bul.medicaldevicetrend.com Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Submission: On August 21 via manual (August 21st 2022, 3:33:51 pm UTC) from BG — Scanned from NL

Summary HTTP 160 Redirects Links 39 Behaviour Indicators

Summary

This website contacted 50 IPs in 10 countries across 43 domains to perform 160 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is bul.medicaldevicetrend.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 25th 2022. Valid for: a year.

This is the only time bul.medicaldevicetrend.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:21f... 2600:9000:21f3:2600:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	185.177.92.29 185.177.92.29	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	188.166.100.156 188.166.100.156	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	45.133.44.24 45.133.44.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
7	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
5	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
1	199.36.158.100 199.36.158.100	54113 (FASTLY) (FASTLY)
6	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
2	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 8	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 4	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	23.88.85.6 23.88.85.6	24940 (HETZNER-AS) (HETZNER-AS)
2	45.133.44.25 45.133.44.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
10	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2 5	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	46.4.10.49 46.4.10.49	24940 (HETZNER-AS) (HETZNER-AS)
1 4	88.99.165.19 88.99.165.19	24940 (HETZNER-AS) (HETZNER-AS)
1	85.114.131.233 85.114.131.233	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2.21.184.247 2.21.184.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
1	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	50.31.142.63 50.31.142.63	23352 (SERVERCEN...) (SERVERCENTRAL)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	52.17.75.86 52.17.75.86	16509 (AMAZON-02) (AMAZON-02)
1	72.251.241.196 72.251.241.196	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	2606:4700::68... 2606:4700::6812:c4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
160	50

20 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

bul.medicaldevicetrend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
medicaldevicetrend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.medicaldevicetrend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:2600:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.177.92.29 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-92-29.ah-server.com

havanese.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.166.100.156 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

cst.wpu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.133.44.24 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cst.cstwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f3256a8395.ad1f574e38.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

i.ergonengineering.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
medicaldevicetrend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:890::100 (United States)

ASN54113 (FASTLY, US)

site2text-2021.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.36.158.100 (United States)

ASN54113 (FASTLY, US)

faq.worldtourismgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.18.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.211.116 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.88.85.6 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.6.85.88.23.clients.your-server.de

fp.metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.25 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpshsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.10.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.99.165.19 (Magdeburg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de

hal900028.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.131.233 (Waldshut-Tiengen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21037.dus4.fastwebserver.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.184.247 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-184-247.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.151.131 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.31.142.63 (Lincolnwood, United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.75.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-75-86.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.196 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:c4c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	214 KB
21	medicaldevicetrend.com bul.medicaldevicetrend.com medicaldevicetrend.com i.medicaldevicetrend.com	693 KB
18	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 static.doubleclick.net — Cisco Umbrella Rank: 398 cm.g.doubleclick.net — Cisco Umbrella Rank: 214	231 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	130 KB
9	casalemedia.com 3 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 539 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456	10 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 113	786 KB
7	zx-adnet.com cdn.zx-adnet.com — Cisco Umbrella Rank: 185549	134 KB
6	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 230 acdn.adnxs.com — Cisco Umbrella Rank: 604 secure.adnxs.com — Cisco Umbrella Rank: 463	21 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54 jnn-pa.googleapis.com — Cisco Umbrella Rank: 306	32 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 44819 hal900028.redintelligence.net — Cisco Umbrella Rank: 393854	10 KB
5	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 9 adservice.google.com — Cisco Umbrella Rank: 88	16 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 407 mug.criteo.com — Cisco Umbrella Rank: 2790	1 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3880	73 KB
4	ergonengineering.com i.ergonengineering.com
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 282	1 KB
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 594 cdn.indexww.com — Cisco Umbrella Rank: 1405	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	87 KB
2	metricswpsh.com fp.metricswpsh.com — Cisco Umbrella Rank: 32099	379 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2218	24 KB
2	adform.net adx.adform.net — Cisco Umbrella Rank: 3944	416 B
2	wpadmngr.com js.wpadmngr.com — Cisco Umbrella Rank: 28639	31 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9849	1 KB
2	optad360.io get.optad360.io — Cisco Umbrella Rank: 27697	549 KB
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1500	408 B
1	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 201
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 792	425 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 572	317 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 371	265 B
1	contentspread.net cdn.contentspread.net — Cisco Umbrella Rank: 86408	64 KB
1	wpushsdk.com js.wpushsdk.com — Cisco Umbrella Rank: 49807	13 KB
1	wpshsdk.com js.wpshsdk.com — Cisco Umbrella Rank: 20343	21 KB
1	ad1f574e38.com f3256a8395.ad1f574e38.com	207 B
1	google.nl adservice.google.nl — Cisco Umbrella Rank: 14414	792 B
1	nawpush.com na.nawpush.com — Cisco Umbrella Rank: 51647	803 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 133	202 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 256	4 KB
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6497	188 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 422	1 KB
1	worldtourismgroup.com faq.worldtourismgroup.com	621 B
1	web.app site2text-2021.web.app — Cisco Umbrella Rank: 376859	432 B
1	cstwpush.com cst.cstwpush.com — Cisco Umbrella Rank: 257989	863 B
1	wpu.sh 1 redirects cst.wpu.sh — Cisco Umbrella Rank: 659236	97 B
1	havanese.top havanese.top — Cisco Umbrella Rank: 364270	19 KB
160	43

	Domain	Requested by
17	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com bul.medicaldevicetrend.com e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com googleads.g.doubleclick.net
11	i.medicaldevicetrend.com	bul.medicaldevicetrend.com
10	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
9	www.youtube.com	bul.medicaldevicetrend.com www.youtube.com
9	medicaldevicetrend.com	bul.medicaldevicetrend.com medicaldevicetrend.com
8	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
7	cdn.zx-adnet.com	bul.medicaldevicetrend.com cdn.zx-adnet.com
6	googleads.g.doubleclick.net	1 redirects www.youtube.com e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com bul.medicaldevicetrend.com
6	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net bul.medicaldevicetrend.com
5	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
4	hal900028.redintelligence.net	1 redirects e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com hal900028.redintelligence.net
4	www.google.com	1 redirects www.youtube.com bul.medicaldevicetrend.com tpc.googlesyndication.com
4	jnn-pa.googleapis.com	www.youtube.com
4	ib.adnxs.com	1 redirects get.optad360.io acdn.adnxs.com
4	mc.yandex.ru	1 redirects bul.medicaldevicetrend.com
4	i.ergonengineering.com	bul.medicaldevicetrend.com
3	e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	www.googletagservices.com	e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com
2	fp.metricswpsh.com	js.wpadmngr.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	script.4dex.io	get.optad360.io script.4dex.io
2	adx.adform.net	get.optad360.io
2	js.wpadmngr.com	cst.wpu.sh js.wpadmngr.com
2	counter.yadro.ru	1 redirects bul.medicaldevicetrend.com
2	fonts.googleapis.com	bul.medicaldevicetrend.com tpc.googlesyndication.com
2	get.optad360.io	bul.medicaldevicetrend.com get.optad360.io
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	dpm.demdex.net	ssum-sec.casalemedia.com
1	ad.turn.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	secure.adnxs.com	ssum-sec.casalemedia.com
1	match.adsrvr.org	ssum-sec.casalemedia.com
1	ssum-sec.casalemedia.com	js-sec.indexww.com
1	acdn.adnxs.com	get.optad360.io
1	js-sec.indexww.com	get.optad360.io
1	cdn.contentspread.net	hal900028.redintelligence.net
1	hal9000.redintelligence.net	e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com
1	js.wpushsdk.com	js.wpadmngr.com
1	js.wpshsdk.com	js.wpadmngr.com
1	f3256a8395.ad1f574e38.com	js.wpadmngr.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.nl	securepubads.g.doubleclick.net
1	na.nawpush.com	js.wpadmngr.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	prebid-eu.creativecdn.com	get.optad360.io
1	htlb.casalemedia.com	get.optad360.io
1	cdn.jsdelivr.net	get.optad360.io
1	static.doubleclick.net	www.youtube.com
1	faq.worldtourismgroup.com	cdn.zx-adnet.com
1	site2text-2021.web.app	bul.medicaldevicetrend.com
1	cst.cstwpush.com	bul.medicaldevicetrend.com
1	cst.wpu.sh	1 redirects
1	havanese.top	bul.medicaldevicetrend.com
1	bul.medicaldevicetrend.com
160	60

This site contains links to these domains. Also see Links.

Domain
medicaldevicetrend.com
ara.medicaldevicetrend.com
lang-cze.medicaldevicetrend.com
lang-dan.medicaldevicetrend.com
lang-ger.medicaldevicetrend.com
lang-gre.medicaldevicetrend.com
en.medicaldevicetrend.com
es.medicaldevicetrend.com
est.medicaldevicetrend.com
lang-fin.medicaldevicetrend.com
fr.medicaldevicetrend.com
lang-hin.medicaldevicetrend.com
hrv.medicaldevicetrend.com
hun.medicaldevicetrend.com
lang-ita.medicaldevicetrend.com
lang-heb.medicaldevicetrend.com
lang-jpn.medicaldevicetrend.com
lang-kor.medicaldevicetrend.com
lit.medicaldevicetrend.com
lang-lav.medicaldevicetrend.com
dut.medicaldevicetrend.com
lang-nor.medicaldevicetrend.com
lang-pol.medicaldevicetrend.com
lang-por.medicaldevicetrend.com
rum.medicaldevicetrend.com
lang-ru.medicaldevicetrend.com
lang-slo.medicaldevicetrend.com
slv.medicaldevicetrend.com
lang-srp.medicaldevicetrend.com
lang-swe.medicaldevicetrend.com
lang-tha.medicaldevicetrend.com
tur.medicaldevicetrend.com
ukr.medicaldevicetrend.com
lang-vie.medicaldevicetrend.com
ben.medicaldevicetrend.com
lang-cat.medicaldevicetrend.com
tam.medicaldevicetrend.com
urd.medicaldevicetrend.com
chi.medicaldevicetrend.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-25` - `2023-05-25`	a year	crt.sh
*.optad360.io Amazon	`2021-11-17` - `2022-12-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
havanese.top R3	`2022-08-20` - `2022-11-18`	3 months	crt.sh
www.emilnichita.com GTS CA 1D4	`2022-07-22` - `2022-10-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
web.app GTS CA 1D4	`2022-08-12` - `2022-11-10`	3 months	crt.sh
qdd.itdd.app GTS CA 1D4	`2022-07-04` - `2022-10-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
js.wpadmngr.com R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-21` - `2023-04-22`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
na.nawpush.com R3	`2022-08-05` - `2022-11-03`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
notification.tubecup.net R3	`2022-06-20` - `2022-09-18`	3 months	crt.sh
f3256a8395.ad1f574e38.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
js.wpshsdk.com R3	`2022-07-25` - `2022-10-23`	3 months	crt.sh
js.wpushsdk.com R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
redintelligence.net R3	`2022-08-02` - `2022-10-31`	3 months	crt.sh
contentspread.net R3	`2022-08-05` - `2022-11-03`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Frame ID: A2A54968C8B7E8C42A7CFC657E453E93
Requests: 75 HTTP requests in this frame

Frame: https://www.youtube.com/embed/HpX8PRpR6oA
Frame ID: 1F398A19BE9C8D15E76BD55227411D65
Requests: 21 HTTP requests in this frame

Frame: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 85A3F2C3CC4D15D8EE069E0E9D6F358B
Requests: 1 HTTP requests in this frame

Frame: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7C76602B01E946DA57429A3C439D542C
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E435F3E67C4D64E50D7C6E2FA933C0C2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 06EDA09DA36972BB78F1FDA6A51842BC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6503174388452047475/index.html
Frame ID: 58F64CB8F07F81121450D4524A03A991
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6A90EB1C0A498FED2C42F4E9C62885EE
Requests: 2 HTTP requests in this frame

Frame: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2CC6AB4525CEA31023431E851D9CCECB
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1au1PTAB&v=APEucNU522SWFqF4JyEd7qgg9xbRtHOFNuFtGqofDlMa5d06-OJsTJZzk37xRjOXsktH0AdKRzCNr_5WEMuPSaogoBwNavI2KVREM5Wnie-vBdABFXgBGWnu7P0dscW6DoAppDxztuLd4iEGQF1yTBq1JjPwdO572NV4rUUojPw-Qvg75B4fOLALay19i34pAMpAqf6PYjMc2oUuo2ioitQ8QmQJynZRI7hpSljEKcfdvqYxuxSTi7IzCKWeuIjoAFOaQJG9Ix_xqWLP-ydfy1UVOX5EVmlCY3qMP4yYzgTYT4erhUKB8G6-0xIhxwWiG_TI9yA5xrIcjhxwkMqKYzGLFM8LRvg_ELUkUjV-GDZ61ZOkF0ntIeDQ486-WHhmLvceepKlHAaj6U33gBxdd6OG4hxxqoClDYzqw2xfLGnYIRqjcj_F-4l3-r-XX1b0s531UV0LfCnpCfQjYY99o28q17YxpmKQTur7EHetjEv3Jc9ZoRcj9EchSRDAZzNmOVPeDY1nJDHkChcCrJy0c-wDBRTC5xbJ3dH9ceh1xCtwR8Yl50bGAiO_E08kA4lWuflfqr1-RATxYbIkS67OoCHXdpIOSLFDpv1FZ_RiTT5ELFWGz_VCn88ofyEXjiyhUqQIp_8Dl__imp646wE7a2uc269zmQtWH9Hekz493rr5AO8or6q8xQ2_g78fo-r8SW-qhgWaB_L8sRZkle-6JnMQaTjgbEhdecLjW_XL47PvlmirzVA_1EyfeExwKiVY4TzrofJLAZe6oNnAH4aSzYd0BoOeVw0D6JiY81_JVtl9EjFFN9Su3jw_sbOxIncyylt0eYdtQlO0VlhwDfUONjIkf-vDOkV-82VVfCp0svxt5_TntDB_c20eCKBCCUDbnkiDmV9xRx5rBvE7UYFhybZarlAgeeV2NOBFVOOKLVfQaacfGBaYOCEFjbMk49sTmQ_VXRhYiL9jtRGWq7jKs7bvbY2zTKMUhwEB1hTeMG0R0OUlOngH3nyNUtNs7TOAvhqoH8cj4GjfavianVW43VyzswbePT7D_A
Frame ID: 4F0FF74A50A8773DCCDFAAE75923FE1B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 90BB0660486B79F7C7215B3C05ACF4E2
Requests: 3 HTTP requests in this frame

Frame: https://hal900028.redintelligence.net/request_content.php?s=48356900098905600719612012058028&a=0fa9a68a
Frame ID: FDCFAF384A0DAC9694E938E2078878E6
Requests: 4 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2FE41311C4658F8C64C8CD3511C1440F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7B17A12BF86A09F22C64613E396B61C2
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbul.medicaldevicetrend.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 157276C7E68CD3F732678CE29C8D0FFC
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Излиза ли сперма по време на еякулация, може ли все пак да ви забременее?

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

160
Requests

93 %
HTTPS

44 %
IPv6

43
Domains

60
Subdomains

50
IPs

10
Countries

3362 kB
Transfer

8227 kB
Size

32
Cookies

39 Outgoing links

These are links going to different origins than the main page.

URL: https://medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://ara.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://lang-cze.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://lang-dan.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://lang-ger.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://lang-gre.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://en.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://es.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://est.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://lang-fin.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://fr.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://lang-hin.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://hrv.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://hun.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://lang-ita.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://lang-heb.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://lang-jpn.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://lang-kor.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://lit.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://lang-lav.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://dut.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://lang-nor.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://lang-pol.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://lang-por.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://rum.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://lang-ru.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://lang-slo.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://slv.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://lang-srp.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://lang-swe.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://lang-tha.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://tur.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://ukr.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://lang-vie.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://ben.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://lang-cat.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://tam.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://urd.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

URL: https://chi.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://cst.wpu.sh/static/adManager.js HTTP 301
https://cst.cstwpush.com/static/adManager.js

Request Chain 36

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627;0.3996858978008391 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627;0.3996858978008391

Request Chain 54

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 74

https://mc.yandex.ru/watch/55098856?wmode=7&page-url=https%3A%2F%2Fbul.medicaldevicetrend.com%2Fair-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetv2v3mdqom1a0%3Afp%3A520%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A36050961972%3Ahid%3A117789390%3Az%3A0%3Ai%3A20220821153345%3Aet%3A1661096026%3Ac%3A1%3Arn%3A17961103%3Arqn%3A1%3Au%3A1661096026515814193%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661096024548%3Ads%3A379%2C46%2C63%2C1%2C%2C0%2C%2C166%2C0%2C%2C%2C%2C656%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661096026%3At%3A%D0%98%D0%B7%D0%BB%D0%B8%D0%B7%D0%B0%20%D0%BB%D0%B8%20%D1%81%D0%BF%D0%B5%D1%80%D0%BC%D0%B0%20%D0%BF%D0%BE%20%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%20%D0%BD%D0%B0%20%D0%B5%D1%8F%D0%BA%D1%83%D0%BB%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%BC%D0%BE%D0%B6%D0%B5%20%D0%BB%D0%B8%20%D0%B2%D1%81%D0%B5%20%D0%BF%D0%B0%D0%BA%20%D0%B4%D0%B0%20%D0%B2%D0%B8%20%D0%B7%D0%B0%D0%B1%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%B5%D0%B5%3F&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/55098856/1?wmode=7&page-url=https%3A%2F%2Fbul.medicaldevicetrend.com%2Fair-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetv2v3mdqom1a0%3Afp%3A520%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A36050961972%3Ahid%3A117789390%3Az%3A0%3Ai%3A20220821153345%3Aet%3A1661096026%3Ac%3A1%3Arn%3A17961103%3Arqn%3A1%3Au%3A1661096026515814193%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661096024548%3Ads%3A379%2C46%2C63%2C1%2C%2C0%2C%2C166%2C0%2C%2C%2C%2C656%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661096026%3At%3A%D0%98%D0%B7%D0%BB%D0%B8%D0%B7%D0%B0%20%D0%BB%D0%B8%20%D1%81%D0%BF%D0%B5%D1%80%D0%BC%D0%B0%20%D0%BF%D0%BE%20%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%20%D0%BD%D0%B0%20%D0%B5%D1%8F%D0%BA%D1%83%D0%BB%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%BC%D0%BE%D0%B6%D0%B5%20%D0%BB%D0%B8%20%D0%B2%D1%81%D0%B5%20%D0%BF%D0%B0%D0%BA%20%D0%B4%D0%B0%20%D0%B2%D0%B8%20%D0%B7%D0%B0%D0%B1%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%B5%D0%B5%3F&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 115

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=1&gdpr_consent=CPeFyN_PeFyN_AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~494.1810.1092.1031.1725.1290.89.2253.1577.326.495.1365.1570.1419.574.272.1721.2109.2357.2526.2373.2677.259.144.162.108.338.482.1449.241.1201.93.733.1211.1564.1186.323.981.1276.122.1301.938.449.1215.1765.2628.1651.3052.2072.540.817.1716.2985.587.864.1033.2575.3154.2316.1097.1230.1870.486.317.867.1205.1712.2571.1127.311.70.1929.2177.149.167.1591.491.2202.196.1415.1842.2299.1051.1558.1878.839.1364.415.1889.440.2572 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELDMWEYRLIPOILGrPmpP8EQ&google_cver=1&gdpr=1&gdpr_consent=CPeFyN_PeFyN_AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~494.1810.1092.1031.1725.1290.89.2253.1577.326.495.1365.1570.1419.574.272.1721.2109.2357.2526.2373.2677.259.144.162.108.338.482.1449.241.1201.93.733.1211.1564.1186.323.981.1276.122.1301.938.449.1215.1765.2628.1651.3052.2072.540.817.1716.2985.587.864.1033.2575.3154.2316.1097.1230.1870.486.317.867.1205.1712.2571.1127.311.70.1929.2177.149.167.1591.491.2202.196.1415.1842.2299.1051.1558.1878.839.1364.415.1889.440.2572 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELDMWEYRLIPOILGrPmpP8EQ&google_cver=1&gdpr=1&gdpr_consent=CPeFyN_PeFyN_AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1%7E494.1810.1092.1031.1725.1290.89.2253.1577.326.495.1365.1570.1419.574.272.1721.2109.2357.2526.2373.2677.259.144.162.108.338.482.1449.241.1201.93.733.1211.1564.1186.323.981.1276.122.1301.938.449.1215.1765.2628.1651.3052.2072.540.817.1716.2985.587.864.1033.2575.3154.2316.1097.1230.1870.486.317.867.1205.1712.2571.1127.311.70.1929.2177.149.167.1591.491.2202.196.1415.1842.2299.1051.1558.1878.839.1364.415.1889.440.2572&C=1

Request Chain 131

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=1&gdpr_consent=CPeFyN_PeFyN_AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~494.1810.1092.1031.1725.1290.89.2253.1577.326.495.1365.1570.1419.574.272.1721.2109.2357.2526.2373.2677.259.144.162.108.338.482.1449.241.1201.93.733.1211.1564.1186.323.981.1276.122.1301.938.449.1215.1765.2628.1651.3052.2072.540.817.1716.2985.587.864.1033.2575.3154.2316.1097.1230.1870.486.317.867.1205.1712.2571.1127.311.70.1929.2177.149.167.1591.491.2202.196.1415.1842.2299.1051.1558.1878.839.1364.415.1889.440.2572&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?addtl_consent=1~494.1810.1092.1031.1725.1290.89.2253.1577.326.495.1365.1570.1419.574.272.1721.2109.2357.2526.2373.2677.259.144.162.108.338.482.1449.241.1201.93.733.1211.1564.1186.323.981.1276.122.1301.938.449.1215.1765.2628.1651.3052.2072.540.817.1716.2985.587.864.1033.2575.3154.2316.1097.1230.1870.486.317.867.1205.1712.2571.1127.311.70.1929.2177.149.167.1591.491.2202.196.1415.1842.2299.1051.1558.1878.839.1364.415.1889.440.2572&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3DCPeFyN_PeFyN_AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=1&gdpr_consent=CPeFyN_PeFyN_AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&gdpr_consent=CPeFyN_PeFyN_AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwJQW.Z0Z2odlmvsfjXvSgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELDMWEYRLIPOILGrPmpP8EQ&google_cver=1&gdpr=1&gdpr_consent=CPeFyN_PeFyN_AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&google_hm=2

Request Chain 133

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcxMjIzNzE4MzQxNTE4MDc1NA%3D%3D

Request Chain 139

https://hal900028.redintelligence.net/request.php?zone=e990ea7qnd46&nw=20&renderingType=javascript&namespace=8de4719fb8&subid=&uid=807e4e2547d45922&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=750x200&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5GPVWlACY6j4Go2FjuwP5cG02AqfrdnLZ73rvJSKC_AuEAEgqoDDImCRBMgBCakCALYDUSLXsD6oAwGqBPIBT9Ce5iqAoUbU43XQG1117G08UhVV6W9tKhUH2DAJnaoGX2ySv3o2vomWAJSMplDacA9s-4NDtPU1hhdW-WkeNdNWYyUuAKh1JdDC5xhdFbMEVVWxABfB8hGJKGtczu0wz8X2do1cfuitWTAE1xhhZMKVWCBaaZ23DMIi-bECl1Bu1aQVU-x4hIajEPLd0uXlaElBNsbFtMxiHCazsCcheb0P8gjQs1PGuh4m2GN1IysNzCi7JhMRQN9T9uncmtMXZw-IQk1g95ISJlzKAa4KE1_VkTfiaQBDnnp8Pb0OyE7PSVSB-IyPZxBuWaaM69rjpUXABNvzvffUAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBIIgOGAEBABGB0yAqoCOgOAwAPyCBthZHgtc3Vic3luLTM2NDEyMDMxODg1NjgyODiACgOYCwHICwGADAGwE8LL5A3QEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLQCsnQUx4s-F5sV3SyASKsLuzZvKvxe0BWSxwmDPlpBTImizPlec3i8F_vJVFQ%26sig%3DAOD64_23WEBVzU9BdzodRO-gbjksMC9PCQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CRkUmX7rnKz3ZKGLm90k_hBHYBe7OOQlBBdKJRbX6LZgEZndlCz04LAUMvZWV0kmN8m95nEysaK415yzvbQcKvKJcNZy6b9TUnfFQQyGSjTOya4bMJ3iTLraZLHqRFT0MlTbezg9bCm8h3xV3rsYOqshM__g%26cry%3D1%26dbm_d%3DAKAmf-CCRPeG1hjQ8X5wyJ4oqFdhjC9GS1-naBaj4m0GG0ZD459wrcCITJ1B7VnuetpXXuTjDLpuGiBaadUFE2sBzRoQZ4Gj_nfYXDJw2EhOV7FEpe0fiCtPuKvKHTIaucrcPpUsgKYJKDNmtyFCAHJctWERt7N8hi03jEnurSdZ_bzSkgU6KqA6Ro3C8LxqavEW-jnOxsoAbQC3m0pt4hRvxsjESzPglUPA1ZzFXZeoQVb1ecEErfON_xlrHzcOWcGSqldr5c8Z4IBK4ePVD55mdgDrrTkz13lSf4yxfXr4y7ldPugvOY_BribRiv8uWQfUEYEz2iGlutt6rfbqgrOK0DF1QRpsnRoPHZ-Fa1Ng5wBswr3tWqsvx6zr2yfNrZzAXDCQ1h1MIoArLZIOZ5YlV40z9Rm8sLpoWLr9-5-6X5eNb42wcMbyxBvvYspoppiLSFPhFRQdfN1vA2ZXIrh2gb1HApDnlDLhd0OtGxC3P1AA0eLrYIl_8dssvt6pbLxaWReI1FbegQVOsrcXl17PQK0iV7kA6kS8BhiJ80-p_tv_OFpGUK4%26adurl%3D&documentReferer=https%3A%2F%2Fbul.medicaldevicetrend.com%2F&ancestorOrigins=https%3A%2F%2Fbul.medicaldevicetrend.com&random=1243599793735&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900028.redintelligence.net/request.php?zone=e990ea7qnd46&nw=20&renderingType=javascript&namespace=8de4719fb8&subid=&uid=807e4e2547d45922&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=750x200&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5GPVWlACY6j4Go2FjuwP5cG02AqfrdnLZ73rvJSKC_AuEAEgqoDDImCRBMgBCakCALYDUSLXsD6oAwGqBPIBT9Ce5iqAoUbU43XQG1117G08UhVV6W9tKhUH2DAJnaoGX2ySv3o2vomWAJSMplDacA9s-4NDtPU1hhdW-WkeNdNWYyUuAKh1JdDC5xhdFbMEVVWxABfB8hGJKGtczu0wz8X2do1cfuitWTAE1xhhZMKVWCBaaZ23DMIi-bECl1Bu1aQVU-x4hIajEPLd0uXlaElBNsbFtMxiHCazsCcheb0P8gjQs1PGuh4m2GN1IysNzCi7JhMRQN9T9uncmtMXZw-IQk1g95ISJlzKAa4KE1_VkTfiaQBDnnp8Pb0OyE7PSVSB-IyPZxBuWaaM69rjpUXABNvzvffUAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBIIgOGAEBABGB0yAqoCOgOAwAPyCBthZHgtc3Vic3luLTM2NDEyMDMxODg1NjgyODiACgOYCwHICwGADAGwE8LL5A3QEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLQCsnQUx4s-F5sV3SyASKsLuzZvKvxe0BWSxwmDPlpBTImizPlec3i8F_vJVFQ%26sig%3DAOD64_23WEBVzU9BdzodRO-gbjksMC9PCQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CRkUmX7rnKz3ZKGLm90k_hBHYBe7OOQlBBdKJRbX6LZgEZndlCz04LAUMvZWV0kmN8m95nEysaK415yzvbQcKvKJcNZy6b9TUnfFQQyGSjTOya4bMJ3iTLraZLHqRFT0MlTbezg9bCm8h3xV3rsYOqshM__g%26cry%3D1%26dbm_d%3DAKAmf-CCRPeG1hjQ8X5wyJ4oqFdhjC9GS1-naBaj4m0GG0ZD459wrcCITJ1B7VnuetpXXuTjDLpuGiBaadUFE2sBzRoQZ4Gj_nfYXDJw2EhOV7FEpe0fiCtPuKvKHTIaucrcPpUsgKYJKDNmtyFCAHJctWERt7N8hi03jEnurSdZ_bzSkgU6KqA6Ro3C8LxqavEW-jnOxsoAbQC3m0pt4hRvxsjESzPglUPA1ZzFXZeoQVb1ecEErfON_xlrHzcOWcGSqldr5c8Z4IBK4ePVD55mdgDrrTkz13lSf4yxfXr4y7ldPugvOY_BribRiv8uWQfUEYEz2iGlutt6rfbqgrOK0DF1QRpsnRoPHZ-Fa1Ng5wBswr3tWqsvx6zr2yfNrZzAXDCQ1h1MIoArLZIOZ5YlV40z9Rm8sLpoWLr9-5-6X5eNb42wcMbyxBvvYspoppiLSFPhFRQdfN1vA2ZXIrh2gb1HApDnlDLhd0OtGxC3P1AA0eLrYIl_8dssvt6pbLxaWReI1FbegQVOsrcXl17PQK0iV7kA6kS8BhiJ80-p_tv_OFpGUK4%26adurl%3D&documentReferer=https%3A%2F%2Fbul.medicaldevicetrend.com%2F&ancestorOrigins=https%3A%2F%2Fbul.medicaldevicetrend.com&random=1243599793735&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 148

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbul.medicaldevicetrend.com%2F&domain=bul.medicaldevicetrend.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Vu87S3xNcmpSVGh2VkJtZGgxdGNoT3Z5RHI2K2krNHZ0TzdhY2ZFQ0RUNGxremwwQ2hET2Y1cUQzbno0S0RBZS8yUWkwcVJIeGJaZGh3U2lzVlRNSXVVSkJQbEZ5NFZXZjZwc1R6SzFLMklNN251bFBBM1dqUmhRWXFQcFkzVmNHSWVNN0s5MWp4aHVnc1R4U3NoUjdkSHRGN0RPOFp3U21CK1M0M0NZSG42M1VualU0VFVqZDZlNWFzalN1aHhqd3JtSGNiNHkzSmF2dGRqb24vVXpFNVVobU1aTWp2TnQ4ZmZpVGhPUkhGZ2NMbTJkUEdScVBMY0UxaktDWG13OWcyQ0hpfA&cppv=2

Request Chain 155

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwJQW-Z0Z2odlmvsfjXvSgAABJcAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwJQW-Z0Z2odlmvsfjXvSgAABJcAAAIB&dcc=t

Request Chain 159

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1

Request Chain 160

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3198317024966957725

160 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627 Show response
bul.medicaldevicetrend.com/ 50 KB
10 KB 488ms
63ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e11cea7d59b0308003c113b685f9afbeb3f16ec18bf4e574564c2ed2f26a5cc6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: DYNAMIC
cf-ray: 73e46dcc2d2d929b-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Aug 2022 15:33:45 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Mon, 22 Aug 2022 15:33:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qSzO2FzZU9fYUgyDwvnmwUM2bLTl4f1HtXwKvTwkZ9Ruc3Z%2FcWliKsDAbjXTKbGFnKZXF%2FO7UpySQsn42X1Ch%2BleX15YEdmeaLJ8r0ka4%2BmoROFqCnVZ0AW07NT4Sig4gXVTFKIWUYRStTWQSA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/29c44d7c-8171-46d6-a484-9d3087559448/ 373 KB
88 KB 107ms
23ms Script
application/javascript 2600:9000:21f3:2600:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/29c44d7c-8171-46d6-a484-9d3087559448/plugin.min.js
Requested by: Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 920bf5e0981c083ac0cc65869559295260817baa40cdd79fd293fa7d7acf5456

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 14:51:39 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 12:36:00 GMT
server: AmazonS3
age: 2527
etag: W/"588fa2466d71b4d118fdf3af043b05a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 9WZqvrYx_q0JrZDyJ8QlntTiJm1OW8aidp_BNPawxdnNdIDLZoHC0Q==

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 83ms
30ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,600,700

Requested by

Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 21 Aug 2022 13:38:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 21 Aug 2022 15:33:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Aug 2022 15:33:45 GMT

GET
H2 200 bootstrap.css
medicaldevicetrend.com/template/css/ 153 KB
22 KB 47ms
33ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicaldevicetrend.com/template/css/bootstrap.css
Requested by: Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efe80f770787f125244a0782bf3fdff503a2eafc4207d262bb5f6f2813204bdc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 501270
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 27 Feb 2021 04:56:01 GMT
server: cloudflare
etag: W/"264de-5bc4a3388f081-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPH8ICsO37CdOfmcKQ7FfRv0ixrC7yknqG89ZMKLn9rr2OMVqb5YcRZBfIq5xyG2fb2U4mWRuOHdWfUtJAxc3Xn5FzJ7wuu9Ep4QrPKekMGpcmEx4XSAjnr18xb8x%2BVtufVghxI%2FSYOo"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 73e46dccadeb929b-FRA
expires: Mon, 29 Aug 2022 20:19:15 GMT

GET
H2 200 ionicons.css
medicaldevicetrend.com/template/css/ 53 KB
8 KB 49ms
35ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicaldevicetrend.com/template/css/ionicons.css
Requested by: Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a772c9d15190dfedc2f7bf714fb7692d506fd79267c9888693afc39f41229f7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 501270
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 27 Feb 2021 04:56:02 GMT
server: cloudflare
etag: W/"d246-5bc4a3390919f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jI%2FhASV4Ccsx4qtcKUrKYAiwHhN%2BLGSvyk1CoqKIOzypT2jQmhtyRlsrHt%2F2muQ3NYkUeC1fy2xJtndZP9kv%2F9GbpE6Qz4I7y56QrQTNABIdJI5iL6bb%2FgLWZoL28GzbM5cdDgnUwarx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 73e46dccade9929b-FRA
expires: Mon, 29 Aug 2022 20:19:15 GMT

GET
H2 200 styles.css
medicaldevicetrend.com/template/css/ 131 KB
32 KB 69ms
56ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicaldevicetrend.com/template/css/styles.css
Requested by: Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 164705741639ce338d5086447b46ca7be9695ed706ce1938949d9b0f95e8a19f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 501270
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 27 Feb 2021 04:56:02 GMT
server: cloudflare
etag: W/"20d84-5bc4a33992cbd-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXqvS2Js8h9hSjvMRG7cWhpNgKyBwyhtiBud4EoH4OUDinFTgvnUEZhq%2FLR3BCv5XkeGikGHUxdRlwAL20yvlTDJmOm7ddpmLgewdM0pPup%2FXW9iTTP1Y8JTh22dCtD1j%2BTgc4GrfJ3V"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 73e46dccade6929b-FRA
expires: Mon, 29 Aug 2022 20:19:15 GMT

GET
H2 200 jquery-3.2.1.min.js Show response
medicaldevicetrend.com/template/js/ 85 KB
31 KB 47ms
34ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicaldevicetrend.com/template/js/jquery-3.2.1.min.js
Requested by: Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 844327
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 18 Jul 2019 01:51:00 GMT
server: cloudflare
etag: W/"15283-58dead7722900-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V2kMSvdlfU6ojTIApB621aPTJT52tU3hAa8SvYL4B1%2BC%2F9LAEl%2BkZ%2FRcx6zTymferWgPQanKQ2PgLGtcX9uiTzsXgJcmfh0uGWOuc%2FDjxS%2Fo3tVyj7K8UO8liMIjevKiksMDu1Ahf4f3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 73e46dccadf2929b-FRA
expires: Thu, 25 Aug 2022 21:01:38 GMT

GET
H2 200 tether.min.js Show response
medicaldevicetrend.com/template/js/ 24 KB
8 KB 66ms
53ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicaldevicetrend.com/template/js/tether.min.js
Requested by: Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7354b4bd3b6d15ee20094eb2e50ae6f8466aa138671e02f57680da978660f611

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 844327
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 18 Jul 2019 01:51:00 GMT
server: cloudflare
etag: W/"6038-58dead7722900-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MoZc1hss3gL%2Bs%2BPBq%2BHjur%2FPXK%2BqZkirOV3lnnJost3BEfMY3znYIKTinQxBZTHxl3PxF9kSfJeTQEciUisq2rYAxVOf1YXqHHaFR8JiNnrtlwQT6xqCrSGlf%2F142wCB4KRCsoMJp70F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 73e46dccadec929b-FRA
expires: Thu, 25 Aug 2022 21:01:38 GMT

GET
H2 200 bootstrap.js Show response
medicaldevicetrend.com/template/js/ 101 KB
18 KB 68ms
55ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicaldevicetrend.com/template/js/bootstrap.js
Requested by: Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01ce9b4155b8547fe1d90bd6db035f185822decd3d0923df37d930068cf19d58

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 501270
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 18 Jul 2019 01:51:00 GMT
server: cloudflare
etag: W/"19374-58dead7722900-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIZih7lgeNprQxQatR1z7kkCbRexn8PTFlHYqzVIUu0Gb1F03GxdCknJnlIQRsvSHBtbKVTYRW8%2FTMGYZ9%2BQfPG5z%2By2Q5%2BWNfMN6DiD3txoK9pgyLkWyL3INMTdkDXQywrcS3xx8lzg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 73e46dccadf5929b-FRA
expires: Mon, 29 Aug 2022 20:19:15 GMT

GET
H2 200 scripts.js Show response
medicaldevicetrend.com/template/js/ 5 KB
2 KB 67ms
54ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicaldevicetrend.com/template/js/scripts.js
Requested by: Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a76d2671734df409458705f7cb7ddb59275e05fea5906de3c8bc878e47025a1a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 501270
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 18 Jul 2019 01:51:00 GMT
server: cloudflare
etag: W/"142e-58dead7722900-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZY%2BtocsYaBAZqPFg4G9uQ%2BmRGA20P0ORWpM3rHAl2wfKZPdiPSwACMULcKKInUIJIo8k%2FgzNX1h6xbTMfRZz3mjPP7ibHQdRoy9FjT0Y8aqrnCX5ANUI%2FNA6CCcI6QZp0umd3bz3dipV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 73e46dccadf1929b-FRA
expires: Mon, 29 Aug 2022 20:19:15 GMT

GET
H2 200 gm2wkzjzga5ha3ddf42a Show response
havanese.top/code/ 19 KB
19 KB 88ms
21ms Script
application/javascript 185.177.92.29
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://havanese.top/code/gm2wkzjzga5ha3ddf42a

Requested by

Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.177.92.29 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

ip-185-177-92-29.ah-server.com

Software

nginx /

Resource Hash

21aa03824652a262ed3c10fb8bddc8c091e9e8f6cfd1b23cae1592d4f79e918a

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 21 Aug 2022 15:33:45 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2

200

adManager.js Show response
cst.cstwpush.com/static/
Redirect Chain

https://cst.wpu.sh/static/adManager.js
https://cst.cstwpush.com/static/adManager.js

1 KB
863 B

122ms
15ms

Script
application/javascript

45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cst.cstwpush.com/static/adManager.js
Requested by: Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H2
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 89ceaf2fba13343764ed6f07696d5b3a49b28daf865c3f6c204c218a4cd62e1e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
content-encoding: gzip
last-modified: Wed, 13 Jul 2022 06:52:04 GMT
server: nginx/1.18.0
etag: W/"62ce6b94-4e2"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 21 Aug 2022 15:38:45 GMT
cache-control: max-age=300
x-proxy-cache: HIT

Redirect headers

location: https://cst.cstwpush.com/static/adManager.js
date: Sun, 21 Aug 2022 15:33:45 GMT
server: nginx/1.18.0
content-length: 169
content-type: text/html

GET
H2 200 optr21_19091901.js Show response
cdn.zx-adnet.com/adx/ 147 KB
20 KB 59ms
14ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/optr21_19091901.js

Requested by

Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c12395451dd35e7f1feb3e75840752f393e690cfe90019b8596e0358c0b9a26d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
etag: "8d667337f4b47f19e2bec17c6b3da3ea299231ef64ae69dbf0b8eacded0e31a3-br"
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 20001
x-served-by: cache-ams21076-AMS
last-modified: Wed, 27 Apr 2022 20:26:02 GMT
x-timer: S1661096025.110481,VS0,VE1
date: Sun, 21 Aug 2022 15:33:45 GMT
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
x-cache-hits: 1

GET
H2 200 cookies_gdpr.js Show response
cdn.zx-adnet.com/consent/ 34 KB
9 KB 100ms
55ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.9617829445171682

Requested by

Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e111a3850d781cc4bb9983b28613414f9a59af060c2860692d56809589c663b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 27 Apr 2022 20:26:02 GMT
x-timer: S1661096025.110617,VS0,VE41
etag: "5291f663321e7e3f6bfff9a37feadf115ecea3ab57d443f46f5035c626a0edda-br"
x-served-by: cache-ams21076-AMS
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: no-cache
date: Sun, 21 Aug 2022 15:33:45 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache-hits: 0

GET
H2 200 air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil.jpg
i.medicaldevicetrend.com/img/informasi-kesehatan/23/ 27 KB
27 KB 72ms
58ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.medicaldevicetrend.com/img/informasi-kesehatan/23/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil.jpg
Requested by: Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd7ccf900a762ac6bdbc52f42e36dcb98784ce51bae5a5ac82fa1c5c06b92407

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27354
last-modified: Wed, 04 Dec 2019 01:54:31 GMT
server: cloudflare
etag: "6ada-598d717ff311e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0oeF0HD66xHRW%2BbW4PcFbJELybjBuwrgDKGiC%2BGHuRhTQz3rptwb8BA0zAOye8UxEGTxU69AU%2BwA7y5oenEWcgNOtOYBMVkuZRGNRwNQFEtYZT9YD05M5ZANgoWNlt4ePb2aPC4C298VBE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73e46dccde36929b-FRA
expires: Mon, 21 Aug 2023 15:33:45 GMT

GET
H2 404 air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil.jpg
i.ergonengineering.com/img/informasi-kesehatan/23/ 0
0 360ms
270ms Image
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ergonengineering.com/img/informasi-kesehatan/23/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil.jpg
Requested by: Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 404 air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil_1.jpg
i.ergonengineering.com/img/informasi-kesehatan/23/ 0
0 141ms
51ms Image
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ergonengineering.com/img/informasi-kesehatan/23/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil_1.jpg
Requested by: Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 404 air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil_2.jpg
i.ergonengineering.com/img/informasi-kesehatan/23/ 0
0 368ms
279ms Image
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ergonengineering.com/img/informasi-kesehatan/23/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil_2.jpg
Requested by: Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 404 air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil_3.jpg
i.ergonengineering.com/img/informasi-kesehatan/23/ 0
0 236ms
147ms Image
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ergonengineering.com/img/informasi-kesehatan/23/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil_3.jpg
Requested by: Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 200 HpX8PRpR6oA Show response
www.youtube.com/embed/ Frame 1F39 63 KB
27 KB 147ms
87ms Document
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/HpX8PRpR6oA

Requested by

Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b0258294911396a658792e878c5ebd36ad4ed3d0d683a50bcb145c344c659547

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bul.medicaldevicetrend.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Sun, 21 Aug 2022 15:33:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4-langkah-menghadapi-rasa-cemas-saat-bepergian.jpg
i.medicaldevicetrend.com/img/informasi-kesehatan/75/ 35 KB
35 KB 55ms
54ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.medicaldevicetrend.com/img/informasi-kesehatan/75/4-langkah-menghadapi-rasa-cemas-saat-bepergian.jpg
Requested by: Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec18a28e83ac14ae1c736bb936ad98129599812a3d9707f9bd1391207fc1bc49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35718
last-modified: Wed, 04 Dec 2019 02:00:05 GMT
server: cloudflare
etag: "8b86-598d72bed070a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMLtOkCPnZWJtvGHW8B8ZSk02rm4GHgwNtUTWuC2kV0e3GIrV6E9cCREXBT%2BToJcsL8BT0wo6GvvTWPRraO4kueA4Eh%2BrM%2FwEhInrJTpGbCblGAVJp8eqSzJcIqz%2BF6Ydrjh8vLK%2B3k0utw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73e46dccde37929b-FRA
expires: Mon, 21 Aug 2023 15:33:45 GMT

GET
H2 200 gejala-awal-kanker-serviks-yang-perlu-diwaspadai-wanita.jpg
i.medicaldevicetrend.com/img/kanker-serviks/86/ 35 KB
35 KB 48ms
47ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.medicaldevicetrend.com/img/kanker-serviks/86/gejala-awal-kanker-serviks-yang-perlu-diwaspadai-wanita.jpg
Requested by: Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db03f62d80666f2cbc812e9f9623e4fb6e8fdc9bd91bb2457f19e442d9ee416b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35803
last-modified: Wed, 04 Dec 2019 02:02:58 GMT
server: cloudflare
etag: "8bdb-598d736380d53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wivkS%2BqIhqvRcp3zhFaLFB3j4D36qDe5OWGpSgRWE33ac88FV0EGwDhp6RINhBMbjpsl%2FMYIJTfuJDOgnc1rsVhV3icHUlLjnI4jKVIrmv%2Fcm5fUDHSGYS5ScxT1Dxi6RaSOafmbl8PNcec%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73e46dccde39929b-FRA
expires: Mon, 21 Aug 2023 15:33:45 GMT

GET
H2 200 menulis-vs-mengetik-mana-yang-lebih-baik-untuk-kesehatan.jpg
i.medicaldevicetrend.com/img/informasi-kesehatan/13/ 35 KB
35 KB 63ms
62ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.medicaldevicetrend.com/img/informasi-kesehatan/13/menulis-vs-mengetik-mana-yang-lebih-baik-untuk-kesehatan.jpg
Requested by: Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d51741c7d17bc8772713e36b11f22d36788bd0b8610c20e091ced2e6fd0302dc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35660
last-modified: Wed, 04 Dec 2019 01:53:30 GMT
server: cloudflare
etag: "8b4c-598d7145a533e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TovAwcG6AwZz1YJ3aIS7ah7s%2B%2BGgkFFdAwQsmm0aCAQq%2BweAGlmIv2BIyUgjmdJn834blmrKHQnswdwMnYg9IHJiQYFVMJm0R7JKD72oIVPMPrYMJH6v6ldmvclk9IfhsQ2Btoedj%2Bcjyrw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73e46dccde3a929b-FRA
expires: Mon, 21 Aug 2023 15:33:45 GMT

GET
H2 200 8-buah-terbaik-yang-aman-untuk-gula-darah-pengidap-diabetes.jpg
i.medicaldevicetrend.com/img/diabetes/96/ 38 KB
38 KB 71ms
70ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.medicaldevicetrend.com/img/diabetes/96/8-buah-terbaik-yang-aman-untuk-gula-darah-pengidap-diabetes.jpg
Requested by: Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df373cb9e00d35aacaa04c35722c2f10942f702637f46d485b924618be5e129d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38811
last-modified: Wed, 04 Dec 2019 01:51:39 GMT
server: cloudflare
etag: "979b-598d70db7f378"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hnPbyxgC167OxGqYN%2FhZh944Rl7SYlmMJ8Msbpc4%2FSzSLQn3vFVV3TTBUWMCV2iHHeRGVOtGv67f6bMs9weF18COPJgys72Pfw4xT0Z%2BUYnzhAGMq7HPRtinG4v0syWNy%2BzY5TNiF4vheEU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73e46dccde3b929b-FRA
expires: Mon, 21 Aug 2023 15:33:45 GMT

GET
H2 200 apa-bahaya-infeksi-cacing-hati-pada-tubuh-betulkah-bisa-sebabkan-kanker.jpg
i.medicaldevicetrend.com/img/informasi-kesehatan/64/ 34 KB
34 KB 49ms
49ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.medicaldevicetrend.com/img/informasi-kesehatan/64/apa-bahaya-infeksi-cacing-hati-pada-tubuh-betulkah-bisa-sebabkan-kanker.jpg
Requested by: Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0df763fcc000bb68a91d87ecd3f92ad3d0d28a11deb20a37d02ff2e504fde930

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34597
last-modified: Wed, 04 Dec 2019 01:58:56 GMT
server: cloudflare
etag: "8725-598d727ccde83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S83IoEGtL5XFNGdpXcQMQAkpxPzk9Jh8hUzcBX%2BjGcH%2BvYBahjygItLXJDsOoumik0FrhPM5TE%2FVi%2FhafBU%2BH%2FDtcgakNHYEgapYBeqLm%2FHS%2FCTfkZD44quEzoedhhbetPC3pk%2FFnM2q1Sg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73e46dcd0e77929b-FRA
expires: Mon, 21 Aug 2023 15:33:45 GMT

GET
H2 200 7-makanan-fermentasi-terbaik-untuk-lancarkan-pencernaan.jpg
i.medicaldevicetrend.com/img/informasi-kesehatan/62/ 50 KB
51 KB 61ms
60ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.medicaldevicetrend.com/img/informasi-kesehatan/62/7-makanan-fermentasi-terbaik-untuk-lancarkan-pencernaan.jpg
Requested by: Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2398dc51b18394ba7f06532e7fc829f28dee35e995a599a8909a7fa42ca477f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51637
last-modified: Wed, 04 Dec 2019 01:58:42 GMT
server: cloudflare
etag: "c9b5-598d726f71f74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtk3BmjDuvSOUSrv5OAM8dzvKdj45ySf6nu3HB2YMyLG8Bt61CssWk%2BqJBR%2FeDGsLIt%2BrOJbmhrKNdLfaS2ENHrNqREzGO%2F7Hw1zP30o4OfZC9YqpaL541cDV59mkUQLzMasw5IOBHYmfEE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73e46dcd2ea2929b-FRA
expires: Mon, 21 Aug 2023 15:33:45 GMT

GET
H2 200 6-hal-yang-tanpa-disadari-bisa-menyebabkan-bulu-mata-rontok.jpg
i.medicaldevicetrend.com/img/informasi-kesehatan/78/ 28 KB
29 KB 49ms
48ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.medicaldevicetrend.com/img/informasi-kesehatan/78/6-hal-yang-tanpa-disadari-bisa-menyebabkan-bulu-mata-rontok.jpg
Requested by: Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1862b0c78082c9f962a03d15920eeaebf62091a312c6a854bac6ffd3a8b7492

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28884
last-modified: Wed, 04 Dec 2019 02:00:25 GMT
server: cloudflare
etag: "70d4-598d72d17bc38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XESC20OXAdf1%2Fdf1Mh%2FeUnrKHfQ9wleieH7GCNxjhMSFkwSLi6dSvgG7lR8l63%2Bvq0%2FtsZtE62BXgEVZtCKIHbyZl8fQAAC5fwSSbIH4L%2FoQSBtEvnOd0aZvWoaqToiYAETIs4VCi01qsuc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73e46dcd2ea5929b-FRA
expires: Mon, 21 Aug 2023 15:33:45 GMT

GET
H2 200 3-kiat-memilih-skin-care-yang-tepat-untuk-kulit-kombinasi.jpg
i.medicaldevicetrend.com/img/informasi-kesehatan/98/ 47 KB
48 KB 98ms
97ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.medicaldevicetrend.com/img/informasi-kesehatan/98/3-kiat-memilih-skin-care-yang-tepat-untuk-kulit-kombinasi.jpg
Requested by: Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d32e0452d5f834de467dd963b9e0ab4202e886b83231e289c0daa2ff579512dc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48439
last-modified: Wed, 04 Dec 2019 02:02:32 GMT
server: cloudflare
etag: "bd37-598d734af2aa3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btkWDX1XDKc5pjTdRcbmSmgHA6DpG452sQPGvIpGNTUwVy4ZGvUOV%2B0288l5xYaXydrsFxvYyrqHIs7n9udKxxdBiG5dXm52rLaCqasteOT5rIhgUBoSpuznNRz0KnvKcvGDbXLdkBLA00k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73e46dcd2ea7929b-FRA
expires: Mon, 21 Aug 2023 15:33:45 GMT

GET
H2 200 7-manfaat-terong-belanda-untuk-kesehatan-yang-sayang-untuk-dilewatkan.jpg
i.medicaldevicetrend.com/img/informasi-kesehatan/52/ 39 KB
39 KB 58ms
57ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.medicaldevicetrend.com/img/informasi-kesehatan/52/7-manfaat-terong-belanda-untuk-kesehatan-yang-sayang-untuk-dilewatkan.jpg
Requested by: Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ec418350a33f9345222164287d22e2214208fec2fa67eeaaf4137c78f4b9a64

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39841
last-modified: Wed, 04 Dec 2019 01:57:41 GMT
server: cloudflare
etag: "9ba1-598d723502e59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtAJExjYz21JPSiJCCOVhFeiwa%2BsF%2Bk8HFE1s%2BWAAOSC1RTZHCkE0tcXtGrVqMQG9QxsAUJTd0kTMHAht4q2LMTH%2B0nPDdsJnM%2B1FNublcMSTkIevPaEv357ZI88hZ7JbW8kUYkRZV546Sw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73e46dcd2ea8929b-FRA
expires: Mon, 21 Aug 2023 15:33:45 GMT

GET
H2 200 vertigo-kambuh-segera-atasi-dengan-5-bumbu-dapur-ini.jpg
i.medicaldevicetrend.com/img/informasi-kesehatan/80/ 85 KB
85 KB 56ms
55ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.medicaldevicetrend.com/img/informasi-kesehatan/80/vertigo-kambuh-segera-atasi-dengan-5-bumbu-dapur-ini.jpg
Requested by: Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd7c26673baf66970f23013601bc21c3ac55ec6dded9d4e43518168801550d73

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 86794
last-modified: Wed, 04 Dec 2019 02:00:41 GMT
server: cloudflare
etag: "1530a-598d72e0d5792"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0hiI1eCTC8WDqVLa9vJwd21G5GZ0wCJLpj8UzbHHyhnE%2BXjr%2FBIL3zCYHsNddu4kmqKFtvyyG%2Fyt0CCQn47v8DDacc954Az3JO4rCPK7omic5UhoPb5r7oaUNB%2Bhjow6M%2BtKYM1k%2FckXgc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73e46dcd2eab929b-FRA
expires: Mon, 21 Aug 2023 15:33:45 GMT

GET
H2 404 map.png
medicaldevicetrend.com/template/images/ 0
0 44ms
43ms Image
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medicaldevicetrend.com/template/images/map.png
Requested by: Host: medicaldevicetrend.com
URL: https://medicaldevicetrend.com/template/css/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://medicaldevicetrend.com/template/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 77ms
22ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bul.medicaldevicetrend.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 505550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 19:07:55 GMT

GET
H3 200 ionicons.ttf
medicaldevicetrend.com/template/fonts/ 184 KB
106 KB 68ms
42ms Font
application/font-sfnt 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicaldevicetrend.com/template/fonts/ionicons.ttf?v=2.0.0
Requested by: Host: medicaldevicetrend.com
URL: https://medicaldevicetrend.com/template/css/ionicons.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Request headers

Referer: https://medicaldevicetrend.com/template/css/ionicons.css
Origin: https://bul.medicaldevicetrend.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24914
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 18 Jul 2019 01:51:00 GMT
server: cloudflare
etag: W/"2e05c-58dead7722900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=26%2B%2FE3sR9ZbMOz3c68t46%2Fy7nag%2BdpWWzPHL5bqnlQJ1Q6tHburMdoSfd%2BmqyER5j1hANebZX7kKvjA0ekW1PyDpfs21PmI4oTGEhdf5E8pahFdHz1QBFQIqcjpONmt%2FgPalxsMVTEl4"}],"group":"cf-nel","max_age":604800}
content-type: application/font-sfnt
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 73e46dcd8f569a1e-FRA
expires: Sun, 28 Aug 2022 08:38:31 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 83ms
29ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bul.medicaldevicetrend.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 514133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 16:44:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 97ms
50ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bul.medicaldevicetrend.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 18:17:14 GMT
x-content-type-options: nosniff
age: 508591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 18:17:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 82ms
44ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bul.medicaldevicetrend.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 19:36:30 GMT
x-content-type-options: nosniff
age: 503835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 19:36:30 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627;0.3996858978008391
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627;0.3996858978008391

43 B
528 B

61ms
60ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627;0.3996858978008391

Requested by

Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 15:33:45 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Aug 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 15:33:45 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627;0.3996858978008391
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Fri, 20 Aug 2021 21:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 205 KB
71 KB 326ms
127ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

fa581fefebecc84d3b82fa27a681ea2587caa31c61a7834c23550fdf64cdf240

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
content-encoding: br
last-modified: Mon, 15 Aug 2022 15:05:51 GMT
etag: "62fa369f-118dd"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71901
expires: Sun, 21 Aug 2022 16:33:45 GMT

GET
H3 200 px_optr.js Show response
cdn.zx-adnet.com/s2r/ 154 B
443 B 62ms
28ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/s2r/px_optr.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/optr21_19091901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

52a3807964b92463ca8e086eb7217d15885eb26ef43ce9d30ae2d676ea434f94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 27 Apr 2022 20:26:02 GMT
x-timer: S1661096025.245465,VS0,VE1
etag: "5fd56412d9c8a7133b545c8894cd95f881c87598574e8ea8bedbcabaa0fda52c-br"
x-served-by: cache-ams21077-AMS
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Sun, 21 Aug 2022 15:33:45 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 94
x-cache-hits: 1

GET
H3 200 abs.js Show response
cdn.zx-adnet.com/adx/ 220 B
496 B 117ms
83ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/abs.js?0.6435002704930401

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/optr21_19091901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
etag: "5fef2687ef3b38d2357073d43abb64a2f46b34fce9295b7d515ee95b7d79cfdb-br"
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 107
x-served-by: cache-ams21077-AMS
last-modified: Wed, 27 Apr 2022 20:26:02 GMT
x-timer: S1661096025.245717,VS0,VE69
date: Sun, 21 Aug 2022 15:33:45 GMT
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
x-cache-hits: 0

GET
H2 200 tic
site2text-2021.web.app/ 0
432 B 232ms
197ms Image
text/html 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://site2text-2021.web.app/tic?startqa=1&r=0.9248066298497322

Requested by

Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-served-by: cache-ams21049-AMS
server: Google Frontend
x-timer: S1661096025.245122,VS0,VE172
date: Sun, 21 Aug 2022 15:33:45 GMT
x-robots-tag: noindex
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html
x-cloud-trace-context: 1d75c8baccee39cbd3dced4d4f7ebfc1
cache-control: private
function-execution-id: jqzzpcitiojx
accept-ranges: bytes
x-orig-accept-language: nl-NL,nl;q=0.9
x-country-code: NL
x-cache-hits: 0

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8545f789d157443e285020e59d3ede5a7725a9ab6d03ebaa996ef57914d1685c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 341 KB
66 KB 18ms
14ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.9617829445171682

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

04149c43558d59b2f0f2cc3f679979b915401ca5c94e833479ca9ea754db0b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 27 Apr 2022 20:26:02 GMT
x-timer: S1661096025.245743,VS0,VE0
etag: "903d4e9708a69e8cc899413e10c8bd8c12ff0e8553c05df46fc83d843518567b-br"
x-served-by: cache-ams21077-AMS
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Sun, 21 Aug 2022 15:33:45 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 67057
x-cache-hits: 31

GET
H3 200 www-player.css
www.youtube.com/s/player/009f1d77/ Frame 1F39 343 KB
47 KB 68ms
22ms Stylesheet
text/css 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/009f1d77/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HpX8PRpR6oA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b46dc5cc031017c003808e87a7c63f7b1555fe6ec18da4489694a09236e52e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/HpX8PRpR6oA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 597
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48157
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 00:21:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 21 Aug 2023 15:23:48 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/009f1d77/www-embed-player.vflset/ Frame 1F39 308 KB
95 KB 66ms
21ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/009f1d77/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HpX8PRpR6oA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ead7afdd7ff8c6bb486b360a061137d56a0cfdf85c38642e945ec7369e82c65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/HpX8PRpR6oA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 06:03:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34244
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97385
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 00:21:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 21 Aug 2023 06:03:01 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/009f1d77/player_ias.vflset/nl_NL/ Frame 1F39 2 MB
570 KB 99ms
54ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/009f1d77/player_ias.vflset/nl_NL/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HpX8PRpR6oA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdb494d096b2741093d6eb4157627fbda067317e97ed4320224ade24bc80e5ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/HpX8PRpR6oA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:17:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 260189
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 583291
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 00:21:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 18 Aug 2023 15:17:16 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/009f1d77/fetch-polyfill.vflset/ Frame 1F39 9 KB
3 KB 66ms
21ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/009f1d77/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HpX8PRpR6oA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/HpX8PRpR6oA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 14:59:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 261258
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 00:21:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 18 Aug 2023 14:59:27 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1F39 15 KB
15 KB 85ms
20ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HpX8PRpR6oA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 426424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Aug 2023 17:06:41 GMT

GET
H2 200 pngpx Show response
faq.worldtourismgroup.com/s2r/ 84 B
621 B 593ms
545ms Script
text/html 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://faq.worldtourismgroup.com/s2r/pngpx

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/s2r/px_optr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

48698dba88b746b8ba54367dc32ca747d32f261d00af7cfc02cd9a7ec451f93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
etag: W/"54-2fRChT05ozH6bETWEuzmSErphDI"
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-served-by: cache-ams21024-AMS
server: Google Frontend
x-timer: S1661096025.381214,VS0,VE531
date: Sun, 21 Aug 2022 15:33:45 GMT
x-robots-tag: noindex
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
x-cloud-trace-context: bcbed7681e6b0583df9b42711fd4b019
cache-control: no-cache, no-store, must-revalidate
function-execution-id: ebs9fj9z5au4
accept-ranges: bytes
x-orig-accept-language: nl-NL,nl;q=0.9
x-country-code: NL
x-cache-hits: 0

GET
H3 200 ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 230 KB
37 KB 14ms
14ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 27 Apr 2022 20:26:02 GMT
x-timer: S1661096025.399654,VS0,VE1
etag: "dad5947af947c84745a29032a526f3e68afd9ce38af7f41ee281defb94b29c84-br"
x-served-by: cache-ams21077-AMS
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Sun, 21 Aug 2022 15:33:45 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 37832
x-cache-hits: 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 93ms
29ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/29c44d7c-8171-46d6-a484-9d3087559448/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

a73eb3fbea6e1051f19a0d4f9511e098101381060765d220b27525cb3e3b6340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28489
x-xss-protection: 0
server: sffe
etag: "1309 / 455 of 1000 / last-modified: 1660946906"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 21 Aug 2022 15:33:45 GMT

GET
H2 200 prebid5.14.0.js Show response
get.optad360.io/sf/ 460 KB
461 KB 24ms
24ms Script
application/javascript 2600:9000:21f3:2600:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid5.14.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/29c44d7c-8171-46d6-a484-9d3087559448/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 14:57:40 GMT
via: 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
last-modified: Thu, 23 Sep 2021 07:59:54 GMT
server: AmazonS3
age: 25144566
etag: "6dd0a13bde35d2daa452bba998871016"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=360000000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 471445
x-amz-cf-id: BhPyoAfGMAu4NYWr_oOKtvfHXFhXXtiJ0liUCGCGBUOccVLfRKBpnw==

GET
H3 200 checkabuse Show response
cdn.zx-adnet.com/ 56 B
473 B 231ms
230ms Script
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/checkabuse?surl=https%3A%2F%2Fbul.medicaldevicetrend.com%2Fair-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?0.6435002704930401

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
etag: W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 65
x-served-by: cache-ams21077-AMS
server: Google Frontend
x-timer: S1661096025.451705,VS0,VE215
date: Sun, 21 Aug 2022 15:33:45 GMT
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
x-cloud-trace-context: f46870cd12da5e51a5a60d515a7647f0
cache-control: max-age=3600,public
function-execution-id: jqn2p2wp3e0e
accept-ranges: bytes
x-orig-accept-language: nl-NL,nl;q=0.9
x-country-code: NL
x-cache-hits: 0

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ 85 KB
31 KB 50ms
15ms Script
application/javascript 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 960a0101f3bc46f4b7dc836a7417f5d0dda1bb734e04afa87ff9479030db8403

Request headers

Referer: https://bul.medicaldevicetrend.com/
Origin: https://bul.medicaldevicetrend.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 09:37:00 GMT
server: nginx/1.18.0
etag: W/"62f37c3c-1524f"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 21 Aug 2022 15:38:45 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 1F39
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

72ms
27ms

XHR
application/json

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HpX8PRpR6oA

Protocol

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffbfbd37ead2cdeb93289a5430e57f02c73709e18f12de60f4886997d1fd5b37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 21 Aug 2022 15:33:45 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 1F39 29 B
588 B 87ms
21ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/009f1d77/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:19:42 GMT
x-content-type-options: nosniff
age: 843
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Aug 2022 15:34:42 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 94ms
26ms Preflight 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bul.medicaldevicetrend.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://bul.medicaldevicetrend.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 21 Aug 2022 15:33:45 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 58ms
14ms XHR
application/json 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220821

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0ea2697dd2d0350ed84ce89be6bc75e8462ad5d56e0d70d53c869df80ab8236a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bul.medicaldevicetrend.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1968
x-jsd-version: 1.0.1439
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 926
etag: W/"669-U3xo+2ctiPtvj8ftIPnQBFf1f4E"
x-served-by: cache-fra19140-FRA, cache-ams21062-AMS
x-jsd-version-type: version
date: Sun, 21 Aug 2022 15:33:45 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
941 B 99ms
41ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1132432
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4GuqNQXdZ1AxmzvawTny%2BOFrRou6hyGJbp%2B9HGQi1qyK%2FuR7hWiumabdRBumY52QDcf67YG4rHy2tm4mY5qrU0VIYleoifkIi%2BdpLzvnAMp54HOUFELXB6wL656CinTUbDlUjYkZ5eRdRUK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 73e46dd0aadbbb65-FRA

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
647 B 104ms
43ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=420039&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221e4c5b5d455ea3%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fbul.medicaldevicetrend.com%2Fair-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.14.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222250729cbc523a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22420039%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22420039%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A750%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22420039%22%2C%22sid%22%3A%22750x100%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22optad360.com%22%2C%22sid%22%3A%224863746%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2de651692a5c82f38126c280f7a685f074b368a58272e7c4ff9e882dce4ae99d

Request headers

Referer: https://bul.medicaldevicetrend.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwR%2FLnNbXB7l4pPRfNC7mg%2FKKF2kH172ZioF49a16g7mGbx2xxZD5GyzrcoXkS%2Fg1tNHUgmqVDP73OA0kYRCmpdaqY3fFHtjRGwJi0FwwQKEtnDTTw7xwzLEK0WtbNIxVgQXN9V%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://bul.medicaldevicetrend.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 73e46dd0ba95698b-FRA
expires: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
416 B 105ms
52ms XHR
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bul.medicaldevicetrend.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:33:45 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://bul.medicaldevicetrend.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
188 B 89ms
19ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bul.medicaldevicetrend.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bul.medicaldevicetrend.com
date: Sun, 21 Aug 2022 15:33:45 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 103ms
63ms XHR
application/json 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

596e076b6488c3a862cb2179efaea673afe61c23e7add0332505ba2d57524b7e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bul.medicaldevicetrend.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 15:33:45 GMT
X-Proxy-Origin: 37.48.94.47; 37.48.94.47; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4ae5a1bd-d2a1-43d5-accb-4d7fa705a7a8
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://bul.medicaldevicetrend.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 93ms
29ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 21 Aug 2022 15:33:45 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1F39 65 KB
30 KB 83ms
40ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1462b047ffc3c31c11c67dedb6f24d44a1b041b512f9eed8975c6cd718561a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 30773
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/009f1d77/player_ias.vflset/nl_NL/ Frame 1F39 119 KB
37 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/009f1d77/player_ias.vflset/nl_NL/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8378d48007b3cd410fcb04e0491a0ecafb0f1dd76e3def33751cba1e65c46b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/HpX8PRpR6oA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:56:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 257855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37700
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 00:21:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 18 Aug 2023 15:56:10 GMT

GET
H2 200 ccsNW8B7Gh_5RfA3Gd14x3uOpbcJGFGAyzd2sLlaUZQ.js Show response
www.google.com/js/th/ Frame 1F39 36 KB
14 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/ccsNW8B7Gh_5RfA3Gd14x3uOpbcJGFGAyzd2sLlaUZQ.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/nl_NL/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71cb0d5bc07b1a1ff945f03719dd78c77b8ea5b709185180cb3776b0b95a5194

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 13:53:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 351643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14218
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 17:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 13:53:02 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/009f1d77/player_ias.vflset/nl_NL/ Frame 1F39 27 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/009f1d77/player_ias.vflset/nl_NL/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05acc3012d01edb765afea170fa2dfe68065a552667744d399c84844c33c8568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/HpX8PRpR6oA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:17:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 260179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8132
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 00:21:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 18 Aug 2023 15:17:26 GMT

GET
DATA 200
OK truncated
/ Frame 1F39 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu9bW2AmGaevrpsB-su2wBpvzyX5Inf3zvTXrJDnKA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 1F39 3 KB
4 KB 86ms
23ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu9bW2AmGaevrpsB-su2wBpvzyX5Inf3zvTXrJDnKA=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HpX8PRpR6oA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a9b8a4b058f0cfdb5137ab550edcaa8912e26d6ceb7451b9ea791d608e467090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 11:33:58 GMT
x-content-type-options: nosniff
age: 14387
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3229
x-xss-protection: 0
server: fife
etag: "v153"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 31 Jul 2022 16:46:05 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/HpX8PRpR6oA/ Frame 1F39 201 KB
202 KB 95ms
32ms Image
image/webp 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/HpX8PRpR6oA/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HpX8PRpR6oA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1143cc4d0afa91e1a4b29293557f204da09d151a54a098e907596a1d538f8f49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205944
x-xss-protection: 0
server: sffe
etag: "1556116376"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 21 Aug 2022 17:33:45 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1F39 10 KB
10 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HpX8PRpR6oA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 21:29:26 GMT
x-content-type-options: nosniff
age: 497059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 15 Aug 2023 21:29:26 GMT

GET
H3 200 pubads_impl_2022081601.js Show response
securepubads.g.doubleclick.net/gpt/ 383 KB
130 KB 63ms
20ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

041b6e69b34243b7cd98534e95b129cb2479bebddae8dc4f051755a84cc8fbe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133485
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 08:34:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 18 Aug 2023 04:42:31 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 93 B
109 B 98ms
56ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bul.medicaldevicetrend.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

30fc29e2b0f9afeaa9b12d33e2975fd7815ff15c127f98ccbc93e1a3dbcf41cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 15:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84
x-xss-protection: 0
expires: Sun, 21 Aug 2022 15:33:45 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/55098856/
Redirect Chain

https://mc.yandex.ru/watch/55098856?wmode=7&page-url=https%3A%2F%2Fbul.medicaldevicetrend.com%2Fair-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627&charset=utf-8&browser-info=pv%...
https://mc.yandex.ru/watch/55098856/1?wmode=7&page-url=https%3A%2F%2Fbul.medicaldevicetrend.com%2Fair-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627&charset=utf-8&browser-info=p...

357 B
439 B

70ms
69ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/55098856/1?wmode=7&page-url=https%3A%2F%2Fbul.medicaldevicetrend.com%2Fair-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetv2v3mdqom1a0%3Afp%3A520%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A36050961972%3Ahid%3A117789390%3Az%3A0%3Ai%3A20220821153345%3Aet%3A1661096026%3Ac%3A1%3Arn%3A17961103%3Arqn%3A1%3Au%3A1661096026515814193%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661096024548%3Ads%3A379%2C46%2C63%2C1%2C%2C0%2C%2C166%2C0%2C%2C%2C%2C656%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661096026%3At%3A%D0%98%D0%B7%D0%BB%D0%B8%D0%B7%D0%B0%20%D0%BB%D0%B8%20%D1%81%D0%BF%D0%B5%D1%80%D0%BC%D0%B0%20%D0%BF%D0%BE%20%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%20%D0%BD%D0%B0%20%D0%B5%D1%8F%D0%BA%D1%83%D0%BB%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%BC%D0%BE%D0%B6%D0%B5%20%D0%BB%D0%B8%20%D0%B2%D1%81%D0%B5%20%D0%BF%D0%B0%D0%BA%20%D0%B4%D0%B0%20%D0%B2%D0%B8%20%D0%B7%D0%B0%D0%B1%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%B5%D0%B5%3F&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Requested by

Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

25606a38fd2c1b0625495a6c4873a0350a1f7bc12b3713b8466dc16f34679265

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:33:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 21-Aug-2022 15:33:45 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bul.medicaldevicetrend.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 357
x-xss-protection: 1; mode=block
expires: Sun, 21-Aug-2022 15:33:45 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:33:45 GMT
last-modified: Sun, 21-Aug-2022 15:33:45 GMT
location: /watch/55098856/1?wmode=7&page-url=https%3A%2F%2Fbul.medicaldevicetrend.com%2Fair-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetv2v3mdqom1a0%3Afp%3A520%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A36050961972%3Ahid%3A117789390%3Az%3A0%3Ai%3A20220821153345%3Aet%3A1661096026%3Ac%3A1%3Arn%3A17961103%3Arqn%3A1%3Au%3A1661096026515814193%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661096024548%3Ads%3A379%2C46%2C63%2C1%2C%2C0%2C%2C166%2C0%2C%2C%2C%2C656%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661096026%3At%3A%D0%98%D0%B7%D0%BB%D0%B8%D0%B7%D0%B0%20%D0%BB%D0%B8%20%D1%81%D0%BF%D0%B5%D1%80%D0%BC%D0%B0%20%D0%BF%D0%BE%20%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%20%D0%BD%D0%B0%20%D0%B5%D1%8F%D0%BA%D1%83%D0%BB%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%BC%D0%BE%D0%B6%D0%B5%20%D0%BB%D0%B8%20%D0%B2%D1%81%D0%B5%20%D0%BF%D0%B0%D0%BA%20%D0%B4%D0%B0%20%D0%B2%D0%B8%20%D0%B7%D0%B0%D0%B1%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%B5%D0%B5%3F&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://bul.medicaldevicetrend.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 21-Aug-2022 15:33:45 GMT

GET
H2 200 1349 Show response
na.nawpush.com/tags/ 659 B
803 B 73ms
14ms XHR
application/json 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/1349?version_name=c
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: ae3bba83b1182ab504a90f8037f6fd673b3fcb7e74581941ad5f190bedeffe71

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 21 Aug 2022 15:33:45 GMT
cache-control: max-age=300, public
server: nginx/1.18.0
content-type: application/json
content-length: 659
x-proxy-cache: HIT

GET
H2 200 wp-banners.js Show response
js.wpadmngr.com/npc/sdk/ 0
238 B 44ms
14ms Script
application/javascript 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
server: nginx/1.18.0
etag: "611fc6d7-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 21 Aug 2022 15:38:45 GMT
cache-control: max-age=300
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 64ms
64ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
last-modified: Mon, 15 Aug 2022 15:05:51 GMT
etag: "62fa369f-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Aug 2022 16:33:45 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 88ms
41ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22283
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txabdeaf33cd324438a1d71-006301f94e
x-amz-id-2: txabdeaf33cd324438a1d71-006301f94e
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tp788Z6RDnbBy1Vyko%2FiGinUVsWTx5Q7gU6vxZ%2FtGcl3fe%2FeIGqiRlBRMEmP6cG4YONoq12nB54xFUCpYqU2e3Uevl1Dtbg0%2Bg2uTFwCjqi869xLG%2F63A5ki8OATQgCx94f9YmU5WPJM9FE3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1652176651393042
cf-ray: 73e46dd19ad19bd4-FRA
access-control-allow-headers: Authorization

GET
H3 204 generate_204
www.youtube.com/ Frame 1F39 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?BEy7Ig
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/HpX8PRpR6oA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/HpX8PRpR6oA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 1F39 4 KB
3 KB 148ms
99ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/nl_NL/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 21 Aug 2022 15:33:46 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
792 B 84ms
31ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=bul.medicaldevicetrend.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 15:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 111ms
36ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bul.medicaldevicetrend.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 15:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 113 KB
41 KB 391ms
391ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3966018075404065&correlator=4352861227956471&eid=31069002%2C31069046%2C44761477%2C31068367%2C31068919&output=ldjh&gdfp_req=1&vrg=2022081601&ptt=17&impl=fif&gdpr_consent=CPeFyN_PeFyN_AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&iu_parts=121764058%3A22613287251%2Cwomans-magazine%2Cwomans-magazine_SF&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C750x100%7C970x90&ifi=1&adks=3122376375&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1661096026074&lmt=1661096026&dlt=1661096025040&idt=1001&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbul.medicaldevicetrend.com%2Fair-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627&frm=20&vis=1&psz=0x-1&msz=728x-1&fws=1668&ohw=4000&ga_vid=454957221.1661096026&ga_sid=1661096026&ga_hid=107869593&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

569961c56ee8f4796f969383d3c35add7d1127e2290121c0a2c47673e3993b79

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6503174388452047475/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6503174388452047475/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN70zfSg2PkCFRnVdwodtSUCSg&gqi=&layout=/sadbundle/%24csp%253Der3%24/6503174388452047475/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6503174388452047475/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6503174388452047475/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN70zfSg2PkCFRnVdwodtSUCSg&gqi=&layout=/sadbundle/%24csp%253Der3%24/6503174388452047475/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42195
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sun, 21 Aug 2022 15:33:46 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bul.medicaldevicetrend.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
10 KB 1228ms
1227ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3966018075404065&correlator=4352861227956471&eid=31069002%2C31069046%2C44761477%2C31068367%2C31068919&output=ldjh&gdfp_req=1&vrg=2022081601&ptt=17&impl=fif&gdpr_consent=CPeFyN_PeFyN_AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&iu_parts=121764058%3A22613287251%2Cwomans-magazine%2Cwomans-magazine_stat_S4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C750x100%7C750x200%7C750x300&ifi=2&adks=576306951&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1661096026078&lmt=1661096026&dlt=1661096025040&idt=1001&adxs=1475&adys=766&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbul.medicaldevicetrend.com%2Fair-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627&frm=20&vis=1&psz=0x0&msz=728x0&fws=1668&ohw=670&ga_vid=454957221.1661096026&ga_sid=1661096026&ga_hid=107869593&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e297ef3840e7a357f3c28bf15d8483c3c04416a38d4ec60c3e8fc432c17054f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10500
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bul.medicaldevicetrend.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 85A3 6 KB
3 KB 105ms
31ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bul.medicaldevicetrend.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 15:33:46 GMT
expires: Mon, 21 Aug 2023 15:33:46 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 search
www.google.com/ 0
0 155ms
99ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/search?q=site%3Ahttps%3A%2F%2Ffive-question.com%2Fen%2FQ%2526A%2Fpage%3D7af7e3f107b61cf3e6888e026ba0b66f
Requested by: Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

OPTIONS
H/1.1 204
No Content fp
fp.metricswpsh.com/ Frame 0
0 251ms
29ms Preflight 23.88.85.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=1349
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.88.85.6 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.6.85.88.23.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bul.medicaldevicetrend.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://bul.medicaldevicetrend.com
Connection: keep-alive
Date: Sun, 21 Aug 2022 15:33:46 GMT
Server: nginx/1.20.1
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H/1.1 200
OK fp Show response
fp.metricswpsh.com/ 0
379 B 111ms
55ms XHR
text/plain 23.88.85.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=1349
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.88.85.6 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.6.85.88.23.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bul.medicaldevicetrend.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Sun, 21 Aug 2022 15:33:46 GMT
Server: nginx/1.20.1
Vary: Origin
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://bul.medicaldevicetrend.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 track Show response
f3256a8395.ad1f574e38.com/in/ 0
207 B 172ms
71ms XHR
text/plain 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://f3256a8395.ad1f574e38.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI1Mzg4OTIxNzgwODUzMjgxMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMy4wIiwidGFnX2lkIjoxMzQ5LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjE2MDB4MTIwMCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiRXRjL1Vua25vd24iLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC4zNCwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiJUQwJTk4JUQwJUI3JUQwJUJCJUQwJUI4JUQwJUI3JUQwJUIwJTJDJUQwJUJCJUQwJUI4JTJDJUQxJTgxJUQwJUJGJUQwJUI1JUQxJTgwJUQwJUJDJUQwJUIwJTJDJUQwJUJGJUQwJUJFJTJDJUQwJUIyJUQxJTgwJUQwJUI1JUQwJUJDJUQwJUI1JTJDJUQwJUJEJUQwJUIwJTJDJUQwJUI1JUQxJThGJUQwJUJBJUQxJTgzJUQwJUJCJUQwJUIwJUQxJTg2JUQwJUI4JUQxJThGJTJDJUQwJUJDJUQwJUJFJUQwJUI2JUQwJUI1JTJDJUQwJUJCJUQwJUI4JTJDJUQwJUIyJUQxJTgxJUQwJUI1JTJDJUQwJUJGJUQwJUIwJUQwJUJBJTJDJUQwJUI0JUQwJUIwJTJDJUQwJUIyJUQwJUI4JTJDJUQwJUI3JUQwJUIwJUQwJUIxJUQxJTgwJUQwJUI1JUQwJUJDJUQwJUI1JUQwJUJEJUQwJUI1JUQwJUI1JTJDJTJDJUQwJTlDJUQxJThBJUQwJUI2JUQwJUJBJUQwJUI4JUQxJThGJUQxJTgyJTJDJUQwJUJFJUQxJTgwJUQwJUIzJUQwJUIwJUQwJUI3JUQxJThBJUQwJUJDJTJDJUQwJUJFJUQwJUIxJUQwJUI4JUQwJUJBJUQwJUJEJUQwJUJFJUQwJUIyJUQwJUI1JUQwJUJEJUQwJUJFJTJDJUQwJUI1JTJDJUQwJUIxJUQwJUI1JUQwJUJCJUQxJThGJUQwJUI3JUQwJUIwJUQwJUJEJTJDJUQwJUJFJUQxJTgyJTJDJUQwJUI1JUQxJThGJUQwJUJBJUQxJTgzJUQwJUJCJUQwJUIwJUQxJTg2JUQwJUI4JUQxJThGJTJDJUQwJUI4JUQwJUJCJUQwJUI4JTJDJUQwJUI4JUQwJUI3JUQxJTg1JUQwJUIyJUQxJThBJUQxJTgwJUQwJUJCJUQxJThGJUQwJUJEJUQwJUI1JTJDJUQwJUJEJUQwJUIwJTJDJUQxJTgxJUQwJUJGJUQwJUI1JUQxJTgwJUQwJUJDJUQwJUIwJTJDJUQwJUEyJUQwJUJFJUQwJUIzJUQwJUIwJUQwJUIyJUQwJUIwJTJDJUQwJUJBJUQwJUIwJUQwJUJBJUQwJUIyJUQwJUJFJTJDJUQxJTg5JUQwJUI1JTJDJUQxJTgxJUQxJTgyJUQwJUIwJUQwJUJEJUQwJUI1JTJDJUQwJUIwJUQwJUJBJUQwJUJFJTJDJUQxJTgxJUQwJUJGJUQwJUI1JUQxJTgwJUQwJUJDJUQwJUIwJUQxJTgyJUQwJUIwJTJDJUQwJUJEJUQwJUI1JTJDJUQwJUI4JUQwJUI3JUQwJUJCJUQwJUI1JUQwJUI3JUQwJUI1JTJDJUQwJTkyJUQxJTgxJUQwJUI1JTJDJUQwJUJFJUQxJTg5JUQwJUI1JTJDJUQwJUJDJUQwJUJFJUQwJUI2JUQwJUI1JTJDJUQwJUJCJUQwJUI4JTJDJUQwJUI0JUQwJUIwJTJDJUQwJUJEJUQwJUIwJUQwJUJGJUQxJTgwJUQwJUIwJUQwJUIyJUQwJUI4JTJDJUQwJUI0JUQwJUIyJUQwJUJFJUQwJUI5JUQwJUJBJUQwJUIwJTJDJUQwJUIxJUQxJTgwJUQwJUI1JUQwJUJDJUQwJUI1JUQwJUJEJUQwJUJEJUQwJUIwJTNGJTIwIn0=
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:33:46 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 push.m.js Show response
js.wpshsdk.com/npc/sdk/ 52 KB
21 KB 87ms
25ms Script
application/javascript 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpshsdk.com/npc/sdk/push.m.js?v=1
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: cf5c103eac1f662868eafb7e9ad9de4ecdb2897738446427866156d8b8010176

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:46 GMT
content-encoding: gzip
last-modified: Thu, 18 Aug 2022 18:05:28 GMT
server: nginx/1.18.0
etag: W/"62fe7f68-d187"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 21 Aug 2022 15:38:46 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 csub.m.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 52 KB
13 KB 213ms
13ms Script
application/javascript 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: ae76aab58df5505ae11ad294434acd86c398718cc15d0f4d7a92cf6953a42a38

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:46 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 11:09:06 GMT
server: nginx/1.18.0
etag: W/"62eba8d2-d0c6"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 21 Aug 2022 15:38:46 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/104/ Frame 1F39 52 KB
15 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/104/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a35a51e32439cce8b4dd6734f65c18debec94ca81a30640b2ccaba988ce1639e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 07:40:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15107
x-xss-protection: 0
last-modified: Mon, 30 May 2022 15:03:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 22 Aug 2022 07:40:35 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1F39 98 B
140 B 31ms
30ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

66a02f7d93a276c9f3ddfe4f760924b070bd108bb0d8670f5ec59725aaec3c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 21 Aug 2022 15:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 116
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 33ms
33ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 21 Aug 2022 15:33:46 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 140ms
73ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b00a5dd60adfef2e622c2988013b3ca17b6bcdf0cbed8dee3bbc3a60c133b0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 15:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11146
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 90ms
33ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 21 Aug 2022 15:33:46 GMT

GET
H3 200 container.html Show response
e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7C76 6 KB
3 KB 77ms
29ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bul.medicaldevicetrend.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 15:33:46 GMT
expires: Mon, 21 Aug 2023 15:33:46 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E435 13 KB
5 KB 65ms
22ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bul.medicaldevicetrend.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 5386
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 14:04:00 GMT
expires: Mon, 21 Aug 2023 14:04:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 06ED 783 B
535 B 33ms
32ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

70dcce48a0f42c38a7dfae12fe3b47f21debd5ebac3ae1b123f2fb9b323aca32

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ebyCfZ3tjCmwG7EQF9EjaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bul.medicaldevicetrend.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-ebyCfZ3tjCmwG7EQF9EjaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 15:33:46 GMT
expires: Sun, 21 Aug 2022 15:33:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6503174388452047475/ Frame 58F6 16 KB
4 KB 48ms
25ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6503174388452047475/index.html

Requested by

Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31a1d480b9cc82f903b98efe0de13288e24b0fecf60e0540e852a768fafa31c9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 269873
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3772
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 12:35:53 GMT
expires: Fri, 18 Aug 2023 12:35:53 GMT
last-modified: Tue, 26 Jan 2021 08:46:32 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7C76 0
0 67ms
67ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CirFEWlACY97fCJmq3wO1y4jQBNXi7cBjmbCAuasQp5uNuvMdEAEgqoDDImCRBKAB2c2nogPIAQmpAgC2A1Ei17A-4AIAqAMByANIqgTQAk_QuU2bGVh8WVdIa1eZCuFw131FzW7Q5a4QPICZEll8h1oeYsBRTitLbmPg27Y-Njpf9xByu1DvyG72wkCac3K-EFf9PjPuBgEa1zpOPMjrltAeBy7pA9ovE7kB2rKw76npMR7MjDT92v2NbOU-3TdcVYMISK2wG5QfaxMoyeaiF3GGzFRxYhEyL1cKa2plQujDOJUaXqJXJfsj50rV0J8SiKhDdnnscn3fhuyGOvGB-PbhnuvHVYglBBpvYSsXL-9_TpQSgvzAc3EOX7C4cf1tK9Q3Q9JXrR-E0w2tSexRlEhApxdm3hUnxgWZYS3TyBhTvyVsX36X2LJuL3iFb6ihdcU_soo96WwvmvdzuypGrWxVFYWkrqD1oiF3-xVNp6lzPXHn04DH3VYsSkZX4xV6j4PKYpKayJdqhbsdrbmiG_fryRxZ9apyXTPYPpYbTcAE-rG5_IYE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4-y2F2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD4-QXSCBIIgOGAEBABGB0yAqoCOgOAwAPyCBthZHgtc3Vic3luLTM2NDEyMDMxODg1NjgyODiACgPICwHYEwyIFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItNTUxMjM5MDcwNTEzNzUwNxiS7yE&sigh=b9dxejwKfl8&uach_m=[UACH]&template_id=419
Requested by: Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 7C76 23 KB
9 KB 43ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js

Requested by

Host: e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com
URL: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 15:25:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 06ED 0
0 125ms
57ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081601&jk=3966018075404065&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 58F6 9 KB
3 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6503174388452047475/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 09:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 22 Aug 2022 09:41:38 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 58F6 26 KB
10 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6503174388452047475/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 16:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 21 Aug 2022 16:14:17 GMT

GET
H3 200 d4ceb2f8dae22535edea7d1c9b8d7c2e.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6503174388452047475/ Frame 58F6 75 KB
19 KB 24ms
24ms Script
application/x-javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6503174388452047475/d4ceb2f8dae22535edea7d1c9b8d7c2e.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6503174388452047475/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b897f80be17cf6623b8ecf2101fade714236c5ec74042fbbf9495d4ebf406e3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 313724
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19666
x-xss-protection: 0
last-modified: Tue, 26 Jan 2021 08:46:32 GMT
server: sffe
date: Thu, 18 Aug 2022 00:25:02 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 18 Aug 2023 00:25:02 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6A90 143 B
163 B 22ms
22ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com
URL: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1350
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 21 Aug 2022 15:11:16 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 7C76 3 KB
1 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js

Requested by

Host: e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com
URL: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:29:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 15:29:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C76 140 KB
44 KB 84ms
31ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com
URL: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 21 Aug 2022 15:33:46 GMT

GET
H3 200 oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Show response
pagead2.googlesyndication.com/bg/ Frame E435 36 KB
14 KB 48ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 13:32:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 13:32:21 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 58F6 4 KB
658 B 75ms
31ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans:500|Roboto:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6503174388452047475/d4ceb2f8dae22535edea7d1c9b8d7c2e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f87d4ec0526ba3329feab65cb0c17284e42b24ec455b561d366042da531b6c98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 21 Aug 2022 14:54:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 21 Aug 2022 15:33:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Aug 2022 15:33:46 GMT

GET
H3 200 cd8a2b48f87d26f22e44c8bef346a0cb.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6503174388452047475/media/ Frame 58F6 38 KB
38 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6503174388452047475/media/cd8a2b48f87d26f22e44c8bef346a0cb.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6503174388452047475/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cfe00b9313bfda47a4dc6f4e080d1f1e5a8969863401401fa4ad2aaef232d12

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 491614
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39217
x-xss-protection: 0
last-modified: Tue, 26 Jan 2021 08:46:32 GMT
server: sffe
date: Mon, 15 Aug 2022 23:00:12 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Aug 2023 23:00:12 GMT

GET
H3 200 1f00ce9a7f0c1d5829d54d0d1c8cd385.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6503174388452047475/media/ Frame 58F6 113 B
141 B 29ms
28ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6503174388452047475/media/1f00ce9a7f0c1d5829d54d0d1c8cd385.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6503174388452047475/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

654491086d1f6dd5df6dbd44c09c7091237c4ffe4c3b4f00d0fc384ef7b2733f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 313724
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
last-modified: Tue, 26 Jan 2021 08:46:32 GMT
server: sffe
date: Thu, 18 Aug 2022 00:25:02 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 18 Aug 2023 00:25:02 GMT

GET
H3 200 1b29150322f5aea5f2cc42e3dde73a10.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6503174388452047475/media/ Frame 58F6 4 KB
4 KB 29ms
29ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6503174388452047475/media/1b29150322f5aea5f2cc42e3dde73a10.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6503174388452047475/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a6e346ab2de8f4982b796a60b369b2eb25548ad47fe66ee0a26c76b1d1e88a5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 586733
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3844
x-xss-protection: 0
last-modified: Tue, 26 Jan 2021 08:46:32 GMT
server: sffe
date: Sun, 14 Aug 2022 20:34:53 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 14 Aug 2023 20:34:53 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6A90
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

40ms
39ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com
URL: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 15:33:46 GMT
expires: Sun, 21 Aug 2022 15:33:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 15:33:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E435 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?NgnhCA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 58F6 15 KB
16 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:500|Roboto:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 514134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 16:44:52 GMT

GET
H3 200 va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v16/ Frame 58F6 22 KB
22 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:500|Roboto:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a90f9c307d889844f7286c11a9e8596c9a41b2e91123ab49cca0fbaa4b48dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 20:32:33 GMT
x-content-type-options: nosniff
age: 241273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22760
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:56:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Aug 2023 20:32:33 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 7C76 17 KB
7 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com
URL: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 15:13:48 GMT

GET
H3 200 oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Show response
pagead2.googlesyndication.com/bg/ Frame 58F6 36 KB
14 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 13:32:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 13:32:21 GMT

GET
DATA 200
OK truncated
/ Frame 7C76 223 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ffdec5894796cfc51adb8ba5f4aed7814771f4b836b96c9ab49606a6e866f0a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2CC6 6 KB
3 KB 24ms
24ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bul.medicaldevicetrend.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 15:33:46 GMT
expires: Mon, 21 Aug 2023 15:33:46 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4F0F 3 KB
893 B 60ms
59ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1au1PTAB&v=APEucNU522SWFqF4JyEd7qgg9xbRtHOFNuFtGqofDlMa5d06-OJsTJZzk37xRjOXsktH0AdKRzCNr_5WEMuPSaogoBwNavI2KVREM5Wnie-vBdABFXgBGWnu7P0dscW6DoAppDxztuLd4iEGQF1yTBq1JjPwdO572NV4rUUojPw-Qvg75B4fOLALay19i34pAMpAqf6PYjMc2oUuo2ioitQ8QmQJynZRI7hpSljEKcfdvqYxuxSTi7IzCKWeuIjoAFOaQJG9Ix_xqWLP-ydfy1UVOX5EVmlCY3qMP4yYzgTYT4erhUKB8G6-0xIhxwWiG_TI9yA5xrIcjhxwkMqKYzGLFM8LRvg_ELUkUjV-GDZ61ZOkF0ntIeDQ486-WHhmLvceepKlHAaj6U33gBxdd6OG4hxxqoClDYzqw2xfLGnYIRqjcj_F-4l3-r-XX1b0s531UV0LfCnpCfQjYY99o28q17YxpmKQTur7EHetjEv3Jc9ZoRcj9EchSRDAZzNmOVPeDY1nJDHkChcCrJy0c-wDBRTC5xbJ3dH9ceh1xCtwR8Yl50bGAiO_E08kA4lWuflfqr1-RATxYbIkS67OoCHXdpIOSLFDpv1FZ_RiTT5ELFWGz_VCn88ofyEXjiyhUqQIp_8Dl__imp646wE7a2uc269zmQtWH9Hekz493rr5AO8or6q8xQ2_g78fo-r8SW-qhgWaB_L8sRZkle-6JnMQaTjgbEhdecLjW_XL47PvlmirzVA_1EyfeExwKiVY4TzrofJLAZe6oNnAH4aSzYd0BoOeVw0D6JiY81_JVtl9EjFFN9Su3jw_sbOxIncyylt0eYdtQlO0VlhwDfUONjIkf-vDOkV-82VVfCp0svxt5_TntDB_c20eCKBCCUDbnkiDmV9xRx5rBvE7UYFhybZarlAgeeV2NOBFVOOKLVfQaacfGBaYOCEFjbMk49sTmQ_VXRhYiL9jtRGWq7jKs7bvbY2zTKMUhwEB1hTeMG0R0OUlOngH3nyNUtNs7TOAvhqoH8cj4GjfavianVW43VyzswbePT7D_A

Requested by

Host: e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com
URL: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca52b18ab89e288a23c94c9d506e606c5a2f94baec8366f58b782bb16308c4c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 870
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 15:33:47 GMT
expires: Sun, 21 Aug 2022 15:33:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2CC6 28 KB
17 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A7KjNWh6DNIWlWyadnMFeGe8OZXorCaP9bYuk1YGUSMDUIG0ZtOr0AwFDJo7mkYxOKdQHN3desdcPKHZc5p7fcueSQTn1kUqFrAIWG50-gxTn6X8ofkCQdTAN8oOtLMFNJ0MEtxB-y9LkG32G1Yp-YLOWJaA&cry=1&dbm_d=AKAmf-BU1q30Un1TvuHbc5MHDCdi7C4wGXph3DE7lf8HIJf8cGn6eMqN7X4wPrqpRA9X5xyap6jJa68YKvoZRFlUeSlf0w9Jj9AxqW9yioIMBXV-aUhIDkLgc2ykOZwv0wdsbz96XX7nnpOey0VcMn_kTjEmyrB11oD4Fe0q-riiPmedK_0wADfE-tsd6Xt_SBESWEscoXg2BDs0k-XkoCS-eqszrFsWu6_AMwopCU_wkoJHwjK_Py9F5ID-qKPpD14Txzd5MGG5YSUPGV0jVAiul7KGo9pt35zLvMyWwCavf3QMhIDTfaIUUWhuhN07feCSbTKDT9-6lXqP1M2RwT_9x8DFKr0UTWvmsaogrttA5ohVmyHhlSbqXIwmhHJi0_IRdfsG81FmPo6XSi8zo-8nKbQQT_GcFgQ_IDU47mc8e_cHvF6AvGnPgp03pq-7jTR76C8Wa2SN7A_bG4Xys2y7MmVUYjF9WmWs2C8puSdOjpe6SHgWQWXt6ZtNLr79ZUIOM4yGfhXzc4sx4tF350hnwFh7wrxVwFEz2wJw9nZwP8XeVufIuiPy8YnXhXACGeSMaVZ0AN1TAjj-Lt8JZDXMU3IymWccSuLP4XPpIrC5na0fAcRPE0dt7rXWpjzk1TVywfZozybb6CCCUt28WA7Ehxj6ecUOZLK--jAr9V2lF28F4qM_w2X3aCynXru98lcFcDulN4oxmWuXphuO-9SogEUaQPPbWCjXn6lGwoydoHAwInOlkU7KKOWxeMZWgZCE0za4onWKYJ2kpqFzxfMuzGAGVxy4X-3RkimTfKcJqggV5cwDMcrm6d6acm7vbHDuzomhlgtrK-Q7CK9Js8Si4a5HXeV9D5HfST7WNuqlKTSNQqyj0ZUbbW68OvtS6wpwV2MEwSEoSlOb0e_qOGtBjfHu-XUTUNc_yS_hc8UtrE98jNwtZIViHLPbsolwFTIA4V-oYMzy30vY6uXHuyICKImVu8FKas_kz6KAj2QP2HnU5u03nY1-xK3qoRep-vsN5QhJDLywtfIdYK1-LgEhDSnZF4zS1_E2SFciDK7P9-CfrxtvgLvus3cwRyJRdOLZ6v3byCjj1Q229VRuaWDfHCQPWJrclXyN1nPmMeZIP_BTv20uvmJFqph8zpbjb0V1qEqfRegLinwsxBERimMSCafePr95ZFzlC5gJk5lDN8NmreaHPJkMXtK_i6IfPYM1ezTEh5I8KkguuUEBh3Y7qogZTphJ0gPDeZzhadUKboGlgPUgIc6sK33LhBzdanNMCOf590BNVeTsfKli0pzAdM7iJT3wvtZd3WSfG3FknWM_tYllRd3WCmE-Sch_wPDYr6ACCnHFmmcKDShEUEQegUwpnWsj9SEhDbE9KxP5B2o1HoYbOA41YjmD3LmymHI7v9C6odjEZ1157yzPx38F6jFnCU4hfTdScc40Uibb4r4lpCY3uifLV4ymwBL_mGCXQgg__YQoH7RXtqEkgxK7UBS0THHwdaR8OnaodBGuvR3yJ-R8dFsxoQFP2irS1KJhSZqYiBwuFbA9gxkV0qWZyL2NvAyTANwB6CkgcHxLEeiwQjEemTMTEzdAygW8oZ4Th1IaT02-EC3t2SuvILv9-CyWF7q-XWiad1ZgOsYtVtDXeCHfQtAShLdqs7_X9MqW8UVDZmY0J06uifN1uRFiYGmmbduOHaiiIniNA7W749WbSI1vbv1lN4D_qgZMbBVP4n0d1kilLx64tqK-13EHRzxa3-MorSf7jtz_-ALaAGJzahX7twdRg0CRJHyd99kqCtdSB9zSAEAUsjjIqhHBzfB0w39z3eK2AXVCNY4GQFCRANX6nhQ13bScOj7nQ9-2_Ah0dJ-EG2dwxHuzUmvBvX3xsvH7kqxWpmn6PluuOlY3_jr9iKFnLXQAXylZkGCVibdOJjJEbe7N_Fm21WBHckSytbef8uFtujxVosEjqhagsbEQnMKARGbBcWPEwypWlXGFWZohNR1AAQoMt1SK9XCX6iR3V9jFXU6mBS1oimn-cgkU3tWRhbwOWi6K2nt1NPe3uuU3GJbhJ2qiNtk5cKk4iGhD2GOlcRI59-NNGmxgEYh68Bmdb7XpqtURzt-EHqLtKIeQnCMYeuDYwYf1ZLMILAostrinnJwNbLJFFwLgiKZkPmvQt8JW6Lc9x61zcpV_PdtXmMmfjWJmLaNtwpm2rPV0pyaKF1niOQ-Y9xk0j94zCuEdMQOsIoQPZU53OvwLKZrcRzhAj-Sldt2qeurY5w8BtnFZeKNb9uC4gWvYx2YDLmh8et19P-0LDrYHEnifvCH3lc2om28Joj6uwBlUDoD9ryG8CZa2ZbGl9v1_d3wkMea1awo932HVbJtm73gb8hNBK5ffZDLMRMwQ-F4YdO7PXc4p2R0fSrs6__ku292idRvNHBxHnvsgNtU107dTXvBmEzKZ56vRaPZD72lDhjr4c5vH5KQ0lSsq8Vn4tMb2XW_8JsSJ5XPEiCgTTvHejSpnzbTJCPZJz1mTyqkXJBl4MsRaYlO9DoGXeQ3uRawJZHTA_7OpG-WIFSLLAUn3WXgD88lbJgCw565edQl-2k8VgbNp_KBUcdNblh6x0FdV7k2VGkEyYptYhrfml_n-0u2vxIUtwYD2MvBQG5Yb-KeHbrZFKjaB8RzqNfiJn2GaKQwHJfA7ixZOOoL0DIIs2Qk9onu_twMhZYZ-1RS-FQbKXpOKB4OI96irjJjLNNca3pxghOdBwb9R78xMMMh68w9EzAZvU-0TesCS6vLRMgA7k_8zdmKnE9WeBKQm6kovQzpKB_SLCOBQfb8smzxk379VA_rerAX6VQQsueigl7f8-CxFRV1qTnpbWCfZSF3BFJdxF0PbimzAgNCUwhnQyatJG1bQF0yCr8q1daCzFzbmVvvhvl92LX8De7eD407Nthb0Z5_N5-zTXp3aRyfIIJDnmVLEUhwLlQeKntITNlaYmDEgRUFSXymsgrwQ6VqhfY8tG_ZDiIREwZs1S1Ccd3aMfKZSjNIgK8qWS_2RHnB_m3LDvZhQRTMdsqarBgzY8W8mshriMQ_bk2iMSINXZLXZeXfHUUcDDLM661BXMpUX0jamaRvodVtMLSUR8Os04VxuveDrRmTSEX6H9ooqmM3gwS-KB7uR-AAcCwysEciTGb-mTXMhH6S6sG6U6BFo9RYfWDCVhKWhupJJZWeXGJArnDElazN9xP7rizNH6X4HMFYSWZFdD5WxX1cSNzVyhrMIqJgVHDDFgbosWDu84MRcg0mQYGy1Qe0Fm3AuGcOY44rJf9p2elyv9qvPjIzfhPT-igZIjH7YD1PwKxxty5HdoCiuDQgNWUDnJbr8hCmIO6BR0COgMy1nxFb4hIn3v3Im5C-uRP2Ljz0oq2_wu6X4MxdKnNiEP4YgWy7TnIVv8ujp-NqyA9gamwvo_RI-zlD0eWXNlBIGkbJLFZU7IKLYer7XKntA5phmbSaq0O9cHCAsGLOcEqJZhEC31mz3bEtiwXOir5ok6hae5hTIZqtPj4F97poyxgP8E1bchCZ8Uc2O1VIk7qbfTtMBlid5lZdyxs4OoJpgFAHFGEjjqmOhV-IuNB61zyqmTNWhrsnf8lHM5GE3QSPfLCPobmgrEpUWaqUB_PT5xlRaQOe1X54ZFHtAPXrF7U_FH_V_eHLN3SrnZBbIzupfrp8Mm6PWG0Twi2kGL8YOXBq6VmZ6Ld0UTFlyIL8rBfGeYmmexgHpnX5IDQznf7dpydy8wOiyPx10d7eWhJ4C1BAjiSnMHn2Q5C6RExbKAWM5AaPhy47iwR-oCI56cQtK1q3r1LWjO84W2rHVhxR39s6jUDNoC2OjRbuDqyN_augG_kkH1ykYbv9e-LkNo6zsYBML7eDDI0nSrezEsxZtVszoDcz-UMeVTkb5soiudcFWIrI7prEbRWyfKVtW-_fDN2u_M3YU__egfLIsB4xjKer1h5qdATVBbVG1AxPSDZ_r4up80IvmrBZCt9HHKMjlOfx3CU1YSJdD_m0W8sJMBD4WVviQ1OvKM-N6ZZPGbbRQ6Sascxt1PuOVdkF_XQm9TzeaF0DvAxMMpIPQoKAB4OATRxI2iDLPnegr_3LXIl7MwPPi21NtKVKS6MciN5kJjMJPqX4LxH5J-Et3cWXtI4njDAHvAs_ydkBI1LwggjjcAQzjAjKpUvsmmwc2biIKUTQ0nAs3PcUo8DLcP1hz0qpK3qZBQ-n_s42lOQmfpeO-83uaq2aY3OnZRUCOpP2AcTxH6Bj2C3j3zUbNekfHZI_S9G54a3mKw5S_iAl_GT2qiXSfUKle8oPx21DECxdb0aX75EEHzFPMvFQkbCpE-dmQWQFtlkQsCF_mHxRwuM0oVHnjxb1d0-OHavanIyMUad7YFtymgNTq1dTE23QJUQo2IV-BwDyt93pNoINrnHhqcBWcHIDRF0_FgtUT_fee04jBhHsTlPbEoqt2zGoJanJztw828gOypNHE09CrXAySHCE_k9odQyAfc0VUf9UBblbDLl84iwuO0fwDsDKEQsmk9F4Jh9_MHjT0Oy0xy3lgIcezftSc0T4tyARYAh6jXNeY4o_w503vS9zUUmbZ1ZZZ5ekAKSIRq-dDTUOUX9flSOOdtncBWPxfGsChaI1hffMpeIoWdYhfgR01gGfabSFnKBd1fKS2&cid=CAQSLQCsnQUx4s-F5sV3SyASKsLuzZvKvxe0BWSxwmDPlpBTImizPlec3i8F_vJVFQ&rfl=1%2Chttps%253A%252F%252Fbul.medicaldevicetrend.com%252F%240

Requested by

Host: bul.medicaldevicetrend.com
URL: https://bul.medicaldevicetrend.com/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil-640627

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6cd3565b46cabcbc2e984bbdbd707b5a4d68fd21537f40a9fd36580ce9cfa040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:33:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16992
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2CC6 42 B
63 B 58ms
56ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A3KaGhTwf-t1hXcq776V3B7gCVaxB5UoP7fNi9pwOUo1AL6sMH2RrG7FSGx5BZ6jL_L7SESIxoMxo2FSFuc2iyssM7hNvJNpTckTilO80qzzt6UM8

Requested by

Host: e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com
URL: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:33:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 2CC6 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js

Requested by

Host: e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com
URL: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:29:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 15:29:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2CC6 140 KB
43 KB 109ms
65ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com
URL: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 21 Aug 2022 15:33:47 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 2CC6 17 KB
7 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com
URL: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1199
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 15:13:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 60ms
60ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081601&jk=3966018075404065&bg=!IyClIGTNAAYUOm8VNDo7ACkAdvg8WnCJIstfF8c6CUgMx7IC1BIAH06dGnKxERSP1PIg_u2zaTJm1QIAAABqUgAAAAJoAQcKAECOuwNH5jPpEwMUAdXTd5ZrgPa392yMBWmblcwn950QFmhxY8mrHObAQqIpyw9ecYEPfnK6E6yf9bsZ2NkovnWumQLktpBjaLZ-i7gM7yenZxeto7QWCu_4pe-VX6sZQXycRJaAka2eOBI5eEtQZZ1yZeZzxVqqf5MX2k1Q8df36BiM8MztPbwhVcctwiQXJQR6H_HX3sMD4zMZmRHNYjXYJac3m3udZR3gPV93IAhDIeWdaunb5dW0xdN1ocGmViYShMHhOkQ8ERkdQw6Kay12ZivCqyHqutcrVdlwkPmcg1_nCF7L_AMZt2GdQIXzQpVzKBMkbw2fdKHvi-HQWr1AHwQCgzfwPmc39CN_F6f1KmY8WTM1CcW44i488o6OLDWjJQt2Zutx6DGn80z0YX3-B5lXK6oQK3aUAQ3GOYrHxWqEOBbOin--p0-zKOhyZjdvY8KTIDtb8ascmEgyPMTb59POC1OKcntxxGtgMu-kTd3UibRnoh8KbgYdD7OYircrxQJI9sSaYu9xZEfl3M5W1yo2WH3eKNReTWmjwoPxzIVcVZvUW5UgeEoIiw_JlQdLuM8ZDqsgrQUuOh7qAT0t2NG_P5uc1KBvAS1da7dkF7UCUhRVNEDqTAQNxW2kei3-aq9vAslW7xNpAj8rwPG9ox8-kk6klGvVC39YeLPKs6z6-ymGfgLVlMkg_66GUC5xMDZalG4vdkk-Y2ho8xK3aVR1bhdrvpz1Tv4Hp-XbMYyPmnCtz0tjkbSLMWd0BLU0VH5VS9KNISRQRrpcOCSdm3RKI8OdSjeQRpFcHExgbddnpqQe-vevhWEZo7J84WzDndEoLa_kvwwIRKPnglRaG79RYgL2OHSPTR66Uj2BisiFZ34i1GfHt0Tt0EhAJwq5cF4vL77M5alHBoEFv3JYUs0Qz5nchQLC8DGFQ-fQ8ppeDr_5sma6_82qcIj98D_yrj7ILt7lQITYRTeFfxfK7N5TidUsNffON74r6AD8CtUrGT7JtMelzfmmlCnxHk_cKQJOIVQ4KdzPWLXME7cgF1v7UdpWU-txDqirDGCDJdHiYMblTrI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4F0F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=1&gdpr_consent=CPeFyN_PeFyN_AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELDMWEYRLIPOILGrPmpP8EQ&google_cver=1&gdpr=1&gdpr_consent=CPeFyN_PeFyN_AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20z...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELDMWEYRLIPOILGrPmpP8EQ&google_cver=1&gdpr=1&gdpr_consent=CPeFyN_PeFyN_AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20z...

43 B
947 B

45ms
43ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELDMWEYRLIPOILGrPmpP8EQ&google_cver=1&gdpr=1&gdpr_consent=CPeFyN_PeFyN_AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1%7E494.1810.1092.1031.1725.1290.89.2253.1577.326.495.1365.1570.1419.574.272.1721.2109.2357.2526.2373.2677.259.144.162.108.338.482.1449.241.1201.93.733.1211.1564.1186.323.981.1276.122.1301.938.449.1215.1765.2628.1651.3052.2072.540.817.1716.2985.587.864.1033.2575.3154.2316.1097.1230.1870.486.317.867.1205.1712.2571.1127.311.70.1929.2177.149.167.1591.491.2202.196.1415.1842.2299.1051.1558.1878.839.1364.415.1889.440.2572&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1au1PTAB&v=APEucNU522SWFqF4JyEd7qgg9xbRtHOFNuFtGqofDlMa5d06-OJsTJZzk37xRjOXsktH0AdKRzCNr_5WEMuPSaogoBwNavI2KVREM5Wnie-vBdABFXgBGWnu7P0dscW6DoAppDxztuLd4iEGQF1yTBq1JjPwdO572NV4rUUojPw-Qvg75B4fOLALay19i34pAMpAqf6PYjMc2oUuo2ioitQ8QmQJynZRI7hpSljEKcfdvqYxuxSTi7IzCKWeuIjoAFOaQJG9Ix_xqWLP-ydfy1UVOX5EVmlCY3qMP4yYzgTYT4erhUKB8G6-0xIhxwWiG_TI9yA5xrIcjhxwkMqKYzGLFM8LRvg_ELUkUjV-GDZ61ZOkF0ntIeDQ486-WHhmLvceepKlHAaj6U33gBxdd6OG4hxxqoClDYzqw2xfLGnYIRqjcj_F-4l3-r-XX1b0s531UV0LfCnpCfQjYY99o28q17YxpmKQTur7EHetjEv3Jc9ZoRcj9EchSRDAZzNmOVPeDY1nJDHkChcCrJy0c-wDBRTC5xbJ3dH9ceh1xCtwR8Yl50bGAiO_E08kA4lWuflfqr1-RATxYbIkS67OoCHXdpIOSLFDpv1FZ_RiTT5ELFWGz_VCn88ofyEXjiyhUqQIp_8Dl__imp646wE7a2uc269zmQtWH9Hekz493rr5AO8or6q8xQ2_g78fo-r8SW-qhgWaB_L8sRZkle-6JnMQaTjgbEhdecLjW_XL47PvlmirzVA_1EyfeExwKiVY4TzrofJLAZe6oNnAH4aSzYd0BoOeVw0D6JiY81_JVtl9EjFFN9Su3jw_sbOxIncyylt0eYdtQlO0VlhwDfUONjIkf-vDOkV-82VVfCp0svxt5_TntDB_c20eCKBCCUDbnkiDmV9xRx5rBvE7UYFhybZarlAgeeV2NOBFVOOKLVfQaacfGBaYOCEFjbMk49sTmQ_VXRhYiL9jtRGWq7jKs7bvbY2zTKMUhwEB1hTeMG0R0OUlOngH3nyNUtNs7TOAvhqoH8cj4GjfavianVW43VyzswbePT7D_A
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73e46ddc7e196943-FRA
pragma: no-cache
date: Sun, 21 Aug 2022 15:33:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMs8x7dNZ5mFmSkefZ8QdxlGFyCwfmUzVE2R3HQ6kfMewMRG6iI3xGfpKmSC6c%2FTp9sykD%2FckdT5QZ6op0wBxUruKwz3ahSS%2BLtcG8jROnwOUTv2T%2FAblGAYNd5tQF4Ng1rKi2n9qWXyqw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:33:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nL3FLTyCrNBrUfQvjrPrlWphEX67pK34eSS%2F46wY%2FPB3p5YATd4h8nvFOkAY%2BWUOxJP%2BId2GD5uMCotpD3OuT2tgjrNYbNMFMspH8gd82Fm%2BF7InzOy3qd2WHWe84EvENXgm6QH8UGiPA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESELDMWEYRLIPOILGrPmpP8EQ&google_cver=1&gdpr=1&gdpr_consent=CPeFyN_PeFyN_AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1%7E494.1810.1092.1031.1725.1290.89.2253.1577.326.495.1365.1570.1419.574.272.1721.2109.2357.2526.2373.2677.259.144.162.108.338.482.1449.241.1201.93.733.1211.1564.1186.323.981.1276.122.1301.938.449.1215.1765.2628.1651.3052.2072.540.817.1716.2985.587.864.1033.2575.3154.2316.1097.1230.1870.486.317.867.1205.1712.2571.1127.311.70.1929.2177.149.167.1591.491.2202.196.1415.1842.2299.1051.1558.1878.839.1364.415.1889.440.2572&C=1
cache-control: no-cache
cf-ray: 73e46ddc28d1996c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4F0F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=1&gdpr_consent=CPeFyN_PeFyN_AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkV...
https://dsum-sec.casalemedia.com/rrum?addtl_consent=1~494.1810.1092.1031.1725.1290.89.2253.1577.326.495.1365.1570.1419.574.272.1721.2109.2357.2526.2373.2677.259.144.162.108.338.482.1449.241.1201.93...
https://cm.g.doubleclick.net/pixel?gdpr=1&gdpr_consent=CPeFyN_PeFyN_AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELDMWEYRLIPOILGrPmpP8EQ&google_cver=1&gdpr=1&gdpr_consent=CPeFyN_PeFyN_AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20z...

43 B
905 B

48ms
47ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELDMWEYRLIPOILGrPmpP8EQ&google_cver=1&gdpr=1&gdpr_consent=CPeFyN_PeFyN_AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1au1PTAB&v=APEucNU522SWFqF4JyEd7qgg9xbRtHOFNuFtGqofDlMa5d06-OJsTJZzk37xRjOXsktH0AdKRzCNr_5WEMuPSaogoBwNavI2KVREM5Wnie-vBdABFXgBGWnu7P0dscW6DoAppDxztuLd4iEGQF1yTBq1JjPwdO572NV4rUUojPw-Qvg75B4fOLALay19i34pAMpAqf6PYjMc2oUuo2ioitQ8QmQJynZRI7hpSljEKcfdvqYxuxSTi7IzCKWeuIjoAFOaQJG9Ix_xqWLP-ydfy1UVOX5EVmlCY3qMP4yYzgTYT4erhUKB8G6-0xIhxwWiG_TI9yA5xrIcjhxwkMqKYzGLFM8LRvg_ELUkUjV-GDZ61ZOkF0ntIeDQ486-WHhmLvceepKlHAaj6U33gBxdd6OG4hxxqoClDYzqw2xfLGnYIRqjcj_F-4l3-r-XX1b0s531UV0LfCnpCfQjYY99o28q17YxpmKQTur7EHetjEv3Jc9ZoRcj9EchSRDAZzNmOVPeDY1nJDHkChcCrJy0c-wDBRTC5xbJ3dH9ceh1xCtwR8Yl50bGAiO_E08kA4lWuflfqr1-RATxYbIkS67OoCHXdpIOSLFDpv1FZ_RiTT5ELFWGz_VCn88ofyEXjiyhUqQIp_8Dl__imp646wE7a2uc269zmQtWH9Hekz493rr5AO8or6q8xQ2_g78fo-r8SW-qhgWaB_L8sRZkle-6JnMQaTjgbEhdecLjW_XL47PvlmirzVA_1EyfeExwKiVY4TzrofJLAZe6oNnAH4aSzYd0BoOeVw0D6JiY81_JVtl9EjFFN9Su3jw_sbOxIncyylt0eYdtQlO0VlhwDfUONjIkf-vDOkV-82VVfCp0svxt5_TntDB_c20eCKBCCUDbnkiDmV9xRx5rBvE7UYFhybZarlAgeeV2NOBFVOOKLVfQaacfGBaYOCEFjbMk49sTmQ_VXRhYiL9jtRGWq7jKs7bvbY2zTKMUhwEB1hTeMG0R0OUlOngH3nyNUtNs7TOAvhqoH8cj4GjfavianVW43VyzswbePT7D_A
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73e46ddd3efe6943-FRA
pragma: no-cache
date: Sun, 21 Aug 2022 15:33:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChzBQA0nukyzJxkew0rLjYDXG9RBlsrQXxeDhGSH3UdhzD4pHve9hNyOgo3kwxgHXC%2FeYpcbQYFsgucvAM7RmBpjMVN4oAtkMSs7AWvcduacpgpW3CVPJcsSqRovmjej0y45r30Kz3q1ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:33:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELDMWEYRLIPOILGrPmpP8EQ&google_cver=1&gdpr=1&gdpr_consent=CPeFyN_PeFyN_AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 719
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 4F0F 170 B
232 B 104ms
35ms Image
image/png 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=1&gdpr_consent=CPeFyN_PeFyN_AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~494.1810.1092.1031.1725.1290.89.2253.1577.326.495.1365.1570.1419.574.272.1721.2109.2357.2526.2373.2677.259.144.162.108.338.482.1449.241.1201.93.733.1211.1564.1186.323.981.1276.122.1301.938.449.1215.1765.2628.1651.3052.2072.540.817.1716.2985.587.864.1033.2575.3154.2316.1097.1230.1870.486.317.867.1205.1712.2571.1127.311.70.1929.2177.149.167.1591.491.2202.196.1415.1842.2299.1051.1558.1878.839.1364.415.1889.440.2572

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1au1PTAB&v=APEucNU522SWFqF4JyEd7qgg9xbRtHOFNuFtGqofDlMa5d06-OJsTJZzk37xRjOXsktH0AdKRzCNr_5WEMuPSaogoBwNavI2KVREM5Wnie-vBdABFXgBGWnu7P0dscW6DoAppDxztuLd4iEGQF1yTBq1JjPwdO572NV4rUUojPw-Qvg75B4fOLALay19i34pAMpAqf6PYjMc2oUuo2ioitQ8QmQJynZRI7hpSljEKcfdvqYxuxSTi7IzCKWeuIjoAFOaQJG9Ix_xqWLP-ydfy1UVOX5EVmlCY3qMP4yYzgTYT4erhUKB8G6-0xIhxwWiG_TI9yA5xrIcjhxwkMqKYzGLFM8LRvg_ELUkUjV-GDZ61ZOkF0ntIeDQ486-WHhmLvceepKlHAaj6U33gBxdd6OG4hxxqoClDYzqw2xfLGnYIRqjcj_F-4l3-r-XX1b0s531UV0LfCnpCfQjYY99o28q17YxpmKQTur7EHetjEv3Jc9ZoRcj9EchSRDAZzNmOVPeDY1nJDHkChcCrJy0c-wDBRTC5xbJ3dH9ceh1xCtwR8Yl50bGAiO_E08kA4lWuflfqr1-RATxYbIkS67OoCHXdpIOSLFDpv1FZ_RiTT5ELFWGz_VCn88ofyEXjiyhUqQIp_8Dl__imp646wE7a2uc269zmQtWH9Hekz493rr5AO8or6q8xQ2_g78fo-r8SW-qhgWaB_L8sRZkle-6JnMQaTjgbEhdecLjW_XL47PvlmirzVA_1EyfeExwKiVY4TzrofJLAZe6oNnAH4aSzYd0BoOeVw0D6JiY81_JVtl9EjFFN9Su3jw_sbOxIncyylt0eYdtQlO0VlhwDfUONjIkf-vDOkV-82VVfCp0svxt5_TntDB_c20eCKBCCUDbnkiDmV9xRx5rBvE7UYFhybZarlAgeeV2NOBFVOOKLVfQaacfGBaYOCEFjbMk49sTmQ_VXRhYiL9jtRGWq7jKs7bvbY2zTKMUhwEB1hTeMG0R0OUlOngH3nyNUtNs7TOAvhqoH8cj4GjfavianVW43VyzswbePT7D_A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:33:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4F0F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcxMjIzNzE4MzQxNTE4MDc1NA%3D%3D

170 B
502 B

86ms
31ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcxMjIzNzE4MzQxNTE4MDc1NA%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:33:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 15:33:47 GMT
X-Proxy-Origin: 37.48.94.47; 37.48.94.47; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 460d13c7-956e-4112-bd6a-db68e1c536af
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcxMjIzNzE4MzQxNTE4MDc1NA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 2CC6 30 KB
12 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A7KjNWh6DNIWlWyadnMFeGe8OZXorCaP9bYuk1YGUSMDUIG0ZtOr0AwFDJo7mkYxOKdQHN3desdcPKHZc5p7fcueSQTn1kUqFrAIWG50-gxTn6X8ofkCQdTAN8oOtLMFNJ0MEtxB-y9LkG32G1Yp-YLOWJaA&cry=1&dbm_d=AKAmf-BU1q30Un1TvuHbc5MHDCdi7C4wGXph3DE7lf8HIJf8cGn6eMqN7X4wPrqpRA9X5xyap6jJa68YKvoZRFlUeSlf0w9Jj9AxqW9yioIMBXV-aUhIDkLgc2ykOZwv0wdsbz96XX7nnpOey0VcMn_kTjEmyrB11oD4Fe0q-riiPmedK_0wADfE-tsd6Xt_SBESWEscoXg2BDs0k-XkoCS-eqszrFsWu6_AMwopCU_wkoJHwjK_Py9F5ID-qKPpD14Txzd5MGG5YSUPGV0jVAiul7KGo9pt35zLvMyWwCavf3QMhIDTfaIUUWhuhN07feCSbTKDT9-6lXqP1M2RwT_9x8DFKr0UTWvmsaogrttA5ohVmyHhlSbqXIwmhHJi0_IRdfsG81FmPo6XSi8zo-8nKbQQT_GcFgQ_IDU47mc8e_cHvF6AvGnPgp03pq-7jTR76C8Wa2SN7A_bG4Xys2y7MmVUYjF9WmWs2C8puSdOjpe6SHgWQWXt6ZtNLr79ZUIOM4yGfhXzc4sx4tF350hnwFh7wrxVwFEz2wJw9nZwP8XeVufIuiPy8YnXhXACGeSMaVZ0AN1TAjj-Lt8JZDXMU3IymWccSuLP4XPpIrC5na0fAcRPE0dt7rXWpjzk1TVywfZozybb6CCCUt28WA7Ehxj6ecUOZLK--jAr9V2lF28F4qM_w2X3aCynXru98lcFcDulN4oxmWuXphuO-9SogEUaQPPbWCjXn6lGwoydoHAwInOlkU7KKOWxeMZWgZCE0za4onWKYJ2kpqFzxfMuzGAGVxy4X-3RkimTfKcJqggV5cwDMcrm6d6acm7vbHDuzomhlgtrK-Q7CK9Js8Si4a5HXeV9D5HfST7WNuqlKTSNQqyj0ZUbbW68OvtS6wpwV2MEwSEoSlOb0e_qOGtBjfHu-XUTUNc_yS_hc8UtrE98jNwtZIViHLPbsolwFTIA4V-oYMzy30vY6uXHuyICKImVu8FKas_kz6KAj2QP2HnU5u03nY1-xK3qoRep-vsN5QhJDLywtfIdYK1-LgEhDSnZF4zS1_E2SFciDK7P9-CfrxtvgLvus3cwRyJRdOLZ6v3byCjj1Q229VRuaWDfHCQPWJrclXyN1nPmMeZIP_BTv20uvmJFqph8zpbjb0V1qEqfRegLinwsxBERimMSCafePr95ZFzlC5gJk5lDN8NmreaHPJkMXtK_i6IfPYM1ezTEh5I8KkguuUEBh3Y7qogZTphJ0gPDeZzhadUKboGlgPUgIc6sK33LhBzdanNMCOf590BNVeTsfKli0pzAdM7iJT3wvtZd3WSfG3FknWM_tYllRd3WCmE-Sch_wPDYr6ACCnHFmmcKDShEUEQegUwpnWsj9SEhDbE9KxP5B2o1HoYbOA41YjmD3LmymHI7v9C6odjEZ1157yzPx38F6jFnCU4hfTdScc40Uibb4r4lpCY3uifLV4ymwBL_mGCXQgg__YQoH7RXtqEkgxK7UBS0THHwdaR8OnaodBGuvR3yJ-R8dFsxoQFP2irS1KJhSZqYiBwuFbA9gxkV0qWZyL2NvAyTANwB6CkgcHxLEeiwQjEemTMTEzdAygW8oZ4Th1IaT02-EC3t2SuvILv9-CyWF7q-XWiad1ZgOsYtVtDXeCHfQtAShLdqs7_X9MqW8UVDZmY0J06uifN1uRFiYGmmbduOHaiiIniNA7W749WbSI1vbv1lN4D_qgZMbBVP4n0d1kilLx64tqK-13EHRzxa3-MorSf7jtz_-ALaAGJzahX7twdRg0CRJHyd99kqCtdSB9zSAEAUsjjIqhHBzfB0w39z3eK2AXVCNY4GQFCRANX6nhQ13bScOj7nQ9-2_Ah0dJ-EG2dwxHuzUmvBvX3xsvH7kqxWpmn6PluuOlY3_jr9iKFnLXQAXylZkGCVibdOJjJEbe7N_Fm21WBHckSytbef8uFtujxVosEjqhagsbEQnMKARGbBcWPEwypWlXGFWZohNR1AAQoMt1SK9XCX6iR3V9jFXU6mBS1oimn-cgkU3tWRhbwOWi6K2nt1NPe3uuU3GJbhJ2qiNtk5cKk4iGhD2GOlcRI59-NNGmxgEYh68Bmdb7XpqtURzt-EHqLtKIeQnCMYeuDYwYf1ZLMILAostrinnJwNbLJFFwLgiKZkPmvQt8JW6Lc9x61zcpV_PdtXmMmfjWJmLaNtwpm2rPV0pyaKF1niOQ-Y9xk0j94zCuEdMQOsIoQPZU53OvwLKZrcRzhAj-Sldt2qeurY5w8BtnFZeKNb9uC4gWvYx2YDLmh8et19P-0LDrYHEnifvCH3lc2om28Joj6uwBlUDoD9ryG8CZa2ZbGl9v1_d3wkMea1awo932HVbJtm73gb8hNBK5ffZDLMRMwQ-F4YdO7PXc4p2R0fSrs6__ku292idRvNHBxHnvsgNtU107dTXvBmEzKZ56vRaPZD72lDhjr4c5vH5KQ0lSsq8Vn4tMb2XW_8JsSJ5XPEiCgTTvHejSpnzbTJCPZJz1mTyqkXJBl4MsRaYlO9DoGXeQ3uRawJZHTA_7OpG-WIFSLLAUn3WXgD88lbJgCw565edQl-2k8VgbNp_KBUcdNblh6x0FdV7k2VGkEyYptYhrfml_n-0u2vxIUtwYD2MvBQG5Yb-KeHbrZFKjaB8RzqNfiJn2GaKQwHJfA7ixZOOoL0DIIs2Qk9onu_twMhZYZ-1RS-FQbKXpOKB4OI96irjJjLNNca3pxghOdBwb9R78xMMMh68w9EzAZvU-0TesCS6vLRMgA7k_8zdmKnE9WeBKQm6kovQzpKB_SLCOBQfb8smzxk379VA_rerAX6VQQsueigl7f8-CxFRV1qTnpbWCfZSF3BFJdxF0PbimzAgNCUwhnQyatJG1bQF0yCr8q1daCzFzbmVvvhvl92LX8De7eD407Nthb0Z5_N5-zTXp3aRyfIIJDnmVLEUhwLlQeKntITNlaYmDEgRUFSXymsgrwQ6VqhfY8tG_ZDiIREwZs1S1Ccd3aMfKZSjNIgK8qWS_2RHnB_m3LDvZhQRTMdsqarBgzY8W8mshriMQ_bk2iMSINXZLXZeXfHUUcDDLM661BXMpUX0jamaRvodVtMLSUR8Os04VxuveDrRmTSEX6H9ooqmM3gwS-KB7uR-AAcCwysEciTGb-mTXMhH6S6sG6U6BFo9RYfWDCVhKWhupJJZWeXGJArnDElazN9xP7rizNH6X4HMFYSWZFdD5WxX1cSNzVyhrMIqJgVHDDFgbosWDu84MRcg0mQYGy1Qe0Fm3AuGcOY44rJf9p2elyv9qvPjIzfhPT-igZIjH7YD1PwKxxty5HdoCiuDQgNWUDnJbr8hCmIO6BR0COgMy1nxFb4hIn3v3Im5C-uRP2Ljz0oq2_wu6X4MxdKnNiEP4YgWy7TnIVv8ujp-NqyA9gamwvo_RI-zlD0eWXNlBIGkbJLFZU7IKLYer7XKntA5phmbSaq0O9cHCAsGLOcEqJZhEC31mz3bEtiwXOir5ok6hae5hTIZqtPj4F97poyxgP8E1bchCZ8Uc2O1VIk7qbfTtMBlid5lZdyxs4OoJpgFAHFGEjjqmOhV-IuNB61zyqmTNWhrsnf8lHM5GE3QSPfLCPobmgrEpUWaqUB_PT5xlRaQOe1X54ZFHtAPXrF7U_FH_V_eHLN3SrnZBbIzupfrp8Mm6PWG0Twi2kGL8YOXBq6VmZ6Ld0UTFlyIL8rBfGeYmmexgHpnX5IDQznf7dpydy8wOiyPx10d7eWhJ4C1BAjiSnMHn2Q5C6RExbKAWM5AaPhy47iwR-oCI56cQtK1q3r1LWjO84W2rHVhxR39s6jUDNoC2OjRbuDqyN_augG_kkH1ykYbv9e-LkNo6zsYBML7eDDI0nSrezEsxZtVszoDcz-UMeVTkb5soiudcFWIrI7prEbRWyfKVtW-_fDN2u_M3YU__egfLIsB4xjKer1h5qdATVBbVG1AxPSDZ_r4up80IvmrBZCt9HHKMjlOfx3CU1YSJdD_m0W8sJMBD4WVviQ1OvKM-N6ZZPGbbRQ6Sascxt1PuOVdkF_XQm9TzeaF0DvAxMMpIPQoKAB4OATRxI2iDLPnegr_3LXIl7MwPPi21NtKVKS6MciN5kJjMJPqX4LxH5J-Et3cWXtI4njDAHvAs_ydkBI1LwggjjcAQzjAjKpUvsmmwc2biIKUTQ0nAs3PcUo8DLcP1hz0qpK3qZBQ-n_s42lOQmfpeO-83uaq2aY3OnZRUCOpP2AcTxH6Bj2C3j3zUbNekfHZI_S9G54a3mKw5S_iAl_GT2qiXSfUKle8oPx21DECxdb0aX75EEHzFPMvFQkbCpE-dmQWQFtlkQsCF_mHxRwuM0oVHnjxb1d0-OHavanIyMUad7YFtymgNTq1dTE23QJUQo2IV-BwDyt93pNoINrnHhqcBWcHIDRF0_FgtUT_fee04jBhHsTlPbEoqt2zGoJanJztw828gOypNHE09CrXAySHCE_k9odQyAfc0VUf9UBblbDLl84iwuO0fwDsDKEQsmk9F4Jh9_MHjT0Oy0xy3lgIcezftSc0T4tyARYAh6jXNeY4o_w503vS9zUUmbZ1ZZZ5ekAKSIRq-dDTUOUX9flSOOdtncBWPxfGsChaI1hffMpeIoWdYhfgR01gGfabSFnKBd1fKS2&cid=CAQSLQCsnQUx4s-F5sV3SyASKsLuzZvKvxe0BWSxwmDPlpBTImizPlec3i8F_vJVFQ&rfl=1%2Chttps%253A%252F%252Fbul.medicaldevicetrend.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 15:32:51 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2CC6 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 14:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 350784
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 14:07:23 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 90BB 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 350783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 17 Aug 2022 14:07:24 GMT
expires: Thu, 17 Aug 2023 14:07:24 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK e990ea7qnd46 Show response
hal9000.redintelligence.net/zone/ Frame 2CC6 11 KB
4 KB 90ms
27ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/e990ea7qnd46?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5GPVWlACY6j4Go2FjuwP5cG02AqfrdnLZ73rvJSKC_AuEAEgqoDDImCRBMgBCakCALYDUSLXsD6oAwGqBPIBT9Ce5iqAoUbU43XQG1117G08UhVV6W9tKhUH2DAJnaoGX2ySv3o2vomWAJSMplDacA9s-4NDtPU1hhdW-WkeNdNWYyUuAKh1JdDC5xhdFbMEVVWxABfB8hGJKGtczu0wz8X2do1cfuitWTAE1xhhZMKVWCBaaZ23DMIi-bECl1Bu1aQVU-x4hIajEPLd0uXlaElBNsbFtMxiHCazsCcheb0P8gjQs1PGuh4m2GN1IysNzCi7JhMRQN9T9uncmtMXZw-IQk1g95ISJlzKAa4KE1_VkTfiaQBDnnp8Pb0OyE7PSVSB-IyPZxBuWaaM69rjpUXABNvzvffUAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBIIgOGAEBABGB0yAqoCOgOAwAPyCBthZHgtc3Vic3luLTM2NDEyMDMxODg1NjgyODiACgOYCwHICwGADAGwE8LL5A3QEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLQCsnQUx4s-F5sV3SyASKsLuzZvKvxe0BWSxwmDPlpBTImizPlec3i8F_vJVFQ%26sig%3DAOD64_23WEBVzU9BdzodRO-gbjksMC9PCQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CRkUmX7rnKz3ZKGLm90k_hBHYBe7OOQlBBdKJRbX6LZgEZndlCz04LAUMvZWV0kmN8m95nEysaK415yzvbQcKvKJcNZy6b9TUnfFQQyGSjTOya4bMJ3iTLraZLHqRFT0MlTbezg9bCm8h3xV3rsYOqshM__g%26cry%3D1%26dbm_d%3DAKAmf-CCRPeG1hjQ8X5wyJ4oqFdhjC9GS1-naBaj4m0GG0ZD459wrcCITJ1B7VnuetpXXuTjDLpuGiBaadUFE2sBzRoQZ4Gj_nfYXDJw2EhOV7FEpe0fiCtPuKvKHTIaucrcPpUsgKYJKDNmtyFCAHJctWERt7N8hi03jEnurSdZ_bzSkgU6KqA6Ro3C8LxqavEW-jnOxsoAbQC3m0pt4hRvxsjESzPglUPA1ZzFXZeoQVb1ecEErfON_xlrHzcOWcGSqldr5c8Z4IBK4ePVD55mdgDrrTkz13lSf4yxfXr4y7ldPugvOY_BribRiv8uWQfUEYEz2iGlutt6rfbqgrOK0DF1QRpsnRoPHZ-Fa1Ng5wBswr3tWqsvx6zr2yfNrZzAXDCQ1h1MIoArLZIOZ5YlV40z9Rm8sLpoWLr9-5-6X5eNb42wcMbyxBvvYspoppiLSFPhFRQdfN1vA2ZXIrh2gb1HApDnlDLhd0OtGxC3P1AA0eLrYIl_8dssvt6pbLxaWReI1FbegQVOsrcXl17PQK0iV7kA6kS8BhiJ80-p_tv_OFpGUK4%26adurl%3D
Requested by: Host: e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com
URL: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: c1c8b5e398b57483f3477934519ce5b26a8afa82e74d2a415e07f2f02ffae603

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 15:33:47 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4071
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Show response
pagead2.googlesyndication.com/bg/ Frame 90BB 36 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 13:32:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 13:32:21 GMT

GET
H/1.1

200
OK

request.php Show response
hal900028.redintelligence.net/ Frame 2CC6
Redirect Chain

https://hal900028.redintelligence.net/request.php?zone=e990ea7qnd46&nw=20&renderingType=javascript&namespace=8de4719fb8&subid=&uid=807e4e2547d45922&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900028.redintelligence.net/request.php?zone=e990ea7qnd46&nw=20&renderingType=javascript&namespace=8de4719fb8&subid=&uid=807e4e2547d45922&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
937 B

131ms
81ms

Script
application/x-javascript

88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/request.php?zone=e990ea7qnd46&nw=20&renderingType=javascript&namespace=8de4719fb8&subid=&uid=807e4e2547d45922&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=750x200&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5GPVWlACY6j4Go2FjuwP5cG02AqfrdnLZ73rvJSKC_AuEAEgqoDDImCRBMgBCakCALYDUSLXsD6oAwGqBPIBT9Ce5iqAoUbU43XQG1117G08UhVV6W9tKhUH2DAJnaoGX2ySv3o2vomWAJSMplDacA9s-4NDtPU1hhdW-WkeNdNWYyUuAKh1JdDC5xhdFbMEVVWxABfB8hGJKGtczu0wz8X2do1cfuitWTAE1xhhZMKVWCBaaZ23DMIi-bECl1Bu1aQVU-x4hIajEPLd0uXlaElBNsbFtMxiHCazsCcheb0P8gjQs1PGuh4m2GN1IysNzCi7JhMRQN9T9uncmtMXZw-IQk1g95ISJlzKAa4KE1_VkTfiaQBDnnp8Pb0OyE7PSVSB-IyPZxBuWaaM69rjpUXABNvzvffUAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBIIgOGAEBABGB0yAqoCOgOAwAPyCBthZHgtc3Vic3luLTM2NDEyMDMxODg1NjgyODiACgOYCwHICwGADAGwE8LL5A3QEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLQCsnQUx4s-F5sV3SyASKsLuzZvKvxe0BWSxwmDPlpBTImizPlec3i8F_vJVFQ%26sig%3DAOD64_23WEBVzU9BdzodRO-gbjksMC9PCQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CRkUmX7rnKz3ZKGLm90k_hBHYBe7OOQlBBdKJRbX6LZgEZndlCz04LAUMvZWV0kmN8m95nEysaK415yzvbQcKvKJcNZy6b9TUnfFQQyGSjTOya4bMJ3iTLraZLHqRFT0MlTbezg9bCm8h3xV3rsYOqshM__g%26cry%3D1%26dbm_d%3DAKAmf-CCRPeG1hjQ8X5wyJ4oqFdhjC9GS1-naBaj4m0GG0ZD459wrcCITJ1B7VnuetpXXuTjDLpuGiBaadUFE2sBzRoQZ4Gj_nfYXDJw2EhOV7FEpe0fiCtPuKvKHTIaucrcPpUsgKYJKDNmtyFCAHJctWERt7N8hi03jEnurSdZ_bzSkgU6KqA6Ro3C8LxqavEW-jnOxsoAbQC3m0pt4hRvxsjESzPglUPA1ZzFXZeoQVb1ecEErfON_xlrHzcOWcGSqldr5c8Z4IBK4ePVD55mdgDrrTkz13lSf4yxfXr4y7ldPugvOY_BribRiv8uWQfUEYEz2iGlutt6rfbqgrOK0DF1QRpsnRoPHZ-Fa1Ng5wBswr3tWqsvx6zr2yfNrZzAXDCQ1h1MIoArLZIOZ5YlV40z9Rm8sLpoWLr9-5-6X5eNb42wcMbyxBvvYspoppiLSFPhFRQdfN1vA2ZXIrh2gb1HApDnlDLhd0OtGxC3P1AA0eLrYIl_8dssvt6pbLxaWReI1FbegQVOsrcXl17PQK0iV7kA6kS8BhiJ80-p_tv_OFpGUK4%26adurl%3D&documentReferer=https%3A%2F%2Fbul.medicaldevicetrend.com%2F&ancestorOrigins=https%3A%2F%2Fbul.medicaldevicetrend.com&random=1243599793735&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com
URL: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 88.99.165.19 Magdeburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 5d502483b009144040b309fed029b77ae7f9ccc21d7c0b7b64a8082ea72b9cf3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 15:33:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 48356900098905600719612012058028
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 331
Expires: Sun, 21 Aug 2022 16:33:47 +0200

Redirect headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 15:33:47 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=e990ea7qnd46&nw=20&renderingType=javascript&namespace=8de4719fb8&subid=&uid=807e4e2547d45922&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=750x200&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5GPVWlACY6j4Go2FjuwP5cG02AqfrdnLZ73rvJSKC_AuEAEgqoDDImCRBMgBCakCALYDUSLXsD6oAwGqBPIBT9Ce5iqAoUbU43XQG1117G08UhVV6W9tKhUH2DAJnaoGX2ySv3o2vomWAJSMplDacA9s-4NDtPU1hhdW-WkeNdNWYyUuAKh1JdDC5xhdFbMEVVWxABfB8hGJKGtczu0wz8X2do1cfuitWTAE1xhhZMKVWCBaaZ23DMIi-bECl1Bu1aQVU-x4hIajEPLd0uXlaElBNsbFtMxiHCazsCcheb0P8gjQs1PGuh4m2GN1IysNzCi7JhMRQN9T9uncmtMXZw-IQk1g95ISJlzKAa4KE1_VkTfiaQBDnnp8Pb0OyE7PSVSB-IyPZxBuWaaM69rjpUXABNvzvffUAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBIIgOGAEBABGB0yAqoCOgOAwAPyCBthZHgtc3Vic3luLTM2NDEyMDMxODg1NjgyODiACgOYCwHICwGADAGwE8LL5A3QEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLQCsnQUx4s-F5sV3SyASKsLuzZvKvxe0BWSxwmDPlpBTImizPlec3i8F_vJVFQ%26sig%3DAOD64_23WEBVzU9BdzodRO-gbjksMC9PCQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CRkUmX7rnKz3ZKGLm90k_hBHYBe7OOQlBBdKJRbX6LZgEZndlCz04LAUMvZWV0kmN8m95nEysaK415yzvbQcKvKJcNZy6b9TUnfFQQyGSjTOya4bMJ3iTLraZLHqRFT0MlTbezg9bCm8h3xV3rsYOqshM__g%26cry%3D1%26dbm_d%3DAKAmf-CCRPeG1hjQ8X5wyJ4oqFdhjC9GS1-naBaj4m0GG0ZD459wrcCITJ1B7VnuetpXXuTjDLpuGiBaadUFE2sBzRoQZ4Gj_nfYXDJw2EhOV7FEpe0fiCtPuKvKHTIaucrcPpUsgKYJKDNmtyFCAHJctWERt7N8hi03jEnurSdZ_bzSkgU6KqA6Ro3C8LxqavEW-jnOxsoAbQC3m0pt4hRvxsjESzPglUPA1ZzFXZeoQVb1ecEErfON_xlrHzcOWcGSqldr5c8Z4IBK4ePVD55mdgDrrTkz13lSf4yxfXr4y7ldPugvOY_BribRiv8uWQfUEYEz2iGlutt6rfbqgrOK0DF1QRpsnRoPHZ-Fa1Ng5wBswr3tWqsvx6zr2yfNrZzAXDCQ1h1MIoArLZIOZ5YlV40z9Rm8sLpoWLr9-5-6X5eNb42wcMbyxBvvYspoppiLSFPhFRQdfN1vA2ZXIrh2gb1HApDnlDLhd0OtGxC3P1AA0eLrYIl_8dssvt6pbLxaWReI1FbegQVOsrcXl17PQK0iV7kA6kS8BhiJ80-p_tv_OFpGUK4%26adurl%3D&documentReferer=https%3A%2F%2Fbul.medicaldevicetrend.com%2F&ancestorOrigins=https%3A%2F%2Fbul.medicaldevicetrend.com&random=1243599793735&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sun, 21 Aug 2022 16:33:47 +0200

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 90BB 0
20 B 59ms
58ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUyNtW1ACY56YF6yLx_APp7aD0A8AAAAAOAHgBAI&bg=!KimlKW3NAAYUOm8VNDo7ACkAdvg8WkvihfkKmI_79W0KPJqYnRYumYShbQv8UWc7H4o7dRmzXxuuRAIAAABKUgAAAAFoAQeZAyd892uKuIZoHzpULLGpyyGnrKvdeSWi4Nzx6JcaMN6GInc1IsqqQcCSPrkDFVeIWID_Q8bMXE9iJGeJzDS7QksQI4jEK_tT7i-Dz5ZU6VHk7amEymSPtsrGvY7N5z7X8pyjNPYfGzvurR_9y8NA6bybHafbdkS-WuC9M6m_u-SoWvd4HkicLq6Hcv2hLIkE5m0-bs2GmYE1wNoeKOkwJ4o3bkhooKLG2_kxCK5A3JGCEGRaq8L9afY-8i-2wnxVndPc-BQO6wXIyJDd4LYgkxCZI7JJbeZm3tJX5b5yjdE74aHkHxKylLqazf-TOqRZ3sbjl1o69_ofHEbGRx_5EaQEFmS9XmAr8tg-q0hfTkbWIeOIQ3LiXd_e3uoYgypsiLvndcdrX_JOxo20fZJWqCiVTTZxAp3UXxqihg_hHN3eHhSrP_bz_t7oWpnh4LeEkqgs3vbE6VEqP1uie1O70thIxgC4b5LsQ3oqE6-4fSfBGGf_XC5gg5lcbA7A_iOzzrw-vvpbLoZqkDSepxVF8RvwTxapFEG2A_xVzl3Uf8CM5-aV-ods7IMIGdNQvvSO_foESnMVgVb1nDhIQP_ZtGrHnVSxzmhOWfwnGVXA6ZGFynlaHX0w9ViUj-mlEC0av3f6buTAqxQU0Bn2c6b-9uAU0GkZURCJTXfzGPYFWP6E1hB_gKU25MrXV6DkMTQWZaelQrlM-cKdBmwTEO_8JO_rirKak4Hok8SWLb7hUvakcDO4pxjWY4yiFhW9hGUBenraTsW7w9zCypB0JUny1b3PmwcMsMSin4N2-smsSlndj_ndJ-xbLN8uz0cZ7o8y-yeORbWYDYBQhIO8NTIjqk1JjVFytLoQm70JoGvo_Ohmiw8knpbSeEGGGH0uH-HDvqlof_w2lOpWXrw23DMX7VrivWNiIJlReuTp2XYKf5ITxfCPKZx7cQJoniopZ_w9YCOYPkI7KmY_DKDhe3oZym8gjgGxV3xFrj8De8-pcJmj6_JU7VpnvOUGByrd2DLEIW46zNyxhAVELCdxvyCmXrKkb7jb4zZU2gxewUMu6MSUg_HLgyMd6HQ

Requested by

Host: e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com
URL: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:33:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900028.redintelligence.net/ Frame FDCF 4 KB
2 KB 73ms
25ms Document
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/request_content.php?s=48356900098905600719612012058028&a=0fa9a68a
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=e990ea7qnd46&nw=20&renderingType=javascript&namespace=8de4719fb8&subid=&uid=807e4e2547d45922&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=750x200&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5GPVWlACY6j4Go2FjuwP5cG02AqfrdnLZ73rvJSKC_AuEAEgqoDDImCRBMgBCakCALYDUSLXsD6oAwGqBPIBT9Ce5iqAoUbU43XQG1117G08UhVV6W9tKhUH2DAJnaoGX2ySv3o2vomWAJSMplDacA9s-4NDtPU1hhdW-WkeNdNWYyUuAKh1JdDC5xhdFbMEVVWxABfB8hGJKGtczu0wz8X2do1cfuitWTAE1xhhZMKVWCBaaZ23DMIi-bECl1Bu1aQVU-x4hIajEPLd0uXlaElBNsbFtMxiHCazsCcheb0P8gjQs1PGuh4m2GN1IysNzCi7JhMRQN9T9uncmtMXZw-IQk1g95ISJlzKAa4KE1_VkTfiaQBDnnp8Pb0OyE7PSVSB-IyPZxBuWaaM69rjpUXABNvzvffUAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBIIgOGAEBABGB0yAqoCOgOAwAPyCBthZHgtc3Vic3luLTM2NDEyMDMxODg1NjgyODiACgOYCwHICwGADAGwE8LL5A3QEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLQCsnQUx4s-F5sV3SyASKsLuzZvKvxe0BWSxwmDPlpBTImizPlec3i8F_vJVFQ%26sig%3DAOD64_23WEBVzU9BdzodRO-gbjksMC9PCQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CRkUmX7rnKz3ZKGLm90k_hBHYBe7OOQlBBdKJRbX6LZgEZndlCz04LAUMvZWV0kmN8m95nEysaK415yzvbQcKvKJcNZy6b9TUnfFQQyGSjTOya4bMJ3iTLraZLHqRFT0MlTbezg9bCm8h3xV3rsYOqshM__g%26cry%3D1%26dbm_d%3DAKAmf-CCRPeG1hjQ8X5wyJ4oqFdhjC9GS1-naBaj4m0GG0ZD459wrcCITJ1B7VnuetpXXuTjDLpuGiBaadUFE2sBzRoQZ4Gj_nfYXDJw2EhOV7FEpe0fiCtPuKvKHTIaucrcPpUsgKYJKDNmtyFCAHJctWERt7N8hi03jEnurSdZ_bzSkgU6KqA6Ro3C8LxqavEW-jnOxsoAbQC3m0pt4hRvxsjESzPglUPA1ZzFXZeoQVb1ecEErfON_xlrHzcOWcGSqldr5c8Z4IBK4ePVD55mdgDrrTkz13lSf4yxfXr4y7ldPugvOY_BribRiv8uWQfUEYEz2iGlutt6rfbqgrOK0DF1QRpsnRoPHZ-Fa1Ng5wBswr3tWqsvx6zr2yfNrZzAXDCQ1h1MIoArLZIOZ5YlV40z9Rm8sLpoWLr9-5-6X5eNb42wcMbyxBvvYspoppiLSFPhFRQdfN1vA2ZXIrh2gb1HApDnlDLhd0OtGxC3P1AA0eLrYIl_8dssvt6pbLxaWReI1FbegQVOsrcXl17PQK0iV7kA6kS8BhiJ80-p_tv_OFpGUK4%26adurl%3D&documentReferer=https%3A%2F%2Fbul.medicaldevicetrend.com%2F&ancestorOrigins=https%3A%2F%2Fbul.medicaldevicetrend.com&random=1243599793735&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Magdeburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 8116fa18e9b8076ea00b7c1f10965f64ee30d848bded4c4acf09f56022b0e278

Request headers

Referer: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1503
Content-Type: text/html; charset=utf-8
Date: Sun, 21 Aug 2022 15:33:47 GMT
Expires: Sun, 21 Aug 2022 16:33:47 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 2CC6 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f0c61d078a353b3ee7b604718c50be43ae3bc243ecea3ffb6fa8330851d8f40

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7C76 42 B
64 B 126ms
61ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssmbzZpr3-s4XHDlhD6hgVR-7-8_3QzbEZ_QjXbKCmnDM8aI7f5McMRP3ltNQAvyeuVcsH2Jt4guxpNBzVyAk_euGmQcUiau-sk6zT09GavZM5PxTCPFXKeqvR0Z5AW0harsy-trkTG4dApPA&sai=AMfl-YQJQd7lB4SGtk5fzt81bB0Vd1i3uBA3_I2pGo0RTLB56j_I1V1sCeITUpTag3g0vkgr4zCKnbOaCvuAKd0KmtsI-ZHAoW3JYquVM-G6&sig=Cg0ArKJSzG1eYPMjFI3NEAE&cid=CAQSLQCsnQUxZYjl8qBf_G7wpJZV-ch4ZWYocg88V5-mfPcvpDrdElwamlyasIhvTw&id=lidar2&mcvt=1000&p=1110,315,1200,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3122376375&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661096026510&rpt=319&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:33:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 750x200.jpg
cdn.contentspread.net/24i/advertiser/39112/creativesup/ Frame FDCF 63 KB
64 KB 122ms
33ms Image
image/jpeg 85.114.131.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/39112/creativesup/750x200.jpg
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=48356900098905600719612012058028&a=0fa9a68a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.233 Waldshut-Tiengen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21037.dus4.fastwebserver.de
Software: nginx /
Resource Hash: 347bde92b9578f07e84cc873e3e684d8182d5c8ab29bddc94a5778197139e13a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 15:33:47 GMT
Last-Modified: Thu, 15 Feb 2018 12:23:02 GMT
Server: nginx
ETag: "5a857ba6-fd57"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 64855

GET
H/1.1 200
OK viewability Show response
hal900028.redintelligence.net/ Frame FDCF 0
150 B 73ms
25ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/viewability?s=48356900098905600719612012058028&a=27320bf0&vb=m
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=48356900098905600719612012058028&a=0fa9a68a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Magdeburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900028.redintelligence.net/request_content.php?s=48356900098905600719612012058028&a=0fa9a68a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 15:33:47 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame FDCF 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/gif

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 1F39 28 B
54 B 39ms
39ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/009f1d77/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/HpX8PRpR6oA
X-YouTube-Client-Version: 1.20220817.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtIaDIyaEtnamdqQSjZoImYBg%3D%3D
X-YouTube-Ad-Signals: dt=1661096025451&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C666%2C396&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 21 Aug 2022 15:33:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sun, 21 Aug 2022 15:33:48 GMT

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbul.medicaldevicetrend.com%2F&domain=bul.medicaldevicetrend.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=Vu87S3xNcmpSVGh2VkJtZGgxdGNoT3Z5RHI2K2krNHZ0TzdhY2ZFQ0RUNGxremwwQ2hET2Y1cUQzbno0S0RBZS8yUWkwcVJIeGJaZGh3U2lzVlRNSXVVSkJQbEZ5NFZXZjZwc1R6SzFLMklNN251bFBBM1dqUmhRWXFQcF...

377 B
638 B

68ms
24ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Vu87S3xNcmpSVGh2VkJtZGgxdGNoT3Z5RHI2K2krNHZ0TzdhY2ZFQ0RUNGxremwwQ2hET2Y1cUQzbno0S0RBZS8yUWkwcVJIeGJaZGh3U2lzVlRNSXVVSkJQbEZ5NFZXZjZwc1R6SzFLMklNN251bFBBM1dqUmhRWXFQcFkzVmNHSWVNN0s5MWp4aHVnc1R4U3NoUjdkSHRGN0RPOFp3U21CK1M0M0NZSG42M1VualU0VFVqZDZlNWFzalN1aHhqd3JtSGNiNHkzSmF2dGRqb24vVXpFNVVobU1aTWp2TnQ4ZmZpVGhPUkhGZ2NMbTJkUEdScVBMY0UxaktDWG13OWcyQ0hpfA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

3cc82b48371c310b0b48e649636e273f7a87b3a4a71c14a699fd60e35aefcb1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bul.medicaldevicetrend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:33:48 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2945
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:33:48 GMT
location: https://mug.criteo.com/sid?cpp=Vu87S3xNcmpSVGh2VkJtZGgxdGNoT3Z5RHI2K2krNHZ0TzdhY2ZFQ0RUNGxremwwQ2hET2Y1cUQzbno0S0RBZS8yUWkwcVJIeGJaZGh3U2lzVlRNSXVVSkJQbEZ5NFZXZjZwc1R6SzFLMklNN251bFBBM1dqUmhRWXFQcFkzVmNHSWVNN0s5MWp4aHVnc1R4U3NoUjdkSHRGN0RPOFp3U21CK1M0M0NZSG42M1VualU0VFVqZDZlNWFzalN1aHhqd3JtSGNiNHkzSmF2dGRqb24vVXpFNVVobU1aTWp2TnQ4ZmZpVGhPUkhGZ2NMbTJkUEdScVBMY0UxaktDWG13OWcyQ0hpfA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bul.medicaldevicetrend.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1672
content-length: 509
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 74ms
24ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbul.medicaldevicetrend.com%2F&domain=bul.medicaldevicetrend.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://bul.medicaldevicetrend.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://bul.medicaldevicetrend.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 21 Aug 2022 15:33:48 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1202
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 2FE4 3 KB
2 KB 180ms
34ms Document
text/html 2.21.184.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.184.247 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-184-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://bul.medicaldevicetrend.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Sun, 21 Aug 2022 15:33:48 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7B17 52 KB
17 KB 52ms
14ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://bul.medicaldevicetrend.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 38739
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 21 Aug 2022 15:33:48 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 257562
X-Served-By: cache-lga21958-LGA, cache-ams21021-AMS
X-Timer: S1661096029.838349,VS0,VE0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7B17 0
739 B 14ms
14ms Script
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 15:33:48 GMT
X-Proxy-Origin: 37.48.94.47; 37.48.94.47; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 470e5787-eef3-4efb-b33a-88970f86723a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 76ms
23ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 21 Aug 2022 15:33:48 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1232
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 1572 1 KB
2 KB 96ms
47ms Document
text/html 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbul.medicaldevicetrend.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0da2135b7d429a62c1575a37d7c198a680a2793cbf3ca5a4c7bca01ae45ef2cf

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 73e46de589aa920e-FRA
content-encoding: br
content-type: text/html
date: Sun, 21 Aug 2022 15:33:49 GMT
dropped-udsids: 241|39|230|46|17|4|218|41
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5iEJKZEeDeJSK9qfbjd%2BBwQ%2FSAuDBsTygI0mk2DWv5c%2BHXXBrENUNYJ%2FruWBb7DBtp%2Fiw0kUorUiuMwBuY76XqjJx%2FoaHWjszPW6aHDsWFcPaP3UhYfqASLW0OETC%2F5yqrn0saFK53nDw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 1572
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwJQW-Z0Z2odlmvsfjXvSgAABJcAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwJQW-Z0Z2odlmvsfjXvSgAABJcAAAIB&dcc=t

43 B
645 B

104ms
103ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwJQW-Z0Z2odlmvsfjXvSgAABJcAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbul.medicaldevicetrend.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 15:33:49 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: S0XKBKQ24ZTQQQT66JHB
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 15:33:49 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: FCTCM5NEEXQDSN2CWZ1C
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwJQW-Z0Z2odlmvsfjXvSgAABJcAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 1572 70 B
265 B 102ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbul.medicaldevicetrend.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:33:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 1572 170 B
188 B 31ms
31ms Image
image/png 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwJQW-Z0Z2odlmvsfjXvSgAABJcAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbul.medicaldevicetrend.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 15:33:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 1572 0
0 45ms
13ms Image
text/html 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbul.medicaldevicetrend.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 1572
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1

43 B
913 B

44ms
44ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbul.medicaldevicetrend.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73e46de8c80d6943-FRA
pragma: no-cache
date: Sun, 21 Aug 2022 15:33:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1LLQe%2FPr7YCYTL8zSS8C88SnzV7oDG2c84BLm9%2FI%2BEN57vtM0RYbXLAwvcgTKTA1OmOXoVoMrXAYJKeWuZRPXkTne7%2BJcADW2dlD1jCx7qLvypTfL%2BITasVrSlEP8XnPw4XHLehb1Hgow%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma: no-cache
Date: Sun, 21 Aug 2022 15:33:49 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 106
Content-Type: text/html; charset=utf-8

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1572
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3198317024966957725

43 B
908 B

40ms
39ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3198317024966957725
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbul.medicaldevicetrend.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73e46de67c766943-FRA
pragma: no-cache
date: Sun, 21 Aug 2022 15:33:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CaxtJd4SaZCfX3WHLfDBPuf5xNEjwqYliyaz8GjHsI6pWoxwChO9wNhZJws0trPeS6MPImf5Zgf4ouQ%2FfmvmsIWx3yQeT0YbBej%2B1euHDE1B9oZ%2FO37oUwAfljMpCH7ltl0owtCwH01rWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3198317024966957725
pragma: no-cache
date: Sun, 21 Aug 2022 15:33:48 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK ibs:dpid=23728&dpuuid=YwJQW.Z0Z2odlmvsfjXvSgAA%261175
dpm.demdex.net/ Frame 1572 0
0 151ms
31ms Image
application/json 52.17.75.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YwJQW.Z0Z2odlmvsfjXvSgAA%261175?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbul.medicaldevicetrend.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.75.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-75-86.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 1572 43 B
408 B 224ms
14ms Image
image/gif 72.251.241.196
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbul.medicaldevicetrend.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 15:33:49 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-5
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 1572 43 B
424 B 100ms
29ms Image
image/gif 2606:4700::6812:c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?YwJQW.Z0Z2odlmvsfjXvSgAA%261175
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbul.medicaldevicetrend.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:49 GMT
cf-cache-status: HIT
age: 170
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
content-length: 43
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
etag: "da1f1d-2b-546dc3a097100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 73e46de65b289b3f-FRA
expires: Sun, 21 Aug 2022 19:33:49 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7B17 0
739 B 26ms
25ms Script
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 15:33:49 GMT
X-Proxy-Origin: 37.48.94.47; 37.48.94.47; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: f6918841-16d7-45de-954b-387608659114
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.havanese.top/	1970-01-20 06:08:08	Name: uuid Value: 4cb68c10-b9c7-425e-8d40-f5fc5e202173
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: DnMMPihXUiY
.youtube.com/	1970-01-20 09:44:08	Name: VISITOR_INFO1_LIVE Value: Hh22hKgjgjA
.yadro.ru/	1970-01-20 14:09:25	Name: FTID Value: 1Z0b1P2kQwOO1Z0b1P002GKl
.yadro.ru/	1970-01-20 14:09:25	Name: VID Value: 2K-xNs3_5TOO1Z0b1P002GM2
.medicaldevicetrend.com/	1970-01-20 14:10:32	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMTgyYzEwOWQtY2Y0YS02YWFhLWExZTMtYzUzOWM1NjE2ZjI5IiwiY3JlYXRlZCI6IjIwMjItMDgtMjFUMTU6MzM6NDUuNTQ0WiIsInVwZGF0ZWQiOiIyMDIyLTA4LTIxVDE1OjMzOjQ1LjU0NFoiLCJ2ZW5kb3JzIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZW5kb3JzX2xpIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZXJzaW9uIjoyfQ==
.medicaldevicetrend.com/	1970-01-20 14:10:32	Name: euconsent-v2 Value: CPeFyN_PeFyN_AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
bul.medicaldevicetrend.com/	1970-01-20 06:08:08	Name: _pbjs_userid_consent_data Value: 6683316680106290
.adnxs.com/	1970-01-20 07:34:32	Name: icu Value: ChgI2cldEAoYASABKAEw2aCJmAY4AUABSAEQ2aCJmAYYAA..
.adnxs.com/	1970-01-20 07:34:32	Name: uuid2 Value: 2712237183415180754
.medicaldevicetrend.com/	1970-01-20 14:10:32	Name: _ym_uid Value: 1661096026515814193
.medicaldevicetrend.com/	1970-01-20 14:10:32	Name: _ym_d Value: 1661096026
.yandex.ru/	1970-01-20 14:10:32	Name: yandexuid Value: 5618020091661096025
.yandex.ru/	1970-01-20 14:10:32	Name: yuidss Value: 5618020091661096025
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1936360351661096025
.yandex.ru/	1970-01-20 15:00:56	Name: i Value: CEuKi/FvA+9LF/CJaTX2nGPLbWNsRQn6x2CGdVR4r3AXW9uOWkk4ZfwXc9CSbleNwSluQIJntAv1jjtKJ4Ra14uG9js=
.yandex.ru/	1970-01-20 14:10:32	Name: ymex Value: 1692632025.yrts.1661096025#1692632025.yrtsi.1661096025
.medicaldevicetrend.com/	1970-01-20 05:26:08	Name: _ym_isad Value: 2
fp.metricswpsh.com/	1970-01-20 14:10:32	Name: id Value: 1195828077489254540
.doubleclick.net/	1970-01-20 15:00:56	Name: IDE Value: AHWqTUnFo0h1ycp8RhdA_qgNLY_LCwpqbqX531QNqCGts2hNOnrxYI-4IMxmdwrsaXs
.doubleclick.net/	1970-01-20 05:24:59	Name: DSID Value: NO_DATA
.medicaldevicetrend.com/	1970-01-20 14:46:32	Name: __gads Value: ID=26710c6e73529187:T=1661096026:S=ALNI_MZJFgKtweuLRKZEXnrSXg_1KDdGNg
.casalemedia.com/	1970-01-20 07:34:32	Name: CMPS Value: 5177
.casalemedia.com/	1970-01-20 14:10:32	Name: CMID Value: YwJQW.Z0Z2odlmvsfjXvSgAA
.casalemedia.com/	1970-01-20 07:34:32	Name: CMPRO Value: 1175
.redintelligence.net/	1970-01-20 07:34:32	Name: 8lcfmzhxc8d6_uid Value: 19c123bc49ac17d4
bul.medicaldevicetrend.com/	1970-01-20 14:46:32	Name: cto_bundle Value: 8jSAcF9aTHdLZWp0eFZzYVZvU1RXZms4alA2QzJCT3Q1ZUVhSGV5WnJSZ2pqRVdGdjhtUnR4TEtGWEhEMTdaVTF1R2JmRyUyQlNWZXZpaUJDVCUyRjdIJTJCUGdkR0ZlSVZRYm03bzlTaWZINWRzc1YlMkJFT01VU0ZLMDdodDI2JTJCcm1qNnF5anhuaG4
bul.medicaldevicetrend.com/	1970-01-20 14:46:32	Name: cto_bidid Value: dK9XaF96c0tuamZUTlVON2VKbVVmWDZrREVIYTBiNiUyRlU5TExXc2lVR2clMkZPUE8wdGFRVUplcGFteW1jODhzN0RKNHJCalNsRDZZeHNpcGJ3UnJoMEVnTGtlNDBzWjFOUnlQaHZ4ek5kMnY5ZDQlMkJsZyUzRA
.casalemedia.com/	1970-01-20 14:10:32	Name: CMRUM3 Value: 276302505d0b40&046302505d05a0&2d6302505b05a0CAESELDMWEYRLIPOILGrPmpP8EQ&e66302505d2760&296302505d05a0&116302505d05a0&2e6302505d05a0&da6302505d2760&f16302505d05a0
.casalemedia.com/	1970-01-20 05:26:22	Name: CMST Value: YwJQXWMCUF0A
.turn.com/	1970-01-20 09:44:08	Name: uid Value: 3198317024966957725
.casalemedia.com/	1970-01-20 07:34:32	Name: CMTS Value: 1101

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://medicaldevicetrend.com/template/images/map.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i.ergonengineering.com/img/informasi-kesehatan/23/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil_1.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i.ergonengineering.com/img/informasi-kesehatan/23/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil_3.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i.ergonengineering.com/img/informasi-kesehatan/23/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i.ergonengineering.com/img/informasi-kesehatan/23/air-mani-tidak-keluar-saat-ejakulasi-apa-masih-bisa-bikin-hamil_2.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	Message: The script resource is behind a redirect, which is disallowed.
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.turn.com
adservice.google.com
adservice.google.nl
adx.adform.net
b1sync.zemanta.com
bul.medicaldevicetrend.com
cdn.contentspread.net
cdn.indexww.com
cdn.jsdelivr.net
cdn.zx-adnet.com
cm.adgrx.com
cm.g.doubleclick.net
counter.yadro.ru
cst.cstwpush.com
cst.wpu.sh
dpm.demdex.net
dsum-sec.casalemedia.com
e2770e6b6d7a9b2aa114cb34e842981d.safeframe.googlesyndication.com
f3256a8395.ad1f574e38.com
faq.worldtourismgroup.com
fonts.googleapis.com
fonts.gstatic.com
fp.metricswpsh.com
get.optad360.io
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900028.redintelligence.net
havanese.top
htlb.casalemedia.com
i.ergonengineering.com
i.medicaldevicetrend.com
i.ytimg.com
ib.adnxs.com
jnn-pa.googleapis.com
js-sec.indexww.com
js.wpadmngr.com
js.wpshsdk.com
js.wpushsdk.com
match.adsrvr.org
mc.yandex.ru
medicaldevicetrend.com
mug.criteo.com
na.nawpush.com
pagead2.googlesyndication.com
prebid-eu.creativecdn.com
s.amazon-adsystem.com
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
site2text-2021.web.app
ssum-sec.casalemedia.com
static.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.18.18.126
104.18.19.126
142.250.184.226
142.250.185.66
151.101.193.108
151.101.65.195
178.250.0.157
185.177.92.29
185.184.8.90
185.89.210.141
185.89.211.116
188.114.96.3
188.114.97.3
188.166.100.156
199.36.158.100
2.21.184.247
2001:678:cb4:bbbb::11
23.88.85.6
2600:9000:21f3:2600:11:a4de:2580:93a1
2606:4700:20::681a:9a9
2606:4700::6812:c4c
2620:0:890::100
2a00:1450:4001:802::2003
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:809::2016
2a00:1450:4001:80b::2006
2a00:1450:4001:80b::200e
2a00:1450:4001:810::2002
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::200a
2a02:2638::1c
2a02:6b8::1:119
2a04:4e42:600::485
3.33.220.150
37.157.2.234
45.133.44.24
45.133.44.25
46.4.10.49
50.31.142.63
52.17.75.86
52.46.151.131
72.251.241.196
85.114.131.233
88.212.201.204
88.99.165.19
01ce9b4155b8547fe1d90bd6db035f185822decd3d0923df37d930068cf19d58
04149c43558d59b2f0f2cc3f679979b915401ca5c94e833479ca9ea754db0b89
041b6e69b34243b7cd98534e95b129cb2479bebddae8dc4f051755a84cc8fbe8
05acc3012d01edb765afea170fa2dfe68065a552667744d399c84844c33c8568
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0a772c9d15190dfedc2f7bf714fb7692d506fd79267c9888693afc39f41229f7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0da2135b7d429a62c1575a37d7c198a680a2793cbf3ca5a4c7bca01ae45ef2cf
0df763fcc000bb68a91d87ecd3f92ad3d0d28a11deb20a37d02ff2e504fde930
0ea2697dd2d0350ed84ce89be6bc75e8462ad5d56e0d70d53c869df80ab8236a
1143cc4d0afa91e1a4b29293557f204da09d151a54a098e907596a1d538f8f49
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1462b047ffc3c31c11c67dedb6f24d44a1b041b512f9eed8975c6cd718561a90
164705741639ce338d5086447b46ca7be9695ed706ce1938949d9b0f95e8a19f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
21aa03824652a262ed3c10fb8bddc8c091e9e8f6cfd1b23cae1592d4f79e918a
25606a38fd2c1b0625495a6c4873a0350a1f7bc12b3713b8466dc16f34679265
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
2de651692a5c82f38126c280f7a685f074b368a58272e7c4ff9e882dce4ae99d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ead7afdd7ff8c6bb486b360a061137d56a0cfdf85c38642e945ec7369e82c65
30fc29e2b0f9afeaa9b12d33e2975fd7815ff15c127f98ccbc93e1a3dbcf41cc
31a1d480b9cc82f903b98efe0de13288e24b0fecf60e0540e852a768fafa31c9
347bde92b9578f07e84cc873e3e684d8182d5c8ab29bddc94a5778197139e13a
3cc82b48371c310b0b48e649636e273f7a87b3a4a71c14a699fd60e35aefcb1d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
48698dba88b746b8ba54367dc32ca747d32f261d00af7cfc02cd9a7ec451f93a
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b46dc5cc031017c003808e87a7c63f7b1555fe6ec18da4489694a09236e52e3
4b897f80be17cf6623b8ecf2101fade714236c5ec74042fbbf9495d4ebf406e3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52a3807964b92463ca8e086eb7217d15885eb26ef43ce9d30ae2d676ea434f94
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569961c56ee8f4796f969383d3c35add7d1127e2290121c0a2c47673e3993b79
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
596e076b6488c3a862cb2179efaea673afe61c23e7add0332505ba2d57524b7e
5d502483b009144040b309fed029b77ae7f9ccc21d7c0b7b64a8082ea72b9cf3
5ffdec5894796cfc51adb8ba5f4aed7814771f4b836b96c9ab49606a6e866f0a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
654491086d1f6dd5df6dbd44c09c7091237c4ffe4c3b4f00d0fc384ef7b2733f
66a02f7d93a276c9f3ddfe4f760924b070bd108bb0d8670f5ec59725aaec3c87
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b00a5dd60adfef2e622c2988013b3ca17b6bcdf0cbed8dee3bbc3a60c133b0a
6cd3565b46cabcbc2e984bbdbd707b5a4d68fd21537f40a9fd36580ce9cfa040
70dcce48a0f42c38a7dfae12fe3b47f21debd5ebac3ae1b123f2fb9b323aca32
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
71cb0d5bc07b1a1ff945f03719dd78c77b8ea5b709185180cb3776b0b95a5194
7354b4bd3b6d15ee20094eb2e50ae6f8466aa138671e02f57680da978660f611
7a6e346ab2de8f4982b796a60b369b2eb25548ad47fe66ee0a26c76b1d1e88a5
8116fa18e9b8076ea00b7c1f10965f64ee30d848bded4c4acf09f56022b0e278
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8378d48007b3cd410fcb04e0491a0ecafb0f1dd76e3def33751cba1e65c46b35
8545f789d157443e285020e59d3ede5a7725a9ab6d03ebaa996ef57914d1685c
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
89ceaf2fba13343764ed6f07696d5b3a49b28daf865c3f6c204c218a4cd62e1e
8a90f9c307d889844f7286c11a9e8596c9a41b2e91123ab49cca0fbaa4b48dc7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f0c61d078a353b3ee7b604718c50be43ae3bc243ecea3ffb6fa8330851d8f40
920bf5e0981c083ac0cc65869559295260817baa40cdd79fd293fa7d7acf5456
960a0101f3bc46f4b7dc836a7417f5d0dda1bb734e04afa87ff9479030db8403
9cfe00b9313bfda47a4dc6f4e080d1f1e5a8969863401401fa4ad2aaef232d12
9ec418350a33f9345222164287d22e2214208fec2fa67eeaaf4137c78f4b9a64
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
a1862b0c78082c9f962a03d15920eeaebf62091a312c6a854bac6ffd3a8b7492
a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227
a35a51e32439cce8b4dd6734f65c18debec94ca81a30640b2ccaba988ce1639e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a73eb3fbea6e1051f19a0d4f9511e098101381060765d220b27525cb3e3b6340
a76d2671734df409458705f7cb7ddb59275e05fea5906de3c8bc878e47025a1a
a9b8a4b058f0cfdb5137ab550edcaa8912e26d6ceb7451b9ea791d608e467090
ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f
ae3bba83b1182ab504a90f8037f6fd673b3fcb7e74581941ad5f190bedeffe71
ae76aab58df5505ae11ad294434acd86c398718cc15d0f4d7a92cf6953a42a38
b0258294911396a658792e878c5ebd36ad4ed3d0d683a50bcb145c344c659547
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bdb494d096b2741093d6eb4157627fbda067317e97ed4320224ade24bc80e5ad
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c12395451dd35e7f1feb3e75840752f393e690cfe90019b8596e0358c0b9a26d
c1c8b5e398b57483f3477934519ce5b26a8afa82e74d2a415e07f2f02ffae603
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
ca52b18ab89e288a23c94c9d506e606c5a2f94baec8366f58b782bb16308c4c0
cd7c26673baf66970f23013601bc21c3ac55ec6dded9d4e43518168801550d73
cf5c103eac1f662868eafb7e9ad9de4ecdb2897738446427866156d8b8010176
d2398dc51b18394ba7f06532e7fc829f28dee35e995a599a8909a7fa42ca477f
d32e0452d5f834de467dd963b9e0ab4202e886b83231e289c0daa2ff579512dc
d51741c7d17bc8772713e36b11f22d36788bd0b8610c20e091ced2e6fd0302dc
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
db03f62d80666f2cbc812e9f9623e4fb6e8fdc9bd91bb2457f19e442d9ee416b
dd7ccf900a762ac6bdbc52f42e36dcb98784ce51bae5a5ac82fa1c5c06b92407
df373cb9e00d35aacaa04c35722c2f10942f702637f46d485b924618be5e129d
e111a3850d781cc4bb9983b28613414f9a59af060c2860692d56809589c663b3
e11cea7d59b0308003c113b685f9afbeb3f16ec18bf4e574564c2ed2f26a5cc6
e297ef3840e7a357f3c28bf15d8483c3c04416a38d4ec60c3e8fc432c17054f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ec18a28e83ac14ae1c736bb936ad98129599812a3d9707f9bd1391207fc1bc49
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe80f770787f125244a0782bf3fdff503a2eafc4207d262bb5f6f2813204bdc
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f87d4ec0526ba3329feab65cb0c17284e42b24ec455b561d366042da531b6c98
fa581fefebecc84d3b82fa27a681ea2587caa31c61a7834c23550fdf64cdf240
ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68
ffbfbd37ead2cdeb93289a5430e57f02c73709e18f12de60f4886997d1fd5b37

bul.medicaldevicetrend.com Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

160 Requests

93 %HTTPS

44 %IPv6

43 Domains

60 Subdomains

50 IPs

10 Countries

3362 kBTransfer

8227 kBSize

32 Cookies

39 Outgoing links

Redirected requests

160 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bul.medicaldevicetrend.com Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

160
Requests

93 %
HTTPS

44 %
IPv6

43
Domains

60
Subdomains

50
IPs

10
Countries

3362 kB
Transfer

8227 kB
Size

32
Cookies

160 HTTP transactions
6 data transactions