cqty1.bhuefbfrvbn.workers.dev Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cqty1.bhuefbfrvbn.workers.dev/
Submission: On June 29 via api (June 29th 2024, 12:41:49 pm UTC) from US — Scanned from NL

Summary HTTP 214 Redirects Links 67 Behaviour Indicators

Summary

This website contacted 29 IPs in 6 countries across 19 domains to perform 214 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is cqty1.bhuefbfrvbn.workers.dev.
TLS certificate: Issued by WE1 on June 20th 2024. Valid for: 3 months.

This is the only time cqty1.bhuefbfrvbn.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2606:4700:303... 2606:4700:3033::6815:45f9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.160.150.46 3.160.150.46	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
84	172.67.216.21 172.67.216.21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1 58	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:206... 2600:9000:206f:7000:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
3	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	3.126.189.237 3.126.189.237	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
6	102.130.121.238 102.130.121.238	328364 (Host-Afri...) (Host-Africa-AS)
3	172.67.216.245 172.67.216.245	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
2	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.132 142.250.186.132	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.18.1 172.217.18.1	15169 (GOOGLE) (GOOGLE)
214	29

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cqty1.bhuefbfrvbn.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:3033::6815:45f9 (United States)

ASN13335 (CLOUDFLARENET, US)

dctboyojy.578333.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.150.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-46.fra60.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

84 172.67.216.21 (United States)

ASN13335 (CLOUDFLARENET, US)

dctboyojy.578333.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:7000:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.189.237 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-189-237.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 102.130.121.238 (South Africa)

ASN328364 (Host-Africa-AS, ZA)

image.blob.ix.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.216.245 (United States)

ASN13335 (CLOUDFLARENET, US)

highburyads.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0b9201374d747ca5e9eea66f647fb8f9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.132 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

cqty1.bhuefbfrvbn.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
99	578333.xyz dctboyojy.578333.xyz	1 MB
69	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 137 0b9201374d747ca5e9eea66f647fb8f9.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 177	1 MB
6	ix.co.za image.blob.ix.co.za	777 KB
6	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 stats.g.doubleclick.net — Cisco Umbrella Rank: 136 googleads.g.doubleclick.net — Cisco Umbrella Rank: 70	176 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 844	236 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	368 KB
4	workers.dev cqty1.bhuefbfrvbn.workers.dev	26 KB
3	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3125 www.google.com — Cisco Umbrella Rank: 5	87 B
3	highburyads.co.za highburyads.co.za	403 KB
3	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 5168 buttons-config.sharethis.com — Cisco Umbrella Rank: 5857 l.sharethis.com — Cisco Umbrella Rank: 5781	48 KB
2	google.de www.google.de — Cisco Umbrella Rank: 8088	126 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71	21 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	2 KB
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 493	431 B
1	google.nl www.google.nl — Cisco Umbrella Rank: 10567	455 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 133	2 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1073	7 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 324	31 KB
214	19

	Domain	Requested by
99	dctboyojy.578333.xyz	cqty1.bhuefbfrvbn.workers.dev dctboyojy.578333.xyz
57	pagead2.googlesyndication.com	cqty1.bhuefbfrvbn.workers.dev pagead2.googlesyndication.com securepubads.g.doubleclick.net
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	image.blob.ix.co.za	cqty1.bhuefbfrvbn.workers.dev dctboyojy.578333.xyz
4	cdn.taboola.com	cqty1.bhuefbfrvbn.workers.dev cdn.taboola.com
4	www.googletagmanager.com	cqty1.bhuefbfrvbn.workers.dev www.googletagmanager.com
4	cqty1.bhuefbfrvbn.workers.dev	cqty1.bhuefbfrvbn.workers.dev static.cloudflareinsights.com
3	highburyads.co.za	cqty1.bhuefbfrvbn.workers.dev
3	securepubads.g.doubleclick.net	cqty1.bhuefbfrvbn.workers.dev securepubads.g.doubleclick.net
2	www.google.com	1 redirects cqty1.bhuefbfrvbn.workers.dev
2	www.google.de	cqty1.bhuefbfrvbn.workers.dev
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	0b9201374d747ca5e9eea66f647fb8f9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	cqty1.bhuefbfrvbn.workers.dev
1	gum.criteo.com	cdn.taboola.com
1	www.google.nl	cqty1.bhuefbfrvbn.workers.dev
1	googleads.g.doubleclick.net	1 redirects
1	region1.analytics.google.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	static.cloudflareinsights.com	cqty1.bhuefbfrvbn.workers.dev
1	www.googletagservices.com	cqty1.bhuefbfrvbn.workers.dev
1	platform-api.sharethis.com	cqty1.bhuefbfrvbn.workers.dev
214	26

This site contains links to these domains. Also see Links.

Domain
dctboyojy.578333.xyz
www.joburgetc.com
www.capetownetc.com
www.africaninsider.com
www.youtube.com
www.facebook.com
www.instagram.com
twitter.com
wordpress.org
highburyads.co.za

Subject Issuer	Validity	Valid
bhuefbfrvbn.workers.dev WE1	`2024-06-20` - `2024-09-18`	3 months	crt.sh
578333.xyz GTS CA 1P5	`2024-06-03` - `2024-09-01`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M03	`2024-04-19` - `2025-05-17`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
image.blob.ix.co.za R3	`2024-05-22` - `2024-08-20`	3 months	crt.sh
highburyads.co.za WE1	`2024-06-22` - `2024-09-20`	3 months	crt.sh
*.googleadservices.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.de WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-18` - `2024-09-17`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://cqty1.bhuefbfrvbn.workers.dev/
Frame ID: 1A5BB6D8ABBDEE606776BD309D686A67
Requests: 150 HTTP requests in this frame

Frame: https://0b9201374d747ca5e9eea66f647fb8f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FE44BC8D3E2ACDCE269FA82C54A86D74
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240625/r20110914/zrt_lookup_fy2021.html
Frame ID: FB9B4AD5658A1002C7BB5F83BA49CE58
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7073370864490749&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1719664902&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=30~31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_23~31_2~27_9~29_10&aiixl=30_6~31_8~27_3~29_5&aslmct=0.7&asamct=0.7&aisaib=1&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719664902026&bpp=3&bdt=1669&idt=406&shv=r20240625&mjsv=m202406250101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=234298239520&frm=20&pv=2&ga_vid=1762258464.1719664902&ga_sid=1719664902&ga_hid=1344533571&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C95331687%2C95334511%2C95334526%2C95334565%2C95334571%2C95334828%2C95335887%2C95335897%2C95335292%2C31078663%2C31078668%2C31078670&oid=2&pvsid=502093983338160&tmod=1046196241&uas=0&nvt=1&fsapi=1&fc=1920&brdim=450%2C450%2C450%2C450%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=454
Frame ID: 69DE40CB0603DD2767FF42A92C707A6E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuCOwybnvlHCMainfW0DbTOWfYCm7xNd9vYdJ-6tAGAxK3_dQJwhW0ZxTv-SIaNIxUV9C1-lZ8PfViaAzmErI2nHZcd10rYRHWxhTNLTOrMrnFf6Nql1YZwSJY7aurIPvDp8yvTJxQUCiP9-BPTBNvm807BYIC58Rd2hwLz7DebfUREph2DbJJ6rLD6961sUdc8xlEVbGe6a5pelpvs7lBwaqRK1k5UFxZtod8iaZD9Gs5niuiZZV63JymrCzUxjIFKbPi7F0Tg5hVIkJqQnm7SUiU7Ybhb_5hxzK2IhRx6KijT9r-a-i0gTXJNnlVCrYD40FkfOrqtMFlQ7_ecQkka7_fpdG2z-j0TpginU9_vSMRWuPBvmFg&sig=Cg0ArKJSzLIlCCEJ-fEGEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 824CBBD6C0B12C32D1402271BBF74655
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvEmRFvShBpogfAjHM99yOOMZcPVz698V1mHR3xDlBNrDrkpHeQUSfU4rMtVhhYwbY1dzqUgxwEVh33uyCi0b7WzeA8Dbx27MVo3Ugvi_wZ0fb8A6MR8Aw8qOfJC0UQ0-Yd_QBEbBdO8VfdVI9puxnALcpFYWGgC1P8-0kF5lC51BvDLmh2ZCKRc6R6B199UkiCpDO5Wzs1DVQEWyf92_xc8vTvka5C_mkqew_D9CR_4faSBHSRH2Xr8AhifrFuPRxa5Xrrvnh4VWSU92TeIBwU51lrbLq45z0OFyI1iRd4PBnFTh04qaBGlER8RdhsYwjts5vwGoxK7bF0gzy-_afWXjCceVB0qANUuZFvFW0S_-ZFzHSyOvg&sig=Cg0ArKJSzJ37NQvETvYeEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: BBC258CDE3E97DAC6244D6D7B5D39D87
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssURG9ozbTh_hvJV9Bcn6fsPvBfLAzAiFpRyVpP9X6rxmB1yiopYiodE4JQGCr74GhCkH-fmzqHu_2D2iRMQBZsKwMTnpOzZQCf5AU8h-IyB0pTjiWy2nvyUD_E6rv-Teu-ekt7puXoc5fYmWR0D_G7xpBlL23cvxeCHB7g2vCZ6oGcHWwGEgdlOVkkt7sDGtnOBbMRqW3t6m8OgdWoS4XyawFbYDHznlFnadC_6TAJFYLCCRAICVmqByMpt7HQGN2uD9VrLlpC7s6VGMmsoQUy1igxZWKuptU6hgryjOYHE1EM8NjmEwrPH2ZsWgah-W42bWHxy-mqZacPDnl6flPwCO4ta1kkrRlYRT9K5C2TkkJle39RkGq6&sig=Cg0ArKJSzCgHl3uCw7f7EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: E32EC607E01D939D2331A97F26C0D60E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst9qFlMIbUGc87ajEyfFmY3PZ6EwEc4foGMyQJJOFzjeYeRlGVI76UVP6JtJ5P3_o2GMX95ivqz42bZDfF-gvhwjl0rzX143EY2sqKx_FBduQjruvspUAS6KnZ7m_6RGdytOmGV_CdGnOh5xC8mFnhALtlZ1KFKoGu3afCi0N1pEhW78LYmpbyd3PnO8K2p3IbxqWs9RwJ3I2whnPntS_FsO2dHGWB4X6b-9jGMV-Fvh_hRJDG_vy8pd7iqA-socfkGO5F7-ZEaPH3WvFO4QJbemW7Rwsv_jevKCDhfq-vlRlwKXO6gbUQa47E-mc2atn_88TVsZuzA_mB3R2UVb-U-bJJw-XllaJkVuMIUqVxNJwulT8KK8is&sig=Cg0ArKJSzJe5iTEtZYuEEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 9F162AA056AFFE2EB3208EA25FDC3EB0
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsu-VQUkS2L1w3f2WZwguQ66Xsbkuez13THvrZii2nCK0VM9z6P2DdpoT8ft2YWyaWqBIT5W_p2OHPu3g-C-aMza0wRvPzXQMplWuinlDIdkUfGVlW665U0mNw5o4vprfwVLLsYV85maM4rcA08YtCzrTDNdU_qaXdlpUT0FcVlzBXHMJ2CARBrYnm8nmCShI7fKkIyTcN6jC4iq7aNPr90_hfIm0fmmRketURPopdlbHvyIZ-9V2fFQbHJ55irvnNerEpQ7YzTTgvgu5EOc_zHp4CuDYx0_tFbbde2LZqCPO68uWK-sDMg6n9NzWqnyxFVdDK-OrYyxA6Kv_hdrChxZ63EC1rrR7ZOudMTBJqZ7U1z-6iCycU0&sig=Cg0ArKJSzBssW7lsaVLIEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 2700AE1E2001D7B3DD5E4C5294E6E8D4
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst6TZv79GZdAPVqdqxSmPhrbUoMcSniLWLHCFh7kNb-ylc63iCJSwmybcNl1uzhr6EyAo7YzWkq7Cv2ZI9CcuQXjMZfD24b0u96jwTPY50ja1MgYnctW5jD2Cp0IOz6dQAlMPPUD-0-DOUJB-Q5qjIVxlz-kgsMWEGu-tTkIoVNCE59kwcEfuK-m02BO5H-WVumJiqVg4HQJCR7oMlX3Psd7B1sgKazFGkkV6daf9WkQudgVtZ3M98m4P3X5RbACGk5ImfC9FpMbZtOZ3LgJiyvCJrVCkEuiFoOTHeutUel9n-JdnFlDJDWxTmpRDEylaVUT3cq2bCwO0DysWsayU85IQHBemSCUZCC-QvOh2upz0QATVK88GA&sig=Cg0ArKJSzEkMn__hgiBJEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 6EDBB91923473B5CC448C6CED12C9677
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst5U9xwHV0MC6vwDaAweidt6Z-no6e8o6VDqNPymEBSXPH-R4lDUZt7VVi9NhM1E7bsf-ypmkrZo0Fh0pOj6cRe2TxAvXkfbEe3GmExCeme3BbQfJtvgYVnG6IdZR2HQ40KNP7IBxiyG79lJy_Alsq5JVwQqycZpANlkWHTkrfT-u2RkwdaXg-IW8SIyHfxU7uLqnCSqrwgxUvcPgOVosEUGKDknsPQUxDh07KdySeflDLmeXhaYZnFspO0LRj3GDlXUBI-Be01nMHXpoockv9EaqN21ZXml3448jpXkcN21fAxCN5YAbmh3pLq5VJ1epWUIYogSnSZ5wK9BHm-qHNw5Rahx-kiwP6hSJbtt2U5dpn3la1gZ64&sig=Cg0ArKJSzOpcu1eC93DpEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 3C54F6D7487C24D0360E57E2ECFE4427
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstJ4pyJZcXE5mxPT7qMhkzVMF5lqsslQJlkWvQO80eKnLOgOHSiAiqvG1t1_72RC6NjgpEqK4S1WfgepWIVOrqpOxmIC8dflSfHxslGXO_Gd7jO9UKDRuGpiyQlAjlWTxQf2ZWLjqVILtyYOYUCbfoG6sBfCqc8PtMiw95PX82tzpDJ-QaLfg1NA5HoKvi6PuYb-IfyTMw_QnG8FXkYyMgW0GLva2Nve7J6mvMMshR_IgokxnMVE3SDjHsxK6TlgdS70VfSftG0mdVYSJJ0vbvPeNwWUwizWbO6_mIDfhTy8KKyssZTznVl7OlikASJjVBpnzAWsFl8QuskrdIa4OQd95wsiJaTp4cGc4MKr45PW582p1eQlsNk&sig=Cg0ArKJSzBsS6a-iGapsEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: AB3CA0E53E1970E2339959D335E9CCCD
Requests: 8 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: 3A892F7BF83711AB3C6868373A6D1780
Requests: 1 HTTP requests in this frame

Frame: https://0b9201374d747ca5e9eea66f647fb8f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8A435AC6CFBD3B86510A2578BD298B13
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9104780EC026A7FD9EAF3CD646BBDACD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Car News, Car Videos, Car Reviews, Car Road Tests, Car Industry News, Car Rumours, and much more | CAR Magazine

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

214
Requests

99 %
HTTPS

50 %
IPv6

19
Domains

26
Subdomains

29
IPs

6
Countries

4271 kB
Transfer

10712 kB
Size

8
Cookies

67 Outgoing links

These are links going to different origins than the main page.

URL: https://dctboyojy.578333.xyz/

Search URL Search Domain Scan URL

URL: https://www.joburgetc.com/news/
Title: News in Johannesburg

Search URL Search Domain Scan URL

URL: https://www.capetownetc.com/
Title: News in Cape Town

Search URL Search Domain Scan URL

URL: https://www.africaninsider.com/
Title: News in Africa

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/
Title: Reviews

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/bakkies-for-sale/
Title: Bakkies For Sale

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/elite-cars/
Title: Elite Cars

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/news/industry-news/tesla-south-africa/
Title: Tesla

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/bikes-for-sale/
Title: Bikes For Sale

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-valuation-report/
Title: Car Valuation

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-insurance/
Title: Finance Calculator

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/news/industry-news/natis-online-booking/
Title: Natis Online Booking

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-dealer/
Title: Car Dealer

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/videos/dashcams/
Title: Dashcams

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-price-guide/
Title: Price Guide

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/news/ioniq-5-n-sets-record-at-pikes-peak-international-hill-climb/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/speed/motorsport/tough-safari-1000-not-enough-to-deter-toyota-driver-saood-variawa/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/news/new-models/range-rover-sport-celestial-collection-takes-inspiration-from-the-galaxy/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-toyota-hilux-raider-2-8-gd-6-48v/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/-2017-toyota-corolla-western-cape-cape-town/6998273/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/-2024-suzuki-dzire-western-cape-cape-town/6998272/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/used-2020-porsche-911-western-cape-cape-town/6998271/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/-2020-porsche-911-western-cape-cape-town/6998270/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/used-2020-volkswagen-polo-hatch-western-cape-cape-town/6998279/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/used-2019-volkswagen-polo-hatch-western-cape-cape-town/6998278/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/used-2023-toyota-land-cruiser-prado-western-cape-cape-town/6998277/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/used-2021-toyota-land-cruiser-300-western-cape-cape-town/6998276/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/-2021-toyota-hilux-double-cab-western-cape-cape-town/6998275/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-for-sale/used-2021-toyota-hilux-double-cab-western-cape-cape-town/6998274/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/news/all-of-the-car-magazine-top-12-best-buys-for-2024/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/ineos-grenadier-3-0td-trialmaster-edition/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-mini-countryman-s-all4/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-toyota-hilux-gr-sport-iii/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-porsche-panamera-4-e-hybrid/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-ford-transit-custom/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-haval-jolion-pro-1-5t-s-ultra-lux-7dct/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/kia-sonet-1-0t-ex-dct-review/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/review-mercedes-benz-e220d/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-opel-corsa-gs-line/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/fuel-consumption-test-volkswagen-polo-gti/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/videos/zwartkops-rebound-round-3-2024-gr-cup-ep-4/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/videos/drag-race-mercedes-amg-c63-e-performance-vs-v8-c63/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/videos/suv-shootout-2024/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/videos/david-mashabela-shares-details-on-his-mint-ford-mustang/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/videos/sheldon-van-der-linde-crashes-out-of-contention-for-24h-nurburgring/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-bmw-520d-m-sport/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-mazda-cx-60-3-3-takumi/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/fuel-consumption-test-gwm-tank-300-hev/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-bmw-i5-m60-xdrive/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/living-with-it-volkswagen-polo-life-1-0-tsi-mt-introduction/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-ldv-t60-max-luxe/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-jac-t9-4x4-super-lux/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/living-with-it-suzuki-xl6-1-5-glx-update-2/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-range-rover-evoque-p300-dynamic-hse/

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/car-reviews/driving-impressions/review-toyota-land-cruiser-76-2-8-gd-6-station-wagon-lx/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/CARSouthAfrica

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CARmagazineSA

Search URL Search Domain Scan URL

URL: https://www.instagram.com/carmagazineSA/

Search URL Search Domain Scan URL

URL: https://twitter.com/CARmagSA

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/contact-us/
Title: Contact us

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/advertise-with-us/
Title: Advertise with us

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/terms-and-conditions/
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/competition-rules-2/
Title: Competition Rules

Search URL Search Domain Scan URL

URL: https://dctboyojy.578333.xyz/privacy-policy/#cookies
Title: We use cookies

Search URL Search Domain Scan URL

URL: http://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: https://highburyads.co.za/www/delivery/ck.php?oaparams=2__bannerid=6121__zoneid=1599__cb=9d85f710b6__oadest=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fclk%2F589679159%3B397917716%3Bs

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 116

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981195317/?random=1706719602&cv=11&fst=1719664902153&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9181219265za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&label=tlaeCPvm4sIBELW079MD&hn=www.googleadservices.com&frm=0&tiba=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&gtm_ee=1&npa=1&pscdl=noapi&auid=174261521.1719664902&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIvv2L_eqAhwMVJA2iAx1DRwEWMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Jmh0dHBzOi8vY3F0eTEuYmh1ZWZiZnJ2Ym4ud29ya2Vycy5kZXYv HTTP 302
https://www.google.com/pagead/1p-conversion/981195317/?random=1706719602&cv=11&fst=1719664902153&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9181219265za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&label=tlaeCPvm4sIBELW079MD&hn=www.googleadservices.com&frm=0&tiba=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&gtm_ee=1&npa=1&pscdl=noapi&auid=174261521.1719664902&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIvv2L_eqAhwMVJA2iAx1DRwEWMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Jmh0dHBzOi8vY3F0eTEuYmh1ZWZiZnJ2Ym4ud29ya2Vycy5kZXYv&is_vtc=1&cid=CAQSGwDaQooLIs7xrTRn5nzgiUfMyfmip1MtCiMhjQ&random=2289003188 HTTP 302
https://www.google.nl/pagead/1p-conversion/981195317/?random=1706719602&cv=11&fst=1719664902153&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9181219265za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&label=tlaeCPvm4sIBELW079MD&hn=www.googleadservices.com&frm=0&tiba=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&gtm_ee=1&npa=1&pscdl=noapi&auid=174261521.1719664902&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIvv2L_eqAhwMVJA2iAx1DRwEWMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Jmh0dHBzOi8vY3F0eTEuYmh1ZWZiZnJ2Ym4ud29ya2Vycy5kZXYv&is_vtc=1&cid=CAQSGwDaQooLIs7xrTRn5nzgiUfMyfmip1MtCiMhjQ&random=2289003188&ipr=y

214 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cqty1.bhuefbfrvbn.workers.dev/ 152 KB
23 KB 1481ms
1195ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 552c4faacd9b3ec9971f1ce0c4d1744e32328ff9b1f00d215eea685cb5a96633

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 89b5fdf3dc76377b-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 29 Jun 2024 12:41:40 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://www.carmag.co.za/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0m5SGVdIO2YrRD8IMBI39tja2rF%2FVfu9IMdpJXG3z9QmHkvJuFrByQ6lP3WDIma1U9m3GW2T7JCHimGFAqOvjkWWFjkTjiAllG66et0CQmOL9otaz4YRfFchfWeFjyNlVxtP"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 style.min.css
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/ 143 KB
0 1204ms
1028ms Stylesheet
text/css 2606:4700:3033::6815:45f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/style.min.css?ver=xxx
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:45f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 26 Jun 2024 08:32:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667bd214-33e78"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kj7dNxiE%2FxGW32wkZy4nEPomSmoBxx49Fv%2F3QQr6P10o%2F9zy7i1i4EDI%2FcNKeiJOSxefu5q9xryb5R4Ve73IirTs9lksVfbNHvrWlL9fWvecfpqF9Peb7V13kSubaamTz6b5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fdfc7b811c15-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 cfs-advanced-search.css
dctboyojy.578333.xyz/wp-content/plugins/cfs-advanced-search/dist/ 15 KB
3 KB 1123ms
948ms Stylesheet
text/css 2606:4700:3033::6815:45f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/cfs-advanced-search/dist/cfs-advanced-search.css?ver=29-06-2024-1719664712
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:45f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8a700630a179fb4e70f040a3dcb2334833dce7788f25a09f64542557615d41e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 15 Apr 2024 09:56:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661cf9da-3b19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8%2FU%2BPm2uPEdTfE7RfqSrDOWJnAXr0vEXGXwcUPc50kt14V7nGxamaFNfZXRzCx7ywOjt6c5ALrjJ1yI%2BAwHzlrLu4BhkUtKR9TmoPAfnJIYk%2FR6Ug%2Fw3QHMBApdWbKOGdLn5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fdfc7b861c15-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 custom-widgets.css
dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/css/ 50 KB
8 KB 1313ms
1139ms Stylesheet
text/css 2606:4700:3033::6815:45f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/css/custom-widgets.css?ver=29-06-2024-1719664712
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:45f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70619499e4709f4bc53d884a45e4895660c497295228bc928ae17ae694494c48

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 15 Nov 2023 11:38:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6554adad-c8cd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pNt1v8LAesduGBl5Jjfp%2BRUoPIwaRO2xUNMxDKC0pI%2BHwytVVGzzBI0joDUSd7FadLkcfH6KEpVY5YuuB4k2KWku%2BTKGj%2Bmpj7NwibgLSzdimLweo6%2B8FsR8i%2BlPvK9i%2FETW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fdfc7b8b1c15-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 swiper.min.css
dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/css/ 13 KB
4 KB 1103ms
929ms Stylesheet
text/css 2606:4700:3033::6815:45f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/css/swiper.min.css?ver=29-06-2024-1719664712
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:45f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dea3c2d66b0679ee2db67a21c0a434f3e14d6ac8a2af06877a711151fc32b56d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:26:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6375fe42-356e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EckX8ZHcgceHtGhlmS%2FBs2ql2fBWAiPRFdb5%2Bqbjgii0CSkeepU0Sh6Sg1IoiA1XOGp0A%2FsYARe2gHttODBcPTTGVrBLK7HB761D0Rk3eCVqEjvjR8TB11zeS4D6PtoCjACh"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fdfc7b851c15-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 cars-for-sale.css
dctboyojy.578333.xyz/wp-content/plugins/display-cars-for-sale/css/ 94 KB
17 KB 1178ms
1004ms Stylesheet
text/css 2606:4700:3033::6815:45f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/display-cars-for-sale/css/cars-for-sale.css?ver=312
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:45f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2866e98ae386469948188b57264807622938fd4c2f1a251b93473669c03497b1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=125033
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 16 Nov 2023 08:30:48 GMT
server: cloudflare
etag: W/"6555d338-1e869"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z5%2BR8QWzC9BtTO6KbA0XvTCmJNmNJ7dv8wEf4YI9o7YkeYvcf0wt9jNpu8spK%2BJVREUcdEr2%2B38ViQxJZ54UB8HsJADXXfDzXdHC9pemSN%2Bhme5r35MVEQiFyKKJ16d5oU3d"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fdfc7b831c15-FRA

GET
H2 200 google-fonts.css
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/fonts/ 5 KB
962 B 727ms
554ms Stylesheet
text/css 2606:4700:3033::6815:45f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/fonts/google-fonts.css?ver=1.1
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:45f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b352e35f5413292120165ce13962b3cead65738da4191b43286c6592d81e3a9e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=6670
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:28:49 GMT
server: cloudflare
etag: W/"6375fed1-1a0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FxCpedS43e8lIbB7NtrzeKxoErJL61U4FzOdnL6%2Bojzyg8ke8HCkssEZz6Gv5bMvnldqia0mJbZuIwF1SAeP6qnhy9f2xkzicR2kTyRXvQts2cXgNjeooHW7Zn2fWIqRniF4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fdfc7b8a1c15-FRA

GET
H2 200 font-awesome.css
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/font-awesome-4.7.0/css/ 30 KB
7 KB 876ms
704ms Stylesheet
text/css 2606:4700:3033::6815:45f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/font-awesome-4.7.0/css/font-awesome.css?ver=1
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:45f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=37414
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:31:48 GMT
server: cloudflare
etag: W/"6375ff84-9226"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Whf9Dy50HapvStPFguFo4BMbYfjaVwnaTBXp0p9pur2I%2Bj9FrNEYUPPQm7yeAHHJXbSg3MkN1CN5x9jaXXgUDVcBxocXuzKy%2BfDpcBo3PbccuBJuKto%2FKq2i3c1lBFBYw%2FnY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fdfc7b871c15-FRA

GET
H2 200 jquery.min.js Show response
dctboyojy.578333.xyz/wp-includes/js/jquery/ 86 KB
31 KB 1194ms
1021ms Script
application/javascript 2606:4700:3033::6815:45f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:45f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 11 Apr 2024 14:30:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6617f402-15601"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MXg0N%2FWfS07zqq%2BgyTKfl6guLG7odMVjbu5h52Z4BmltLtE0eEr8v4mm0Z6n0seZnxUgvGWC6zmcquz537OSvtvacRDeqd0cK2pnvhwvanFbPJ%2Fomb8kaGz3vG5B9FgaTWvq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fdfc9bc91c15-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
dctboyojy.578333.xyz/wp-includes/js/jquery/ 13 KB
5 KB 872ms
700ms Script
application/javascript 2606:4700:3033::6815:45f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:45f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 11 Apr 2024 14:30:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6617f402-3509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U0TIajmE9LURZfxVwY4OsIhf0Wi7oT1F7m9lTbqfQR%2BC9MYA40EtPe01f2A7hNLliyNEzNHKt2c6YntCfy54VqLRAEGfqnfPi5PZleYGM2nUNyDWEExWG%2BURA2SOxTY0DMi%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fdfc9bcc1c15-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.menufication.min.js Show response
dctboyojy.578333.xyz/wp-content/plugins/menufication/js/ 13 KB
4 KB 1079ms
907ms Script
application/javascript 2606:4700:3033::6815:45f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/menufication/js/jquery.menufication.min.js?ver=6.5.2
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:45f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 716cb523fa841c30059a51fb52757884a4e5ddaaf9fdd33bd4fe4b6561421fe0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:27:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6375fe7a-3265"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IapfQcIgWZS0ORL2rm%2FND07YKmpugvEWQG3RRAOpRCS3P1mStmYKsUlC9RNpI2oeqAfZEqAS8H8AaY66HczxfMQxK41fqgeIbu1MnYbS8ARzQe4IcDllQEIA0kisMDwJOKDv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fdfc7b8d1c15-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 menufication-setup.js Show response
dctboyojy.578333.xyz/wp-content/plugins/menufication/js/ 2 KB
1 KB 737ms
565ms Script
application/javascript 2606:4700:3033::6815:45f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/menufication/js/menufication-setup.js?ver=6.5.2
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:45f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e0c66741dfec2c3002fe92915499f6808da0a9ce99d34916bd9e7883d0f8074

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3588
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:27:22 GMT
server: cloudflare
etag: W/"6375fe7a-e04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YdfpyRFmLr3G9AGqmW3UGvMe%2B0kl%2BDnX%2BUjxakONqluGEkMqyUmUdGxCNhedtB%2BkAn18G9qZUQy6zRpCY%2F6frd9NykQyss5xqpRWAh9JdYRtTCIE4S7cKmH1dxn04Hcs0yzz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fdfc9bca1c15-FRA

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 206 KB
46 KB 167ms
74ms Script
text/javascript 3.160.150.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js?ver=1.5.7

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.150.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-150-46.fra60.r.cloudfront.net

Software

Resource Hash

98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:34:50 GMT
content-encoding: gzip
via: 1.1 6f4aa26c09fb9bb4d152519f44256a4c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P7
age: 412
etag: W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: hgoInqzYsiz2kvzx8_hNG8y5f3YBeYXlq2iYBPgUhDgC8IxkmPPXNg==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 97 KB
31 KB 267ms
111ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2dd4eba8712e37e9556565bc1ba6d497e8c7d4124cb3d474ffb559ef83983e5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31298
x-xss-protection: 0
server: cafe
etag: 905 / 19903 / m202406250101 / config-hash: 14127960895537280856
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jun 2024 12:41:41 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
31 KB 219ms
108ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

bd171532b0d7b93a2baefabd1c3a617be7f387fe389cba61f1e3807b290eec7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31298
x-xss-protection: 0
server: cafe
etag: 569 / 19903 / 31084894 / config-hash: 14127960895537280856
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jun 2024 12:41:41 GMT

GET
H3 200 style.min.css
dctboyojy.578333.xyz/wp-includes/css/dist/block-library/ 111 KB
15 KB 2096ms
2070ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 11 Apr 2024 14:30:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6617f40f-1bae5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FERqvBMEOfaEaxpcpO5bk6joDgdxVmhhgcs2ddEwYw3GtUWLffpFcXdnU5%2F25hNX9DbkGnjp6CuuMAoBDXq7ywKNUk4T2vjKvlRLBwD%2Fg5JVIsgx5MDQ4PM7IyXTOhvU%2B1fR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe041c549b63-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 drivers-test.css
dctboyojy.578333.xyz/wp-content/plugins/drivers-test/css/ 2 KB
941 B 2097ms
2071ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/drivers-test/css/drivers-test.css?ver=29-06-2024-1719664712
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 432eb81d99e6c7f947e6e9f30ca98503157b92ae8fdf6e21a2da6ea143fbf3f9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 13 Oct 2023 10:25:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65291b1b-638"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E0nQYJSZ0JhXbuCon4LoPKZZowOY24jf40aNyVe6o3U5WP1NdvZYg2pTmuWHQ8xDhbsARBKMT2hTXofj6MsPA3lX5bKE9CoOah6S1L8Pn5esF%2Bpt3jfVzGXHHxGPIats0cRQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe041c659b63-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 mu-style.css
dctboyojy.578333.xyz/wp-content/plugins/sharethis-share-buttons/css/ 0
475 B 637ms
612ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/sharethis-share-buttons/css/mu-style.css?ver=1668677260
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=26
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:27:40 GMT
server: cloudflare
etag: W/"6375fe8c-1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0QDNnBFohWv37DJRNyV%2FceZ3C5Li6XzulR3OapziJ2nZDOylpb0P5XLgH1smKFFECY9H1aYFCcIii56txGPTIm1RZjQrfcqd3B9V9Xp%2BxJ2bfyDmISD7k3%2BxhxgO2%2BghJvGP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe041c679b63-FRA

GET
H3 200 article-view-slick.css
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/css/ 1 KB
901 B 695ms
670ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/css/article-view-slick.css?ver=1.0
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1776
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:28:48 GMT
server: cloudflare
etag: W/"6375fed0-6f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ThVShrj4reFQVP9PDxYwQOL2teHNQtnnLN5WK2ipS6QPMIRyX%2FWYABcusHby8QksutiyDCdjHCTK8HlxumCaMoiTtXKFuhLoydgoCxCsDPGuLCUPD%2BmbYmBK3%2FiDbTdkF6IN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe041c689b63-FRA

GET
H3 200 article-view-slick-theme.css
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/css/ 2 KB
1 KB 689ms
665ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/css/article-view-slick-theme.css?ver=1.0
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8b0220980de4339ca04d32bc5656435847fecb3a47f2eac38e33277e18eddc8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3145
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:28:48 GMT
server: cloudflare
etag: W/"6375fed0-c49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Quc8fnvD3naYBGRubmtElQKuIu2ixSJVGuls5ry%2F8hkfis7cDcO3fEg7QpmoEXjpxMiiTLFuRaOKk5jvd0%2FfciyoTDfuaqd4l9QlYQcTJe3Ag8XP8VJTWT%2Brx9WlK5IQQLp%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe041c6a9b63-FRA

GET
H3 200 magnific-gallery-styles.css
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/css/ 6 KB
2 KB 703ms
679ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/css/magnific-gallery-styles.css?ver=1.0
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65d43fc1d47bdab6bb9a4f5add734f8b9d059f9e773c431a350b3804bfe38a7f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=7437
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:28:48 GMT
server: cloudflare
etag: W/"6375fed0-1d0d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2AleuNn6HVBz%2FGWEpQMkxlAEBHHlm62c9uTyUaErDHMO%2FW8%2FgtItX4ei7VbIUSf8kkYToF6f%2FAFub5T1F7sPd1njFIOJcOa5KAg5t9fOyViyLJxNO6lWCLrpkdy7fkxq3iPu"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe041c6c9b63-FRA

GET
H3 200 styles.min.css
dctboyojy.578333.xyz/wp-content/plugins/scroll-triggered-boxes/assets/css/ 1 KB
897 B 703ms
679ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/scroll-triggered-boxes/assets/css/styles.min.css?ver=2.2.1
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1b0f6dee1e2b4b439e62daffe536db30431a1ca3d0628aa134b6ed7d689b91b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 04 Jun 2024 11:17:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"665ef7ac-4f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bzmI653juv9F%2FKlDIW7xqr6WsciErmdMc%2FYamAYNlH5fYAthueh8T6A74x5nJLa5vCeNaAWoHHBU0HVL6CYWgbF6KLi3TGzC3at6w9UCSCfHq53MjJ9GObcADJIrbFpYYb%2Bt"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe041c6e9b63-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 menufication.min.css
dctboyojy.578333.xyz/wp-content/plugins/menufication/css/ 29 KB
4 KB 2095ms
2072ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/menufication/css/menufication.min.css?ver=6.5.2
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f55c1dbc04d02e68da4ad12c1b703a08b9582e56154f5d18ee1ff792cf0648a0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:27:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6375fe7a-723c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RQSRzmz%2BBt8A4TFLDQUn1r15EaeEQ%2FjvATasv%2F7H4gP0ulNoSz%2B%2B7tcN9nt6PP%2FZjvxrVQZpnpExKcfZY4w9loeqo8BuucNSDNka0jnPqEvODplEQPc7fcKD6pMugZ67dSYv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe041c739b63-FRA
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 5714ccc0-77aa-4dbe-9a1a-ddf27968fc91
https://cqty1.bhuefbfrvbn.workers.dev/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://cqty1.bhuefbfrvbn.workers.dev/5714ccc0-77aa-4dbe-9a1a-ddf27968fc91
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
75 KB 223ms
81ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-11411975-1

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ce10ca569e4e523b75bfd464ecdedc1ec5e74ac0291584931ab0add3ac2388b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76565
x-xss-protection: 0
last-modified: Sat, 29 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 29 Jun 2024 12:41:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
92 KB 308ms
167ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-981195317

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a40d9ac37537806e48e209965d8daa4a337de6cfff09c7531939956cc813f31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94287
x-xss-protection: 0
last-modified: Sat, 29 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 29 Jun 2024 12:41:41 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 177ms
61ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Arvo:wght@400;700&family=Roboto&display=swap

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4200e8df2c5f52c2bf9bd2f41ed424edd48c54b7534071a9e61f5ee4602b742f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 29 Jun 2024 12:41:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 29 Jun 2024 12:41:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 29 Jun 2024 12:41:40 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
814 B 178ms
62ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

42e3aa6d662901ad9a1a467a06d2ea7514451ad93b1fda75bc093374aba78290

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 29 Jun 2024 12:41:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 29 Jun 2024 10:44:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 29 Jun 2024 12:41:40 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
51 KB 242ms
132ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7073370864490749

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

7f8395b638ccead050ac9a5f01b0872bf6e6fbb1588893ba1394a461ab1bdb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Origin: https://cqty1.bhuefbfrvbn.workers.dev
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52646
x-xss-protection: 0
server: cafe
etag: 7238327035022961780
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 29 Jun 2024 12:41:41 GMT

GET
H2 200 carmag-logo.svg
cqty1.bhuefbfrvbn.workers.dev/wp-content/uploads/logos/ 2 KB
1 KB 702ms
655ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cqty1.bhuefbfrvbn.workers.dev/wp-content/uploads/logos/carmag-logo.svg
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df2dbe77839fc3cb86552ed81b59456e25e95c65882976aa5fa7280e2f734f3a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 02 Dec 2022 14:12:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"638a07da-7e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vf7DBXKZbg5fyOL%2FZapgtF%2FnFjgFVb%2BzY%2FrW%2BZyDPmR7ke3Zwg%2FUmG9I78SJibjWQ2OFyEjX2%2BI%2BqZG9GcX5JsXyTYoWZbhB3NWDEqsMcoKpsKYnUlKNgyidKrBBo1nhke3H"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe042b1d377b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 60211_Hyundai_Pikes_Peak_International_Hill_Climb-832x499.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 58 KB
58 KB 1151ms
1151ms Image
image/webp 2606:4700:3033::6815:45f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/60211_Hyundai_Pikes_Peak_International_Hill_Climb-832x499.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:45f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44f4cd60016deeffe0bd48dd5c452d29a62524a613b47ffe126ec004d75315b2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:41 GMT
cf-cache-status: MISS
last-modified: Fri, 28 Jun 2024 12:21:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667eaacf-e6d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=91RdRpf93WxXQtH1jgnT4e%2Fv18qNpCOyHYFmB70l0gwVAtptgVXBxUjR5WNtBwf%2FEUiQ63QWAKMXPZEnsPz5%2Fm%2BrRgVFjaFvnlbGPpl1KkXDBWGJ5i55i%2FHcoyJHYMHWyZ%2Fn"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fdfcbbe01c15-FRA
alt-svc: h3=":443"; ma=86400
content-length: 59088

GET
H2 200 saood-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 15 KB
15 KB 666ms
665ms Image
image/webp 2606:4700:3033::6815:45f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/saood-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:45f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30aa80a90ee383cbf1e51c71164c27de2c1e6ad4eb79d434d27503a9d7da1326

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:41 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Jun 2024 09:59:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667d380f-3aba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R2dTj8Z6M3Yz63t9LrGq0GKszoB4Gn5yQDMWL8q%2B5qRl6vKWAzuQBej%2BJ5gmYSS%2FwtigfbWJcAeSnsFLrcCSxFFBfxkpdIVhcPEykJkcy2EVubzBhZT%2BeZZ4cwyD5k3J42SK"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fdfcbbe21c15-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15034

GET
H3 200 3-17-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 5 KB
6 KB 527ms
526ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/3-17-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f839560533ef99a48761ece01a508a17e67b35a5721f117f86ff3683a058346b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:41 GMT
cf-cache-status: MISS
last-modified: Fri, 28 Jun 2024 08:44:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667e77d3-14d2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q2uuJQrpr%2FHW%2FTd1HJqUqLgYr1l%2FLXgs4izqULNfn7of3qPrMsdsU8O9tGaPdHy10nAJKShggVwudqPy7F6POtL2VTXzHYpd1uYebPuSAfPrz2e7OaO3RrQmuqBOTSJtupB9"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe00efad9b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5330

GET
H3 200 Toyota-Hilux-Hybrid-156-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 12 KB
13 KB 912ms
910ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/Toyota-Hilux-Hybrid-156-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba502317dc356ef143de5cd60838339f7dc5f235d5441b9fb5eb4c15855c6f69

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Fri, 28 Jun 2024 10:28:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667e903e-3048"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mdx1Z6Mo8njLW1gSvqZ7DCk9tnhBRvdhudYSMZ%2FyycyEeVLpuninXjmu61crYd0Lqn99i1RpTOAaqGKf8T%2FDcZkzNHwj9Sh1W87GQjHYrezTiAlmSbMxexOWFwGSxSrwztWj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe03dba59b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 12360

GET
H3 200 default-thumb.gif
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/images/ 30 KB
30 KB 774ms
770ms Image
image/gif 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/images/default-thumb.gif
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3baefa0165cd3e7b9dc50a6c989a5d323ab6bc9c440847675001f203fa8b0aa

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:28:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6375fed2-772a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z3Q0OlKnDYJ9Mx%2FYCWpFxHIm8amI1dCB7ZbEVvBq6OYHMJNRbu3zPbZNSt2WJ4xEv7cSErSPcUByDcX2OfnogCIMIlDcWzVR0iIMou1D7I3hbuMZKHwe9He2EB%2FqGYX7iB4S"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe03dbab9b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30506

GET
H2 200 60211_Hyundai_Pikes_Peak_International_Hill_Climb-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 19 KB
19 KB 1169ms
1136ms Image
image/webp 2606:4700:3033::6815:45f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/60211_Hyundai_Pikes_Peak_International_Hill_Climb-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:45f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b24d51fcc240defbd3655c2a6d0bf93a188d79f877c7646f0e31970db2503bc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:41 GMT
cf-cache-status: MISS
last-modified: Fri, 28 Jun 2024 12:21:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667eaad0-4b38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cyGo0aELbA3q6bb3FooCv1Av4A%2Ffcg4XwXIyGhW3cnQtQ6HvnSdqBHRxo50d5Cnfq%2FIr35zgHIYJjzCkHHIM%2BpPkvXnWK9jw6aFoyZzzYZCQt1%2FPI%2BdatHqCiS96eMzYV2o0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fdfc9bc21c15-FRA
alt-svc: h3=":443"; ma=86400
content-length: 19256

GET
H3 200 Top-12-overall-winners-jpg.webp
dctboyojy.578333.xyz/wp-content/uploads/2023/11/ 159 KB
160 KB 1335ms
1300ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2023/11/Top-12-overall-winners-jpg.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ad9bd21fb6717d406acb28c063cb8ff0969564cb1c3cf5089496f2ea4f0fbb1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:43 GMT
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 13:03:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "654a3585-27d12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wCAS9ipNHa5DKnWw4nNEVnQOegnP%2BMrTxgEjYomXMHuW5Rt74H%2FjCTGsOSMvwj4ZxVSPr%2BwH8kfyLstocUSCmjbWjjtaHHyPxAqGvNUmQH8CFBcX%2BKUPva6HpJTE%2BiEceLzi"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c159b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 163090

GET
H3 200 carmag-locate-dealer.png
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/images/ 1 KB
2 KB 564ms
530ms Image
image/png 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/images/carmag-locate-dealer.png
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 754eb49a3151007ffe99db087e166fc6637651c12f614ac8696fbe76e7dca78e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:28:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6375fed2-54c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GvR1ikUUnhYEVSLEN2aLtqRnYFLcWgGoUGKKSkY%2F8Ykqx7z8%2BRDszZWE3V7UuCv14Z6IvwJOtL%2BHMikR81zmSPrGM7hVChiZ7b8ki%2BCYjsFV%2FqXMhn64pGBp9vWf9G56Ht3a"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c1a9b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1356

GET
H3 200 F-3-3-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 9 KB
10 KB 999ms
966ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/F-3-3-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a05703fc249f3bf3f44cb427cfbfbd8460c05692880495ef7f62db393218156

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Thu, 20 Jun 2024 18:09:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6674704b-2468"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RjSNIM2U1BzAKUIyCDP%2B5gOQNXYix0BElYugRhxlDqeXtKCFYcjxAyTE6SMP6Dt2qxSlWGIqn%2F4Es8TBDLqttkj62BZxVECNifk2FOlvqZJwNJqpHgEUgjc0b36q46AFsXQs"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c1e9b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9320

GET
H3 200 H-5-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 21 KB
22 KB 1023ms
989ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/H-5-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3c900b1f74a688dce1d47b538040ea7c8b243ae8a3e25de58482041b6feb2b8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Thu, 20 Jun 2024 18:08:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66747023-55c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C9vpwswHN%2BohTNMkbsZoJONs07nzMqJ6zDckRpsXxPS4PL%2BEpoOFXDtmrsNsTD3TM2j1bykmLIzW0z%2FkgFL3t7mtnYhGcWhs377oKNKF9YzX3cUlfemmRuYvvRO0yvHEu4aU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c209b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 21958

GET
H3 200 Tunnel-Exterior-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 12 KB
13 KB 1040ms
1007ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/Tunnel-Exterior-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 744267d0ad832cbc545f4f9bd5cecd0cf51a0ed600fcca68883255dd0fc55591

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Thu, 20 Jun 2024 07:01:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6673d3c8-30e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=24ao1TxrDoYzsh5dCXtYIPql4Vu4SWdkfX8a2CB1f97cFR9Oi3ksU3LRlwjUQZImfOnWOwzq1TthZhTiRxemEUn0mlbBjYBFwZO4ww9WiuQ87qP9sugJoqLJ1Ic36NTcUKuD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c219b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 12520

GET
H3 200 3-5-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 14 KB
14 KB 1085ms
1052ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/3-5-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 038bd21e20a795956bc2d76c39c26c38247beb41cb859a05aaea1c76e027ebae

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Thu, 20 Jun 2024 07:55:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6673e08f-3656"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hw9uPgnvu5TDIQMmbmfxOGTOVeqN63P2NzCGdfR1Mg56TNZ4pxGJkSQ81pSjGZViTL38KvHRV9OCgEBcc6i3cNscIbexKJKv1RnIhbuMOJK4Gdd48IOVtwSrJhBz%2FnESvfFZ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c229b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 13910

GET
H3 200 PP-2-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 14 KB
14 KB 1121ms
1088ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/PP-2-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee243c73addc0685d8bf52fe27cf4483488a8445f727e1cd4ddc3bd0fda866f1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Jun 2024 16:36:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "666b200c-37cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JhEObCQvlAdIsXuOjvNiB0hgwWuzQCmsNLkBoRCwWlGeYCL29NdWHcYSOOqdryx8oywHXgAAnbbe14VX%2BWlh5UFVC6DK%2FnHfO3wmpggoXsaADyz1CPQEXsIm4ksgqzY7uldl"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c239b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 14284

GET
H3 200 VV-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 10 KB
10 KB 1150ms
1117ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/VV-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa8d490fd9b2d65029f9c3ffd4e5fc299fbb9e4e3106c03adf81d24e9973d378

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Tue, 11 Jun 2024 15:15:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66686a2b-2680"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G5v%2BvUbX4UgMgyXMSoJ%2FVU6TJwLsRXH3kZf9rdpHyUZ1Wp3tMHq8YNjJpmhEGe01CvpkZPdCHADqNC30D%2FQ4LrT9h9472aM8iASh9Y99PyMVKo6QEHiO%2Bc%2BljyLZvzl78G%2BR"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c289b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9856

GET
H3 200 20240321car-8-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 11 KB
11 KB 1150ms
1118ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/20240321car-8-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc609c8f86bcf6bdcdbb981b7cd50421337712a899c0e0ab721d152406245314

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Tue, 11 Jun 2024 09:12:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "666814e9-2bc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vRqQlSXom43JDBsNsIoE9qzMiR8rlTICVs%2BGpI8VC2SAtL3WroQ6%2B2EY1JqiK2QnF%2FSVoE5D2pS8HxAVbco7OgkY9HQw3Ky2Ztd9s3rxs%2BLuusuD4Adnl8DDo9DOgXARSFP2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c2b9b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11202

GET
H3 200 Countryman_1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 15 KB
15 KB 1185ms
1152ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/Countryman_1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f83d55dba8d6d1b574e5c34d4bca4548520c8fdaefcf860f44af33ca0258b11

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Tue, 11 Jun 2024 14:02:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "666858f4-3ad0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zozP1g2MbsMi5xX9eDv7fQN5USlI8npEttKYZ9%2FwYhnx26g3tX2Tk4we0rRdZy1St9nZjN6qgiiO6Kg30t4oPL9AfzsXzQ0%2FghH%2BkiB5dR3U0UAp8szJQCIvhyuWC3zarys2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c2c9b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15056

GET
H3 200 aqcs7zpv8bkyvoitifje-copy-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 17 KB
18 KB 1185ms
1153ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/aqcs7zpv8bkyvoitifje-copy-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16e665c3ab8d60d214580dbdce0cd84d27cdad903593a86574d230efe90c4952

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Tue, 21 May 2024 11:59:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664c8c9b-4522"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rDTEVD%2FaujhOnjDt0MWa%2BdwlzCNaLCx2cRIIHBNdMq1Z64u97nY8jPWjxCk7IyiUtFcEfSVTMdXZyfS1scr77OzTIk7BrUKItcIsdRK6sR0s1P5A43NKUSmGaj0pd5jDUm7i"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c2e9b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 17698

GET
H3 200 P-6-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 14 KB
14 KB 1213ms
1181ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/P-6-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc61af77cc90e826ea655c43ef6ff9e28bd219e02ce269c60ddb4dc57ca741dd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Wed, 29 May 2024 11:48:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "665715fa-36a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rz65XwBSldWpFypteLaVxKFKNh1A%2BoJa%2FQbqHfa%2B6jpbOxho1v9ETpDJn%2FaONvCkQgpEd7Ex%2BKOgRgcu5D3Tiqf5L%2FUkOnX5pZFCYk%2Ft%2FnXWN9%2FK1eb5boj%2FpC0q%2FikSnk3b"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c2f9b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 13992

GET
H3 200 CC-1-1-832x499.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 42 KB
42 KB 1213ms
1181ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/CC-1-1-832x499.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a08b7967aad3133f6145ee859da1fc29692364cc0290af7f817c0b65913f7d5b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jun 2024 19:13:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667c6866-a81c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gVhTqeKWp6L6a7PmvWZsyY9%2B%2B73Gl6BE6BXyMVQYC5WuOx0W9j7%2BjI8mDOglIqn%2B7mI2LyixnfQU3AEolZp4mStc6KHKbIwPf1dqQ3oMzYADV%2BU9JxlhWpaVM%2Bp55rfbtIHo"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c309b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43036

GET
H3 200 Untitled-design-58-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 16 KB
16 KB 1221ms
1189ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/Untitled-design-58-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bb57fcb37c5f411c45ac7ceef54cebe0e8550e0f766052e6f001b64f279f3ce

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Mon, 24 Jun 2024 09:01:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667935f7-3e3e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OhITmjFACNK1LxKhekVLX3rmNm85KZDGLAsvvEkOb3CJrGTiC9qBdhLaHOREpZVQXIhBN7tyMDArdiJnMGrNntdUcOfk%2BO0NnC1AF4q%2Bc9iKv3y%2Fbu6auH1bAi8Srpn24CV9"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c319b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15934

GET
H3 200 maxresdefault-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 24 KB
24 KB 1299ms
1267ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/maxresdefault-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50af957b9bedb343bf0cea4f4dc08b16aef7861d2890324adea73189105cd978

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Jun 2024 12:16:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66717a8c-5e28"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OOstjXnh9DIAg0BiaXx1VkiPk8A4P4VsYxWH1dbOnLSdilxC3F8T%2FTrLbmaXRvs4q5BGCvzLvmuNi07AoLOzQcLvbiA2nttExjAWrxyQa9Hj%2FOPNfIDMdzPWDw9ov4L1hcAw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c329b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 24104

GET
H3 200 F-1-2-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 25 KB
25 KB 1218ms
1190ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/F-1-2-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6e0bf7b6d87987a4fbd7f7bf0db15df86a74d29f6f2e13a143fd70e3c55bd8f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Fri, 07 Jun 2024 10:51:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6662e640-63c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DkjIl7PUrjA1uPvkzyyZicccUKlQwUGUwrTDscEf0X6dzThTGRWZuwSovaqNRbCo%2FXoaMfoIq3kyqBlYGac8kVURW7OvatmTYpHW2uTpuT5XRBRxYOGSMqGCerAau%2B8eDy1q"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c349b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 25540

GET
H3 200 B-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 16 KB
17 KB 1246ms
1218ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/B-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5473248018f348cf42cd64f7768873a9b3deac3ca579e8c3a9d69feb0a4deb3b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Mon, 03 Jun 2024 08:10:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "665d7a62-4038"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2x8igFv2bGaVH%2BxbGklZsBivJKNfrS%2FqWqJps4jBwbu5JcepYNGJCGR%2FuOYX4pkouk20pusgfFJbMaEyB7NnIsnfUqz2xHnfYFDX%2FdfIYAnMkwMch6hsoiy5WpHPxp9Hq8UA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c359b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 16440

GET
H3 200 carmag-car-compare.png
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/images/ 1 KB
2 KB 629ms
601ms Image
image/png 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/images/carmag-car-compare.png
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 754eb49a3151007ffe99db087e166fc6637651c12f614ac8696fbe76e7dca78e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:28:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6375fed2-54c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5mmc3EMb4kByd9WMLjrUwDs9xfqyr%2BpT0WgpEAc4tQUaIqziMdqGLiKZ56vA2ylLHvU7JV8Zg77V116CDUK7J8Z6bFItWVrJXzP8%2BMr4Hm7OXhWwOJvRRC0mTXLGd2jmZDTN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c379b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1356

GET
H3 200 20240502car-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 19 KB
20 KB 1246ms
1218ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/20240502car-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f678ed2950ff009ba4f69d27138a40f8e926a177618583a04195774cb2ffc0c6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Fri, 24 May 2024 10:09:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66506741-4c8e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E9zTGxRpe7xICF0C41uC0UTD4KLPPIL8nNOR%2BCuMIAf4ZV%2BfKix2Ksb6HkpdpnafiXexdUy9Z2%2FoXGtifdUjpgmjJTvKGrkPV%2BjZswq2eluvIxGuXjkpzUVT6%2BM%2FD%2BzQa8wP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c3a9b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 19598

GET
H3 200 LDV-1-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 14 KB
15 KB 1253ms
1226ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/LDV-1-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cd160f0761224389d0794a6ba6838ba8c260a15bb32ab82d20e8d8cddaf849b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Thu, 23 May 2024 15:15:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664f5d9a-39a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QtcNR6OgmF4hs4lv0oxaNnkD4Jdja09FNCxW3cbXCK08VzX4eTFSde3cw1ePMr5UnaWHJ8Opa%2FIPIWGBAsMobfxvdYLXG8E9NFK5vku7zGrRlZzq%2FEM3xZMcgVCSZGNUc4r1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c3c9b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 14760

GET
H3 200 J-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 22 KB
22 KB 1333ms
1306ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/J-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30eba624890629f7fb30b4fc8a361b0dc3a7b161e9acf0330d2ac47bbf1006c3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:43 GMT
cf-cache-status: MISS
last-modified: Wed, 22 May 2024 09:50:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664dbff4-5824"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7i0QvFxHJ85LdDFJOkxETzafUKeZXWkz9QTD2XWTUkx91mZZBvYm65lQ6kRPDpBno36R8GXuKXXEQaU7z1Ra%2FJ452vo%2B8ZwS6XTjtdwlt3nRQ3BjNKAexUzhBg5HlSYPIHVP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c3e9b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 22564

GET
H3 200 S-4-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 10 KB
11 KB 1301ms
1274ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/S-4-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3caea22bb39112951c5f10b8c6b94149f08e48dcbe3b23619adf6a02bc8e2da7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Thu, 16 May 2024 09:59:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6645d90e-2944"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yabjasPah5v3jRVUHvQVEdq51x29ksVxRsZasrVS29iMJ0ZagI3MVfq8rpso4ifa%2BQg8gQ2u9hrTMjQYd2DCePwt%2FfF8xu8rpGO9%2Bj%2B9IGHdOcLYj6Bb5dH%2B0ggbFz0QTz%2Bi"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c419b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 10564

GET
H3 200 RR-3-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 10 KB
11 KB 1301ms
1274ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/RR-3-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78fbbffad8fe3133860095eb3648454c538d8343c106df9da38c0255c233457a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Thu, 16 May 2024 09:47:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6645d636-29c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I66pq%2F2WZtl6AMcTCAlWHXyMxEKrEoDaz0B%2Flk2uGpSEJ56Uq0Ts8LvUeLmPNeo9vqbFGUNpGgbsgcBDW07DL7TbrhW5YBmTh0FRKvD3ofeuRQ1M2DJ7TNwavlm1IysNvD8r"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c429b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 10696

GET
H3 200 T-2-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 22 KB
22 KB 1367ms
1341ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/T-2-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6165e152a8800f0fac70adf9d459535cee60a2fb561c98f87db892d973c911e8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Thu, 16 May 2024 09:26:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6645d138-5664"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4hGOtvno4uvnRjgJLxG9k5I0%2FfCrbnLc3WKYLunUmatrHYDTjz%2FXFqPI%2BAeCSRwfAhS4raDIvKmlClDE8utagcth7q%2FZfulBU2MI0CNMxRWS20cJ6ZV2mjCrVFbb7%2FbMaS3Y"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c449b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 22116

GET
H3 200 B-2-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 27 KB
27 KB 1368ms
1343ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/B-2-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a26e6e117c00f30f956ccd72eb6af343ca68e42e10be4800ccbfe8abf96d32df

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Thu, 16 May 2024 09:12:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6645ce10-6a54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BeAI%2FiSEgjaXPhuX8fSwmFSPL02CGxzAfpevfcWPurTpoGdzMYa9pCalQGlFcxab3JY%2FYNoZM5nAG5s%2FainophcnYCWYwGT1XYA0wjgXLNxvAywCZs41q8J%2ByHxWkfImELFe"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c489b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 27220

GET
H3 200 M-5-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 20 KB
20 KB 1368ms
1343ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/M-5-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c946c4a4f654d511da76e9710ad22adc8fe9b5e9f424b14ce4a2265923c98802

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:43 GMT
cf-cache-status: MISS
last-modified: Thu, 16 May 2024 08:58:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6645ca9a-4f1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ssle93pggAclPRnC%2BIta%2BLS7B%2BzWlVz5rr%2BgYg67AmaAVAcBIHPQ3G1tzNA0HSGQLGdBuLlj9IgdK%2FX0BCbGMuEcT4G2zAbcAknSj7LcR7nClfDXxKel0AxOjJ6DtEClw3Aw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c499b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20252

GET
H3 200 W-3-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 21 KB
22 KB 2066ms
2041ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/W-3-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57fbea68c1971609fc617837e19f64f8f6edd3b8be46a5e5d4f0be8d4810074e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Tue, 14 May 2024 14:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66437ac2-5552"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7owxqEw9kwZN9Kn8JYoP7gIw%2FU%2FGAPoVtb3IEy9HX5XuWArFcv2VBb8Ps3QdxE04AoQR5Gv0z94fCQkftQvxLIvIjLrEXTmcbescLpYcS92wcVCInDhknign%2Bq4neHaPJU5R"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c4a9b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 21842

GET
H3 200 Bi-3-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 20 KB
21 KB 2070ms
2045ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/Bi-3-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff26c5ae4cb6872bf6ca4c8abbffadd95b788fddeae30c6d0483c879b30cd141

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Thu, 16 May 2024 08:25:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6645c2fa-503c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JiIMO76t7aqqVZed6F%2F1zaaynxRdX3AbDlsvrMO2qkBWLzdJawpkyFsTLYCEiKOCxN9K%2FS0DoMP9BuslpcVOzIRghCjCTeA4UFErta5OalUVSs4VFKDTG%2F4pNnEMqCUpKCVZ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c4d9b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20540

GET
H3 200 habari-footer-logo-2.png
dctboyojy.578333.xyz/wp-content/uploads/2023/07/ 3 KB
4 KB 696ms
669ms Image
image/png 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2023/07/habari-footer-logo-2.png
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40c5a3816b27d87a187ffaabaef1a4d162f5510c51215f77da2ec281aaa2060a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Jul 2023 11:26:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64b5256e-d26"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GgF45rIgDF2%2BVp3ZifluXlmCV75mcvXCpeVyLfiNKw6ZDzrV2SkT4tXl5SXf74wbiPirxJt5Z9%2FgnCwaRAE6idwZTRpTzZa8ibbCaGT3FWOInIORDQC8pY%2FtJXPJ0gFRnpax"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c539b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3366

GET
H3 200 carmag-search.css
dctboyojy.578333.xyz/wp-content/plugins/carmag-search/assets/css/ 2 KB
1015 B 555ms
549ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/carmag-search/assets/css/carmag-search.css?ver=1.2
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6c6f0dedaa5f80bc141cdf9f6ba2b085ecd8781e6fa2e163ad33ed51c4b565a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3095
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:29:26 GMT
server: cloudflare
etag: W/"6375fef6-c17"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9CUTP%2Fy1gE4hSL7N3nUHnXXguGDnrCeqonrK6e2TTBJv4SNAwL2Fqdx1R3WFLcKSWFXFVvoDXg6foVq%2FL4qbn7DvchbWtkaSnFFVmVH9wf8XqGfGpM8P5Qmrii2L%2FjmyX3FZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe03ebb29b63-FRA

GET
H3 200 cfs-advanced-search.js Show response
dctboyojy.578333.xyz/wp-content/plugins/cfs-advanced-search/dist/ 31 KB
7 KB 1120ms
1111ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/cfs-advanced-search/dist/cfs-advanced-search.js?ver=29-06-2024-1719664712
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8352b5b204ffd4c0f6946891dc9210b0973c001401e74f8f84d850d42e601726

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 25 Apr 2024 09:52:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"662a27e8-7c7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uCbMwq1oBUU5SD%2FINIoX6rbpsA%2B9I8NPgNva%2Fr0tyi14x1S5aNRFSY3YnjnuJYKvYpMZoQB1y2%2FlCq2Rp00%2F57WYy%2BWMERWnflD0h52n8tlYY7wUDtDsSRekyAvwh6EJV6R7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe03ebba9b63-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 custom-widgets.js Show response
dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/ 4 KB
1 KB 956ms
946ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/custom-widgets.js?ver=29-06-2024-1719664712
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1438b7405eba426d534e4fb05a5dac264bc2d6b4e9cd05f7b8af32d225170ce

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Nov 2022 10:59:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637b5a19-fc3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K1LGoJWJutJtn6N4%2Bqp0HG9Yhm7lreTHxvYDKJK09y7flQ15upNRRq2x8ESxegG4qU3yUVCKa3SPXIyXH7wV%2B6YipyNVUU7rUa8WI6rbkgEgjyjl78GIbvHprgasvP7GRrZG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe03ebbd9b63-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 swiper.min.js Show response
dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/ 137 KB
36 KB 1076ms
1064ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/swiper.min.js?ver=1.1
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31b9a64530ca997b6bcc15ed933a677acb8659fd3d75c6f54736657bbf69c18e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:26:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6375fe43-22208"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XQLUiq59qjJHKFQelXrNkciMsZ054jaTE%2Fglwd4xUtkeyqPh9aoZETXlfWRyXqB3TUKlBEoREvLRaIoyRaaguoHoKdW9uRIfbWWu7Gr5WXALTJz0XGTt9dMtouZ%2FYUHimrRG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe03ebc09b63-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 dynamic-data.js Show response
dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/ 5 KB
2 KB 956ms
940ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/dynamic-data.js?ver=29-06-2024-1719664712
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25068766bea3ae98004f63d12d9145633c4916f32ce252431ac10406725dbd74

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:26:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6375fe43-132f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZuT0%2BA40gbOWow326z2GWDbqMjoUAEXiFsqHPRjTl1Q%2F%2Bp0uBaCtrlcHvLZherRPyhk7C44b1oUebzjeA1e%2FQJ%2Ffb4AJFGToeSMWtDfSm2hHGPAIoPba1FIRsybGCaR90G5m"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe03ebc49b63-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 cars-for-sale.js Show response
dctboyojy.578333.xyz/wp-content/plugins/display-cars-for-sale/js/ 29 KB
5 KB 726ms
707ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/display-cars-for-sale/js/cars-for-sale.js?ver=6.2
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bf56be78e50f88adc6c033c8d1a5072773a2a6adc5efd396882e0f11b4c8622

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=52367
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 16 May 2024 14:32:34 GMT
server: cloudflare
etag: W/"66461902-cc8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2J1wc0n27U6acOmRHra%2FPPyNd0i5nebCBfoGfaDoP1Kqui8Ynnwl8fqASBgB0frC4YjbREHKe0Ot5JthncNm11k9gB69c0DPzs5o3ZsNwIRKFJ7aN8aqULF1awX0qY6PuuZG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe03fbdd9b63-FRA

GET
H3 200 dynamic-carlisting-data.js Show response
dctboyojy.578333.xyz/wp-content/plugins/display-cars-for-sale/js/ 21 KB
4 KB 727ms
706ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/display-cars-for-sale/js/dynamic-carlisting-data.js?ver=6.1
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68e41b1cf2b6d00eedaa9ec57a7311a481d2bc03b8665bf44f3580943ea8a11a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=51453
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 09 Nov 2023 13:06:44 GMT
server: cloudflare
etag: W/"654cd964-c8fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UAGEM5CXPtLWYdzDgtkJWr27UYUt2DRENauY1N84PQRqgoNIPxRrh94VOF0%2FY%2Bj7IZFaPNYCUUpmQfRxT317WfTdYoPjTByGZlyz%2Fwc%2FqgAmVL9pdOVw8vuAoj2Onx97j9Yx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe03fbe59b63-FRA

GET
H3 200 purl.js Show response
dctboyojy.578333.xyz/wp-content/plugins/display-cars-for-sale/js/ 5 KB
2 KB 562ms
537ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/display-cars-for-sale/js/purl.js?ver=1.0
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d49b5d25b23f62d9db04b5bfb11a3aa5d443eb278eb55c2cbdd8da81c64523a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=8830
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:26:32 GMT
server: cloudflare
etag: W/"6375fe48-227e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fq%2BwlnVHry9avKNsICBMPlkuR5UJuKP1%2FZyLk46IooVy7Jvitn8ggHfUp%2BDKfSM2EJXX7w6wGD0C%2FZRiYZLknU2N%2BPyQaLyCkSFzDfR8%2BTkHek7UJgMT8yIfQl%2B4dOExonPX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe03fbe89b63-FRA

GET
H3 200 wallpaper-custom.js Show response
dctboyojy.578333.xyz/wp-content/plugins/wallpaper-ads/js/ 1 KB
892 B 613ms
582ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/wallpaper-ads/js/wallpaper-custom.js?ver=300
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3442ff60c2a33c78c7b8a655b78d1ab757c6122a5cbfe9b84473f073805c709c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2089
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:27:50 GMT
server: cloudflare
etag: W/"6375fe96-829"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LbC1FQKoj0tkZPMYGvOZfFh4%2F5c6N%2BTvcNY3V7WucGaXiRPp1YRUteygKr63lji4GB5yjCXxDMkEvH%2FMjxEsq0T%2FB3bUOIfyIEGaIG8KAVXm8cDI7o8WXSRkbmJjTxeqwUvb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe040bf09b63-FRA

GET
H3 200 custom.js Show response
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/js/ 4 KB
2 KB 713ms
676ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/js/custom.js?ver=306
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72dab8d6edb1639e61c4ff09a24320a00ea663afb9798941973c4485ef7c5b99

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=9718
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 14 Dec 2023 14:04:29 GMT
server: cloudflare
etag: W/"657b0b6d-25f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FQLeICvFr8K4JBOL6pq7tbOpSyfa1Q1gD%2F1EQWP4ckZS5FQNz2Io4D9geEI5QYimNBgsCE9bIJOiSu7OD0leVQHzx7gAg04xnda2h2QpTl6%2Bsc8K%2FlZBc75CqubKPUFep6jW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe041c039b63-FRA

GET
H3 200 article-view-slick.min.js Show response
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/js/ 42 KB
11 KB 880ms
842ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/js/article-view-slick.min.js?ver=1.0
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:28:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6375fed5-a76f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IsQ1kB76uzPvwGY7nTe2x4soD%2Bq10N%2BrKf8SVLY1PFlxII9tSVvh1eWakU%2FPP%2BkdL6D4y%2BQxr8lbzsXSKR0zPopuAoQ%2FseccT%2B2rvvcBT1ajVuwKhv%2FDpDW2szx08SRMnx%2F4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe041c089b63-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 magnific-gallery.js Show response
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/js/ 28 KB
9 KB 981ms
943ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/js/magnific-gallery.js?ver=1.0
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b5c6fefbc9cf825ebc533e5debfff5fb482c831e783d79198f1c1b6946fcce2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=43593
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:28:54 GMT
server: cloudflare
etag: W/"6375fed6-aa49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bo4deyjoK7sGilOFcPcVO37wdUuDJkH5DM3xNv0105pvjbjLC9lBBPOsIlnyA99EoHqScpulHhJDK6%2BsUjjs5obo1Co%2BSZykwiCdCfNzpLlXbeOtFBn%2FInalCr4%2FUvq%2FYRaA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe041c0a9b63-FRA

GET
H3 200 script.min.js Show response
dctboyojy.578333.xyz/wp-content/plugins/scroll-triggered-boxes/assets/js/ 9 KB
4 KB 641ms
604ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/scroll-triggered-boxes/assets/js/script.min.js?ver=2.2.1
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8a2eb068a42de22eee0dfb6173e802bbdb065b2cbe08c926952d8f11a22dd4f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 04 Jun 2024 11:17:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"665ef7af-22b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fGZxnfnrRoYG8CNNN8CoYpZvJFDArMKG2w8%2BQH7H2YoJNvFDK98O9PTt%2Bj42F3RFLnvRtbGSUmpiC%2FOPYA2btzAEUrE8B4Szmmtyg8ud13xpjyRH%2Bkwk5OwPyc4NWOsnKShk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe041c0d9b63-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 carmag-search.js Show response
dctboyojy.578333.xyz/wp-content/plugins/carmag-search/assets/js/ 184 B
580 B 561ms
524ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/carmag-search/assets/js/carmag-search.js?ver=1.0.0
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0008eb2109ddfca588c1a7a7f4e68bfc3aa1462c894d05f885c3be21e12e4be

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=960
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:29:26 GMT
server: cloudflare
etag: W/"6375fef6-3c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RBR8RQsrR78JjsBhCjzGJ4lJ8CSaZ1tIQhn%2BGZEp60NosswSG%2F0zSfjFeOXnwNa8zC9FX4QhFlIfNcF9xbRxBXVU%2BVJE3gInzNrWmwywLv%2FT5La29IUIo7moMLDCEm7nxQcl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe041c119b63-FRA

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 234ms
108ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Origin: https://cqty1.bhuefbfrvbn.workers.dev
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:41 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 89b5fe04ba759142-FRA

GET
H2 200 6405f13eb20f5f00192a0d07.js Show response
buttons-config.sharethis.com/js/ 1 KB
892 B 163ms
45ms Script
text/javascript 2600:9000:206f:7000:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/6405f13eb20f5f00192a0d07.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=1.5.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:7000:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

77caa92f758f70c4f5953180bba818d10ace096b8ceeb84a0e0bdc86c2fc5fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:41 GMT
content-encoding: gzip
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 06 Mar 2023 15:04:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
etag: W/"46b6253cf9264f25509139f0d50e8fa5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
x-amz-cf-id: oe2zBd9CpX1P9xc6_2lBckliDYkMy6e62vUU2_scrNm0gliSmSZP-A==

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/highburymedia/ 362 KB
53 KB 451ms
255ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/highburymedia/loader.js
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3947802b825a7168e36e78a9182039d678e229bd9bfffe8087c84d7eddca7e0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: MO_0hbqhwxecPCFd5DuOvM7QjpXHSAeB
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jun 2024 12:41:42 GMT
x-amz-request-id: 0P9MC9FHMYX3851S
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 53455
x-amz-id-2: HnqXWBp4WjIDZvOnraA0awz2MnVfz8zqFggvIaYRglb14cNOs8qdl3M4i3A0NJOejz60e22mR3o=
x-served-by: cache-mad22066-MAD
last-modified: Wed, 26 Jun 2024 11:27:36 GMT
server: AmazonS3
x-timer: S1719664902.965878,VS0,VE192
etag: "e3472557dd3f71dab9035798cdd9a5cb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 72
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
416 B 201ms
52ms XHR
text/plain 3.126.189.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=cqty1.bhuefbfrvbn.workers.dev&location=%2F&product=unknown&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&cms=unknown&publisher=6405f13eb20f5f00192a0d07&sop=true&version=st_sop.js&lang=en&description=Car%20Magazine%20has%20daily%20motoring%20news%20updates%20along%20with%20professional%20road%20tests%2C%20driving%20impressions%20and%20all%20the%20latest%20model%20updates%20and%20more!&ua=%22Google%20Chrome%22%3Bv%3D%22126%22%2C%20%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22126%22&ua_mobile=false&ua_platform=Win32&ua_full_version_list=%22Not%2FA)Brand%22%3Bv%3D%228.0.0.0%22%2C%20%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%20%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22&ua_platform_version=10.0.0&uuid=26134c03-292f-4b0d-b0d8-293d1e5fae2e

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=1.5.7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.126.189.237 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-189-237.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 12:41:41 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://cqty1.bhuefbfrvbn.workers.dev
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H3 200 default-thumb.gif
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/images/ 30 KB
0 768ms
768ms Image
image/gif 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/images/default-thumb.gif
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3baefa0165cd3e7b9dc50a6c989a5d323ab6bc9c440847675001f203fa8b0aa

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:28:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6375fed2-772a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z3Q0OlKnDYJ9Mx%2FYCWpFxHIm8amI1dCB7ZbEVvBq6OYHMJNRbu3zPbZNSt2WJ4xEv7cSErSPcUByDcX2OfnogCIMIlDcWzVR0iIMou1D7I3hbuMZKHwe9He2EB%2FqGYX7iB4S"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe03dbab9b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30506

GET
H2 200 saood-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 15 KB
0 21ms
21ms Image
image/webp 2606:4700:3033::6815:45f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/saood-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:45f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30aa80a90ee383cbf1e51c71164c27de2c1e6ad4eb79d434d27503a9d7da1326

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:41 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Jun 2024 09:59:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667d380f-3aba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R2dTj8Z6M3Yz63t9LrGq0GKszoB4Gn5yQDMWL8q%2B5qRl6vKWAzuQBej%2BJ5gmYSS%2FwtigfbWJcAeSnsFLrcCSxFFBfxkpdIVhcPEykJkcy2EVubzBhZT%2BeZZ4cwyD5k3J42SK"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fdfcbbe21c15-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15034

GET
H3 200 3-17-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 5 KB
0 31ms
31ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/3-17-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f839560533ef99a48761ece01a508a17e67b35a5721f117f86ff3683a058346b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:41 GMT
cf-cache-status: MISS
last-modified: Fri, 28 Jun 2024 08:44:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667e77d3-14d2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q2uuJQrpr%2FHW%2FTd1HJqUqLgYr1l%2FLXgs4izqULNfn7of3qPrMsdsU8O9tGaPdHy10nAJKShggVwudqPy7F6POtL2VTXzHYpd1uYebPuSAfPrz2e7OaO3RrQmuqBOTSJtupB9"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe00efad9b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5330

GET
H3 200 Toyota-Hilux-Hybrid-156-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 12 KB
0 879ms
879ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/Toyota-Hilux-Hybrid-156-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba502317dc356ef143de5cd60838339f7dc5f235d5441b9fb5eb4c15855c6f69

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Fri, 28 Jun 2024 10:28:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667e903e-3048"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mdx1Z6Mo8njLW1gSvqZ7DCk9tnhBRvdhudYSMZ%2FyycyEeVLpuninXjmu61crYd0Lqn99i1RpTOAaqGKf8T%2FDcZkzNHwj9Sh1W87GQjHYrezTiAlmSbMxexOWFwGSxSrwztWj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe03dba59b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 12360

GET
H3 200 path_bg.png
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/images/ 953 B
1 KB 2089ms
2071ms Image
image/png 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/images/path_bg.png
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31f04ab75fe4bfe4a1bbe8e268ffed64bc82224259dabe3b44723d1613418f68

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:28:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6375fed3-3b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SCTGzxde9%2BXoxN1ouZMIkxHHAitu7XlczxZlEWNQzX6klZp74n4Ph%2FvCL8w8ra5esrQfBsLHED%2FN42JXNuCLDKdL64b8jXL9XYkSVf63pCvzA2Ein4F%2FMtQ%2F7gBvWfFlNoAU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c759b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 953

GET
H3 200 fontawesome-webfont.woff2
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/font-awesome-4.7.0/fonts/ 75 KB
76 KB 1690ms
1645ms Font
application/octet-stream 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: dctboyojy.578333.xyz
URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/font-awesome-4.7.0/css/font-awesome.css?ver=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/font-awesome-4.7.0/css/font-awesome.css?ver=1
Origin: https://cqty1.bhuefbfrvbn.workers.dev
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:43 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:31:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6375ff85-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WmA8PggGLOAKevxKW0pPkU0rm4SDg2FGik%2Bl6mjxrxKd2JW4Q4Qxjx4LQoRbGAdmzWml0W5GvnpvxJtI6xZ4j8pfspL19VdqjgLU1Q7ZRYkxu3fxeLwd4EIMTzVaYbjEiS2C"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe04a8d51da8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 77160

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 167ms
65ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://cqty1.bhuefbfrvbn.workers.dev
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 21:09:34 GMT
x-content-type-options: nosniff
age: 142327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 21:09:34 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 163ms
63ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://cqty1.bhuefbfrvbn.workers.dev
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 15:08:18 GMT
x-content-type-options: nosniff
age: 336803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 15:08:18 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f

Request headers

Referer
Origin: https://cqty1.bhuefbfrvbn.workers.dev
Accept-Language: nl-NL,nl;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 2020-White-Volkswagen-Polo-Hatch-Hatch-20-TSI-GTI-DSG-8143036-1-640x480.jpg
image.blob.ix.co.za/Used/8143036/1/ 53 KB
53 KB 963ms
226ms Image
image/jpeg 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/8143036/1/2020-White-Volkswagen-Polo-Hatch-Hatch-20-TSI-GTI-DSG-8143036-1-640x480.jpg
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c302ae48b53e6f9b485cb7b70eb73d593ee6152b4fc20a58f35dff9404e1887c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
last-modified: Wed, 19 Jun 2024 05:07:10 GMT
server: Microsoft-IIS/10.0
etag: "a34d78a6c2da1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 53849

GET
H2 200 2019-Silver-Volkswagen-Polo-Hatch-Hatch-10-TSI-Comfortline-DSG-7797916-1-1257x1080.jpg
image.blob.ix.co.za/Used/7797916/1/ 162 KB
163 KB 1409ms
673ms Image
image/jpeg 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/7797916/1/2019-Silver-Volkswagen-Polo-Hatch-Hatch-10-TSI-Comfortline-DSG-7797916-1-1257x1080.jpg
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bdad2789e7c50a0f54b6829154e652231425a9efed1b6e4da039474a578cd8b8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
last-modified: Thu, 06 Apr 2023 16:43:18 GMT
server: Microsoft-IIS/10.0
etag: "78c63e4a668d91:0"
x-powered-by: ASP.NET
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 166378

GET
H3 200 ajs.php Show response
highburyads.co.za/www/delivery/ 816 B
1 KB 167ms
103ms Script
text/javascript 172.67.216.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://highburyads.co.za/www/delivery/ajs.php?zoneid=1599&cb=46130640774&charset=UTF-8&loc=https%3A//cqty1.bhuefbfrvbn.workers.dev/
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5a2bda50a337aaaf3b773a1269e9282c0ade1ff0fc8e2d15b65cb0010f6376

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 12:41:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JOGsbTNlb4JT2kgovtz%2Fezh96IKRlqUeSMYbLJemHgTeHV9a9bm3jru%2B%2Bz5LaKecSLxa85iZ20LZ3NjQzAiGpdBLgwwbsncR2EfcbNz9QsTc8io7Wi949UV6xQNEPKX4o35i9w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 89b5fe04dc803801-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H3 200 caae12361829b2928c3ec5490d33cbdd.gif
highburyads.co.za/www/images/ 401 KB
401 KB 69ms
69ms Image
image/gif 172.67.216.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://highburyads.co.za/www/images/caae12361829b2928c3ec5490d33cbdd.gif
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e63d8d7ff4287ca7b455ee0e68a747727c81e2a724f46d7f2063ccb4198ed9ef

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 88713
alt-svc: h3=":443"; ma=86400
content-length: 410528
last-modified: Fri, 28 Jun 2024 10:46:47 GMT
server: cloudflare
etag: "667e9497-643a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xBFXlrfBYhESP93aCKlnXh%2BgGS64kQwK8nHPJx4r1bOJhhWW%2FDwu6SlytpBb35IqXrdCI0kwg9nf1pG%2FfqxLmUPXYtKnPPG12X7QY66RFkb%2FJ5ttE1Ss2PDKmTU3%2BBYenas87w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 89b5fe058d493801-FRA
expires: Fri, 05 Jul 2024 12:03:09 GMT

GET
H3 200 lg.php
highburyads.co.za/www/delivery/ 43 B
639 B 337ms
337ms Image
image/gif 172.67.216.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://highburyads.co.za/www/delivery/lg.php?bannerid=6121&campaignid=3995&zoneid=1599&loc=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&cb=9d85f710b6
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WzVA1q7xHD%2Bpe6OicN7Y0xEYJEchd5EeMG3GcFt95UweetZPdLb1km16x%2BD6chiMxJHRWlk96rWf%2BGTEzalGzArTWesdLfwC9FocOxrVDpj7SD7N9Ew3cTP2XZGGn8MJUdab2A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 89b5fe058d4d3801-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/ 466 KB
145 KB 51ms
50ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ecfda2a1a2411ea1f4ad1904a83069d02229ef72ce33c2ba195e2d432ef12757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 10:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9627
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148619
x-xss-protection: 0
server: cafe
etag: 15197200631174858937
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 29 Jun 2025 10:01:15 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 77 B
85 B 156ms
76ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cqty1.bhuefbfrvbn.workers.dev

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

85ebfc8f3f042e96980c6800f5d9efc7f5dd4777a782ab92363260631c98f149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61
x-xss-protection: 0
expires: Sat, 29 Jun 2024 12:41:42 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/ 425 KB
144 KB 180ms
104ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7073370864490749&plah=cqty1.bhuefbfrvbn.workers.dev&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7073370864490749

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

809d9ae7cc4a1b7f48a830c84475f16dc2ce3217d10150cbafd5c5c36199f6e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146955
x-xss-protection: 0
server: cafe
etag: 1827570864647831326
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jun 2024 12:41:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 339 KB
109 KB 65ms
63ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KYLBT1M2BJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11411975-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e6a6eb88962ac4ac85e8ff7785111bb59fec12f991e0f9e49d7d00dcef280bb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 111189
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 29 Jun 2024 12:41:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 280ms
78ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11411975-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 29 Jun 2024 11:41:01 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3641
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 29 Jun 2024 13:41:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
92 KB 67ms
65ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-981195317&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11411975-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3d5efa15d96b4628ea930699ede76eeda8a4b28887f155a5789e662611f1da4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94305
x-xss-protection: 0
last-modified: Sat, 29 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 29 Jun 2024 12:41:42 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/981195317/ 3 KB
2 KB 270ms
124ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/981195317/?random=1719664902153&cv=11&fst=1719664902153&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9181219265za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&label=tlaeCPvm4sIBELW079MD&hn=www.googleadservices.com&frm=0&tiba=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&gtm_ee=1&npa=1&pscdl=noapi&auid=174261521.1719664902&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-981195317

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

95ec5fe9bbec658f1d8e7d11f8d9f054a30798c67aacaa4ec2d80f47c18cb3b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1715
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 568 KB
50 KB 298ms
297ms Fetch
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=502093983338160&correlator=4373448708688535&eid=31079957%2C31084912%2C31084894%2C31084505%2C95335606%2C31082138%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202406250101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=21714487182%2CCAR-L%2CCAR-R%2CCarMag-BB-01%2CCarMag-BB-02%2CCarMag-BB-03%2CCAR-01%2CCAR-02%2CCarMag-LB-03%2CCarMag-LB-04%2CCAR-05%2CCAR-1%2CCAR-2%2CCAR-3%2CCAR-4%2CCAR-5%2CCAR-6%2CCAR-7%2CCAR-8%2CCAR-18%2CCAR-19%2CCAR-20%2CCAR-9%2CCAR-10%2CCAR-11&enc_prev_ius=0%2F1%2C0%2F2%2C0%2F3%2C0%2F4%2C0%2F5%2C0%2F6%2C0%2F7%2C0%2F8%2C0%2F9%2C0%2F10%2C0%2F11%2C0%2F12%2C0%2F13%2C0%2F14%2C0%2F15%2C0%2F16%2C0%2F17%2C0%2F18%2C0%2F19%2C0%2F20%2C0%2F21%2C0%2F22%2C0%2F23%2C0%2F24&prev_iu_szs=174x696%2C174x696%2C970x250%2C970x250%2C970x250%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x600%2C150x125%2C150x125%2C150x125&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2C0%2C0%2C0&ifi=2&sfv=1-0-40&sc=1&abxe=1&dt=1719664902215&lmt=1719664902&adxs=0%2C1426%2C8%2C8%2C8%2C8%2C8%2C8%2C-9%2C-9%2C1171%2C1171%2C1171%2C1171%2C1171%2C1171%2C-9%2C-9%2C-9%2C-9%2C1171%2C-9%2C-9%2C-9&adys=190%2C190%2C1046%2C1228%2C1228%2C734%2C1046%2C1228%2C-9%2C-9%2C999%2C1014%2C2229%2C2244%2C4515%2C4530%2C-9%2C-9%2C-9%2C-9%2C4545%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2%7C0%7C0%7C3%7C-1%7C-1%7C0%7C0%7C4%7C5%7C6%7C7%7C-1%7C-1%7C-1%7C-1%7C8%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl%7Cm%7Cn%7Co&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&vis=1&psz=174x-1%7C174x-1%7C1584x0%7C1584x0%7C1584x0%7C1584x0%7C1584x0%7C1584x0%7C0x-1%7C0x-1%7C1584x245%7C1584x245%7C1584x135%7C1584x135%7C1584x0%7C1584x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1584x0%7C0x-1%7C0x-1%7C0x-1&msz=174x-1%7C174x-1%7C1584x0%7C1584x0%7C1584x0%7C1584x0%7C1584x0%7C1584x0%7C0x-1%7C0x-1%7C300x0%7C300x0%7C300x0%7C300x0%7C300x0%7C300x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C300x0%7C0x-1%7C0x-1%7C0x-1&fws=512%2C512%2C0%2C0%2C0%2C0%2C0%2C0%2C2%2C2%2C0%2C0%2C0%2C0%2C0%2C0%2C2%2C2%2C2%2C2%2C0%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1762258464.1719664902&ga_sid=1719664902&ga_hid=1344533571&ga_fc=false&topics=5&tps=5&htps=5&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1719664900358&idt=1808&adks=979567663%2C2185212989%2C2421375807%2C366054724%2C911572581%2C2558534381%2C3687027337%2C2772303345%2C1855939391%2C25877906%2C435244622%2C302933537%2C1587516836%2C723022383%2C3666453265%2C3235191153%2C639406632%2C1818096782%2C1904407829%2C1930634536%2C3509730642%2C3577480103%2C1807841720%2C2870509506&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

afbe5da81800508900cd1741b85ae92fa31ac69cb27fc09f3bfcd9cfa9f48f86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50776
x-xss-protection: 0
google-lineitem-id: 6747816193,6747816193,-2,-2,-2,6586359008,-2,-2,-2,6720803688,6727927623,6698483204,6717543069,-2,6741056355,-2,-2,-2,-2,6350839098,6707787743,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138480788813,138481379539,-2,-2,-2,138475563081,-2,-2,-2,138475156430,138476445566,138470372305,138474445790,-2,138479353335,-2,-2,-2,-2,138440657972,138471966167,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cqty1.bhuefbfrvbn.workers.dev
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
0b9201374d747ca5e9eea66f647fb8f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FE44 0
0 261ms
64ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0b9201374d747ca5e9eea66f647fb8f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jun 2024 12:41:42 GMT
expires: Sat, 29 Jun 2024 12:41:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 171ms
38ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KYLBT1M2BJ&gtm=45je46q0v9100290862za200&_p=1719664901705&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1762258464.1719664902&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1719664902&sct=1&seg=0&dl=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&dt=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&en=page_view&_fv=1&_ss=1&tfd=3437&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KYLBT1M2BJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 12:41:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cqty1.bhuefbfrvbn.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
265 B 174ms
42ms Ping
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KYLBT1M2BJ&cid=1762258464.1719664902&gtm=45je46q0v9100290862za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KYLBT1M2BJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 12:41:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cqty1.bhuefbfrvbn.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 167ms
112ms Image
image/gif 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KYLBT1M2BJ&cid=1762258464.1719664902&gtm=45je46q0v9100290862za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=338602053

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 12:41:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impl.20240626-2-RELEASE.js Show response
cdn.taboola.com/libtrc/ 894 KB
182 KB 66ms
65ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240626-2-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/highburymedia/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 1fdffde27535a2f98e0ccf8a15def289dec5f000077c34774f3a7e2c7af2a4c8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: bkylnkLq2pu8M.KbMQ_6CPg2MklFwe4G
content-encoding: br
via: 1.1 varnish
date: Sat, 29 Jun 2024 12:41:42 GMT
x-amz-request-id: RHB3RBVSCDPEB5FC
age: 13249
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 186004
x-amz-id-2: I9GYVeBQ7ZZBeFjGXic43kHKWn1HC8AMIGgMY+sDFmoPN9hRh2+kwonTPt29A0xQiKpptAEyc3JH1sgNATQE3g==
x-served-by: cache-mad22066-MAD
last-modified: Wed, 26 Jun 2024 08:59:43 GMT
server: AmazonS3-br
x-timer: S1719664902.422245,VS0,VE0
etag: "34a04e03974f5c6ac8a7ea1b6f2a8798"
vary: Accept-Encoding
content-type: application/javascript
abp: 7
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 36231

GET
H3 200 mu-style.css
dctboyojy.578333.xyz/wp-content/plugins/sharethis-share-buttons/css/ 0
0 14ms
14ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/sharethis-share-buttons/css/mu-style.css?ver=1668677260
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=26
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:27:40 GMT
server: cloudflare
etag: W/"6375fe8c-1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0QDNnBFohWv37DJRNyV%2FceZ3C5Li6XzulR3OapziJ2nZDOylpb0P5XLgH1smKFFECY9H1aYFCcIii56txGPTIm1RZjQrfcqd3B9V9Xp%2BxJ2bfyDmISD7k3%2BxhxgO2%2BghJvGP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe041c679b63-FRA

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240625/r20110914/ Frame FB9B 0
0 131ms
40ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240625/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7073370864490749&plah=cqty1.bhuefbfrvbn.workers.dev&aplac=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 52935
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4164
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jun 2024 21:59:27 GMT
etag: 9187630395144177108
expires: Fri, 12 Jul 2024 21:59:27 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame 69DE 0
0 167ms
96ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7073370864490749&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1719664902&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=30~31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_23~31_2~27_9~29_10&aiixl=30_6~31_8~27_3~29_5&aslmct=0.7&asamct=0.7&aisaib=1&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719664902026&bpp=3&bdt=1669&idt=406&shv=r20240625&mjsv=m202406250101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=234298239520&frm=20&pv=2&ga_vid=1762258464.1719664902&ga_sid=1719664902&ga_hid=1344533571&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C95331687%2C95334511%2C95334526%2C95334565%2C95334571%2C95334828%2C95335887%2C95335897%2C95335292%2C31078663%2C31078668%2C31078670&oid=2&pvsid=502093983338160&tmod=1046196241&uas=0&nvt=1&fsapi=1&fc=1920&brdim=450%2C450%2C450%2C450%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=454

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jun 2024 12:41:42 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 article-view-slick-theme.css
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/css/ 2 KB
0 2ms
2ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/css/article-view-slick-theme.css?ver=1.0
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8b0220980de4339ca04d32bc5656435847fecb3a47f2eac38e33277e18eddc8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3145
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:28:48 GMT
server: cloudflare
etag: W/"6375fed0-c49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Quc8fnvD3naYBGRubmtElQKuIu2ixSJVGuls5ry%2F8hkfis7cDcO3fEg7QpmoEXjpxMiiTLFuRaOKk5jvd0%2FfciyoTDfuaqd4l9QlYQcTJe3Ag8XP8VJTWT%2Brx9WlK5IQQLp%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe041c6a9b63-FRA

GET
H3 200 article-view-slick.css
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/css/ 1 KB
0 2ms
2ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/css/article-view-slick.css?ver=1.0
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1776
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:28:48 GMT
server: cloudflare
etag: W/"6375fed0-6f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ThVShrj4reFQVP9PDxYwQOL2teHNQtnnLN5WK2ipS6QPMIRyX%2FWYABcusHby8QksutiyDCdjHCTK8HlxumCaMoiTtXKFuhLoydgoCxCsDPGuLCUPD%2BmbYmBK3%2FiDbTdkF6IN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe041c689b63-FRA

GET
H3 200 magnific-gallery-styles.css
dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/css/ 6 KB
0 2ms
2ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/css/magnific-gallery-styles.css?ver=1.0
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65d43fc1d47bdab6bb9a4f5add734f8b9d059f9e773c431a350b3804bfe38a7f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=7437
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:28:48 GMT
server: cloudflare
etag: W/"6375fed0-1d0d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2AleuNn6HVBz%2FGWEpQMkxlAEBHHlm62c9uTyUaErDHMO%2FW8%2FgtItX4ei7VbIUSf8kkYToF6f%2FAFub5T1F7sPd1njFIOJcOa5KAg5t9fOyViyLJxNO6lWCLrpkdy7fkxq3iPu"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe041c6c9b63-FRA

GET
H3 200 styles.min.css
dctboyojy.578333.xyz/wp-content/plugins/scroll-triggered-boxes/assets/css/ 1 KB
0 3ms
3ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/scroll-triggered-boxes/assets/css/styles.min.css?ver=2.2.1
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1b0f6dee1e2b4b439e62daffe536db30431a1ca3d0628aa134b6ed7d689b91b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 04 Jun 2024 11:17:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"665ef7ac-4f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bzmI653juv9F%2FKlDIW7xqr6WsciErmdMc%2FYamAYNlH5fYAthueh8T6A74x5nJLa5vCeNaAWoHHBU0HVL6CYWgbF6KLi3TGzC3at6w9UCSCfHq53MjJ9GObcADJIrbFpYYb%2Bt"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe041c6e9b63-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

/
www.google.nl/pagead/1p-conversion/981195317/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981195317/?random=1706719602&cv=11&fst=1719664902153&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9181219265za200&gcd=13l3lPl2l1&dma_cps=s...
https://www.google.com/pagead/1p-conversion/981195317/?random=1706719602&cv=11&fst=1719664902153&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9181219265za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0...
https://www.google.nl/pagead/1p-conversion/981195317/?random=1706719602&cv=11&fst=1719664902153&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9181219265za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&...

42 B
455 B

149ms
46ms

Image
image/gif

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-conversion/981195317/?random=1706719602&cv=11&fst=1719664902153&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9181219265za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&label=tlaeCPvm4sIBELW079MD&hn=www.googleadservices.com&frm=0&tiba=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&gtm_ee=1&npa=1&pscdl=noapi&auid=174261521.1719664902&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIvv2L_eqAhwMVJA2iAx1DRwEWMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Jmh0dHBzOi8vY3F0eTEuYmh1ZWZiZnJ2Ym4ud29ya2Vycy5kZXYv&is_vtc=1&cid=CAQSGwDaQooLIs7xrTRn5nzgiUfMyfmip1MtCiMhjQ&random=2289003188&ipr=y

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 12:41:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 29 Jun 2024 12:41:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.nl/pagead/1p-conversion/981195317/?random=1706719602&cv=11&fst=1719664902153&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9181219265za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&label=tlaeCPvm4sIBELW079MD&hn=www.googleadservices.com&frm=0&tiba=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&gtm_ee=1&npa=1&pscdl=noapi&auid=174261521.1719664902&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIvv2L_eqAhwMVJA2iAx1DRwEWMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Jmh0dHBzOi8vY3F0eTEuYmh1ZWZiZnJ2Ym4ud29ya2Vycy5kZXYv&is_vtc=1&cid=CAQSGwDaQooLIs7xrTRn5nzgiUfMyfmip1MtCiMhjQ&random=2289003188&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
218 B 61ms
57ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1344533571&t=pageview&_s=1&dl=https%3A%2F%2Fcqty1.bhuefbfrvbn.workers.dev%2F&ul=nl-nl&de=UTF-8&dt=Car%20News%2C%20Car%20Videos%2C%20Car%20Reviews%2C%20Car%20Road%20Tests%2C%20Car%20Industry%20News%2C%20Car%20Rumours%2C%20and%20much%20more%20%7C%20CAR%20Magazine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=437214835&gjid=1000927972&cid=1762258464.1719664902&tid=UA-11411975-1&_gid=1326831189.1719664903&_r=1&gtm=457e46q0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=1426499255

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 12:41:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cqty1.bhuefbfrvbn.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 824C 0
0 186ms
183ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuCOwybnvlHCMainfW0DbTOWfYCm7xNd9vYdJ-6tAGAxK3_dQJwhW0ZxTv-SIaNIxUV9C1-lZ8PfViaAzmErI2nHZcd10rYRHWxhTNLTOrMrnFf6Nql1YZwSJY7aurIPvDp8yvTJxQUCiP9-BPTBNvm807BYIC58Rd2hwLz7DebfUREph2DbJJ6rLD6961sUdc8xlEVbGe6a5pelpvs7lBwaqRK1k5UFxZtod8iaZD9Gs5niuiZZV63JymrCzUxjIFKbPi7F0Tg5hVIkJqQnm7SUiU7Ybhb_5hxzK2IhRx6KijT9r-a-i0gTXJNnlVCrYD40FkfOrqtMFlQ7_ecQkka7_fpdG2z-j0TpginU9_vSMRWuPBvmFg&sig=Cg0ArKJSzLIlCCEJ-fEGEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/ Frame 824C 23 KB
9 KB 47ms
46ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

cee1bd5e01ed194ed9211d280aebe15999582d614189cafab2239e5001093613

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 08:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9221
x-xss-protection: 0
server: cafe
etag: 14524351023591845701
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jul 2024 08:48:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/client/ Frame 824C 3 KB
1 KB 47ms
46ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 08:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jul 2024 08:48:28 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 824C 205 KB
63 KB 46ms
46ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

fef73f5a70ccb8745fb00810408eac80b31eeb4fa66aeb97d2606c54188d0ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 11:48:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64706
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-7
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jun 2024 12:48:29 GMT

GET
H2 200 10496075463902852125
tpc.googlesyndication.com/simgad/ Frame 824C 157 KB
157 KB 303ms
172ms Image
image/gif 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10496075463902852125

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f592d35bf0fa8e955aedbd92306226c809921b377217dffc74d67fec14e49ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 28 Jun 2025 11:02:04 GMT
date: Fri, 28 Jun 2024 11:02:04 GMT
x-content-type-options: nosniff
age: 92378
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 160497
x-xss-protection: 0
last-modified: Fri, 28 Jun 2024 10:35:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame BBC2 0
0 195ms
194ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvEmRFvShBpogfAjHM99yOOMZcPVz698V1mHR3xDlBNrDrkpHeQUSfU4rMtVhhYwbY1dzqUgxwEVh33uyCi0b7WzeA8Dbx27MVo3Ugvi_wZ0fb8A6MR8Aw8qOfJC0UQ0-Yd_QBEbBdO8VfdVI9puxnALcpFYWGgC1P8-0kF5lC51BvDLmh2ZCKRc6R6B199UkiCpDO5Wzs1DVQEWyf92_xc8vTvka5C_mkqew_D9CR_4faSBHSRH2Xr8AhifrFuPRxa5Xrrvnh4VWSU92TeIBwU51lrbLq45z0OFyI1iRd4PBnFTh04qaBGlER8RdhsYwjts5vwGoxK7bF0gzy-_afWXjCceVB0qANUuZFvFW0S_-ZFzHSyOvg&sig=Cg0ArKJSzJ37NQvETvYeEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/ Frame BBC2 23 KB
0 34ms
34ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

cee1bd5e01ed194ed9211d280aebe15999582d614189cafab2239e5001093613

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 08:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9221
x-xss-protection: 0
server: cafe
etag: 14524351023591845701
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jul 2024 08:48:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/client/ Frame BBC2 3 KB
0 43ms
43ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 08:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jul 2024 08:48:28 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame BBC2 205 KB
0 43ms
43ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

fef73f5a70ccb8745fb00810408eac80b31eeb4fa66aeb97d2606c54188d0ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 11:48:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64706
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-7
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jun 2024 12:48:29 GMT

GET
H2 200 11420014573282896048
tpc.googlesyndication.com/simgad/ Frame BBC2 157 KB
157 KB 280ms
163ms Image
image/gif 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11420014573282896048

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f592d35bf0fa8e955aedbd92306226c809921b377217dffc74d67fec14e49ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 28 Jun 2025 11:24:37 GMT
date: Fri, 28 Jun 2024 11:24:37 GMT
x-content-type-options: nosniff
age: 91025
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 160497
x-xss-protection: 0
last-modified: Fri, 28 Jun 2024 10:35:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame E32E 0
0 193ms
182ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssURG9ozbTh_hvJV9Bcn6fsPvBfLAzAiFpRyVpP9X6rxmB1yiopYiodE4JQGCr74GhCkH-fmzqHu_2D2iRMQBZsKwMTnpOzZQCf5AU8h-IyB0pTjiWy2nvyUD_E6rv-Teu-ekt7puXoc5fYmWR0D_G7xpBlL23cvxeCHB7g2vCZ6oGcHWwGEgdlOVkkt7sDGtnOBbMRqW3t6m8OgdWoS4XyawFbYDHznlFnadC_6TAJFYLCCRAICVmqByMpt7HQGN2uD9VrLlpC7s6VGMmsoQUy1igxZWKuptU6hgryjOYHE1EM8NjmEwrPH2ZsWgah-W42bWHxy-mqZacPDnl6flPwCO4ta1kkrRlYRT9K5C2TkkJle39RkGq6&sig=Cg0ArKJSzCgHl3uCw7f7EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/ Frame E32E 23 KB
0 32ms
32ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

cee1bd5e01ed194ed9211d280aebe15999582d614189cafab2239e5001093613

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 08:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9221
x-xss-protection: 0
server: cafe
etag: 14524351023591845701
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jul 2024 08:48:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/client/ Frame E32E 3 KB
0 33ms
33ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 08:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jul 2024 08:48:28 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E32E 205 KB
0 25ms
25ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

fef73f5a70ccb8745fb00810408eac80b31eeb4fa66aeb97d2606c54188d0ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 11:48:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64706
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-7
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jun 2024 12:48:29 GMT

GET
H2 200 1713235380485293242
tpc.googlesyndication.com/simgad/ Frame E32E 62 KB
62 KB 319ms
225ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1713235380485293242

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99a2980e3acac7a7d0bc47e5b097e2e33e0a2a93285213cafb5b61d1c1f06da1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 25 Jun 2025 21:05:43 GMT
date: Tue, 25 Jun 2024 21:05:43 GMT
x-content-type-options: nosniff
age: 315359
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63220
x-xss-protection: 0
last-modified: Fri, 17 May 2024 07:43:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 9F16 0
0 190ms
186ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst9qFlMIbUGc87ajEyfFmY3PZ6EwEc4foGMyQJJOFzjeYeRlGVI76UVP6JtJ5P3_o2GMX95ivqz42bZDfF-gvhwjl0rzX143EY2sqKx_FBduQjruvspUAS6KnZ7m_6RGdytOmGV_CdGnOh5xC8mFnhALtlZ1KFKoGu3afCi0N1pEhW78LYmpbyd3PnO8K2p3IbxqWs9RwJ3I2whnPntS_FsO2dHGWB4X6b-9jGMV-Fvh_hRJDG_vy8pd7iqA-socfkGO5F7-ZEaPH3WvFO4QJbemW7Rwsv_jevKCDhfq-vlRlwKXO6gbUQa47E-mc2atn_88TVsZuzA_mB3R2UVb-U-bJJw-XllaJkVuMIUqVxNJwulT8KK8is&sig=Cg0ArKJSzJe5iTEtZYuEEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/ Frame 9F16 23 KB
0 26ms
26ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

cee1bd5e01ed194ed9211d280aebe15999582d614189cafab2239e5001093613

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 08:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9221
x-xss-protection: 0
server: cafe
etag: 14524351023591845701
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jul 2024 08:48:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/client/ Frame 9F16 3 KB
0 27ms
27ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 08:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jul 2024 08:48:28 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9F16 205 KB
0 29ms
28ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

fef73f5a70ccb8745fb00810408eac80b31eeb4fa66aeb97d2606c54188d0ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 11:48:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64706
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-7
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jun 2024 12:48:29 GMT

GET
H2 200 9824613000599797174
tpc.googlesyndication.com/simgad/ Frame 9F16 64 KB
64 KB 254ms
165ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9824613000599797174

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a71602a9c4446a333fe34a8938f3b8339a4f3504f9600ddfc571dcd54ce8ff9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 25 Jun 2025 15:42:25 GMT
date: Tue, 25 Jun 2024 15:42:25 GMT
x-content-type-options: nosniff
age: 334757
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65473
x-xss-protection: 0
last-modified: Thu, 23 May 2024 12:24:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 2700 0
0 199ms
194ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsu-VQUkS2L1w3f2WZwguQ66Xsbkuez13THvrZii2nCK0VM9z6P2DdpoT8ft2YWyaWqBIT5W_p2OHPu3g-C-aMza0wRvPzXQMplWuinlDIdkUfGVlW665U0mNw5o4vprfwVLLsYV85maM4rcA08YtCzrTDNdU_qaXdlpUT0FcVlzBXHMJ2CARBrYnm8nmCShI7fKkIyTcN6jC4iq7aNPr90_hfIm0fmmRketURPopdlbHvyIZ-9V2fFQbHJ55irvnNerEpQ7YzTTgvgu5EOc_zHp4CuDYx0_tFbbde2LZqCPO68uWK-sDMg6n9NzWqnyxFVdDK-OrYyxA6Kv_hdrChxZ63EC1rrR7ZOudMTBJqZ7U1z-6iCycU0&sig=Cg0ArKJSzBssW7lsaVLIEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/ Frame 2700 23 KB
0 20ms
20ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

cee1bd5e01ed194ed9211d280aebe15999582d614189cafab2239e5001093613

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 08:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9221
x-xss-protection: 0
server: cafe
etag: 14524351023591845701
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jul 2024 08:48:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/client/ Frame 2700 3 KB
0 20ms
20ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 08:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jul 2024 08:48:28 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 2700 205 KB
0 21ms
21ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

fef73f5a70ccb8745fb00810408eac80b31eeb4fa66aeb97d2606c54188d0ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 11:48:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64706
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-7
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jun 2024 12:48:29 GMT

GET
H2 200 1107864404301539820
tpc.googlesyndication.com/simgad/ Frame 2700 45 KB
45 KB 301ms
226ms Image
image/gif 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1107864404301539820

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

082a9d297905c18cf4b98dfd11232f3687cb3cf13865b0edfeb2d11bc9a3e318

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 27 Jun 2025 11:05:18 GMT
date: Thu, 27 Jun 2024 11:05:18 GMT
x-content-type-options: nosniff
age: 178584
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45848
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 09:37:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 6EDB 0
0 192ms
187ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst6TZv79GZdAPVqdqxSmPhrbUoMcSniLWLHCFh7kNb-ylc63iCJSwmybcNl1uzhr6EyAo7YzWkq7Cv2ZI9CcuQXjMZfD24b0u96jwTPY50ja1MgYnctW5jD2Cp0IOz6dQAlMPPUD-0-DOUJB-Q5qjIVxlz-kgsMWEGu-tTkIoVNCE59kwcEfuK-m02BO5H-WVumJiqVg4HQJCR7oMlX3Psd7B1sgKazFGkkV6daf9WkQudgVtZ3M98m4P3X5RbACGk5ImfC9FpMbZtOZ3LgJiyvCJrVCkEuiFoOTHeutUel9n-JdnFlDJDWxTmpRDEylaVUT3cq2bCwO0DysWsayU85IQHBemSCUZCC-QvOh2upz0QATVK88GA&sig=Cg0ArKJSzEkMn__hgiBJEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/ Frame 6EDB 23 KB
0 20ms
20ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

cee1bd5e01ed194ed9211d280aebe15999582d614189cafab2239e5001093613

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 08:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9221
x-xss-protection: 0
server: cafe
etag: 14524351023591845701
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jul 2024 08:48:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/client/ Frame 6EDB 3 KB
0 20ms
20ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 08:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jul 2024 08:48:28 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6EDB 205 KB
0 20ms
20ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

fef73f5a70ccb8745fb00810408eac80b31eeb4fa66aeb97d2606c54188d0ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 11:48:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64706
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-7
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jun 2024 12:48:29 GMT

GET
H2 200 7460500456351924098
tpc.googlesyndication.com/simgad/ Frame 6EDB 39 KB
39 KB 292ms
225ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7460500456351924098

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

def6e8f9b7942b9f08ef18196cd2c63e200c84214acd4235c52a34fdc358ac1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 27 Jun 2025 05:02:48 GMT
date: Thu, 27 Jun 2024 05:02:48 GMT
x-content-type-options: nosniff
age: 200334
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39665
x-xss-protection: 0
last-modified: Tue, 07 May 2024 08:22:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 3C54 0
0 190ms
186ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst5U9xwHV0MC6vwDaAweidt6Z-no6e8o6VDqNPymEBSXPH-R4lDUZt7VVi9NhM1E7bsf-ypmkrZo0Fh0pOj6cRe2TxAvXkfbEe3GmExCeme3BbQfJtvgYVnG6IdZR2HQ40KNP7IBxiyG79lJy_Alsq5JVwQqycZpANlkWHTkrfT-u2RkwdaXg-IW8SIyHfxU7uLqnCSqrwgxUvcPgOVosEUGKDknsPQUxDh07KdySeflDLmeXhaYZnFspO0LRj3GDlXUBI-Be01nMHXpoockv9EaqN21ZXml3448jpXkcN21fAxCN5YAbmh3pLq5VJ1epWUIYogSnSZ5wK9BHm-qHNw5Rahx-kiwP6hSJbtt2U5dpn3la1gZ64&sig=Cg0ArKJSzOpcu1eC93DpEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/ Frame 3C54 23 KB
0 6ms
6ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

cee1bd5e01ed194ed9211d280aebe15999582d614189cafab2239e5001093613

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 08:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9221
x-xss-protection: 0
server: cafe
etag: 14524351023591845701
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jul 2024 08:48:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/client/ Frame 3C54 3 KB
0 6ms
6ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 08:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jul 2024 08:48:28 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 3C54 205 KB
0 6ms
6ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

fef73f5a70ccb8745fb00810408eac80b31eeb4fa66aeb97d2606c54188d0ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 11:48:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64706
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-7
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jun 2024 12:48:29 GMT

GET
H2 200 10054971678927927450
tpc.googlesyndication.com/simgad/ Frame 3C54 88 KB
88 KB 141ms
136ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10054971678927927450

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef5f1b7d05709dfaac1cd0ac4c42137501ecaf8e516b4b467204e5cddc6e9263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 27 Jun 2025 02:53:05 GMT
date: Thu, 27 Jun 2024 02:53:05 GMT
x-content-type-options: nosniff
age: 208117
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90030
x-xss-protection: 0
last-modified: Tue, 18 Jun 2024 12:38:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame AB3C 0
0 193ms
191ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstJ4pyJZcXE5mxPT7qMhkzVMF5lqsslQJlkWvQO80eKnLOgOHSiAiqvG1t1_72RC6NjgpEqK4S1WfgepWIVOrqpOxmIC8dflSfHxslGXO_Gd7jO9UKDRuGpiyQlAjlWTxQf2ZWLjqVILtyYOYUCbfoG6sBfCqc8PtMiw95PX82tzpDJ-QaLfg1NA5HoKvi6PuYb-IfyTMw_QnG8FXkYyMgW0GLva2Nve7J6mvMMshR_IgokxnMVE3SDjHsxK6TlgdS70VfSftG0mdVYSJJ0vbvPeNwWUwizWbO6_mIDfhTy8KKyssZTznVl7OlikASJjVBpnzAWsFl8QuskrdIa4OQd95wsiJaTp4cGc4MKr45PW582p1eQlsNk&sig=Cg0ArKJSzBsS6a-iGapsEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/ Frame AB3C 23 KB
0 1ms
1ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

cee1bd5e01ed194ed9211d280aebe15999582d614189cafab2239e5001093613

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 08:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9221
x-xss-protection: 0
server: cafe
etag: 14524351023591845701
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jul 2024 08:48:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/client/ Frame AB3C 3 KB
0 1ms
1ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240625/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 08:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jul 2024 08:48:28 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AB3C 205 KB
0 1ms
1ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

fef73f5a70ccb8745fb00810408eac80b31eeb4fa66aeb97d2606c54188d0ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 11:48:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64706
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-7
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jun 2024 12:48:29 GMT

GET
H2 200 16260525257544188558
tpc.googlesyndication.com/simgad/ Frame AB3C 152 KB
152 KB 39ms
34ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16260525257544188558

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46f09f21a0cb26d62ebf3ac88e891cc036092114b6da1b4de447c21c8bdee9f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 27 Jun 2025 20:49:22 GMT
date: Thu, 27 Jun 2024 20:49:22 GMT
x-content-type-options: nosniff
age: 143540
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 155344
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 14:43:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 824C 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d036f98cca2b158c5f6949ee762ba49c0c1ec854171c1138853dbdd86e3da31

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BBC2 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4978eb578bc0c3c90f779303713dcb7f66e0cbfa0d8f9c2c6058ca9d8146245

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E32E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66fb25937da45c30a90825cb0a85504794ff662945f64a1a226f8cea48a16277

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9F16 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb7051cf9cd9f25df76dba0f52940d33498046209a6e942c857eb23f59ffddf5

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2700 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8c8766d6c3e2fa2993e3c0c692d93acb66684b3ed3c25c856ed36f52c4e2134

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6EDB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f761f5f810476045337381502aa01b7b4383c946543d99f6542c1d353e066b5c

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3C54 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc87854e2fe454c2a0ac798a6cad7980cdf3c22837c75d894ae7ea47a878c7b6

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AB3C 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc8684ad74affc563049f527ac7d223d7b6a8f67c4e30535c0e097f1828b9130

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 39ms
38ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-11411975-1&cid=1762258464.1719664902&jid=437214835&gjid=1000927972&_gid=1326831189.1719664903&npa=1&_u=YADAAUAAAAAAACAAI~&z=2105163449

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 29 Jun 2024 12:41:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cqty1.bhuefbfrvbn.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google-topics-api.20240626-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 63ms
63ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/google-topics-api.20240626-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/highburymedia/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94e4fea345776b2bf7a7fb4613276260bf7346757b7bd1041abd4928672f5ec9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 6EgQvtmUsulFouBsYlf.vgWe1mut6pOj
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jun 2024 12:41:42 GMT
x-amz-request-id: JBX0JZG3RSVXR9WC
age: 272436
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 978
x-amz-id-2: DZAmIYEc4Isscrkild4qc9yM1i5lTboRg/IrDnJkbVMptgyPX4luEZkLbYk2PaeI/DjGa+czrik=
x-served-by: cache-mad22066-MAD
last-modified: Wed, 26 Jun 2024 09:00:14 GMT
server: AmazonS3
x-timer: S1719664903.899127,VS0,VE0
etag: "1155ed7d807c021d5b2b951a69c10c4b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 6
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 381957

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
431 B 102ms
37ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240626-2-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 292940
expires: 60

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 55ms
55ms Image
image/gif 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-11411975-1&cid=1762258464.1719664902&jid=437214835&npa=1&_u=YADAAUAAAAAAACAAI~&z=1865844819

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 12:41:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 54ms
53ms Image
image/gif 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-11411975-1&cid=1762258464.1719664902&jid=437214835&npa=1&_u=YADAAUAAAAAAACAAI~&z=1865844819

Requested by

Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 12:41:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 824C 0
0 187ms
187ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 12:41:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BBC2 0
0 351ms
183ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 12:41:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E32E 0
0 603ms
267ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 12:41:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 9F16 0
0 192ms
191ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstVmcw41R_qrE2pBPLjx1FQBXgllfz_eGvS5yZEYKMSm29n4DR42fs3OsltOmixDMLAL0jjQx1GEMMI0r8uCCv7EEv1xEhtlIFl-JQz5iuLN1qhXGBXrUutsGQoHfjCBblczqeEiSXDQHcwo5WX3qOOPS6jnst-9AkVppmfY01rp3zfoH6hl-6RZADbYoTQnkJq3vAzqaukGZPBXGf4tBY8tIb4rWqxw4cmeS--YaIF4cm4bqD8P8fuSNHr6nzqpghR0FrP5qwiqHf-sZNE-fHpLh_tBT5RiNzIomoquYS3aLV7CfkZDdaVTRmHchIxMifJnSOJpOL3SaV8RfncMoJtsJog3mFrlFKtE5wpXlhISaFHzgz9VwQAJg&sig=Cg0ArKJSzHz9FALHbosoEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F16 0
0 768ms
186ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 12:41:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2700 0
0 937ms
185ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 12:41:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 6EDB 0
0 194ms
194ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuQqHR_4cX4MeM7SmhJ6ckpmSloIAa_dQrnj4HZW4Ad436dh5Vu8YnAomNPhQyRgj6zTMVU2zG_PMpI_LxohoIGbXXfzt9JihZkib2lDD_vsQinzs_QCgMw09nLEJB5UBMgAy3cyegWs4kZMXgyeU59yTFJ7wAXBWsNlHbGSCfyi00xlgiJGa9Yc2udMTtfvcn5pgh6VBGJca2h_22Duw86Oo5jBq3L0MzpUSAH7Kh3DFplg3y7rL0XsK5zTRaIu2qA6w4UONKgCY4AaE4nSslTmjxDISuTwHBuIcmeZO0PeSpPr0aZtOZ_gYzzfskXAVbCfZJcr5kvqyHPPCj1nYKvC3IR8t7bGlzpaTYSeOVBTChz0wMpJoWHow&sig=Cg0ArKJSzKxljAr54KbDEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EDB 0
0 1113ms
197ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 12:41:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 3C54 0
0 193ms
192ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvlLi5esgcWi0LQAJBMO_ygfgEHkRLu8WIv-vhcfwyHgTMj1snI_KlxXa0lfQRXwzrU_QIPPb5ecA3m1XXMJ7SqJ-mub0N4R6j5zcGOvH7AA7HjDG8-_mQvbTgqvG_FIGo-7eol-UUyFDZ8IHAE-ERgL7W2VOB-_Bl201PL1KTQJ2KtMtIPduuttJFP2ioDuo0F9tbJDPPvEbj86o4PFwUVE7iPY3F4dULXMqwvUkWVSlzoKPmr9wOrUVhR8MEKmBv8awQpNoi0IgCLMlzO_P3DuqEFjp3JL0f_jdOlIqj1MWNBb_SqAbQ9N1Vj09JaBuMhNu-WpmPtPd4d8xn79oHZafHkYpoXaxQ4vUeB_Caar6GMeTl4GvDeJg&sig=Cg0ArKJSzHabF9huE-TEEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C54 0
0 1285ms
188ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 12:41:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame BBC2 0
0 186ms
186ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuJZetHxrzkKBi5MUuUn6v51vD4ud0P4ZnbHGNyyA5NvfBUfgARU4foAlSlacjmJA-fAzEzw--_KQxQWcpv505jZy3ZHuvkXD6zdrkbSQ4XeM2NTcjZ2IrUD_LoBgnv-wZ1pV4FzbWjrzioXKXU9u_moyovgOIDNQiG6BC_Y8ZYU09zsJcMcJITXNQNDOjQJpNePwBoENIzSNQdiLtXcRA_MzjEn9RWrsGTdfNiwhihupcC6Xa4VCi7ZUH5OLN4wJqbMCJbmqOhuKwB3sCAsx5Kami4_eT8OW_F-lLjem6T3P_d0ZFMTkqqu0ZBCGpL96OESi5SIVNno6wWJM-JmnIWc1g0Q6IMwj8p-KKa_BrJmX5mNrNmiVEYTQ&sig=Cg0ArKJSzAdf4ApVkRGrEAE&uach_m=%5BUACH%5D&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame E32E 0
0 191ms
191ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvbFpRoB1Bs8N4KmHa9fSrevuj67chrWIjTonHSXwBgZQo5ggSiTx25R7kxsv6AuGeBqxT3_k_L6zXtA3Wlxog-hv1tU3o_ikbZGX3PE4jfQGbk91HqJSIsB4dHfNH2q08zKRRFaXgZxPbJzEvDKwN6nBMc-Z--7bkueuql8OGOpj0UFkrzDk4TIX1MpBgucjgLn2oQ7QtTM2TJfvBH2sB2hBsdgYRqW8MfeTq8zDh1gSOj4PCccxq0UzohvXTrSJ9qsfrxoSQwUMcQQ1wgmpKe2D4QV4p4xzcotlXR7aWztSPrPHjrcYKCZWodlcP9PB9_YbcQjyxxpNuHxd5sf_66rI4GVrhdC5BOtV-GCT5qOborFdmcRBZ2OY4&sig=Cg0ArKJSzOdew458eIT_EAE&uach_m=%5BUACH%5D&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 2700 0
0 189ms
188ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstw98m35pbEAHTmFsyY0pk5Sg0ULNvu_tEzOeEeJ9jZsx49m8k81THS3RGhg4bV5QeyZWaKcvIZ61iGrPMsKLk8bMqiGhUsMADOn4nHocLg81qrM3s6XmsjLBNIoZRL2MHr4lHrvVs15N9BIYQt0_-cy6RlhQSmr6_rAn_S840E3eFJVs0E3gzR01sNYfs4bYm4DXv6H-hHJCp_QaWheDb0WmBKWPLa0tFWL35-Wa7FjsB6Uc5QWpFIcv-kG__3FaYjBSXhtuhHP6rIPmb6J5owORIqEiXka4Lm78qw9NDmv-xZfbzLlxLS4_mhAWIIKjt0Ob3C93ufSf5lUvLseB7U6-DYT_gXoYdIqRfB5T5cD24npjDXvyySSA&sig=Cg0ArKJSzMmJLX55qsKnEAE&uach_m=%5BUACH%5D&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 824C 0
0 187ms
187ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvYpNc549u6MLDShxvhSx37iu6kTyMkcSEcbbb3ojGzl3C4MLGLT06O78fZ3DnVaBWIsDDZtXX1ZLEOq7YhBYTmDyDa2YBM8BdHS1WBCe5HVhFYKEFGlOCoLyURzwnsbvXlC_qKJKzw3KlhsZYLi7Ubtca_cKr4BB-krmmdHrZetVfsHwb0iA4xX9LdRo1N5RVgIJF_qTAwOtBsNkkYc_5ylEnVfkS21ZVKBxoGQaL5Cg854Aia6a3qNAn5HCB0a5PC9jXd51RGYfIToxnT0faQoQPBaA9IOksW0sO_PaUUWhNAl4YfQsQ0IPs0XstTyf1AgPbkjvqaP0k4GNL7J0H7XQh56zJmfFAOK1AQVuw3IM7Ph-O26gk0QA&sig=Cg0ArKJSzARYfNN9EJJiEAE&uach_m=%5BUACH%5D&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame AB3C 0
0 193ms
193ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstgKDpBppUmlPPg50bOiIUW0AIP4uuenYeeGETyd4m7DM23OLpo-wTPquMCoNuYT_kfn8G55I5OKrFkO8X06lSTie4k1_Xhafi0yWHG68n12YbhnO6K4FyU2NnEH15XNFWTZpdnwR5huDIUraWmUUw82Y-7mGq4BfPnVsGuekynOM2GKA2KAJ73nxBdDbhD_PXeV08txaCdk1AB3mk1WsMmaAlRWd9P61EvXZu8ifLTjfNqLZ9js3ZIxGc82Ooyx-bllgdD0yoO5ZBXlxM_WDZ_KKeOnIdfzCV0p2KfFzfTr72e-K2YJF2dOFupgPsWLFJDJ2FzCxOjVsdpEK_gC7myTNXjSEB_7NOJTFPQp6KSFaoz0bOTJXaMxgk&sig=Cg0ArKJSzFmisr6ZFnD5EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB3C 0
0 1421ms
187ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 12:41:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame 3A89 0
0 172ms
62ms Document
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/google-topics-api.20240626-2-RELEASE.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

abp: 13
accept-ranges: bytes
access-control-allow-origin: *
age: 81578
cache-control: private,max-age=31536000
content-encoding: gzip
content-length: 340
content-type: text/html
date: Sat, 29 Jun 2024 12:41:43 GMT
etag: "8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified: Tue, 13 Feb 2024 13:15:59 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: LWGDGE1PLP+m2VEGO90QMrVBSzlOkAfyHzFmaVHqw3KYVJkVVwglRGVYVOrw9RgCRBxHdC8lgEw=
x-amz-replication-status: COMPLETED
x-amz-request-id: R0ZZ92XNJT9GK5YD
x-amz-server-side-encryption: AES256
x-amz-version-id: 4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache: HIT
x-cache-hits: 76158
x-served-by: cache-mad2200118-MAD
x-timer: S1719664903.287195,VS0,VE0

GET
H2 200 container.html
0b9201374d747ca5e9eea66f647fb8f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8A43 0
0 0ms
0ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0b9201374d747ca5e9eea66f647fb8f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jun 2024 12:41:42 GMT
expires: Sat, 29 Jun 2024 12:41:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 wp-emoji-release.min.js Show response
dctboyojy.578333.xyz/wp-includes/js/ 18 KB
5 KB 665ms
665ms Script
application/javascript 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 11 Apr 2024 14:29:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6617f3c1-4926"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IE8%2BsvyAoO%2FTyfDDTdVYtOBwAxGiC6glw8Q0UnoNrMRLwIkYVGpVj8e6AFVw8Jq669xQm9gjuYY74x2vs55lI7bxnNrh3YoNVz4KSF%2FwpL7QAu4jSmEJv8X0H%2FGzDxPLbjbz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe0d39319b63-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 2020-White-Porsche-911-Carrera-4S-Coupe-PDK-8146563-1-1368x1080.jpg
image.blob.ix.co.za/Used/8146563/1/ 132 KB
132 KB 444ms
443ms Image
image/jpeg 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/8146563/1/2020-White-Porsche-911-Carrera-4S-Coupe-PDK-8146563-1-1368x1080.jpg
Requested by: Host: dctboyojy.578333.xyz
URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/swiper.min.js?ver=1.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6d997a9a0b9f26b564597b3a12124d511d13ef58e1e5391f15aa952b5aaee0ea

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:43 GMT
last-modified: Sat, 22 Jun 2024 12:42:01 GMT
server: Microsoft-IIS/10.0
etag: "7c77f293a1c4da1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 135234

GET
H2 200 2023-Beige-Toyota-Land-Cruiser-Prado-VX-L-28GD-AT-8120290-1-1326x1080.jpg
image.blob.ix.co.za/Used/8120290/1/ 149 KB
150 KB 1218ms
1217ms Image
image/jpeg 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/8120290/1/2023-Beige-Toyota-Land-Cruiser-Prado-VX-L-28GD-AT-8120290-1-1326x1080.jpg
Requested by: Host: dctboyojy.578333.xyz
URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/swiper.min.js?ver=1.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6730704057bee7f5fe5db3e437ec79b5f28ab7c71f45e94937c39144ff9b1b92

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:43 GMT
last-modified: Thu, 23 May 2024 15:01:44 GMT
server: Microsoft-IIS/10.0
etag: "80d6972022adda1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 152965

GET
H2 200 2021-White-Toyota-Land-Cruiser-300-V6-35T-ZX-8120734-1-1356x1080.jpg
image.blob.ix.co.za/Used/8120734/1/ 144 KB
144 KB 1431ms
1431ms Image
image/jpeg 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/8120734/1/2021-White-Toyota-Land-Cruiser-300-V6-35T-ZX-8120734-1-1356x1080.jpg
Requested by: Host: dctboyojy.578333.xyz
URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/swiper.min.js?ver=1.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 308c22bb3c8ff01267bc784597d57e727af841126cebddd8247b5b8bed926214

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:43 GMT
last-modified: Fri, 24 May 2024 04:32:26 GMT
server: Microsoft-IIS/10.0
etag: "1287516193adda1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 147296

GET
H2 200 2021-White-Toyota-Hilux-Double-Cab-28GD6-4X4-Legend-AT-7797923-1-1389x1080.jpg
image.blob.ix.co.za/Used/7797923/1/ 135 KB
135 KB 885ms
885ms Image
image/jpeg 102.130.121.238
Host-Africa-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.blob.ix.co.za/Used/7797923/1/2021-White-Toyota-Hilux-Double-Cab-28GD6-4X4-Legend-AT-7797923-1-1389x1080.jpg
Requested by: Host: dctboyojy.578333.xyz
URL: https://dctboyojy.578333.xyz/wp-content/plugins/create-custom-recent-posts-widgets/js/swiper.min.js?ver=1.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.130.121.238 , South Africa, ASN328364 (Host-Africa-AS, ZA),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 836ca0626d8227fc9d5d490cd9e87d4a1498e9278804c860de6d9512e68fdbea

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:43 GMT
last-modified: Thu, 06 Apr 2023 16:43:18 GMT
server: Microsoft-IIS/10.0
etag: "323649e4a668d91:0"
x-powered-by: ASP.NET
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 138568

GET
H3 200 F-3-3-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 9 KB
0 1ms
1ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/F-3-3-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a05703fc249f3bf3f44cb427cfbfbd8460c05692880495ef7f62db393218156

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Thu, 20 Jun 2024 18:09:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6674704b-2468"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RjSNIM2U1BzAKUIyCDP%2B5gOQNXYix0BElYugRhxlDqeXtKCFYcjxAyTE6SMP6Dt2qxSlWGIqn%2F4Es8TBDLqttkj62BZxVECNifk2FOlvqZJwNJqpHgEUgjc0b36q46AFsXQs"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c1e9b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9320

GET
H3 200 H-5-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 21 KB
0 3ms
3ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/H-5-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3c900b1f74a688dce1d47b538040ea7c8b243ae8a3e25de58482041b6feb2b8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Thu, 20 Jun 2024 18:08:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66747023-55c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C9vpwswHN%2BohTNMkbsZoJONs07nzMqJ6zDckRpsXxPS4PL%2BEpoOFXDtmrsNsTD3TM2j1bykmLIzW0z%2FkgFL3t7mtnYhGcWhs377oKNKF9YzX3cUlfemmRuYvvRO0yvHEu4aU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c209b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 21958

GET
H3 200 Tunnel-Exterior-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 12 KB
0 4ms
4ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/Tunnel-Exterior-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 744267d0ad832cbc545f4f9bd5cecd0cf51a0ed600fcca68883255dd0fc55591

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Thu, 20 Jun 2024 07:01:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6673d3c8-30e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=24ao1TxrDoYzsh5dCXtYIPql4Vu4SWdkfX8a2CB1f97cFR9Oi3ksU3LRlwjUQZImfOnWOwzq1TthZhTiRxemEUn0mlbBjYBFwZO4ww9WiuQ87qP9sugJoqLJ1Ic36NTcUKuD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c219b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 12520

GET
H3 200 3-5-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 14 KB
0 4ms
4ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/3-5-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 038bd21e20a795956bc2d76c39c26c38247beb41cb859a05aaea1c76e027ebae

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Thu, 20 Jun 2024 07:55:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6673e08f-3656"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hw9uPgnvu5TDIQMmbmfxOGTOVeqN63P2NzCGdfR1Mg56TNZ4pxGJkSQ81pSjGZViTL38KvHRV9OCgEBcc6i3cNscIbexKJKv1RnIhbuMOJK4Gdd48IOVtwSrJhBz%2FnESvfFZ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c229b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 13910

GET
H3 200 P-6-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 14 KB
0 4ms
4ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/P-6-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc61af77cc90e826ea655c43ef6ff9e28bd219e02ce269c60ddb4dc57ca741dd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Wed, 29 May 2024 11:48:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "665715fa-36a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rz65XwBSldWpFypteLaVxKFKNh1A%2BoJa%2FQbqHfa%2B6jpbOxho1v9ETpDJn%2FaONvCkQgpEd7Ex%2BKOgRgcu5D3Tiqf5L%2FUkOnX5pZFCYk%2Ft%2FnXWN9%2FK1eb5boj%2FpC0q%2FikSnk3b"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c2f9b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 13992

GET
H3 200 aqcs7zpv8bkyvoitifje-copy-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 17 KB
0 4ms
4ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/aqcs7zpv8bkyvoitifje-copy-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16e665c3ab8d60d214580dbdce0cd84d27cdad903593a86574d230efe90c4952

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Tue, 21 May 2024 11:59:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664c8c9b-4522"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rDTEVD%2FaujhOnjDt0MWa%2BdwlzCNaLCx2cRIIHBNdMq1Z64u97nY8jPWjxCk7IyiUtFcEfSVTMdXZyfS1scr77OzTIk7BrUKItcIsdRK6sR0s1P5A43NKUSmGaj0pd5jDUm7i"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c2e9b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 17698

GET
H3 200 Countryman_1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 15 KB
0 5ms
4ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/Countryman_1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f83d55dba8d6d1b574e5c34d4bca4548520c8fdaefcf860f44af33ca0258b11

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Tue, 11 Jun 2024 14:02:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "666858f4-3ad0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zozP1g2MbsMi5xX9eDv7fQN5USlI8npEttKYZ9%2FwYhnx26g3tX2Tk4we0rRdZy1St9nZjN6qgiiO6Kg30t4oPL9AfzsXzQ0%2FghH%2BkiB5dR3U0UAp8szJQCIvhyuWC3zarys2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c2c9b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15056

GET
H3 200 20240321car-8-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/06/ 11 KB
0 5ms
4ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/06/20240321car-8-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc609c8f86bcf6bdcdbb981b7cd50421337712a899c0e0ab721d152406245314

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Tue, 11 Jun 2024 09:12:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "666814e9-2bc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vRqQlSXom43JDBsNsIoE9qzMiR8rlTICVs%2BGpI8VC2SAtL3WroQ6%2B2EY1JqiK2QnF%2FSVoE5D2pS8HxAVbco7OgkY9HQw3Ky2Ztd9s3rxs%2BLuusuD4Adnl8DDo9DOgXARSFP2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c2b9b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11202

GET
H3 200 20240502car-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 19 KB
0 5ms
5ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/20240502car-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f678ed2950ff009ba4f69d27138a40f8e926a177618583a04195774cb2ffc0c6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Fri, 24 May 2024 10:09:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66506741-4c8e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E9zTGxRpe7xICF0C41uC0UTD4KLPPIL8nNOR%2BCuMIAf4ZV%2BfKix2Ksb6HkpdpnafiXexdUy9Z2%2FoXGtifdUjpgmjJTvKGrkPV%2BjZswq2eluvIxGuXjkpzUVT6%2BM%2FD%2BzQa8wP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c3a9b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 19598

GET
H3 200 LDV-1-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 14 KB
0 5ms
5ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/LDV-1-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cd160f0761224389d0794a6ba6838ba8c260a15bb32ab82d20e8d8cddaf849b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Thu, 23 May 2024 15:15:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664f5d9a-39a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QtcNR6OgmF4hs4lv0oxaNnkD4Jdja09FNCxW3cbXCK08VzX4eTFSde3cw1ePMr5UnaWHJ8Opa%2FIPIWGBAsMobfxvdYLXG8E9NFK5vku7zGrRlZzq%2FEM3xZMcgVCSZGNUc4r1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c3c9b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 14760

GET
H3 200 J-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 22 KB
0 5ms
5ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/J-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30eba624890629f7fb30b4fc8a361b0dc3a7b161e9acf0330d2ac47bbf1006c3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:43 GMT
cf-cache-status: MISS
last-modified: Wed, 22 May 2024 09:50:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664dbff4-5824"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7i0QvFxHJ85LdDFJOkxETzafUKeZXWkz9QTD2XWTUkx91mZZBvYm65lQ6kRPDpBno36R8GXuKXXEQaU7z1Ra%2FJ452vo%2B8ZwS6XTjtdwlt3nRQ3BjNKAexUzhBg5HlSYPIHVP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c3e9b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 22564

GET
H3 200 S-4-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 10 KB
0 5ms
5ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/S-4-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3caea22bb39112951c5f10b8c6b94149f08e48dcbe3b23619adf6a02bc8e2da7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Thu, 16 May 2024 09:59:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6645d90e-2944"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yabjasPah5v3jRVUHvQVEdq51x29ksVxRsZasrVS29iMJ0ZagI3MVfq8rpso4ifa%2BQg8gQ2u9hrTMjQYd2DCePwt%2FfF8xu8rpGO9%2Bj%2B9IGHdOcLYj6Bb5dH%2B0ggbFz0QTz%2Bi"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c419b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 10564

GET
H3 200 Bi-3-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 20 KB
0 540ms
540ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/Bi-3-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff26c5ae4cb6872bf6ca4c8abbffadd95b788fddeae30c6d0483c879b30cd141

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Thu, 16 May 2024 08:25:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6645c2fa-503c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JiIMO76t7aqqVZed6F%2F1zaaynxRdX3AbDlsvrMO2qkBWLzdJawpkyFsTLYCEiKOCxN9K%2FS0DoMP9BuslpcVOzIRghCjCTeA4UFErta5OalUVSs4VFKDTG%2F4pNnEMqCUpKCVZ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c4d9b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20540

GET
H3 200 W-3-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 21 KB
0 536ms
536ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/W-3-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57fbea68c1971609fc617837e19f64f8f6edd3b8be46a5e5d4f0be8d4810074e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Tue, 14 May 2024 14:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66437ac2-5552"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7owxqEw9kwZN9Kn8JYoP7gIw%2FU%2FGAPoVtb3IEy9HX5XuWArFcv2VBb8Ps3QdxE04AoQR5Gv0z94fCQkftQvxLIvIjLrEXTmcbescLpYcS92wcVCInDhknign%2Bq4neHaPJU5R"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c4a9b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 21842

GET
H3 200 M-5-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 20 KB
0 6ms
5ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/M-5-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c946c4a4f654d511da76e9710ad22adc8fe9b5e9f424b14ce4a2265923c98802

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:43 GMT
cf-cache-status: MISS
last-modified: Thu, 16 May 2024 08:58:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6645ca9a-4f1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ssle93pggAclPRnC%2BIta%2BLS7B%2BzWlVz5rr%2BgYg67AmaAVAcBIHPQ3G1tzNA0HSGQLGdBuLlj9IgdK%2FX0BCbGMuEcT4G2zAbcAknSj7LcR7nClfDXxKel0AxOjJ6DtEClw3Aw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c499b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20252

GET
H3 200 B-2-1-407x230.webp
dctboyojy.578333.xyz/wp-content/uploads/2024/05/ 27 KB
0 6ms
6ms Image
image/webp 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dctboyojy.578333.xyz/wp-content/uploads/2024/05/B-2-1-407x230.webp
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a26e6e117c00f30f956ccd72eb6af343ca68e42e10be4800ccbfe8abf96d32df

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
cf-cache-status: MISS
last-modified: Thu, 16 May 2024 09:12:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6645ce10-6a54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BeAI%2FiSEgjaXPhuX8fSwmFSPL02CGxzAfpevfcWPurTpoGdzMYa9pCalQGlFcxab3JY%2FYNoZM5nAG5s%2FainophcnYCWYwGT1XYA0wjgXLNxvAywCZs41q8J%2ByHxWkfImELFe"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe041c489b63-FRA
alt-svc: h3=":443"; ma=86400
content-length: 27220

GET
H3 200 drivers-test.css
dctboyojy.578333.xyz/wp-content/plugins/drivers-test/css/ 2 KB
0 0ms
0ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/drivers-test/css/drivers-test.css?ver=29-06-2024-1719664712
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 432eb81d99e6c7f947e6e9f30ca98503157b92ae8fdf6e21a2da6ea143fbf3f9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 13 Oct 2023 10:25:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65291b1b-638"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E0nQYJSZ0JhXbuCon4LoPKZZowOY24jf40aNyVe6o3U5WP1NdvZYg2pTmuWHQ8xDhbsARBKMT2hTXofj6MsPA3lX5bKE9CoOah6S1L8Pn5esF%2Bpt3jfVzGXHHxGPIats0cRQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe041c659b63-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 menufication.min.css
dctboyojy.578333.xyz/wp-content/plugins/menufication/css/ 29 KB
0 0ms
0ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-content/plugins/menufication/css/menufication.min.css?ver=6.5.2
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f55c1dbc04d02e68da4ad12c1b703a08b9582e56154f5d18ee1ff792cf0648a0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:27:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6375fe7a-723c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RQSRzmz%2BBt8A4TFLDQUn1r15EaeEQ%2FjvATasv%2F7H4gP0ulNoSz%2B%2B7tcN9nt6PP%2FZjvxrVQZpnpExKcfZY4w9loeqo8BuucNSDNka0jnPqEvODplEQPc7fcKD6pMugZ67dSYv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe041c739b63-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 style.min.css
dctboyojy.578333.xyz/wp-includes/css/dist/block-library/ 111 KB
0 0ms
0ms Stylesheet
text/css 172.67.216.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dctboyojy.578333.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2
Requested by: Host: cqty1.bhuefbfrvbn.workers.dev
URL: https://cqty1.bhuefbfrvbn.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 11 Apr 2024 14:30:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6617f40f-1bae5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FERqvBMEOfaEaxpcpO5bk6joDgdxVmhhgcs2ddEwYw3GtUWLffpFcXdnU5%2F25hNX9DbkGnjp6CuuMAoBDXq7ywKNUk4T2vjKvlRLBwD%2Fg5JVIsgx5MDQ4PM7IyXTOhvU%2B1fR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89b5fe041c549b63-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BBC2 42 B
65 B 186ms
185ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu25__kaVZlixpsv72TLWZSXgLb_iAKDplImid7qhknsNeEprP9Drf6oLOU4iJxav1XzfYWMsq-jytTz5sMlC8bXWn5p4kRXE8oUp2UwM-JwNmcdaVCr4QjkgnLHyWPYAVOzkmfyJMXS9M1tfWbAiSwffcTVLOx60MIUF9Ql3-9uLU&sig=Cg0ArKJSzG3a8sKOxTcjEAE&id=lidar2&mcvt=1000&p=190,1426,886,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240626&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2185212989&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&vs=4&r=v&co=1559770200&rst=1719664902677&rpt=418&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 12:41:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 824C 42 B
65 B 208ms
208ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvILzCibypBZksjkTSCV_U_0f65CQ1DbmqQISkUuf_jrVdfnpIsZfNsqX8CYVnwOKxE6tFmUfyLeSmicYkDP4bsInOerPAXQktG5-Ao_4mEuz0iP7PasgNxlic4Om85wYhLa5E-5uSfOp4ET2q9yhty4t8DkvjDRvMyW-QxghZOoRA&sig=Cg0ArKJSzAVe8LLHSZZxEAE&id=lidar2&mcvt=1003&p=190,0,886,174&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20240626&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=979567663&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&vs=4&r=v&co=1559770200&rst=1719664902639&rpt=467&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 12:41:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E32E 42 B
65 B 207ms
207ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsugCLzClfyjqHq48WSjUku1vdEGZvZRH-EHIOyovqkmRjKYfLs8fSGEA6Swaacv38J-vB4z9Kz7Nm79tZwNRK-Ptmjzj97V_JU-e-185_31fCIWZENcwYtP_KD0SEu5dc0WHKq62YaEFwLN0AM442dIfTrjkoOd7ylJ6xeIx-5xof8&sig=Cg0ArKJSzMeY2ALPCcgKEAE&id=lidar2&mcvt=1004&p=734,436,824,1164&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20240626&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2558534381&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&vs=4&r=v&co=1559770200&rst=1719664902690&rpt=409&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 12:41:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 82ms
82ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202406250101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

b55abe40f4d6be5e770d11aae290934b4a6794febd4271a32ecaf341a3806f62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12673
x-xss-protection: 0

POST
H3 200 rum Show response
cqty1.bhuefbfrvbn.workers.dev/cdn-cgi/ 0
108 B 117ms
116ms XHR
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cqty1.bhuefbfrvbn.workers.dev/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Sat, 29 Jun 2024 12:41:45 GMT
x-content-type-options: nosniff
server: cloudflare
cf-ray: 89b5fe1828919f42-FRA
x-frame-options: DENY

GET
H3 200 favicon-32x32.png
cqty1.bhuefbfrvbn.workers.dev/ 1 KB
2 KB 608ms
607ms Other
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cqty1.bhuefbfrvbn.workers.dev/favicon-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb2c9015a07685f5df9721d1972ae0c1993e006800b2ef8ec184b846b279ab9d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:45 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 09:18:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6375fc49-564"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U2nWRMaZn5%2FUP21virWbfSjkgwnzgwEg5Sd9O7eYTq5vif4dq1i6WuLLGRyGnHZ8WXm2SHCBtktj15igSGaNep%2BMBKve1KkLgVAFYoNurhGk8P58eFYTIFttLstGX74lX9ty"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89b5fe1838a59f42-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1380

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 65ms
62ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js?cb=31084894

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 12:41:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 12:41:45 GMT

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9104 0
0 40ms
39ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cqty1.bhuefbfrvbn.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 7411
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jun 2024 10:38:14 GMT
expires: Sun, 29 Jun 2025 10:38:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202406250101&jk=502093983338160&bg=!oqGloe7NAAb64txl2uI7ADQBe5WfOH_kwYceJImF7KNP6FUtwdRgctCY-Mh9yjhXRBxI-jcNlN2wbGDMkCvg8AOIV9-bAgAAAG5SAAAAB2gBB34ANZczfTUGduI3ZL5Xu7uXRw-_yYghG52uu5RU06ei1Pv4oU3n6z8b_MDEUlNJgVewL8KscdVlCgAUy5M_kHiR9ZkPs1oQVhZMC8v5tQqZAq2B344IPogyqCqnP0BYGJZ-ZOzWa48AGTvskXur5OkFaqzVG_h9GzAkt22Z9sYI-0Dvtf0WoA0p69rVKRcSODjUe3j3fdKBVaOyvyPafs81lfNuSEH2VNMfJUeSqraDrGWAMRgdU832xRGqvYjy5PdSabVJrj5VJNMn3hJqAfOnDLP4S8rikApP5ylvv_7romc7dppstaekkiMwFKpIUNU2fDX1T3q2E6XYZTDJHATredRmp41yq-k6dh75tr4ZLxjVgXrpSvcPCzrchwPBI5kwsUWqhOGe-m6I4HKPqeyIO0Dpc49e2kob63BkfjU11yXhnnfd69602LLBPPIGl-CRa_aOoDugTg9rx3nkF59Oa46oeHkr-PsU8fi1R7xSP2KcBo315na8MODyS-6KnzqI28qd3nLwAAEW-MJcM7e-CSP2hlRedJbu4LnM7X1BG-E9j1dby7j-x55NYkZkPXI_WVfq28CeaBlt-zxyhDzhinJhOhaKsyCG5aNwH6LBw4vhXosspPiOK-QerpepfBmlz2mPPi2STsBPlOF9L52xy9WS0YZ2mPr0a4SlYB95QphnlziCBa5vcdyfmP53_cHAfUXgG2y5ORSIm2c2sBkEtFC1nrstJIpowKJ6bq9P5FRQwetG8vyORRzINlbPP4n7hEuDKS8fZfSnHI_73pv1wFBdT6s0ACZEK37te-demw4IeZLl-1y_C5NYDkYvoMko7Xd-MhrXlFYdejVG57ODaZxL1dY1CjnrkASNUtYpT1p4tLEgU4D2yCJGh0ep76ByWkjiIxvr9ZIAM8IRNIxIS22ZyunCq0lTQnKUY73XqjEGQmiOBEFvvnDHCcp-AYiETi_yl4JrKH25S6Y4QMFd1RZk0sXN92hF0R12rvlxrD-LASoYjng_Kvik1hVD

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cqty1.bhuefbfrvbn.workers.dev/	1969-12-31 23:59:59	Name: PHPSESSID Value: tfe7dhjc9n76gol0tj5j0qelbu
.bhuefbfrvbn.workers.dev/	1970-01-20 23:50:40	Name: _gcl_au Value: 1.1.174261521.1719664902
.bhuefbfrvbn.workers.dev/	1970-01-21 07:17:04	Name: _ga_KYLBT1M2BJ Value: GS1.1.1719664902.1.0.1719664902.60.0.0
.bhuefbfrvbn.workers.dev/	1970-01-21 07:17:04	Name: _ga Value: GA1.3.1762258464.1719664902
.bhuefbfrvbn.workers.dev/	1970-01-20 21:42:31	Name: _gid Value: GA1.3.1326831189.1719664903
.bhuefbfrvbn.workers.dev/	1970-01-20 21:41:04	Name: _gat_gtag_UA_11411975_1 Value: 1
.doubleclick.net/	1970-01-20 21:41:05	Name: test_cookie Value: CheckForPermission
.criteo.com/	1970-01-21 07:02:40	Name: receive-cookie-deprecation Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://dctboyojy.578333.xyz/wp-content/themes/CarMag_Revamp/style.min.css?ver=xxx Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
javascript	warning	URL: https://cqty1.bhuefbfrvbn.workers.dev/(Line 2077) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://highburyads.co.za/www/delivery/ajs.php?zoneid=1599&cb=46130640774&charset=UTF-8&loc=https%3A//cqty1.bhuefbfrvbn.workers.dev/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0b9201374d747ca5e9eea66f647fb8f9.safeframe.googlesyndication.com
buttons-config.sharethis.com
cdn.taboola.com
cqty1.bhuefbfrvbn.workers.dev
dctboyojy.578333.xyz
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
highburyads.co.za
image.blob.ix.co.za
l.sharethis.com
pagead2.googlesyndication.com
platform-api.sharethis.com
region1.analytics.google.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
pagead2.googlesyndication.com
102.130.121.238
142.250.184.195
142.250.185.162
142.250.186.132
142.250.186.34
142.250.186.66
151.101.1.44
151.101.193.44
172.217.18.1
172.67.216.21
172.67.216.245
188.114.97.3
2001:4860:4802:34::36
2600:9000:206f:7000:c:abe:f440:93a1
2606:4700:3033::6815:45f9
2606:4700::6810:5049
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:81d::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c04::9c
2a02:2638:3::c
2a06:98c1:3121::3
3.126.189.237
3.160.150.46
038bd21e20a795956bc2d76c39c26c38247beb41cb859a05aaea1c76e027ebae
082a9d297905c18cf4b98dfd11232f3687cb3cf13865b0edfeb2d11bc9a3e318
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0ce10ca569e4e523b75bfd464ecdedc1ec5e74ac0291584931ab0add3ac2388b
16e665c3ab8d60d214580dbdce0cd84d27cdad903593a86574d230efe90c4952
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1fdffde27535a2f98e0ccf8a15def289dec5f000077c34774f3a7e2c7af2a4c8
21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700
25068766bea3ae98004f63d12d9145633c4916f32ce252431ac10406725dbd74
2866e98ae386469948188b57264807622938fd4c2f1a251b93473669c03497b1
2a71602a9c4446a333fe34a8938f3b8339a4f3504f9600ddfc571dcd54ce8ff9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b5c6fefbc9cf825ebc533e5debfff5fb482c831e783d79198f1c1b6946fcce2
2dd4eba8712e37e9556565bc1ba6d497e8c7d4124cb3d474ffb559ef83983e5b
2e0c66741dfec2c3002fe92915499f6808da0a9ce99d34916bd9e7883d0f8074
2f592d35bf0fa8e955aedbd92306226c809921b377217dffc74d67fec14e49ce
308c22bb3c8ff01267bc784597d57e727af841126cebddd8247b5b8bed926214
30aa80a90ee383cbf1e51c71164c27de2c1e6ad4eb79d434d27503a9d7da1326
30eba624890629f7fb30b4fc8a361b0dc3a7b161e9acf0330d2ac47bbf1006c3
31b9a64530ca997b6bcc15ed933a677acb8659fd3d75c6f54736657bbf69c18e
31f04ab75fe4bfe4a1bbe8e268ffed64bc82224259dabe3b44723d1613418f68
3442ff60c2a33c78c7b8a655b78d1ab757c6122a5cbfe9b84473f073805c709c
3a05703fc249f3bf3f44cb427cfbfbd8460c05692880495ef7f62db393218156
3bf56be78e50f88adc6c033c8d1a5072773a2a6adc5efd396882e0f11b4c8622
3caea22bb39112951c5f10b8c6b94149f08e48dcbe3b23619adf6a02bc8e2da7
3d036f98cca2b158c5f6949ee762ba49c0c1ec854171c1138853dbdd86e3da31
3d49b5d25b23f62d9db04b5bfb11a3aa5d443eb278eb55c2cbdd8da81c64523a
3d5efa15d96b4628ea930699ede76eeda8a4b28887f155a5789e662611f1da4f
40c5a3816b27d87a187ffaabaef1a4d162f5510c51215f77da2ec281aaa2060a
4200e8df2c5f52c2bf9bd2f41ed424edd48c54b7534071a9e61f5ee4602b742f
42e3aa6d662901ad9a1a467a06d2ea7514451ad93b1fda75bc093374aba78290
432eb81d99e6c7f947e6e9f30ca98503157b92ae8fdf6e21a2da6ea143fbf3f9
44f4cd60016deeffe0bd48dd5c452d29a62524a613b47ffe126ec004d75315b2
46f09f21a0cb26d62ebf3ac88e891cc036092114b6da1b4de447c21c8bdee9f0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
50af957b9bedb343bf0cea4f4dc08b16aef7861d2890324adea73189105cd978
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5473248018f348cf42cd64f7768873a9b3deac3ca579e8c3a9d69feb0a4deb3b
552c4faacd9b3ec9971f1ce0c4d1744e32328ff9b1f00d215eea685cb5a96633
57fbea68c1971609fc617837e19f64f8f6edd3b8be46a5e5d4f0be8d4810074e
5a5a2bda50a337aaaf3b773a1269e9282c0ade1ff0fc8e2d15b65cb0010f6376
5ad9bd21fb6717d406acb28c063cb8ff0969564cb1c3cf5089496f2ea4f0fbb1
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5cd160f0761224389d0794a6ba6838ba8c260a15bb32ab82d20e8d8cddaf849b
6165e152a8800f0fac70adf9d459535cee60a2fb561c98f87db892d973c911e8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65d43fc1d47bdab6bb9a4f5add734f8b9d059f9e773c431a350b3804bfe38a7f
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
66fb25937da45c30a90825cb0a85504794ff662945f64a1a226f8cea48a16277
6730704057bee7f5fe5db3e437ec79b5f28ab7c71f45e94937c39144ff9b1b92
68e41b1cf2b6d00eedaa9ec57a7311a481d2bc03b8665bf44f3580943ea8a11a
6d997a9a0b9f26b564597b3a12124d511d13ef58e1e5391f15aa952b5aaee0ea
70619499e4709f4bc53d884a45e4895660c497295228bc928ae17ae694494c48
716cb523fa841c30059a51fb52757884a4e5ddaaf9fdd33bd4fe4b6561421fe0
72dab8d6edb1639e61c4ff09a24320a00ea663afb9798941973c4485ef7c5b99
744267d0ad832cbc545f4f9bd5cecd0cf51a0ed600fcca68883255dd0fc55591
754eb49a3151007ffe99db087e166fc6637651c12f614ac8696fbe76e7dca78e
77caa92f758f70c4f5953180bba818d10ace096b8ceeb84a0e0bdc86c2fc5fd4
78fbbffad8fe3133860095eb3648454c538d8343c106df9da38c0255c233457a
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7f8395b638ccead050ac9a5f01b0872bf6e6fbb1588893ba1394a461ab1bdb15
809d9ae7cc4a1b7f48a830c84475f16dc2ce3217d10150cbafd5c5c36199f6e9
8352b5b204ffd4c0f6946891dc9210b0973c001401e74f8f84d850d42e601726
836ca0626d8227fc9d5d490cd9e87d4a1498e9278804c860de6d9512e68fdbea
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85ebfc8f3f042e96980c6800f5d9efc7f5dd4777a782ab92363260631c98f149
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8bb57fcb37c5f411c45ac7ceef54cebe0e8550e0f766052e6f001b64f279f3ce
94e4fea345776b2bf7a7fb4613276260bf7346757b7bd1041abd4928672f5ec9
95ec5fe9bbec658f1d8e7d11f8d9f054a30798c67aacaa4ec2d80f47c18cb3b7
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
99a2980e3acac7a7d0bc47e5b097e2e33e0a2a93285213cafb5b61d1c1f06da1
9a40d9ac37537806e48e209965d8daa4a337de6cfff09c7531939956cc813f31
9b24d51fcc240defbd3655c2a6d0bf93a188d79f877c7646f0e31970db2503bc
9f83d55dba8d6d1b574e5c34d4bca4548520c8fdaefcf860f44af33ca0258b11
a0008eb2109ddfca588c1a7a7f4e68bfc3aa1462c894d05f885c3be21e12e4be
a08b7967aad3133f6145ee859da1fc29692364cc0290af7f817c0b65913f7d5b
a26e6e117c00f30f956ccd72eb6af343ca68e42e10be4800ccbfe8abf96d32df
a3baefa0165cd3e7b9dc50a6c989a5d323ab6bc9c440847675001f203fa8b0aa
a3c900b1f74a688dce1d47b538040ea7c8b243ae8a3e25de58482041b6feb2b8
afbe5da81800508900cd1741b85ae92fa31ac69cb27fc09f3bfcd9cfa9f48f86
b352e35f5413292120165ce13962b3cead65738da4191b43286c6592d81e3a9e
b4978eb578bc0c3c90f779303713dcb7f66e0cbfa0d8f9c2c6058ca9d8146245
b55abe40f4d6be5e770d11aae290934b4a6794febd4271a32ecaf341a3806f62
b6e0bf7b6d87987a4fbd7f7bf0db15df86a74d29f6f2e13a143fd70e3c55bd8f
b8a2eb068a42de22eee0dfb6173e802bbdb065b2cbe08c926952d8f11a22dd4f
ba502317dc356ef143de5cd60838339f7dc5f235d5441b9fb5eb4c15855c6f69
bb7051cf9cd9f25df76dba0f52940d33498046209a6e942c857eb23f59ffddf5
bc8684ad74affc563049f527ac7d223d7b6a8f67c4e30535c0e097f1828b9130
bd171532b0d7b93a2baefabd1c3a617be7f387fe389cba61f1e3807b290eec7e
bdad2789e7c50a0f54b6829154e652231425a9efed1b6e4da039474a578cd8b8
bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0
c1438b7405eba426d534e4fb05a5dac264bc2d6b4e9cd05f7b8af32d225170ce
c1b0f6dee1e2b4b439e62daffe536db30431a1ca3d0628aa134b6ed7d689b91b
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f
c302ae48b53e6f9b485cb7b70eb73d593ee6152b4fc20a58f35dff9404e1887c
c3947802b825a7168e36e78a9182039d678e229bd9bfffe8087c84d7eddca7e0
c946c4a4f654d511da76e9710ad22adc8fe9b5e9f424b14ce4a2265923c98802
cb2c9015a07685f5df9721d1972ae0c1993e006800b2ef8ec184b846b279ab9d
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cee1bd5e01ed194ed9211d280aebe15999582d614189cafab2239e5001093613
d6c6f0dedaa5f80bc141cdf9f6ba2b085ecd8781e6fa2e163ad33ed51c4b565a
dc61af77cc90e826ea655c43ef6ff9e28bd219e02ce269c60ddb4dc57ca741dd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea3c2d66b0679ee2db67a21c0a434f3e14d6ac8a2af06877a711151fc32b56d
def6e8f9b7942b9f08ef18196cd2c63e200c84214acd4235c52a34fdc358ac1b
df2dbe77839fc3cb86552ed81b59456e25e95c65882976aa5fa7280e2f734f3a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e63d8d7ff4287ca7b455ee0e68a747727c81e2a724f46d7f2063ccb4198ed9ef
e6a6eb88962ac4ac85e8ff7785111bb59fec12f991e0f9e49d7d00dcef280bb5
e8a700630a179fb4e70f040a3dcb2334833dce7788f25a09f64542557615d41e
e8c8766d6c3e2fa2993e3c0c692d93acb66684b3ed3c25c856ed36f52c4e2134
ecfda2a1a2411ea1f4ad1904a83069d02229ef72ce33c2ba195e2d432ef12757
ee243c73addc0685d8bf52fe27cf4483488a8445f727e1cd4ddc3bd0fda866f1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5f1b7d05709dfaac1cd0ac4c42137501ecaf8e516b4b467204e5cddc6e9263
f55c1dbc04d02e68da4ad12c1b703a08b9582e56154f5d18ee1ff792cf0648a0
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f678ed2950ff009ba4f69d27138a40f8e926a177618583a04195774cb2ffc0c6
f761f5f810476045337381502aa01b7b4383c946543d99f6542c1d353e066b5c
f839560533ef99a48761ece01a508a17e67b35a5721f117f86ff3683a058346b
f8b0220980de4339ca04d32bc5656435847fecb3a47f2eac38e33277e18eddc8
fa8d490fd9b2d65029f9c3ffd4e5fc299fbb9e4e3106c03adf81d24e9973d378
fc609c8f86bcf6bdcdbb981b7cd50421337712a899c0e0ab721d152406245314
fc87854e2fe454c2a0ac798a6cad7980cdf3c22837c75d894ae7ea47a878c7b6
fef73f5a70ccb8745fb00810408eac80b31eeb4fa66aeb97d2606c54188d0ed4
ff26c5ae4cb6872bf6ca4c8abbffadd95b788fddeae30c6d0483c879b30cd141

cqty1.bhuefbfrvbn.workers.dev Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

214 Requests

99 %HTTPS

50 %IPv6

19 Domains

26 Subdomains

29 IPs

6 Countries

4271 kBTransfer

10712 kBSize

8 Cookies

67 Outgoing links

Redirected requests

214 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cqty1.bhuefbfrvbn.workers.dev Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

214
Requests

99 %
HTTPS

50 %
IPv6

19
Domains

26
Subdomains

29
IPs

6
Countries

4271 kB
Transfer

10712 kB
Size

8
Cookies

214 HTTP transactions
9 data transactions