ms
867ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/CC-1-1-832x499.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a08b7967aad3133f6145ee859da1fc29692364cc0290af7f817c0b65913f7d5b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 26 Jun 2024 19:13:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667c6866-a81c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x8N%2FQstTnN%2BHzcFAmpoIRwe0rRPJ9P7HLgI%2BREGS2lOA6s7QOKvFnfwm10ywdwQMnYzg1hSa5j8qCg1mjCOPiLj9ciqZGFaVF1e4wOor3sBuMegohv8eo1mmg40ljdWkhQMn"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb30ef2f9fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43036

GET
H3 200 Untitled-design-58-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 16 KB
16 KB 980ms
967ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/Untitled-design-58-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bb57fcb37c5f411c45ac7ceef54cebe0e8550e0f766052e6f001b64f279f3ce

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 24 Jun 2024 09:01:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667935f7-3e3e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KGdCXyynuPvS7LywpFgdQGautkvThJCGzIFe1A1uWCZhwwku4Qr5OiXQVC6eyEz%2FKpvmtFyJGVZ%2BmStzbCWOQ%2BhdlFG0r5IuwTDxf3Nb7G3ApDzHoPZ5nLQZDL2g%2FmkqjKiC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb312f839fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 15934

GET
H3 200 maxresdefault-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 24 KB
24 KB 951ms
938ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/maxresdefault-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50af957b9bedb343bf0cea4f4dc08b16aef7861d2890324adea73189105cd978

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 18 Jun 2024 12:16:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66717a8c-5e28"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yCsL9GoXqS8shFdbwteLXChykzhTg444qEFIbge8QDiky%2BXo1Ak%2FdsuR%2FsSkiKEatc6YZYbEoH46tqMMnIZXmO37YvJ%2F9b%2BoHU%2B0VmzWZR3vyIcJ9UHG5TV089jy8Z%2FD3TAr"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb312f859fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 24104

GET
H3 200 F-1-2-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 25 KB
25 KB 955ms
943ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/F-1-2-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6e0bf7b6d87987a4fbd7f7bf0db15df86a74d29f6f2e13a143fd70e3c55bd8f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 07 Jun 2024 10:51:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6662e640-63c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WLBLjp5wTMOwSU6y95FJBZoPspqRMjJqTbJpBxRSwgrF04%2F%2F6d0yK0ujEkcytv%2FpN%2BqzvEqlxyKA%2FEWL5P4%2FW5BQIoV%2FRDDZKtXt5gSI1hUARI2TwmdbZky1bidlo0G%2Fxhqq"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb312f889fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 25540

GET
H3 200 B-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 16 KB
17 KB 959ms
947ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/B-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5473248018f348cf42cd64f7768873a9b3deac3ca579e8c3a9d69feb0a4deb3b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 03 Jun 2024 08:10:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "665d7a62-4038"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cUDOfVD6UpHR9h1acsDMV7m7qkgCts61okq5G0fZgp1a5kd3rP9gDF6g6U0MZKLMQrHazXUX6Qk1H6ZiW0Hm1DMWm3C3Ug1fklVXrcrAve6uyf4cGI1Qhem2akZzzWI8wYC6"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb312f8a9fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 16440

GET
H3 200 carmag-car-compare.png
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/images/ 1 KB
2 KB 540ms
528ms Image
image/png 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/images/carmag-car-compare.png
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 754eb49a3151007ffe99db087e166fc6637651c12f614ac8696fbe76e7dca78e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 17 Nov 2022 09:28:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6375fed2-54c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SsQ1Wl5FE9osGoCv4aTvE2FbczEiF4syYhCL8OCVChi%2B%2FljhK%2BcRZMC5%2B%2BHuuSBaYitDmcyoT6d%2FvJmro5OFS2vrVqOqARuzPWFL6v%2BxcDCunJCnLS%2FJiEaiU82NBNfYrSQ4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb312f8c9fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1356

GET
H3 200 P-6-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 14 KB
14 KB 979ms
967ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/P-6-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc61af77cc90e826ea655c43ef6ff9e28bd219e02ce269c60ddb4dc57ca741dd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 29 May 2024 11:48:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "665715fa-36a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1JXL035A9xPtS%2BeABhq09%2FdfavA6mqIs5zy2t1bEhFbHiHht3b%2FAs9HqftWPf2OYbhbJ2rXtvi4w8x8Iaa2TMx8kHnj68mz5fmLCMfXpqyUyiIaDbbHg9nhwkARbudb5pR5z"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb312f8d9fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 13992

GET
H3 200 20240502car-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 19 KB
20 KB 948ms
937ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/20240502car-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f678ed2950ff009ba4f69d27138a40f8e926a177618583a04195774cb2ffc0c6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 24 May 2024 10:09:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66506741-4c8e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IJZh6biEN7DVu2%2BMpj7IpXPpgMVw7SR0dumo8guqrnGzVKEWy1y36PgrquMgYoc%2FDMoUqBGODPUXVMlIA8oJDE8LnT7XHBmKg4ldLucAch3F9VSXj3MGaTgERjf6gPDjdGL7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb312f8f9fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 19598

GET
H3 200 LDV-1-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 14 KB
15 KB 962ms
951ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/LDV-1-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cd160f0761224389d0794a6ba6838ba8c260a15bb32ab82d20e8d8cddaf849b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: MISS
last-modified: Thu, 23 May 2024 15:15:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664f5d9a-39a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QXb5mQrb57gLh9WIwSvI363F8H%2FaAuF9qGuR33KAScszlvbM9V6%2BEmM73Wy0XEHNAZRCemcl684YTRsSlcPssdSIuIQGnYsKoO8%2F67p15jQmh%2B7e3Dnx4ICug5LMPFykRhyI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb312f909fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 14760

GET
H3 200 J-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 22 KB
23 KB 964ms
953ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/J-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30eba624890629f7fb30b4fc8a361b0dc3a7b161e9acf0330d2ac47bbf1006c3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 22 May 2024 09:50:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664dbff4-5824"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2DTSUJ8WBQjzo5cIf%2F6cur6gFsOrKMoPxmh3P8OaUbgFhodKIbEOFmu8XD%2BlaujxG0TYRMekALOs9Ls%2FaUDizadIDFn2xMR%2F2HcWM%2FATIjkiyvno0wW1gQ3LOS65%2F2CY7b0x"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb312f929fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 22564

GET
H3 200 S-4-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 10 KB
11 KB 965ms
954ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/S-4-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3caea22bb39112951c5f10b8c6b94149f08e48dcbe3b23619adf6a02bc8e2da7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 16 May 2024 09:59:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6645d90e-2944"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KWOYuQxCnwn9oJlIdpebt6GnmlGl%2FJ516cHAdaJzszhIuU6szFibh7OMtjHGiNv3QSrrHpmtYJwTAozbmCVyG4%2B8O0XEKumP7zFWlZXqsM7AlnrZllBchlhIE3dZy0h%2BnW%2Bp"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb312f939fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 10564

GET
H3 200 RR-3-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 10 KB
11 KB 965ms
954ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/RR-3-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78fbbffad8fe3133860095eb3648454c538d8343c106df9da38c0255c233457a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 16 May 2024 09:47:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6645d636-29c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VKXwm5gkjzXrH9SB1ZG%2B56AX6BlQorH1wxuAYpc1rN3bwFb7vw1ER7AQduTnEhz3NNjL0dgIQdrZFXxVNf%2FfSgMRkuH0wr994REg1fIS71Qo1zfEmwBFi88R5c8v6AynRyZd"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb312f959fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 10696

GET
H3 200 T-2-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 22 KB
22 KB 965ms
955ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/T-2-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6165e152a8800f0fac70adf9d459535cee60a2fb561c98f87db892d973c911e8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 16 May 2024 09:26:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6645d138-5664"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Y%2B6jPDA6J6sjEZpmkRsU0OYFOXB0XQmcdPI%2Bwfmihng0%2BC0vvzfGXRoyb1IgB23v476octAQ6XP40cvhrvUNEbRgssPBYI3xtwoZsi8bfNbQetUapCMxq4JYUNHIRjzfCtb"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb312f979fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 22116

GET
H3 200 B-2-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 27 KB
27 KB 977ms
967ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/B-2-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a26e6e117c00f30f956ccd72eb6af343ca68e42e10be4800ccbfe8abf96d32df

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 16 May 2024 09:12:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6645ce10-6a54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bScmeMpWaUT5rE7XSwgdBUFw%2B2ZDiriEmwnkOxYeiUEG5GdgAFhyI6Y23A6yGJOmCilKD9tLc3m%2B9y0wbrQbdADm2mym9EZDpEr1z7Qz9ne88uOXV0g%2B%2FglN8Ap6oel%2BYJ%2Fy"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb312f989fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 27220

GET
H3 200 M-5-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 20 KB
20 KB 979ms
968ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/M-5-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c946c4a4f654d511da76e9710ad22adc8fe9b5e9f424b14ce4a2265923c98802

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 16 May 2024 08:58:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6645ca9a-4f1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xJWRepbxPL54iuqM8roLO6vscp69ipmSzLXYM4zsQ0sUfz%2FGO%2B2TTxYSNpQml1jMJFQv6K1bBHeioCm1%2BNAcEkUM7dCl%2FWwc0X2faExUX%2FSw9vzDYFCf2DRba4EDa46sUWsR"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb312f999fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 20252

GET
H3 200 W-3-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 21 KB
22 KB 1082ms
1071ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/W-3-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57fbea68c1971609fc617837e19f64f8f6edd3b8be46a5e5d4f0be8d4810074e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 14 May 2024 14:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66437ac2-5552"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sHI7GLQC18ZdEhhHsEpgOwNIkBMTxtXQEy7397bi%2BbyZunkr3gKAGlhlQGG%2FFmdVATNx%2F%2BdL9R7kdRG0uRrgoK5TsRdOogQdQk3B70Az%2FUcf%2FS1RchNdXZbfiguWNF1XbGLQ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb312f9a9fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 21842

GET
H3 200 habari-footer-logo-2.png
dctboyojy.578333.xyz/wp-content/uploads/2023/07/ 3 KB
4 KB 578ms
567ms Image
image/png 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2023/07/habari-footer-logo-2.png
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40c5a3816b27d87a187ffaabaef1a4d162f5510c51215f77da2ec281aaa2060a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 17 Jul 2023 11:26:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64b5256e-d26"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u5N9RaBdWopMSby4Dbh%2Bdb6D2OBFYBQjNLKqLcBZPh1gm5rT%2FZhBHdlEHfIUrXtTF8HPkDZiGSywcWxJwE%2BlBRrQR09EnH8Hc99d5rZXeRql4ROZ%2BL9mwpqpd4dw4lrjDwJ6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb312f9b9fd0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 3366

GET
H3 200 carmag-search.css
dctboyojy.578333.xyz/wp-content/plugins/carmag-search/assets/css/ 3 KB
1 KB 551ms
547ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/carmag-search/assets/css/carmag-search.css?ver=1.2
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd6b81946cf97fffc256aef482c1bc4229275277b2b7d212df2a9ee681ae9833

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 17 Nov 2022 09:29:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6375fef6-c17"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2FT00JYyi%2FoyxgL8OvL1SN4u%2BIoL03KvUBZJPpeaNIJKfi%2FJewzaq4F8xuJCLxrwDGaLwcJmNPw%2F9cAVE5%2BWokHXp%2B6UZfqpG4cMUfaXV%2FLUWqneRZYIDrGR4RIZ6pVhJ3MU"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb310f5b9fd0-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 cfs-advanced-search.js Show response
dctboyojy.578333.xyz/wp-content/plugins/cfs-advanced-search/dist/ 31 KB
7 KB 1078ms
1071ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/cfs-advanced-search/dist/cfs-advanced-search.js?ver=04-07-2024-1720114757
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8352b5b204ffd4c0f6946891dc9210b0973c001401e74f8f84d850d42e601726

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 25 Apr 2024 09:52:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"662a27e8-7c7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RSPN62iEyBTOyODhRG1ernMmLphlZg36B5Dr6UvP3gseDsTlgy%2BmABYyW%2FMIEQPIaOf77e0euflju3OZOsicBfJWA5AnlV3D8WQjZ5MCfbetADYPGNrqUwv04%2BUo7ihxJrsW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb310f5c9fd0-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 custom-widgets.js Show response
dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/ 4 KB
1 KB 960ms
950ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/custom-widgets.js?ver=04-07-2024-1720114757
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1438b7405eba426d534e4fb05a5dac264bc2d6b4e9cd05f7b8af32d225170ce

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Nov 2022 10:59:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637b5a19-fc3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mnGVUcgrGxyB8XCccP7VbR0Ph3%2BHiCY07oOOQnLA9j9Q3WVjnvugfibIRHUjJZxUQA%2BWeazhoRHZwe3U2tcx0sFCFWxwgPzh2ibLg7o4gEdB%2FKT0vMYiBTtNUDqwrcS31h0q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb311f649fd0-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 swiper.min.js Show response
dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/ 137 KB
36 KB 517ms
506ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/swiper.min.js?ver=1.1
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31b9a64530ca997b6bcc15ed933a677acb8659fd3d75c6f54736657bbf69c18e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 17 Nov 2022 09:26:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6375fe43-22208"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k2KK4X4%2FBgb1587TnGmFT6uYes64hSX9Gt55hq44VIEjVYq%2F2vuhLX%2Fx7TsDIUEoQO8Ksn0WKj67OuFYXKo1Vt0e%2B8G0%2Fj0sBdSPsVaG2OLhzOHuvELz6T%2B3q07qEqxz7IF5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb30deff9fd0-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 dynamic-data.js Show response
dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/ 5 KB
2 KB 887ms
874ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/dynamic-data.js?ver=04-07-2024-1720114757
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25068766bea3ae98004f63d12d9145633c4916f32ce252431ac10406725dbd74

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:26:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6375fe43-132f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1z6aXYfjQyoJu2DTVnBSV30Cq48lL26Kb47ELd9nH84DwfAG%2B2N0gNqsxgdYT6JCUynQemjreB8YxSyoaM850inrOTNbi2SoZsX56mUkyKnlF9t3%2Fb5p7NQdhY2vnvGc8NHT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb30df019fd0-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 cars-for-sale.js Show response
dctboyojy.578333.xyz/wp-content/plugins/display-cars-for-sale/js/ 30 KB
5 KB 574ms
559ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/display-cars-for-sale/js/cars-for-sale.js?ver=6.3
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34d0c43ac6f03c6acee53f2edc211517edc33a6f1ef06ececc83d6eca33c608c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=55887
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 01 Jul 2024 10:40:33 GMT
server: cloudflare
etag: W/"668287a1-da4f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z0TeE3oLcShtSunb9Qn0Xjdmrv9T5MQPpSuOCIm53U6S5mpsKAxoU89oN5fjwx0NXR9lXM1jEklbVvI6yNWswPgqsOG1ew30GRF23AtZqTlYSycVhuiCkEtWbrLi%2BXEcusdd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb311f669fd0-AMS

GET
H3 200 dynamic-carlisting-data.js Show response
dctboyojy.578333.xyz/wp-content/plugins/display-cars-for-sale/js/ 21 KB
4 KB 571ms
555ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/display-cars-for-sale/js/dynamic-carlisting-data.js?ver=6.1
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68e41b1cf2b6d00eedaa9ec57a7311a481d2bc03b8665bf44f3580943ea8a11a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=51453
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 09 Nov 2023 13:06:44 GMT
server: cloudflare
etag: W/"654cd964-c8fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u7zd9YYxK%2BcyySTu%2F00djU5kDt2NU7yAHteiLrO1KlD9g3KVKYxMDzBl3SBtTOkjxOprh%2F89qjCw5nfhPONhC%2FBJ1R8Mlwp4Orp9JGNguKGx4J9Yw337ZSyYtHLWWXqvZitH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb311f699fd0-AMS

GET
H3 200 purl.js Show response
dctboyojy.578333.xyz/wp-content/plugins/display-cars-for-sale/js/ 5 KB
2 KB 572ms
554ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/display-cars-for-sale/js/purl.js?ver=1.0
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d49b5d25b23f62d9db04b5bfb11a3aa5d443eb278eb55c2cbdd8da81c64523a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=8830
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:26:32 GMT
server: cloudflare
etag: W/"6375fe48-227e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SrWzL2UR41J%2FGvBPcxPRJhfO0%2BG0xcAPdiO6HANugtSM3faqQdHK5tYKha0qAZZO73vOtSf6mkX7YHFKuRqqmE1yTak6DSYJSi5WLoaVmPdM58v1sbaBtSyfRk1w%2FKxUOdFR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb311f6d9fd0-AMS

GET
H3 200 wallpaper-custom.js Show response
dctboyojy.578333.xyz/wp-content/plugins/wallpaper-ads/js/ 1 KB
899 B 532ms
513ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/wallpaper-ads/js/wallpaper-custom.js?ver=300
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3442ff60c2a33c78c7b8a655b78d1ab757c6122a5cbfe9b84473f073805c709c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2089
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:27:50 GMT
server: cloudflare
etag: W/"6375fe96-829"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t4hzIyuuI%2FxKidXyNmkaxjGvukvEAvM%2B0eDxXVjQXEe3RvBgEg%2BAGA5yNUABFf2ZQXaz0RnbyCj6XuLrTAHyGrPy4%2FOcgXxCbYbvidS26s5482YpvDSk2GYx6Vmil3mqjtMi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb30ef189fd0-AMS

GET
H3 200 custom.js Show response
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/js/ 4 KB
2 KB 533ms
514ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/js/custom.js?ver=306
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72dab8d6edb1639e61c4ff09a24320a00ea663afb9798941973c4485ef7c5b99

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=9718
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 14 Dec 2023 14:04:29 GMT
server: cloudflare
etag: W/"657b0b6d-25f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OZ2dRfI4Eu86BlC89o%2BkoWtR%2BelYqRUOA7NUfu0uy40v9n2R%2F8k5urZJBghh1XZORUiL2lBXECqyD0%2BhUoZamXAOYwi0wHq86wtz5XQ%2BrZyTLl2emeKCPMhNm7jhC2JLOCCz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb30ef199fd0-AMS

GET
H3 200 article-view-slick.min.js Show response
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/js/ 42 KB
11 KB 523ms
504ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/js/article-view-slick.min.js?ver=1.0
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 17 Nov 2022 09:28:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6375fed5-a76f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kkHD3mZteu%2BaP2j70EifxuToQ65rqgNLI8KiWTSOrK2%2FV7Os6lApjWwrZTz3nn4nlbkWg6JVmapMTb6BPCJ6uWsDgrJVpm92YjYB19Er9UYWCQZHuPPCsGhv96LnWRCx623S"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb30ef1a9fd0-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 magnific-gallery.js Show response
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/js/ 28 KB
9 KB 534ms
515ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/js/magnific-gallery.js?ver=1.0
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b5c6fefbc9cf825ebc533e5debfff5fb482c831e783d79198f1c1b6946fcce2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=43593
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:28:54 GMT
server: cloudflare
etag: W/"6375fed6-aa49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7QGsMMZotTnxuZSYGCAnOEy5FMO7iAVNuD3zw32kQCzO9hgyxyAhjfMMvTB3pEvggUjc4eRTouvs1HNUtEMcNoysygMbu7bLdfHTEc2IpAI9R1nMTk%2Feqb6uMScciJdPYPUu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb30ef1c9fd0-AMS

GET
H3 200 script.min.js Show response
dctboyojy.578333.xyz/wp-content/plugins/scroll-triggered-boxes/assets/js/ 9 KB
4 KB 501ms
483ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/scroll-triggered-boxes/assets/js/script.min.js?ver=2.2.1
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8a2eb068a42de22eee0dfb6173e802bbdb065b2cbe08c926952d8f11a22dd4f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Jun 2024 11:17:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"665ef7af-22b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ScK%2B6inynFZgQEG7laXsPYpPBYZgaAypNzJsJrp%2BL6aXdQIU%2BfeIbiJnfa%2Bc%2BBx9OUWGZ2fXJoCnbfGNcFA5YJJOTuQMqZd5Vc4Of41IQrhWDI6afbQ12kwt7AatI8YZIV2w"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb30ef1d9fd0-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 carmag-search.js Show response
dctboyojy.578333.xyz/wp-content/plugins/carmag-search/assets/js/ 184 B
589 B 506ms
488ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/carmag-search/assets/js/carmag-search.js?ver=1.0.0
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0008eb2109ddfca588c1a7a7f4e68bfc3aa1462c894d05f885c3be21e12e4be

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=960
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:29:26 GMT
server: cloudflare
etag: W/"6375fef6-3c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1G9qqUcCAQcbMYbkhD6tXJCvarqxWp4a0bZYYnlcZ8vGtdEF9Gv7GKwO1Loy7bun9Uc8tHJkl%2FNgW6HDd%2FvTN5%2BzCcaVg4u7%2Bk%2BymCVkA0QkRrvj0laKMKrQVCHD4%2BFjW5AR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb30ef1f9fd0-AMS

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 140ms
61ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Origin: https://cqty1.bhuefbfrvbn.workers.dev
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 89e0eb315d536575-AMS

GET
H2 200 6405f13eb20f5f00192a0d07.js Show response
buttons-config.sharethis.com/js/ 1 KB
902 B 119ms
30ms Script
text/javascript 2600:9000:206f:c000:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/6405f13eb20f5f00192a0d07.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=1.5.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:c000:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

77caa92f758f70c4f5953180bba818d10ace096b8ceeb84a0e0bdc86c2fc5fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: gzip
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 06 Mar 2023 15:04:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 13
x-amz-server-side-encryption: AES256
etag: W/"46b6253cf9264f25509139f0d50e8fa5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
x-amz-cf-id: ppFgKDvxe288jfKEcmF6PAJ67GkMUOvfVlGf3hzmA2nqGmQlq3Vq4Q==

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/highburymedia/ 362 KB
53 KB 85ms
20ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/highburymedia/loader.js
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 504cdc43edb516a59d200b35148a0cd2a3dbbf912ff0e3ec30fd42b7db0dbe7f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: IOQ.uGikFMacMTb.Xv8AeJc53HosTr65
content-encoding: gzip
via: 1.1 varnish
date: Thu, 04 Jul 2024 17:43:38 GMT
x-amz-request-id: TN0EJNCE3RD6W11D
age: 15140
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 53455
x-amz-id-2: qy0nJlC31uteY98ah7X/BhFEXiquAlyPPS6yT8JdNd3NPE3urXrEO0LgRM919kt1wR6JDCg3yXc=
x-served-by: cache-ams21079-AMS
last-modified: Thu, 04 Jul 2024 13:28:33 GMT
server: AmazonS3
x-timer: S1720115018.439751,VS0,VE1
etag: "7244a99208001f84403b34083595b544"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 35
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
416 B 1139ms
24ms XHR
text/plain 3.125.67.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=cqty1.bhuefbfrvbn.workers.dev&location=%2F&product=unknown&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&cms=unknown&publisher=6405f13eb20f5f00192a0d07&sop=true&version=st_sop.js&lang=en&description=Car%20Magazine%20has%20daily%20motoring%20news%20updates%20along%20with%20professional%20road%20tests%2C%20driving%20impressions%20and%20all%20the%20latest%20model%20updates%20and%20more!&ua=%22Google%20Chrome%22%3Bv%3D%22126%22%2C%20%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22126%22&ua_mobile=false&ua_platform=Win32&ua_full_version_list=%22Not%2FA)Brand%22%3Bv%3D%228.0.0.0%22%2C%20%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%20%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22&ua_platform_version=10.0.0&uuid=c0fc9ddd-fd46-4901-ac3a-b5f1f4ea48fb

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=1.5.7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.125.67.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-125-67-51.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 17:43:39 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://cqty1.bhuefbfrvbn.workers.dev
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 224ms
131ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Arvo:wght@400;700&family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://cqty1.bhuefbfrvbn.workers.dev
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 21:18:03 GMT
x-content-type-options: nosniff
age: 591935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 21:18:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 174ms
82ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://cqty1.bhuefbfrvbn.workers.dev
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:08:18 GMT
x-content-type-options: nosniff
age: 182120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Jul 2025 15:08:18 GMT

GET
H3 200 fontawesome-webfont.woff2
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/font-awesome-4.7.0/fonts/ 75 KB
76 KB 927ms
900ms Font
application/octet-stream 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: dctboyojy.578333.xyz
URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/font-awesome-4.7.0/css/font-awesome.css?ver=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/font-awesome-4.7.0/css/font-awesome.css?ver=1
Origin: https://cqty1.bhuefbfrvbn.workers.dev
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 17 Nov 2022 09:31:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6375ff85-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ek6fgki0kdkpJdu6qfgZm5CiGfmLI5J8IQYl9VKcWMBEo9jbdTQTu2KHc8HwScuRPljhQWHQi%2BRLPkWcmb84NkK%2FtxUuJ60xNMDug9NWEclYQwqSge6acG%2BWosJme3wsYxE5"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb314fb40b90-AMS
alt-svc: h3=":443"; ma=86400
content-length: 77160

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 266ms
176ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://cqty1.bhuefbfrvbn.workers.dev
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 21:09:34 GMT
x-content-type-options: nosniff
age: 592444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 21:09:34 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f

Request headers

Referer
Origin: https://cqty1.bhuefbfrvbn.workers.dev
Accept-Language: nl-NL,nl;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 2024-CandyWhite-Volkswagen-Light-Commercial-Transporter-Crew-Bus-20-BiTDI-146kW-SWB-4Motion-DSG-5-seater-8067385-1-499x499.png
image.blob.ix.co.za/Used/8067385/1/ 152 KB
152 KB 1276ms
742ms Image
image/png 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/8067385/1/2024-CandyWhite-Volkswagen-Light-Commercial-Transporter-Crew-Bus-20-BiTDI-146kW-SWB-4Motion-DSG-5-seater-8067385-1-499x499.png
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 47d53c7654bf85895f424edda6336e994b0b9b3443888e99f165f1abe38a72da

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
last-modified: Mon, 22 Apr 2024 07:44:17 GMT
server: Microsoft-IIS/10.0
etag: "9ded2ee18894da1:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 155315

GET
H2 200 2023-White-Volkswagen-Light-Commercial-Transporter-Crew-Bus-20-BiTDI--146kW-4Motion-DSG-LWB-8-seater-8096641-4-500x500.png
image.blob.ix.co.za/Used/8096641/4/ 144 KB
144 KB 711ms
177ms Image
image/png 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/8096641/4/2023-White-Volkswagen-Light-Commercial-Transporter-Crew-Bus-20-BiTDI--146kW-4Motion-DSG-LWB-8-seater-8096641-4-500x500.png
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b70a04021a3f9480dc011187d452eea36d8a0d1f21105ced71a2a3d7002f00f8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
last-modified: Fri, 26 Apr 2024 14:39:31 GMT
server: Microsoft-IIS/10.0
etag: "30c8718ce797da1:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 146980

GET
H3 200 ajs.php Show response
highburyads.co.za/www/delivery/ 777 B
1 KB 102ms
59ms Script
text/javascript 172.67.216.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://highburyads.co.za/www/delivery/ajs.php?zoneid=1599&cb=54400861238&charset=UTF-8&loc=https%3A//cqty1.bhuefbfrvbn.workers.dev/
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 957486c418eb0c542d12cebe31d8254367779c999283e0eae6f2903952d2eff4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jhe5EVWdmnho%2BslBy6VB5AtULupytTZGXIrWlKatnO9lM113hlAC0EX%2FA7GerC2zTS%2F1O%2BUItFFadj1yRo8MA1SKsk4O%2B9fjZEQjYcVEpyVHiQko165cgsi8wPaID021MrQSeA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 89e0eb316928b8be-AMS
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 impl.20240704-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 894 KB
182 KB 27ms
26ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240704-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/highburymedia/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 98c36043157373d9ff8f3aad96bd05f08df06b107d2ee71da9e9a3e2fe183e55

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: tuMMqKm72kBo9Mg_dS7tFnHZp19nr8Hy
content-encoding: br
via: 1.1 varnish
date: Thu, 04 Jul 2024 17:43:38 GMT
x-amz-request-id: 08WAF530D6EAJP7Q
age: 26260
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 186019
x-amz-id-2: My+0PWWReAE15cWU/m+LH3pQxK3DpuPjMJm0WLTxUieeEQ11xwwMGfTk2izSKWuOq0whERV4xTI=
x-served-by: cache-ams21079-AMS
last-modified: Thu, 04 Jul 2024 10:25:43 GMT
server: AmazonS3-br
x-timer: S1720115019.533695,VS0,VE0
etag: "5e55358f69a24a56737155c4dd60ab3a"
vary: Accept-Encoding
content-type: application/javascript
abp: 37
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 21852

GET
H3 200 be485aaeb80a241b13c80d48fd4b8003.jpg
highburyads.co.za/www/images/ 210 KB
210 KB 51ms
50ms Image
image/jpeg 172.67.216.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://highburyads.co.za/www/images/be485aaeb80a241b13c80d48fd4b8003.jpg
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98496a884fd063ea8c90a862cee44986f6c945b33748f5967a775f01a65fd570

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 174315
alt-svc: h3=":443"; ma=86400
content-length: 214716
last-modified: Tue, 02 Jul 2024 13:04:36 GMT
server: cloudflare
etag: "6683fae4-346bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2pCmbDnGOx05T5SioR5TwfKEHITpz3cctD7xFerUY6VtJNfCAy1t%2FKyf5JIEjNq1Wj0Fivc8Pq0HLk6UMX5HnfrNQj6hJtd4XfZruNAzXI%2B%2BJNNpODdK0Ywxa1Ll2SxPVTii4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 89e0eb31e9f9b8be-AMS
expires: Tue, 09 Jul 2024 17:18:23 GMT

GET
H3 200 lg.php
highburyads.co.za/www/delivery/ 43 B
636 B 135ms
134ms Image
image/gif 172.67.216.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://highburyads.co.za/www/delivery/lg.php?bannerid=6127&campaignid=3997&zoneid=1599&loc=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&cb=ca85c89660
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EHUqf9m2dItJ02H2%2BhVEyeD5%2FFbiYZ5Ea1%2BGIfbXM8wrmwOa4nC1nV%2BvclQd0CB9Ar%2B6ZRXtcmkW6Eja%2Fej1sPb6K11MIYDT0GSCkb0FGZ%2Bf1usdxTWm1viF0mwS%2B7YTZOCbGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 89e0eb31e9fdb8be-AMS
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/ 467 KB
145 KB 43ms
42ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

f8ed2e4e6bc7d75dc8dab7d97ad92e7a611d82ff93d8692535fa9466ab3a3591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 10:02:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27693
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148836
x-xss-protection: 0
server: cafe
etag: 13429486672346502663
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 04 Jul 2025 10:02:05 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 83 B
96 B 437ms
307ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cqty1.bhuefbfrvbn.workers.dev

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

4afb07a576ad56e9e95c56167d9334061db42900677bef2585a33df4d4e28aba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71
x-xss-protection: 0
expires: Thu, 04 Jul 2024 17:43:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 339 KB
109 KB 106ms
103ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KYLBT1M2BJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11411975-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a1a32b50a5ec5ad816d7064d3d4b4f1c90ef19bb9e922dd50838b3928afc6959

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 111435
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jul 2024 17:43:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 100ms
24ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11411975-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 04 Jul 2024 16:29:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4471
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 04 Jul 2024 18:29:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
93 KB 77ms
77ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-981195317&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11411975-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

de6b5504b54eb2d7b6e99f3aba5eb18dbb0640046b4a9c574e0852cf7e95144b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94695
x-xss-protection: 0
last-modified: Thu, 04 Jul 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Jul 2024 17:43:38 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407010101/ 424 KB
143 KB 211ms
112ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7073370864490749&plah=cqty1.bhuefbfrvbn.workers.dev&aplac=true&bust=31085041

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7073370864490749

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

53dafb4367a33b2820ed9853df7b1eb6d8ef90cdf39c1cb8d1644aafe70f05da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146553
x-xss-protection: 0
server: cafe
etag: 16824685450256415442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Jul 2024 17:43:39 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/981195317/ 3 KB
2 KB 171ms
91ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/981195317/?random=1720115018985&cv=11&fst=1720115018985&bg=ffffff&guid=ON&async=1&gtm=45be4730v9181219265za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&label=tlaeCPvm4sIBELW079MD&hn=www.googleadservices.com&frm=0&tiba=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&gtm_ee=1&npa=1&pscdl=noapi&auid=491984248.1720115019&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-981195317

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

dbdfb44cd8a911025f96494e5ff654c7fdeec4523d6183494fda451cdb56f84f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1716
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 641 KB
54 KB 190ms
186ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=332987106770839&correlator=74964946050248&eid=44809527%2C31085077%2C95335606%2C31084180%2C95335156%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407030101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=21714487182%2CCAR-L%2CCAR-R%2CCarMag-BB-01%2CCarMag-BB-02%2CCarMag-BB-03%2CCAR-01%2CCAR-02%2CCarMag-LB-03%2CCarMag-LB-04%2CCAR-05%2CCAR-1%2CCAR-2%2CCAR-3%2CCAR-4%2CCAR-5%2CCAR-6%2CCAR-7%2CCAR-8%2CCAR-18%2CCAR-19%2CCAR-20%2CCAR-9%2CCAR-10%2CCAR-11&enc_prev_ius=0%2F1%2C0%2F2%2C0%2F3%2C0%2F4%2C0%2F5%2C0%2F6%2C0%2F7%2C0%2F8%2C0%2F9%2C0%2F10%2C0%2F11%2C0%2F12%2C0%2F13%2C0%2F14%2C0%2F15%2C0%2F16%2C0%2F17%2C0%2F18%2C0%2F19%2C0%2F20%2C0%2F21%2C0%2F22%2C0%2F23%2C0%2F24&prev_iu_szs=174x696%2C174x696%2C970x250%2C970x250%2C970x250%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x600%2C150x125%2C150x125%2C150x125&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2C0%2C0%2C0&ifi=2&sfv=1-0-40&sc=1&abxe=1&dt=1720115019036&lmt=1720115019&adxs=0%2C1426%2C315%2C226%2C226%2C436%2C226%2C226%2C-9%2C-9%2C1074%2C1074%2C1074%2C1074%2C1074%2C1074%2C-9%2C-9%2C-9%2C-9%2C1074%2C-9%2C-9%2C-9&adys=190%2C190%2C1676%2C3214%2C5027%2C99%2C1070%2C2736%2C-9%2C-9%2C454%2C469%2C2009%2C2024%2C3529%2C3544%2C-9%2C-9%2C-9%2C-9%2C3559%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C0%7C0%7C4%7C-1%7C-1%7C0%7C0%7C5%7C6%7C7%7C8%7C-1%7C-1%7C-1%7C-1%7C9%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl%7Cm%7Cn%7Co&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&vis=1&psz=174x-1%7C174x-1%7C1148x0%7C1148x0%7C1148x0%7C1600x90%7C1148x0%7C1148x0%7C0x-1%7C0x-1%7C300x275%7C300x275%7C300x262%7C300x262%7C300x259%7C300x259%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C300x259%7C0x-1%7C0x-1%7C0x-1&msz=174x-1%7C174x-1%7C970x0%7C1148x0%7C1148x0%7C1600x0%7C1148x0%7C1148x0%7C0x-1%7C0x-1%7C300x0%7C300x0%7C300x0%7C300x0%7C300x0%7C300x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C300x0%7C0x-1%7C0x-1%7C0x-1&fws=512%2C512%2C4%2C4%2C4%2C0%2C4%2C4%2C2%2C2%2C4%2C4%2C4%2C4%2C4%2C4%2C2%2C2%2C2%2C2%2C4%2C2%2C2%2C2&ohw=0%2C0%2C1180%2C1180%2C1180%2C0%2C1180%2C1180%2C0%2C0%2C1180%2C1180%2C1180%2C1180%2C1180%2C1180%2C0%2C0%2C0%2C0%2C1180%2C0%2C0%2C0&ga_vid=1177745697.1720115019&ga_sid=1720115019&ga_hid=1541978497&ga_fc=false&topics=5&tps=5&htps=5&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1720115017092&idt=1679&adks=979567663%2C2185212989%2C2421375807%2C366054724%2C911572581%2C2558534381%2C3687027337%2C2772303345%2C1855939391%2C25877906%2C435244622%2C302933537%2C1587516836%2C723022383%2C3666453265%2C3235191153%2C639406632%2C1818096782%2C1904407829%2C1930634536%2C3509730642%2C3577480103%2C1807841720%2C2870509506&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e662e2854b0cd00a2713a2787b600c69dd1f9ce1e5d8ef42289fa7b65d24eed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54283
x-xss-protection: 0
google-lineitem-id: 6747816193,6747816193,-2,5551659723,-2,6707787743,-2,-2,-2,6698483204,6730823668,6747264914,6586359008,-2,6690788097,-2,-2,-2,-2,6350839098,6707787743,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138482003701,138481402532,-2,138406400897,-2,138472528546,-2,-2,-2,138470372317,138477195172,138480100158,138470982062,-2,138480339303,-2,-2,-2,-2,138440657972,138472528555,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cqty1.bhuefbfrvbn.workers.dev
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
a78e7b7cd0d35b1ba316b63e4ad47ddb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3579 0
0 101ms
30ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a78e7b7cd0d35b1ba316b63e4ad47ddb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jul 2024 17:43:39 GMT
expires: Thu, 04 Jul 2024 17:43:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 google-topics-api.20240704-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 17ms
16ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/google-topics-api.20240704-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/highburymedia/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10053a3d688e1bdecacbb024e433e2b418171851bd9fac1482232c11d24abe6d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: LwJVlprUDKzdEuoPv_C6UcCU7QqCfhua
content-encoding: gzip
via: 1.1 varnish
date: Thu, 04 Jul 2024 17:43:39 GMT
x-amz-request-id: HR8EZANQ2D7XK1TC
age: 21378
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 978
x-amz-id-2: /M6Ka5L4xB/vGN4AKvhhiRWCi3AaAH6vU6lVJxXukwjSFkqJwidlgo6/0/3YpN368jF5s9wNWw8=
x-served-by: cache-ams21079-AMS
last-modified: Thu, 04 Jul 2024 11:47:21 GMT
server: AmazonS3
x-timer: S1720115019.105731,VS0,VE0
etag: "4b3e0423204320fbe4fc59b175c211c2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 33
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 11155

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
431 B 76ms
19ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240704-7-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:38 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 391556
expires: 60

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 74ms
22ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KYLBT1M2BJ&gtm=45je4730v9100290862za200&_p=1720115018347&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1177745697.1720115019&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1720115019&sct=1&seg=0&dl=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&dt=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&en=page_view&_fv=1&_ss=1&tfd=3473&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KYLBT1M2BJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cqty1.bhuefbfrvbn.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
266 B 81ms
24ms Ping
text/plain 2a00:1450:400c:c1f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KYLBT1M2BJ&cid=1177745697.1720115019&gtm=45je4730v9100290862za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KYLBT1M2BJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1f::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cqty1.bhuefbfrvbn.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
409 B 124ms
48ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KYLBT1M2BJ&cid=1177745697.1720115019&gtm=45je4730v9100290862za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1234441411

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
219 B 32ms
31ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1541978497&t=pageview&_s=1&dl=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&ul=nl-nl&de=UTF-8&dt=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=21550074&gjid=359228018&cid=1177745697.1720115019&tid=UA-11411975-1&_gid=987208000.1720115019&_r=1&gtm=457e4730za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=2009173735

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cqty1.bhuefbfrvbn.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame 57A4 0
0 49ms
16ms Document
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/google-topics-api.20240704-7-RELEASE.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

abp: 61
accept-ranges: bytes
access-control-allow-origin: *
age: 41292
cache-control: private,max-age=31536000
content-encoding: gzip
content-length: 340
content-type: text/html
date: Thu, 04 Jul 2024 17:43:39 GMT
etag: "8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified: Tue, 13 Feb 2024 13:15:59 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: vNsGn6PXTCfxD4dbrKXlSZt6fh92xSUwlgsoW66bqnDLdvoO0Gv4o9pByR6TQQ7i3uVr/CychII=
x-amz-replication-status: COMPLETED
x-amz-request-id: 07S5VCG943S7V2KE
x-amz-server-side-encryption: AES256
x-amz-version-id: 4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache: HIT
x-cache-hits: 16091
x-served-by: cache-ams21037-AMS
x-timer: S1720115019.325431,VS0,VE0

GET

B31687471.399082428;dc_pre=COOM0-X3jYcDFUShgwcd1joLMg;dc_trk_aid=590604620;dc_trk_cid=218283907;ord=1788559956;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_t...
ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/ Frame 4DEC
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.399082428;dc_trk_aid=590604620;dc_trk_cid=218283907;ord=1788559956;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;g...
https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.399082428;dc_pre=COOM0-X3jYcDFUShgwcd1joLMg;dc_trk_aid=590604620;dc_trk_cid=218283907;ord=1788559956;dc_lat=;dc_rdid=;tag_for...

0
0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 4DEC 0
0 202ms
201ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvjhqwMIj8EWA6CR7aN0RdXqf9svwfmieFk_nbtteRFcGGmoQIxkYSR9B_nD40tIvoWN9fmW7ip1UxD4PRu3NeGlxvJNcga4fqeta6yQWXIkREbztowDKRCJJOZKjQQWqRkxNFErvkugHyz7UYa-PLr0kryX86KzXX3bTs3jRy9ElLIXQy6XNwbuqZEt9VApq0ke0N3Tm9714u3qeZoMdw7qmj5g3YUDg3X4NMzzDf1dTcM0BrSp8Ks6TEub_1nWdiZMddd5QtAMwzm-HWK1TEtNrAz33lGg1K2aaabczl9XbAnBxuSimrnWW-mABv0QNxfi0159V7d9AlYTvmLNFbpUKmgZpuHbvPCY_9AZhzuaIyTRYkIL9M&sig=Cg0ArKJSzInciyc3K45pEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame 4DEC 23 KB
9 KB 65ms
64ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 10:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9191
x-xss-protection: 0
server: cafe
etag: 8778699909409299010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jul 2024 10:19:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/ Frame 4DEC 3 KB
1 KB 72ms
71ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 10:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jul 2024 10:19:32 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4DEC 205 KB
63 KB 49ms
49ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1447
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64446
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Jul 2024 18:19:32 GMT

GET
H2 200 3242569374641619639
tpc.googlesyndication.com/simgad/ Frame 4DEC 111 KB
111 KB 117ms
27ms Image
image/gif 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3242569374641619639

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd5c4d4e3186be223982c62b5d308bf3262f0c10ade2664226ff9122a7025b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 03 Jul 2025 16:41:40 GMT
date: Wed, 03 Jul 2024 16:41:40 GMT
x-content-type-options: nosniff
age: 90119
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113391
x-xss-protection: 0
last-modified: Wed, 03 Jul 2024 10:14:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET

B31687471.398689291;dc_pre=COWI0-X3jYcDFSaMgwcdorkBtw;dc_trk_aid=590688921;dc_trk_cid=218283907;ord=1998590239;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_t...
ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/ Frame 2A83
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.398689291;dc_trk_aid=590688921;dc_trk_cid=218283907;ord=1998590239;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;g...
https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.398689291;dc_pre=COWI0-X3jYcDFSaMgwcdorkBtw;dc_trk_aid=590688921;dc_trk_cid=218283907;ord=1998590239;dc_lat=;dc_rdid=;tag_for...

0
0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 2A83 0
0 205ms
204ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstSi83LOvYH17PTpm5_ueNR21_6FzEm0kxaPLfOz4T6NDWbN0h7tJzBjm0DQhQ-wJgZixWUBnHeZsy_fzS92k3OA-48N9EBJ072lHEHc_d5tGSF-5Euwm8z4GXn0rZonAVqg_dBHcJpNM6qIdRDnlHZV3Ybm7bJi7VTLLgksnVxzxBUUfdzEDt3WSjn_wZZMjrTNn5tl2V_-8Hddngh93UNss1QwiiEHzJzU4GNycMzbHllzMcl9Km4CivPgtyLyhLGPjB4sGnoC4wTkj4fjf4ShQBU3V315UNvUYE1U7vFazpxgFfC6WrLCsdf9RE3_Ux5RRppUl8XYc8-ffHTtnTNBLlvDU8YA9rp7J8DFxzED50uNw8JoSE&sig=Cg0ArKJSzBTfvLAD0NG1EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame 2A83 23 KB
0 64ms
64ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 10:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9191
x-xss-protection: 0
server: cafe
etag: 8778699909409299010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jul 2024 10:19:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/ Frame 2A83 3 KB
0 64ms
64ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 10:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jul 2024 10:19:32 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 2A83 205 KB
0 41ms
41ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1447
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64446
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Jul 2024 18:19:32 GMT

GET
H2 200 18046106738652083207
tpc.googlesyndication.com/simgad/ Frame 2A83 111 KB
111 KB 192ms
113ms Image
image/gif 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18046106738652083207

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

260e4771cc906f3b2b193a6bb4557b50c44ff7a433603e59f13f464b4d16e913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 03 Jul 2025 12:44:03 GMT
date: Wed, 03 Jul 2024 12:44:03 GMT
x-content-type-options: nosniff
age: 104376
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113875
x-xss-protection: 0
last-modified: Wed, 03 Jul 2024 10:10:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 4DBD 0
0 220ms
220ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsskEO83R4GBsfsql7RP93qbtDhIOTvi5eeHTL8wm2jhCmq7K7vmff14xvDpD8XdEGXoR7vW5OmcYmqK9FZjJY81nFxxdXMx7JTj5Kn81ioX1diJgcbssoxcMKpwyvPJLZRIB92q5kcR-MEhnFaKkYVIXUuEoWHWr5lDy0yseMicDuwXXjlkLLksp2xgmwTPE_tSwM2PW86_bqvx1DSoqEnuNUGz5M2P-l7i1QYj-N4o_AWUkmXqsmi7zPxxJ4MLQU3w7gvl8BgzahqvnWhBlmIB98KnM2ucS7Vz4XzaPa0OiSvx1NPUBRknO7BrimPwQIFSCNV3gQ6HcoFlq6AQPfHQU17rdVB1qkT3Jmcz_-Uh85z0-sWFb3j_rZ7jrgzQ&sig=Cg0ArKJSzGPlQPvFhuv2EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame 4DBD 23 KB
0 53ms
53ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 10:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9191
x-xss-protection: 0
server: cafe
etag: 8778699909409299010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jul 2024 10:19:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/ Frame 4DBD 3 KB
0 53ms
53ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 10:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jul 2024 10:19:32 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4DBD 205 KB
0 29ms
28ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1447
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64446
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Jul 2024 18:19:32 GMT

GET
H2 200 9184670050103771326
tpc.googlesyndication.com/simgad/ Frame 4DBD 150 KB
150 KB 150ms
85ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9184670050103771326

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c5678900f0f88c5dfb67f87964f0c33ece8410d18647b01eb3af7b1fbdc919f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 04 Jul 2025 01:38:58 GMT
date: Thu, 04 Jul 2024 01:38:58 GMT
x-content-type-options: nosniff
age: 57881
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153342
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 16:53:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame D75B 0
0 211ms
211ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvyTUToCvB3Q5cHF_37qJXLHMxZA7VXI9cyrcBlXQyFbRAcjqxMs95pe-onWqV7vVJCyydcWGv1SKjZobEMIcZfGZF1F25zaEFXBnqcDY2H-sZCu9xdj5Rq2ipuh7S9p-9OKV5DGn7j-fqxra1wnToJPuqZ_Iu5-KSg_owtfxgKAUFipChZaWjQwknSA3tf5vavJt5CFotRM2p2LcKtRB0MTy7_l-hz6vbp6Vfq1APDIW_jAevG8YWcZjOsCnwncLblc4Jdg9kZqpeOpMG5Y4re1cG3e8GxB7UPGrJ7perBE0-CN3eYjTPDD2U2FQe0o-Irx1NDKcFrjayJeTxd8DkjZnfjHmXaD4hnz2XdmEjf-AaHTXlyDPkN&sig=Cg0ArKJSzGy5wq228TY6EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame D75B 23 KB
0 44ms
44ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 10:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9191
x-xss-protection: 0
server: cafe
etag: 8778699909409299010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jul 2024 10:19:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/ Frame D75B 3 KB
0 47ms
47ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 10:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jul 2024 10:19:32 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D75B 205 KB
0 20ms
19ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1447
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64446
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Jul 2024 18:19:32 GMT

GET
H2 200 479496317539370733
tpc.googlesyndication.com/simgad/ Frame D75B 41 KB
41 KB 152ms
98ms Image
image/gif 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/479496317539370733

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e892abe50ed16e75c82c51e2cc36225d953d292aee2dcd59e5f6860141c858a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 04 Jul 2025 15:39:59 GMT
date: Thu, 04 Jul 2024 15:39:59 GMT
x-content-type-options: nosniff
age: 7420
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41602
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 14:43:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame F300 0
0 204ms
203ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsu4FNexCa-hpl4UKB9tezIt3s-BouyzbDO6SIYd-vY1xunSzv5WY_B2e5tPTafLz1xUsn847O5PgfTZwn1oJ_3Z1JidITJ_jUV44KjzJ5T2lY6FCbIaJgCnn3lGb5ub5yARZ7_bZ9We3FOxE3BJ__azn7bWwqTXjBl64A3o-im0PH6eJNV_PiarXUjjeDaJtrRYCnxK_8R8u1k8W345gb5K7W6Az4il9kECkecEuWze5Wqdz8L7JdOrO-r2WzdW2j9gIUu71WNm5Re8xn7uWXa8WsPKDJxGhWih70rn5fDVXRmZ7WHKMZYH-areC2Kp6wpqkJtUQ_kH5js42EoBS7EmhR-8wVz6JmNfDZQCe-f9pX0Ivq81VIo&sig=Cg0ArKJSzAFN2L1R4Vx6EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame F300 23 KB
0 39ms
39ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 10:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9191
x-xss-protection: 0
server: cafe
etag: 8778699909409299010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jul 2024 10:19:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/ Frame F300 3 KB
0 40ms
40ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 10:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jul 2024 10:19:32 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F300 205 KB
0 13ms
13ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1447
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64446
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Jul 2024 18:19:32 GMT

GET
H2 200 14703652255925726474
tpc.googlesyndication.com/simgad/ Frame F300 365 KB
365 KB 152ms
108ms Image
image/gif 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14703652255925726474

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01bedcc7cfec99eca6ef73f365ac55be9a5be5fe4e96e715b890161e94f17058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 02 Jul 2025 15:08:57 GMT
date: Tue, 02 Jul 2024 15:08:57 GMT
x-content-type-options: nosniff
age: 182082
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 373722
x-xss-protection: 0
last-modified: Fri, 24 May 2024 15:19:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 4479 0
0 210ms
208ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssv28c5a0dYFYOgrsVemV61SZR9amLfYpfE4yN4GiA4s2cT_dUEwulE56HnMLQKpK3TwiSBnWaU3M_DsevWP8SlFjxzBas3iksXsi-ZzEcluP1SclEezrRQNEFxM9WcosqC0RqgC08brx6Vo_D5fGsFl_k-YT4aQPAkBZYrTQ4PmSXGJDNrVtxQHhITg4EAEhTiI7w2i4fGrFyO9kYgVHkzOFWRZ8jPr9wNbeIx_NZUEULhuLCgqfFAIJUOEm-FXjoQcFLwHAlmDTYcgxQL2P-Lu4DVXKPVqTG6XtzuUZUrR54l1yQs_jCEDWlJrQaFFfhm0NMB979epDrAOiig9hBgTJsVZoB-kosRoMXX92gSnJpRXR4se9Y&sig=Cg0ArKJSzGuvmuPIWPc0EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame 4479 23 KB
0 31ms
31ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 10:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9191
x-xss-protection: 0
server: cafe
etag: 8778699909409299010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jul 2024 10:19:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/ Frame 4479 3 KB
0 31ms
31ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 10:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jul 2024 10:19:32 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4479 205 KB
0 3ms
3ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1447
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64446
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Jul 2024 18:19:32 GMT

GET
H2 200 15170199408206034283
tpc.googlesyndication.com/simgad/ Frame 4479 475 KB
476 KB 137ms
104ms Image
image/gif 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15170199408206034283

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32e593a2d68a24dda32f9c841233d5ac706fc575f582350fe26e043ff7bb1783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 01 Jul 2025 01:26:57 GMT
date: Mon, 01 Jul 2024 01:26:57 GMT
x-content-type-options: nosniff
age: 317802
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 486602
x-xss-protection: 0
last-modified: Tue, 25 Jun 2024 10:17:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 8BD6 0
0 273ms
268ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuxzoodeKXXEDtbbQLws_96jPmuPe2UZ-9fcz1yH88rD0qvGtXqMw8gHlu2vT-E0bgnJqQmZ3ROO6Qv9onfA5kEGzPYqt187qBZYAPvLCbfTyYw7IuSL_b_YxuA-P5aByjH_BcmEKqFW53Wk00hAL3v-7W0waPFRdGP7QgDwoFb8QWvPp1LnylwwjrTZ7BAnzatkFo3pKp2ZVRsB9i94NpwtMpfBxlHTH2SfZdLXKKYUjnqJmThEOXQgVPlstvjOik3iZng3aoAPyV1JQtWfQzNp5d9buLp8hxq6RstoD2VtnqHQJFEBUCCFIZdoNkKXQhlWFRtPWBvldPt_XL-07y3vXk_-HFGNu0kszxNz4VD3cpYXTp4lyg&sig=Cg0ArKJSzH90xCH7A9_7EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame 8BD6 23 KB
0 23ms
23ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 10:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9191
x-xss-protection: 0
server: cafe
etag: 8778699909409299010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jul 2024 10:19:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/ Frame 8BD6 3 KB
0 25ms
25ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 10:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jul 2024 10:19:32 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8BD6 205 KB
0 4ms
4ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1447
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64446
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Jul 2024 18:19:32 GMT

GET
H2 200 27720007457749837
tpc.googlesyndication.com/simgad/ Frame 8BD6 109 KB
109 KB 95ms
89ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/27720007457749837

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9dfd7a853a9d42138bc745b5a1800a844b892379cdc8a707040c0d40a8c0e72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 02 Jul 2025 15:32:11 GMT
date: Tue, 02 Jul 2024 15:32:11 GMT
x-content-type-options: nosniff
age: 180688
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111217
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 15:40:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame FBEF 0
0 205ms
201ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstT-sRXoFsei8UXlNklFZfYz1SnYH2VeNGPuikqb7pU-sAgMGy-tmkow6AzyPR7ytxohse_UGtDkvFC8oRgw-B0I5k2tcYR2k4fyZZUaQo_s3d-yrr5t-rGAI6r-ttYe46fAgWN-0nGjvf2kBlqnfDQ-7n9HJ08MUdFqTbRV-Wu3ThY82AEaVNS5Qyw2dSwOMXu2mManPy013H-OxomPc5Hqh5xGs0aIuLvOfjK322WmeOwUCMa-QDwW8lz7EpjNrPpT5URrOJm4LfT0Z1zlP3OiorsxFSuEYucoPtArg5-bN8GJNzrlCtjPwC8BRcBQMooPCxYnkIpbTw6N_hqhq4Ut0e6a-umTf68LQYv39CFS3k1h6jGgJU&sig=Cg0ArKJSzBhia_TwoTHVEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame FBEF 23 KB
0 16ms
16ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 10:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9191
x-xss-protection: 0
server: cafe
etag: 8778699909409299010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jul 2024 10:19:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/ Frame FBEF 3 KB
0 16ms
16ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 10:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jul 2024 10:19:32 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame FBEF 205 KB
0 2ms
2ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1447
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64446
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Jul 2024 18:19:32 GMT

GET
H2 200 7175534335101279797
tpc.googlesyndication.com/simgad/ Frame FBEF 385 KB
385 KB 131ms
125ms Image
image/gif 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7175534335101279797

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c871426651de16741adb14ea7c7aa77c410448073cc74e7b16b2f936c4e7b27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 04 Jul 2025 01:56:10 GMT
date: Thu, 04 Jul 2024 01:56:10 GMT
x-content-type-options: nosniff
age: 56849
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 393836
x-xss-protection: 0
last-modified: Wed, 26 Jun 2024 15:10:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame EEF4 0
0 213ms
210ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstX2vyUSgRvdPT-C-qY1JDvutdS63GOhnA41HmdSbPfHVTpWrZEdPcololqfVRx8DYa6FnxVEVQljfHX_aG_Te7IRjXyKySVYZxYyonR944NpDuDvRb88cT7bazJ9T3AwGh5esJMi-AWf51qY44X3A2dCiW2QYO7F44SIx5fNzmaKspbwCzvRe10cpU3-5yucz3cHAd_kZ3OQEK1fq1MEuX4MXFpRD0qI3lZE9sCu1MNPuCVjY6gIHuDMjgq6CcH0SdYxjU_uAUlL18iV9_fFOv8fWQyaOsghOi0C6acpEjofwXu_tzbZNcaBbsWiUFRAElDhnMqCNKhV_7E64227O6yUehEBckldKWsEGjYOogfAiFFPagdKnB&sig=Cg0ArKJSzLZpfZlYJn7wEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame EEF4 23 KB
0 8ms
8ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 10:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9191
x-xss-protection: 0
server: cafe
etag: 8778699909409299010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jul 2024 10:19:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/ Frame EEF4 3 KB
0 8ms
8ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 10:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jul 2024 10:19:32 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame EEF4 205 KB
0 3ms
3ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1447
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64446
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Jul 2024 18:19:32 GMT

GET
H2 200 1773781326349927885
tpc.googlesyndication.com/simgad/ Frame EEF4 173 KB
173 KB 148ms
145ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1773781326349927885

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

647f9f85c5c0cbe0e6cc412225e043fc7abe5227cd1f148e39cb4ae560fb148a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 03 Jul 2025 19:18:31 GMT
date: Wed, 03 Jul 2024 19:18:31 GMT
x-content-type-options: nosniff
age: 80708
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176962
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 14:43:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 4DEC 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f376f46de13c0af330a87d2dbb0a5b813b67c0407ad029443a4479dda3161bb

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2A83 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 360c9f47a8921f43a619625052723d99b67934a270ece305e3bc88c5aa63fefb

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4DBD 222 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ced73105b8c80263212281c50d91cc99b3d427222ae87c7188885cd3180ff9f3

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D75B 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7e7f1784cf963a19aa1552cf8ba4472d950dafcd2a29fb16cc705db79c5c0c5

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F300 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0a9b15064788b4a98a78f6dc12eddec7b627595562772089a1fd8ce440800e7

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4479 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69f79be09493ab770873062c44d3b97e1d53d314dfe85b077e2faf8581d71bd6

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8BD6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54dcb0e0976f619ba0dfcb7889af3b181efcfaa62278c69328209482df7d76e7

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FBEF 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 730de339594b17e3cba31040288d5e953aafed22725f8f0b4749840534029cc8

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame EEF4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be00acd81a3ba28b6c2898ef13313731e9f86c858b51ea198b7ef5045d94e709

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.google.nl/pagead/1p-conversion/981195317/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981195317/?random=619165635&cv=11&fst=1720115018985&bg=ffffff&guid=ON&async=1&gtm=45be4730v9181219265za200&gcd=13l3lPl2l1&dma_cps=sy...
https://www.google.com/pagead/1p-conversion/981195317/?random=619165635&cv=11&fst=1720115018985&bg=ffffff&guid=ON&async=1&gtm=45be4730v9181219265za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&...
https://www.google.nl/pagead/1p-conversion/981195317/?random=619165635&cv=11&fst=1720115018985&bg=ffffff&guid=ON&async=1&gtm=45be4730v9181219265za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u...

42 B
64 B

38ms
38ms

Image
image/gif

142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-conversion/981195317/?random=619165635&cv=11&fst=1720115018985&bg=ffffff&guid=ON&async=1&gtm=45be4730v9181219265za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&label=tlaeCPvm4sIBELW079MD&hn=www.googleadservices.com&frm=0&tiba=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&gtm_ee=1&npa=1&pscdl=noapi&auid=491984248.1720115019&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI-N2-5feNhwMVOWgeAh1xzjrhMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Jmh0dHBzOi8vY3F0eTEuYmh1ZWZiZnJ2Ym4ud29ya2Vycy5kZXYv&is_vtc=1&cid=CAQSGwDaQooL_iOhRpeMCx2OqKLZ9ZMsoBZYqZR1iQ&random=374397141&ipr=y

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.nl/pagead/1p-conversion/981195317/?random=619165635&cv=11&fst=1720115018985&bg=ffffff&guid=ON&async=1&gtm=45be4730v9181219265za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&label=tlaeCPvm4sIBELW079MD&hn=www.googleadservices.com&frm=0&tiba=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&gtm_ee=1&npa=1&pscdl=noapi&auid=491984248.1720115019&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI-N2-5feNhwMVOWgeAh1xzjrhMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Jmh0dHBzOi8vY3F0eTEuYmh1ZWZiZnJ2Ym4ud29ya2Vycy5kZXYv&is_vtc=1&cid=CAQSGwDaQooL_iOhRpeMCx2OqKLZ9ZMsoBZYqZR1iQ&random=374397141&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
152 B 28ms
24ms XHR
text/plain 2a00:1450:400c:c1f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-11411975-1&cid=1177745697.1720115019&jid=21550074&gjid=359228018&_gid=987208000.1720115019&npa=1&_u=YADAAUAAAAAAACAAI~&z=1627885124

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1f::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cqty1.bhuefbfrvbn.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240702/r20110914/ Frame 90B9 0
0 80ms
28ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240702/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7073370864490749&plah=cqty1.bhuefbfrvbn.workers.dev&aplac=true&bust=31085041

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 54585
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4142
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jul 2024 02:33:54 GMT
etag: 2738592464165616
expires: Thu, 18 Jul 2024 02:33:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame E3AB 0
0 117ms
80ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7073370864490749&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1720115019&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&pra=5&wgl=1&easpi=1&aihb=0&asro=0&ailel=27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=27_15~29_10~30_19&aiixl=27_3~29_5~30_6&aslmct=0.7&asamct=0.7&aisaib=1&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720115018928&bpp=6&bdt=1836&idt=602&shv=r20240702&mjsv=m202407010101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7602808998987&frm=20&pv=2&ga_vid=1177745697.1720115019&ga_sid=1720115019&ga_hid=1541978497&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532524%2C95330410%2C95330414%2C95331696%2C95331833%2C95334511%2C95334525%2C31085041%2C31084184%2C31078663%2C31078668%2C31078670&oid=2&pvsid=332987106770839&tmod=1368909087&uas=0&nvt=1&fsapi=1&fc=1920&brdim=240%2C240%2C240%2C240%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=622

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jul 2024 17:43:39 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 154ms
49ms Image
image/gif 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-11411975-1&cid=1177745697.1720115019&jid=21550074&npa=1&_u=YADAAUAAAAAAACAAI~&z=500464595

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
108 B 53ms
52ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-11411975-1&cid=1177745697.1720115019&jid=21550074&npa=1&_u=YADAAUAAAAAAACAAI~&z=500464595

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 4DEC 0
0 207ms
207ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsv0mE_PxNl9taA70dYBQu0tFCsTyCf6v-i-Vd7DSGTxQgyBv2Fw3jOWWKwbWYNmL0u2oPVl8hQ-uNuqbGFqTMvOjBF5KCSvC5Hw9waLp-Pwgl7g2ngaCPu3Pl10ctwqojW4bCxiC15CfbSEVCucSTgg39xXdfs8O-L204IfbxxAFcR6MBPfBR2SpDzt_LZcYDG0RELz_OpdLO3e-XBAlLBGt6tk7WXOr-1KpD5CO7qzyoOImjf9AGEK-x7-AQ8LiievzHCj9Dp0eI3NSxZk3rsiqiX_MV5INaO6y5TwZwhSZPpM2rRShaSfaIClh2Y-aczoe8Wq4HGBDHfGhjYOwwxXMMu0ZmEKMk1eBEGumLmFhe5Oj9utaYbjsg&sig=Cg0ArKJSzILhoHC2b6DLEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4DEC 0
0 198ms
198ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 8A8D 0
0 202ms
201ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstONH645Q_yCV8XsUg3V0esiOmWzzfQ_44WY_kvqMf-nKzNzwpT6-3Bx8AWoU26GcqW7fVla41xU2UmQdJkKwfUGRR4GTguq37oIAGAoM74AT52qBloO-aDWas_XlC2EWWe6vNB4G_ouglSb1AuGrJ4NKrBJgLrTSx2YFm5MxAlYv7GY9xpwEewYb760roPYgGXZRBO6LaMIiEYOm131wFLT7EapGBCMvYZPHOrPXkJw85-O5nbpssgGuLn6KeWEs-7c5hQyvPZbNaU46oFQAR43qVGxjBW3nhiDHMfWJ1LkK5n67N4MLI3slCRi8l0FPclhFBTky0ALS7bdA4-T5L1tYG8qWueuxVZqxPy2jxGNYLvsKSNZ30x&sig=Cg0ArKJSzMpMBOdJtcNDEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame 8A8D 23 KB
0 8ms
8ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 10:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9191
x-xss-protection: 0
server: cafe
etag: 8778699909409299010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jul 2024 10:19:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/ Frame 8A8D 3 KB
0 3ms
2ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 10:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jul 2024 10:19:32 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8A8D 205 KB
0 2ms
2ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1447
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64446
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Jul 2024 18:19:32 GMT

GET
H2 200 1475470855697675847
tpc.googlesyndication.com/simgad/ Frame 8A8D 31 KB
31 KB 29ms
23ms Image
image/gif 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1475470855697675847

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a563a42417b2bc1412e49c2a1a9869e2bff6627fd8837f4b94c76467d73c3455

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 03 Jul 2025 01:32:28 GMT
date: Wed, 03 Jul 2024 01:32:28 GMT
x-content-type-options: nosniff
age: 144671
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31985
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 09:37:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame D75B 0
0 203ms
202ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssTH8dhoZD88mI4ngL0no30YfZYzbxg9yNFDWvZNjGLZOd2sg-m4TGC2UKXP_ESGRt1hxNiTtEGwWGZiM2hfcNeGWLGRcfAlLdDqiNBB_SCIZk8eb8oRkOliA-7vhu-dxj8__XDHS0OXzKPkvpvVj2rMj1k3IN7x6KIYN-W37rUep2X-vBCmsarNczhs7hnLSJynOst-IIVENkQZsj0DfOY2tfy_xTqjwXdrSsjfGTVVXMYA0IJMz7LNH_v2MDfdKKRY5WLupnOf7RZl7DBfmeRxqdYMnSK0OoLPUFWIL9PBxTej-CVgwdODryweisTCJJP2cfaoNtbHwoEgymLeWlqwxcQkIpPY_C1vGoMOWBAeMNxHFotroLV7KQ&sig=Cg0ArKJSzOQxfMAhiE6mEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D75B 0
0 347ms
200ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8A8D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37c4d42a8f29914f3ed4644b091eb50f5f32d6fc8a2f5d3518312d4d9c9b140b

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 2A83 0
0 203ms
203ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvHNOASXjdwcJLQjVCtr2VOQVu3IMhJzNYKC24DEbH69pFhSqTXRmRhkUZFuxTQa5fdsqkTZWiBMhQ1ZTJL8-UmavmdRctpEDvfLw-rHGYs4qQHULy1-KrKhVorfOCtbzWzCcOPKiqAjrYr4bKYh2eBzGb7pY_Bqd9O8vzovgXY6pTDTYps1W0ueMVqMKwFS7yweXaTqtu9k1I-evEx7WqNMUbIH3G3vV90Q9WbhquZcY3qc_thQhBNrSdLALyLuegq6qFNIqDD0wFX1TIdlIl7PkmFCirW3m6ngKlBV7tY3gmOXWDq625H9P7O3hQM2W8Kt670R1T_aStAoHz8D23A7KibySCoRcF3FAO5tOaHRZFlyePL2XJQ5w&sig=Cg0ArKJSzN6DtBAI8qyNEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A83 0
0 520ms
201ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 4479 0
0 204ms
204ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuJfkDZT87NiMt4BLT1bC73ueGJI2KhlK_SJ5vVTnUa8lNOIIyklNOSLkoH4hK67lEJK0rL2nf5oy53ytXDJrLi661fSgLPSx0wDr4q633t8CYbc3REbwxB79d3G8gPW_RcnOMONc0DzppHjvTQ20nY0xEtojHmpK5RTRsxuSVXsPquhelHy6sgIWvRqfTu8JJbDN6LUpcGeBUsFUDkGo2-fUDjoVB000YFB1UkaIH8BDm3mCUhhDW15GssFaTWXtmGofA_oOF4Gapz7LKk2RM0aOi5H4F5hcERlahRTeYmERRL806Qk6wbV6srLcBvb13o9osx00fr3mVKp0E39FWKCdIN_DRV0zJMq_TWkj3WM6PcQtf7rSyQmQ&sig=Cg0ArKJSzKe8mUAAH60hEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4479 0
0 696ms
198ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame F300 0
0 203ms
202ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstC1yPrF-YKuKmmWRapFFbK4gcXi-qwuiLwYA1hqId00bsvyITL3R0prrtdxUNbwe8ASMAIG2o57ShoUdzUD0PzdoSC1ugux0OYmgDhps3ZgZLM4PtvEuzo2TpScRDKW0GuTyu8T8OQv66aH9v9RAUAmtL6Sw7InUH64hmQp4k3lp3Fx7yFfBVybNsL6-TpACWviFVtgjpAfzomW05ntUU7Z8yFANXjN63BBHvdLWS6-3Rk5XiBMa0rGu7XgMNN6wKQjY4Ec6Oj5wLJQkRfNS99raHqPs-vl_bMQJkHmjFlX9ltZFQ6XrBTGnyiF36lx4leyiaB4GNSryaWsCMNEUBO7ty_kwfvZbFHzuJlz0lolQ50bvePwmgdGA&sig=Cg0ArKJSzNth9QF5mC8cEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F300 0
0 867ms
200ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 4DBD 0
0 204ms
204ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssSz1btsXyuwI8m8V6OvAm8Ha5mG_DjHWX7DN-BeGFuLe0UnE0IQDSIYnT9Maty_45_Sxn0nMK-8uLrukTVrv1BIlYZIUnLITJ_gXD9saLpjNFClRJwcdUJhGynhmgMLPSNWlmekLJcBqg3YTQ8YvtRP_0QDm64S7o1A_VWc8NfvEvwBNUHEBKjEuda_omRfQNRfaKR_lauhmoIrTbC6lFjN01z3um511d8Rw66JJa6IUqEcvngVaX5iYCpEMQTrhWTd5RBkB9-_eJmHHa8Qu6sp__8YU_Wz8LTn03zd7qasxAeEYb71TSqHIAKkRpHvjTN4YrWIEmR2H_feheLdzVoGU2mVcc2vZbqCkWshN3NKYF0dea_1RvLQ9KeCqEnvXs&sig=Cg0ArKJSzKz8lkyDjzMyEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4DBD 0
0 1048ms
201ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 8BD6 0
0 205ms
204ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvV3D6BVWDe624fsYYKNZ57YKxsG-OckGkzAXDpIyCb8R8MGSMGUjAlJd3U4WpTWk7FRS_P61ncUmTLY63nWnUSB_cynXeTAlD15zDS4vlr7UPjfTJ1kV7xicJ3-k7NzWfY4ozE3PiOota0QdmNBQCejHSVVsxyNctV8UXWHn6mnRluy2zmz0sAAgPD8sptSO8Bktmgp2hxiHAKTzEBajAXEAdeLfQQd8_2ji5hvWecl9mCCStbDsqp5xWeIilMTZj0iw599uUYwp-k_c-LXcb2RzJerYKmminfLocV-f0Us7q25AChbkUfyVpXkyPd58-h9KVvZhG90WrUGjr_Uqzw2KodUGuHOmQxkXlXfTAO8hTN09ndG2eqUg&sig=Cg0ArKJSzIjFwf3JI17tEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8BD6 0
0 1223ms
201ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

B31687471.398689291;dc_pre=CNiQ7eX3jYcDFfOCOAodeYADhQ;dc_trk_aid=590688921;dc_trk_cid=218283907;ord=1998590239;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_t...
ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/ Frame 2A83
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.398689291;dc_trk_aid=590688921;dc_trk_cid=218283907;ord=1998590239;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;g...
https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.398689291;dc_pre=CNiQ7eX3jYcDFfOCOAodeYADhQ;dc_trk_aid=590688921;dc_trk_cid=218283907;ord=1998590239;dc_lat=;dc_rdid=;tag_for...

42 B
63 B

71ms
70ms

Image
image/gif

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.398689291;dc_pre=CNiQ7eX3jYcDFfOCOAodeYADhQ;dc_trk_aid=590688921;dc_trk_cid=218283907;ord=1998590239;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?nis=6

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.398689291;dc_pre=CNiQ7eX3jYcDFfOCOAodeYADhQ;dc_trk_aid=590688921;dc_trk_cid=218283907;ord=1998590239;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?nis=6
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

B31687471.399082428;dc_pre=CPGS7eX3jYcDFQKW_QcdVOILlA;dc_trk_aid=590604620;dc_trk_cid=218283907;ord=1788559956;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_t...
ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/ Frame 4DEC
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.399082428;dc_trk_aid=590604620;dc_trk_cid=218283907;ord=1788559956;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;g...
https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.399082428;dc_pre=CPGS7eX3jYcDFQKW_QcdVOILlA;dc_trk_aid=590604620;dc_trk_cid=218283907;ord=1788559956;dc_lat=;dc_rdid=;tag_for...

42 B
63 B

69ms
69ms

Image
image/gif

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.399082428;dc_pre=CPGS7eX3jYcDFQKW_QcdVOILlA;dc_trk_aid=590604620;dc_trk_cid=218283907;ord=1788559956;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?nis=6

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.399082428;dc_pre=CPGS7eX3jYcDFQKW_QcdVOILlA;dc_trk_aid=590604620;dc_trk_cid=218283907;ord=1788559956;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?nis=6
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame EEF4 0
0 204ms
203ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvClAFwdor_C09XZ6gXhG_TEQSeKussTaKHKgg45sSOo2Of8PFemEAOiGhlzub3W1Y2OnTAGBVqoudi2KORv_RnG00fvWgo9Xa5Z_UGGeH6M1hlqXou04pHVnddErOoXCI4QZEjWiVl20KX5hn2DQVgk6A5kgUaplH9aYSSdzQHVwVAG_HDxFnqLNH8dyyo3wv5xErQFE3U-IsIl9_LymePwe2DwWn-ewI3bfrOzG4v63LQKJ23c_5BEeyINMhGkCwNh0UmjlS_qC8Hv0HZWrzyxVoAI1IIl4u-dI6UEqyy3er9byPPNlI_0qetUogpFQvkspAqoWCR8FWViBKOWASOb48Pw0rb7c_ND06aj_33YTKdOkStXRzbhxc&sig=Cg0ArKJSzL0JMHhzn4dZEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EEF4 0
0 1401ms
201ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame FBEF 0
0 204ms
204ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstJikIkOTT5n97UzU2pUDRMaOVhULeAMhjpYazX3TzBW9o2rtD4ILfehNAYcMk8dhMTSD-kOb9IfvRaG5u4pf9b8P2b_o6nMDT-rAOJsLlJDu__oFBHdto7k6DL6xPZCQylYYgktFk2hvCaMxaUoUCrn218um43eTHK_tufGoM1VxN-UbC_n_KwtEoZxKXgIhroYXnDIrrt9V95STL9--wnJx3daB8cm9rOH_5G9Nn93q9NlAWw5chUhPwiZx3vnxXypn6Cy_izAN2Am8gmtidU9V7MUqfYfBSCaoBHiIk55VDlQfUC0wD7r6mVOb2Af6Lh0SwR1p1ZW_7WY6g5Vplvb2rj4bnUHtKdJ6q7Ph46TVFXb-QaTgWt6g&sig=Cg0ArKJSzIMkRSjX-qxGEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FBEF 0
0 1583ms
202ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 wp-emoji-release.min.js Show response
dctboyojy.578333.xyz/wp-includes/js/ 18 KB
5 KB 485ms
484ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 11 Apr 2024 14:29:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6617f3c1-4926"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ojZVIP2y%2BmMnNrDN7hJNKE1ewxcNLt3kqtJ1tbjmgMNNrX93Zp751s1wEvJn6qPfNBrMaxTfxuJrijJfg5iMIDM4Y4tXXPTeDTQvZEsD6Cz8lile2PqsXlcZ%2BtEyXoNvwTOH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89e0eb3aee4e9fd0-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 2023-White-Volkswagen-Light-Commercial-New-Caddy-20-TDi-8067268-2-600x600.jpg
image.blob.ix.co.za/Used/8067268/2/ 199 KB
199 KB 415ms
409ms Image
image/jpeg 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/8067268/2/2023-White-Volkswagen-Light-Commercial-New-Caddy-20-TDi-8067268-2-600x600.jpg
Requested by: Host: dctboyojy.578333.xyz
URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/swiper.min.js?ver=1.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 954989d286e6e975f3089ef864155bb2f712c53dd06423242f341a021b4d3d2a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:40 GMT
last-modified: Thu, 11 Apr 2024 10:30:47 GMT
server: Microsoft-IIS/10.0
etag: "67f42051fb8bda1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 203635

GET
H2 200 2024-White-Volkswagen-Light-Commercial-New-Amarok-30-TDI-V6-4Motion-Style-AT-DC-PU-8067915-2-600x600.jpg
image.blob.ix.co.za/Used/8067915/2/ 133 KB
133 KB 194ms
189ms Image
image/jpeg 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/8067915/2/2024-White-Volkswagen-Light-Commercial-New-Amarok-30-TDI-V6-4Motion-Style-AT-DC-PU-8067915-2-600x600.jpg
Requested by: Host: dctboyojy.578333.xyz
URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/swiper.min.js?ver=1.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6b5ce146cf7116f0e2e74140e77f6c385e3b54ee6433182910fcff4e96c32d65

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:40 GMT
last-modified: Mon, 25 Mar 2024 09:27:08 GMT
server: Microsoft-IIS/10.0
etag: "15708d9b967eda1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 136429

GET
H2 200 2023-Red-Volkswagen-Light-Commercial-New-Amarok-30-TDI-V6-4Motion-PanAmericana-AT-DC-8088085-7-500x500.png
image.blob.ix.co.za/Used/8088085/7/ 180 KB
180 KB 197ms
194ms Image
image/png 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/8088085/7/2023-Red-Volkswagen-Light-Commercial-New-Amarok-30-TDI-V6-4Motion-PanAmericana-AT-DC-8088085-7-500x500.png
Requested by: Host: dctboyojy.578333.xyz
URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/swiper.min.js?ver=1.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dcaf5adf797ec8317801b74304fbd846ef7022895c5fe7389791ce35fec2dd60

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:40 GMT
last-modified: Thu, 18 Apr 2024 08:50:08 GMT
server: Microsoft-IIS/10.0
etag: "ee809e6a6d91da1:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 184216

GET
H2 200 2024-Black-Volkswagen-Light-Commercial-New-Amarok-30-TDI-V6-4Motion-Aventura-Auto-DC-PU-8145756-1-433x577.png
image.blob.ix.co.za/Used/8145756/1/ 142 KB
142 KB 409ms
406ms Image
image/png 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/8145756/1/2024-Black-Volkswagen-Light-Commercial-New-Amarok-30-TDI-V6-4Motion-Aventura-Auto-DC-PU-8145756-1-433x577.png
Requested by: Host: dctboyojy.578333.xyz
URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/swiper.min.js?ver=1.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 24dec5c4cec131b7d75edd8e219658439ec5a9eef27a6d4f809bed94e0309307

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:40 GMT
last-modified: Fri, 21 Jun 2024 09:38:20 GMT
server: Microsoft-IIS/10.0
etag: "1911b3c0bec3da1:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 145732

GET
H2 200 2022-White-Volkswagen-Light-Commercial-New-Caddy-Kombi-Maxi-20-TDi-8096639-12-1400x788.png
image.blob.ix.co.za/Used/8096639/12/ 450 KB
450 KB 416ms
413ms Image
image/png 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/8096639/12/2022-White-Volkswagen-Light-Commercial-New-Caddy-Kombi-Maxi-20-TDi-8096639-12-1400x788.png
Requested by: Host: dctboyojy.578333.xyz
URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/swiper.min.js?ver=1.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6693155d4b1f9d88694cfb144cf859a2bc16e36785c5788b28d8c0ecfcf777a4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:40 GMT
last-modified: Fri, 26 Apr 2024 14:32:26 GMT
server: Microsoft-IIS/10.0
etag: "f6ec2d8fe697da1:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 460522

GET
H2 200 2023-Silver-Volkswagen-Light-Commercial-New-Caddy-Kombi-Maxi-20-TDi-8145755-6-499x499.png
image.blob.ix.co.za/Used/8145755/6/ 151 KB
151 KB 418ms
415ms Image
image/png 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/8145755/6/2023-Silver-Volkswagen-Light-Commercial-New-Caddy-Kombi-Maxi-20-TDi-8145755-6-499x499.png
Requested by: Host: dctboyojy.578333.xyz
URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/swiper.min.js?ver=1.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 505a070253d4108b2d55075c7934f5d356a4175950b8545d2e2b44903e02b2bf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:40 GMT
last-modified: Fri, 21 Jun 2024 09:28:49 GMT
server: Microsoft-IIS/10.0
etag: "65cc4d6cbdc3da1:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 154189

GET
H2 200 2023-Beige-Volkswagen-Light-Commercial-New-Caddy-Kombi-16i-7-Seater-8152135-1-500x500.jpeg
image.blob.ix.co.za/Used/8152135/1/ 118 KB
118 KB 599ms
597ms Image
image/jpeg 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/8152135/1/2023-Beige-Volkswagen-Light-Commercial-New-Caddy-Kombi-16i-7-Seater-8152135-1-500x500.jpeg
Requested by: Host: dctboyojy.578333.xyz
URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/swiper.min.js?ver=1.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 85d485761935ccf68befc32cb4c588f97285a10a92b32178664c5d280ccfd920

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:40 GMT
last-modified: Tue, 25 Jun 2024 08:34:37 GMT
server: Microsoft-IIS/10.0
etag: "cc29d683dac6da1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 120816

GET
H2 200 2024-Grey-Volkswagen-Light-Commercial-New-Caddy-20-TDi-8067917-17-499x499.png
image.blob.ix.co.za/Used/8067917/17/ 182 KB
182 KB 607ms
605ms Image
image/png 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/8067917/17/2024-Grey-Volkswagen-Light-Commercial-New-Caddy-20-TDi-8067917-17-499x499.png
Requested by: Host: dctboyojy.578333.xyz
URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/swiper.min.js?ver=1.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a691468e970cac9f9836fedbbe894e916274583e6c408e6c1a89b1538045b8da

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:40 GMT
last-modified: Mon, 22 Apr 2024 10:57:55 GMT
server: Microsoft-IIS/10.0
etag: "1a6638eea394da1:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 186416

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 8A8D 0
0 204ms
203ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssqyoM_Yt2hLbRYkG_7ztneARVw6SC1n3MjkOtLIcz-Mk_jzUIHzy7auGSjxydWp_CQTYzAYvi62eU6rrybGsFDxnaqv1fyF4w0duH5fmc5-uF4eXEIzbgvsPL5RHNdaNDKc3_Xff6pDLD-JN2CGiaJzM117UIBszOYjLbfjyO_MRUCedKyMhT8B5hpORa7uPE_pS2r_ej5ZfcXx19xcVRErbz05VIDACt40gfJgytFYlrqPscV_e7uMTWHfao4fFWp5cGdXycLHnqgl2IMG0hQ8aF2aOqFVxLz7dEOaLMNHR9D8niAa_11hn5bGaebebhRioWamFeu4j1fpMV0aj2ZHWfR8yrRAspFivhKsjmzQHnTrRDXRuZY1Cc&sig=Cg0ArKJSzHLhVPd_-TSsEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A8D 0
0 1464ms
201ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D75B 42 B
65 B 204ms
203ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWHfkK0VyzdE1DgtSO3_PrQQgvW28gt_PjXstKUr5cRBXmmlN1qataS5rPjTAszgLcXf6Pxd6o-o1yG3po8pQKm4ydJ9f6tMOL1gzZQ77wI0yM9So-s-Z67xTJTcDbNfowfGFUaKBIMw9EbCufyyzaX7JlcfGiTNvdv_8jcTOQW8s&sig=Cg0ArKJSzDo-cRIeREPCEAE&id=lidar2&mcvt=1000&p=99,436,189,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240701&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2558534381&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&vs=4&r=v&co=1604781900&rst=1720115019374&rpt=331&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4DEC 42 B
65 B 203ms
203ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvy2gPneO50JZCQQuqlk9yNWG0p5OwyKXgiOoy_Rp1VKvXQ3f8JCyjU_VRcIPEMfRQq_LaTdf7s4MWEv1WRrJ8N6qZ1xqEW8FbiA1zhv2hCq7rUX5glYCgn5yJ697OYcER34ICXYibw71y2otz-RR-Acu5FoVRK7IoQ1XvVncF0Oe4&sig=Cg0ArKJSzMGcpYOFNbq-EAE&id=lidar2&mcvt=1002&p=190,0,886,174&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20240701&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=979567663&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&vs=4&r=v&co=1604781900&rst=1720115019324&rpt=326&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2A83 42 B
65 B 203ms
203ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyMoRUEOFGm15FFQXzulwOU7MNOecSrODzoK2kjimB7zvth2-OrIHhMjxvpZWwIykHxyc0WDN_xC2OwBNOXbo9vinF15PRwxyF8C5o9bCiZxEwBzrRAWa3XJxqGYjFuxBIHPAcOclLUkW1oMm4Ci3fVuRgN-M0ppRrq2rHg6wLlJ8&sig=Cg0ArKJSzJSTEHbFFnaBEAE&id=lidar2&mcvt=1000&p=190,1426,886,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240701&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2185212989&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&vs=4&r=v&co=1604781900&rst=1720115019349&rpt=391&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4479 42 B
65 B 204ms
203ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwlg4UC4x7o8-XFZnjsuQ57isA0uQDOSoUzzpF4VQejuJdv09ZTxJCAAxSKj6kKzQ4WPAWcrIgSP9SKqxpoPPtQO0Qk97fiv8iWRqHl94ZKYNMfTJLEiChjkfQGiUKC5m5u7n_1myS299uOeVX_tMAAnHjDl5zpVOxs3B1nIPsLMM&sig=Cg0ArKJSzLI1r6bcq8pvEAE&id=lidar2&mcvt=1002&p=719,1074,969,1374&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20240701&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=302933537&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&vs=4&r=v&co=1604781900&rst=1720115019395&rpt=369&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F300 42 B
65 B 203ms
202ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpJ50yZf25b6u7foilZin2QSVUsGD3zJz0IpsUXxa8jo961IGR4ee6PpQKkjnRImTqWnzi25Ac43U9ZwK85GepDpzErW7N0Ae595JoJkvXjruKP-E2_tQc3VeS3fpeYSBe52Y94yaepl2PQ6_mcG1LKs_dQP2i8tmfaS2F34j6Cuk&sig=Cg0ArKJSzNKzmKrbV42MEAE&id=lidar2&mcvt=1004&p=454,1074,704,1374&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20240701&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=435244622&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&vs=4&r=v&co=1604781900&rst=1720115019384&rpt=409&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 97ms
96ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202407030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e81837265f98480548069579efc5dec26c270ed8a50ccd06e2b6e816afaea437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12504
x-xss-protection: 0

POST
H3 200 rum Show response
cqty1.bhuefbfrvbn.workers.dev/cdn-cgi/ 0
109 B 24ms
23ms XHR
text/plain 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cqty1.bhuefbfrvbn.workers.dev/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Thu, 04 Jul 2024 17:43:41 GMT
x-content-type-options: nosniff
server: cloudflare
cf-ray: 89e0eb424d6541e8-AMS
x-frame-options: DENY

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8A8D 42 B
65 B 204ms
203ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqyQMbzvovUtt3Hwjgn05UotcYPYZC5GRVO4_nLOd4i2ptg9ZEUnBlLbguZmnx0xh7vaRb5h_1mj-TCld-_i0kaBvaqjg3O__XtYT74ZbQ2jtk-8-DzOa23mn4fIk6M63WEucupXUsVRTHKuDXFHvA2kskpMHXW1km6iZfnQzXpE0&sig=Cg0ArKJSzLIZ49980vpPEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240701&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=25877906&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&vs=4&r=v&co=1604782000&rst=1720115019676&rpt=528&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 17:43:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 74ms
73ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085077

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 17:43:41 GMT

GET
H3 200 favicon-32x32.png
cqty1.bhuefbfrvbn.workers.dev/ 1 KB
2 KB 592ms
592ms Other
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cqty1.bhuefbfrvbn.workers.dev/favicon-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb2c9015a07685f5df9721d1972ae0c1993e006800b2ef8ec184b846b279ab9d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 17:43:41 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 17 Nov 2022 09:18:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6375fc49-564"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F2qKZBi5Qv7jvHnDDfYw9GFAceliDWUdXARrVMkXggsW6PFwR7HENvcieDDJwQZkT0mU2Vwf9%2FjsnrVHwAAd7NNwAtaAqETyDZ3RWv8uGqr4gMC8DIdC7eX2M5FDtOxT1mmV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89e0eb43bea441e8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1380

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8BD0 0
0 152ms
49ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 26648
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jul 2024 10:19:33 GMT
expires: Fri, 04 Jul 2025 10:19:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.399082428;dc_pre=COOM0-X3jYcDFUShgwcd1joLMg;dc_trk_aid=590604620;dc_trk_cid=218283907;ord=1788559956;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?nis=6

Domain: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.398689291;dc_pre=COWI0-X3jYcDFSaMgwcdorkBtw;dc_trk_aid=590688921;dc_trk_cid=218283907;ord=1998590239;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?nis=6

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202407030101&jk=332987106770839&bg=!3d6l3pHNAAZ5zPvEWcw7ADQBe5WfOO_weNKcbTmsseTtw83ICGzS8solay9sktTdSnp2qtSp3q7CKAZIk4hhWa8z8sXPAgAAAExSAAAABWgBB34ANY7cFa-gWy9qRp6sHJ_2qLhb8CTawPsTU71YKzw6nxG_gaO7ESpC1XAm8-jAGvVT1ej7zJmnmQKfP_CnLb4UlzghoS2lcvPWKdzdfaKvZWJpSO8l5ZWZqnai2S77t7y8KBUf8yTGWVilARGDRvf3LCxkDZiX69pw8swc5zY48jD3AFS9guotchebS1esCoyGK9jEyEMd-gVTuIVu_C8aD0tNO983_AZvyQ6z4CcPMHbZXFBdrcF28fDHKIzfwHxvn9-e3NRMw_ISo_6UInuJE-DayoJAIS286MWWL9fC4Qv8ZxR5cIYoY6B91-IOCBWbwQcpotwWJfYCDs1Lgd0IfA2V9ygWHPhO8sPMfJa9FwWRS5bS7ipmnuZC9KlIcohvPnloJk3dSPVkomA9_hGpw_9C2zasrfDeHETC5rOQ3uXire8Qky0evhV7IYyZYTzlkp4ug6jxpsiRsBd3jRHIwQ3EPHU2dUGvjaSHpNb7IEFYE-b9mGr_sv3JOaeQVbmYrjqht8X6iIN9M9T5ZrjYu5gcekwwC9OJypCwMRqRYtdHpQIlJQsABA-ZUY9JtX5CntEHPQfVHndCTzFMTJvK5sSeXe1b7Ku8z1axhpPxBIWQTg-c4QWERqaRgx4u04Bha2O85sFGIcXG7eGXwvEpQIkyVhBf6xpfipR-Fjmoh-27Iky8gEfvv6OsMzN1jZ_BVRTpWySCSaArk-inrdRbCwy1E6V7jSLYttkENkUEHBECUgRvWzXHl6foTPsYMB2hgddDQDotvv5nZC-MgMl1JIpMV0kmYSuRuWz-uqZKYgcIhzbRZGssiIffPSV2AlO2E66Xzj5fnND4NQmzkHhs2lAA4eQ5rAR-4Cwey6j7V1-GU8VEwv9iEz9bEFZOtlKWE7B1nJe7W9visd5eOeS6TWZzTfUlPekGFh6daQRk-c-G0ggTCMGy7IhBoKk8S0sLJ1l_Ox5So8g

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bhuefbfrvbn.workers.dev/	1970-01-20 23:58:11	Name: _gcl_au Value: 1.1.491984248.1720115019
.criteo.com/	1970-01-21 07:10:11	Name: receive-cookie-deprecation Value: 1
.bhuefbfrvbn.workers.dev/	1970-01-21 07:24:35	Name: _ga_KYLBT1M2BJ Value: GS1.1.1720115019.1.0.1720115019.60.0.0
.bhuefbfrvbn.workers.dev/	1970-01-21 07:24:35	Name: _ga Value: GA1.3.1177745697.1720115019
.bhuefbfrvbn.workers.dev/	1970-01-20 21:50:01	Name: _gid Value: GA1.3.987208000.1720115019
.bhuefbfrvbn.workers.dev/	1970-01-20 21:48:35	Name: _gat_gtag_UA_11411975_1 Value: 1
.doubleclick.net/	1970-01-20 21:48:35	Name: test_cookie Value: CheckForPermission

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://cqty1.bhuefbfrvbn.workers.dev/(Line 2101) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://highburyads.co.za/www/delivery/ajs.php?zoneid=1599&cb=54400861238&charset=UTF-8&loc=https%3A//cqty1.bhuefbfrvbn.workers.dev/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	error	URL: https://cqty1.bhuefbfrvbn.workers.dev/ Message: Access to fetch at 'https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.398689291;dc_pre=COWI0-X3jYcDFSaMgwcdorkBtw;dc_trk_aid=590688921;dc_trk_cid=218283907;ord=1998590239;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?nis=6' (redirected from 'https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.398689291;dc_trk_aid=590688921;dc_trk_cid=218283907;ord=1998590239;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?nis=6') from origin 'https://cqty1.bhuefbfrvbn.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.398689291;dc_pre=COWI0-X3jYcDFSaMgwcdorkBtw;dc_trk_aid=590688921;dc_trk_cid=218283907;ord=1998590239;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?nis=6 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://cqty1.bhuefbfrvbn.workers.dev/ Message: Access to fetch at 'https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.399082428;dc_pre=COOM0-X3jYcDFUShgwcd1joLMg;dc_trk_aid=590604620;dc_trk_cid=218283907;ord=1788559956;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?nis=6' (redirected from 'https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.399082428;dc_trk_aid=590604620;dc_trk_cid=218283907;ord=1788559956;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?nis=6') from origin 'https://cqty1.bhuefbfrvbn.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://ad.doubleclick.net/ddm/trackimp/N1003055.277770CARMAG/B31687471.399082428;dc_pre=COOM0-X3jYcDFUShgwcd1joLMg;dc_trk_aid=590604620;dc_trk_cid=218283907;ord=1788559956;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?nis=6 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a78e7b7cd0d35b1ba316b63e4ad47ddb.safeframe.googlesyndication.com
ad.doubleclick.net
buttons-config.sharethis.com
cdn.taboola.com
cqty1.bhuefbfrvbn.workers.dev
dctboyojy.578333.xyz
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
highburyads.co.za
image.blob.ix.co.za
l.sharethis.com
old.carmag.co.za
pagead2.googlesyndication.com
platform-api.sharethis.com
region1.analytics.google.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
ad.doubleclick.net
pagead2.googlesyndication.com
102.130.121.238
142.250.185.161
142.250.185.198
142.250.185.98
142.250.186.131
142.250.186.164
142.250.186.34
142.250.186.98
151.101.129.44
151.101.65.44
172.217.16.194
172.67.216.21
172.67.216.245
188.114.96.9
188.114.97.3
2001:4860:4802:32::36
2600:9000:206f:c000:c:abe:f440:93a1
2606:4700::6810:5049
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2001
2a00:1450:4001:831::2001
2a00:1450:4001:831::200e
2a00:1450:400c:c1f::9d
2a02:2638:3::c
2a06:98c1:3120::3
3.125.67.51
3.160.150.71
01bedcc7cfec99eca6ef73f365ac55be9a5be5fe4e96e715b890161e94f17058
038bd21e20a795956bc2d76c39c26c38247beb41cb859a05aaea1c76e027ebae
03df2760c74b699fcd718a2651cfaa549ca25c3b11b893522f1a66627e025d12
066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
10053a3d688e1bdecacbb024e433e2b418171851bd9fac1482232c11d24abe6d
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
16e665c3ab8d60d214580dbdce0cd84d27cdad903593a86574d230efe90c4952
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700
24dec5c4cec131b7d75edd8e219658439ec5a9eef27a6d4f809bed94e0309307
25068766bea3ae98004f63d12d9145633c4916f32ce252431ac10406725dbd74
260e4771cc906f3b2b193a6bb4557b50c44ff7a433603e59f13f464b4d16e913
2866e98ae386469948188b57264807622938fd4c2f1a251b93473669c03497b1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b5c6fefbc9cf825ebc533e5debfff5fb482c831e783d79198f1c1b6946fcce2
2e0c66741dfec2c3002fe92915499f6808da0a9ce99d34916bd9e7883d0f8074
2eaa199e6df93b23ab22115fbad4827a7e9c5d6378a31a8e22af6afd1c96d6d7
30899df5473a47171d0e3d8d81bfbfcd35545bdfb60a1d392cead5173176c524
30eba624890629f7fb30b4fc8a361b0dc3a7b161e9acf0330d2ac47bbf1006c3
31b9a64530ca997b6bcc15ed933a677acb8659fd3d75c6f54736657bbf69c18e
32e593a2d68a24dda32f9c841233d5ac706fc575f582350fe26e043ff7bb1783
3442ff60c2a33c78c7b8a655b78d1ab757c6122a5cbfe9b84473f073805c709c
34d0c43ac6f03c6acee53f2edc211517edc33a6f1ef06ececc83d6eca33c608c
360c9f47a8921f43a619625052723d99b67934a270ece305e3bc88c5aa63fefb
37c4d42a8f29914f3ed4644b091eb50f5f32d6fc8a2f5d3518312d4d9c9b140b
3a05703fc249f3bf3f44cb427cfbfbd8460c05692880495ef7f62db393218156
3caea22bb39112951c5f10b8c6b94149f08e48dcbe3b23619adf6a02bc8e2da7
3d49b5d25b23f62d9db04b5bfb11a3aa5d443eb278eb55c2cbdd8da81c64523a
40c5a3816b27d87a187ffaabaef1a4d162f5510c51215f77da2ec281aaa2060a
4200e8df2c5f52c2bf9bd2f41ed424edd48c54b7534071a9e61f5ee4602b742f
42e3aa6d662901ad9a1a467a06d2ea7514451ad93b1fda75bc093374aba78290
432eb81d99e6c7f947e6e9f30ca98503157b92ae8fdf6e21a2da6ea143fbf3f9
47d53c7654bf85895f424edda6336e994b0b9b3443888e99f165f1abe38a72da
4afb07a576ad56e9e95c56167d9334061db42900677bef2585a33df4d4e28aba
4c5678900f0f88c5dfb67f87964f0c33ece8410d18647b01eb3af7b1fbdc919f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
504cdc43edb516a59d200b35148a0cd2a3dbbf912ff0e3ec30fd42b7db0dbe7f
505a070253d4108b2d55075c7934f5d356a4175950b8545d2e2b44903e02b2bf
50af957b9bedb343bf0cea4f4dc08b16aef7861d2890324adea73189105cd978
512a89fdc2c43dda1abf995d77a6b6514f8f9302fe7bb7a7ade16a78f777b495
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53dafb4367a33b2820ed9853df7b1eb6d8ef90cdf39c1cb8d1644aafe70f05da
5473248018f348cf42cd64f7768873a9b3deac3ca579e8c3a9d69feb0a4deb3b
54dcb0e0976f619ba0dfcb7889af3b181efcfaa62278c69328209482df7d76e7
57fbea68c1971609fc617837e19f64f8f6edd3b8be46a5e5d4f0be8d4810074e
596a57cc128dd8f281e11250bce08d84bdab06c01c18b8f6a8dbab8603c3586e
5ad9bd21fb6717d406acb28c063cb8ff0969564cb1c3cf5089496f2ea4f0fbb1
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5cd160f0761224389d0794a6ba6838ba8c260a15bb32ab82d20e8d8cddaf849b
6165e152a8800f0fac70adf9d459535cee60a2fb561c98f87db892d973c911e8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
647f9f85c5c0cbe0e6cc412225e043fc7abe5227cd1f148e39cb4ae560fb148a
65d43fc1d47bdab6bb9a4f5add734f8b9d059f9e773c431a350b3804bfe38a7f
6693155d4b1f9d88694cfb144cf859a2bc16e36785c5788b28d8c0ecfcf777a4
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a
68e41b1cf2b6d00eedaa9ec57a7311a481d2bc03b8665bf44f3580943ea8a11a
69f79be09493ab770873062c44d3b97e1d53d314dfe85b077e2faf8581d71bd6
6b5ce146cf7116f0e2e74140e77f6c385e3b54ee6433182910fcff4e96c32d65
6e43a51b5fa30a1b48aa577fab5da41d16a14d0db67354406abb9d1b961554ff
70619499e4709f4bc53d884a45e4895660c497295228bc928ae17ae694494c48
716cb523fa841c30059a51fb52757884a4e5ddaaf9fdd33bd4fe4b6561421fe0
72dab8d6edb1639e61c4ff09a24320a00ea663afb9798941973c4485ef7c5b99
730de339594b17e3cba31040288d5e953aafed22725f8f0b4749840534029cc8
744267d0ad832cbc545f4f9bd5cecd0cf51a0ed600fcca68883255dd0fc55591
754eb49a3151007ffe99db087e166fc6637651c12f614ac8696fbe76e7dca78e
77caa92f758f70c4f5953180bba818d10ace096b8ceeb84a0e0bdc86c2fc5fd4
78fbbffad8fe3133860095eb3648454c538d8343c106df9da38c0255c233457a
7c871426651de16741adb14ea7c7aa77c410448073cc74e7b16b2f936c4e7b27
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7f376f46de13c0af330a87d2dbb0a5b813b67c0407ad029443a4479dda3161bb
8352b5b204ffd4c0f6946891dc9210b0973c001401e74f8f84d850d42e601726
85d485761935ccf68befc32cb4c588f97285a10a92b32178664c5d280ccfd920
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8bb57fcb37c5f411c45ac7ceef54cebe0e8550e0f766052e6f001b64f279f3ce
8e892abe50ed16e75c82c51e2cc36225d953d292aee2dcd59e5f6860141c858a
954989d286e6e975f3089ef864155bb2f712c53dd06423242f341a021b4d3d2a
957486c418eb0c542d12cebe31d8254367779c999283e0eae6f2903952d2eff4
98496a884fd063ea8c90a862cee44986f6c945b33748f5967a775f01a65fd570
98c36043157373d9ff8f3aad96bd05f08df06b107d2ee71da9e9a3e2fe183e55
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
9d99c72f264d18c9d1662da5ef0a404172f8a33ace805ce8ce424f4b52f9629d
9f83d55dba8d6d1b574e5c34d4bca4548520c8fdaefcf860f44af33ca0258b11
a0008eb2109ddfca588c1a7a7f4e68bfc3aa1462c894d05f885c3be21e12e4be
a08b7967aad3133f6145ee859da1fc29692364cc0290af7f817c0b65913f7d5b
a0a9b15064788b4a98a78f6dc12eddec7b627595562772089a1fd8ce440800e7
a1a32b50a5ec5ad816d7064d3d4b4f1c90ef19bb9e922dd50838b3928afc6959
a26e6e117c00f30f956ccd72eb6af343ca68e42e10be4800ccbfe8abf96d32df
a3c900b1f74a688dce1d47b538040ea7c8b243ae8a3e25de58482041b6feb2b8
a563a42417b2bc1412e49c2a1a9869e2bff6627fd8837f4b94c76467d73c3455
a691468e970cac9f9836fedbbe894e916274583e6c408e6c1a89b1538045b8da
b352e35f5413292120165ce13962b3cead65738da4191b43286c6592d81e3a9e
b6e0bf7b6d87987a4fbd7f7bf0db15df86a74d29f6f2e13a143fd70e3c55bd8f
b70a04021a3f9480dc011187d452eea36d8a0d1f21105ced71a2a3d7002f00f8
b859b5fb3c5558944bbb1a8a7114ad85a435a1e095d93dbf07b237f75b113b53
b8a2eb068a42de22eee0dfb6173e802bbdb065b2cbe08c926952d8f11a22dd4f
b9dfd7a853a9d42138bc745b5a1800a844b892379cdc8a707040c0d40a8c0e72
ba502317dc356ef143de5cd60838339f7dc5f235d5441b9fb5eb4c15855c6f69
be00acd81a3ba28b6c2898ef13313731e9f86c858b51ea198b7ef5045d94e709
bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0
c1438b7405eba426d534e4fb05a5dac264bc2d6b4e9cd05f7b8af32d225170ce
c1b0f6dee1e2b4b439e62daffe536db30431a1ca3d0628aa134b6ed7d689b91b
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f
c69f5786e5a533373cb05708984f7a43045904d333bcbb50fb754659eaeddef4
c946c4a4f654d511da76e9710ad22adc8fe9b5e9f424b14ce4a2265923c98802
cb2c9015a07685f5df9721d1972ae0c1993e006800b2ef8ec184b846b279ab9d
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ce5a12910ffe5ef0556412f2e8c73ed6a64fe175e2e8b48cbb5931fab972bcaa
ced73105b8c80263212281c50d91cc99b3d427222ae87c7188885cd3180ff9f3
dbdfb44cd8a911025f96494e5ff654c7fdeec4523d6183494fda451cdb56f84f
dc61af77cc90e826ea655c43ef6ff9e28bd219e02ce269c60ddb4dc57ca741dd
dcaf5adf797ec8317801b74304fbd846ef7022895c5fe7389791ce35fec2dd60
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6b5504b54eb2d7b6e99f3aba5eb18dbb0640046b4a9c574e0852cf7e95144b
dea3c2d66b0679ee2db67a21c0a434f3e14d6ac8a2af06877a711151fc32b56d
df2dbe77839fc3cb86552ed81b59456e25e95c65882976aa5fa7280e2f734f3a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a9544e336f963d2f5dca65c17d3796d92c6c6053dd6b027ec9bcf8b04049de
e662e2854b0cd00a2713a2787b600c69dd1f9ce1e5d8ef42289fa7b65d24eed4
e81837265f98480548069579efc5dec26c270ed8a50ccd06e2b6e816afaea437
e8a700630a179fb4e70f040a3dcb2334833dce7788f25a09f64542557615d41e
ecf56fbeca3f7453d1ef1ddbeb5648b38a139f16093b25bbbda8fdb24ed460c8
ee243c73addc0685d8bf52fe27cf4483488a8445f727e1cd4ddc3bd0fda866f1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f55c1dbc04d02e68da4ad12c1b703a08b9582e56154f5d18ee1ff792cf0648a0
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f678ed2950ff009ba4f69d27138a40f8e926a177618583a04195774cb2ffc0c6
f7e7f1784cf963a19aa1552cf8ba4472d950dafcd2a29fb16cc705db79c5c0c5
f8b0220980de4339ca04d32bc5656435847fecb3a47f2eac38e33277e18eddc8
f8ed2e4e6bc7d75dc8dab7d97ad92e7a611d82ff93d8692535fa9466ab3a3591
fa8d490fd9b2d65029f9c3ffd4e5fc299fbb9e4e3106c03adf81d24e9973d378
fc609c8f86bcf6bdcdbb981b7cd50421337712a899c0e0ab721d152406245314
fd5c4d4e3186be223982c62b5d308bf3262f0c10ade2664226ff9122a7025b96
fd6b81946cf97fffc256aef482c1bc4229275277b2b7d212df2a9ee681ae9833

cqty1.bhuefbfrvbn.workers.dev Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

209 Requests

96 %HTTPS

47 %IPv6

19 Domains

27 Subdomains

32 IPs

6 Countries

6404 kBTransfer

12923 kBSize

7 Cookies

67 Outgoing links

Redirected requests

209 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cqty1.bhuefbfrvbn.workers.dev Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

209
Requests

96 %
HTTPS

47 %
IPv6

19
Domains

27
Subdomains

32
IPs

6
Countries

6404 kB
Transfer

12923 kB
Size

7
Cookies

209 HTTP transactions
11 data transactions