www1.ihdstreams.xyz Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www1.ihdstreams.xyz/
Effective URL:
https://www1.ihdstreams.xyz/
Submission: On August 11 via manual (August 11th 2023, 11:21:21 pm UTC) from CA — Scanned from NL

Summary HTTP 170 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 64 IPs in 10 countries across 49 domains to perform 170 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www1.ihdstreams.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 10th 2023. Valid for: a year.

This is the only time www1.ihdstreams.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 16	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
3	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:c::5c7b:682b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.222.169.46 52.222.169.46	16509 (AMAZON-02) (AMAZON-02)
2	173.233.137.36 173.233.137.36	7979 (SERVERS-COM) (SERVERS-COM)
1	2600:9000:25e... 2600:9000:25e8:8200:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.196.51.27 18.196.51.27	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6814:41d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.121.126 13.32.121.126	16509 (AMAZON-02) (AMAZON-02)
10	2600:9000:218... 2600:9000:218f:ca00:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
5	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 20	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	149.56.240.132 149.56.240.132	16276 (OVH) (OVH)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2250:5000:a:e047:753:6381	() ()
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.18.24.112 104.18.24.112	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	185.239.173.226 185.239.173.226	55081 (24SHELLS) (24SHELLS)
8	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	34.241.170.80 34.241.170.80	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
15	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 3	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
2	3.211.28.187 3.211.28.187	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:480... 2a02:26f0:480:7b5::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	141.95.4.196 141.95.4.196	16276 (OVH) (OVH)
6	184.30.17.67 184.30.17.67	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.229.139.253 3.229.139.253	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
2	193.108.153.18 193.108.153.18	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2603:c020:400... 2603:c020:400d:3000:f50:982a:7877:65bd	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
6	3.93.205.133 3.93.205.133	14618 (AMAZON-AES) (AMAZON-AES)
1 1	145.40.97.66 145.40.97.66	54825 (PACKET) (PACKET)
2	184.30.16.195 184.30.16.195	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.39 216.52.2.39	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	23.56.202.187 23.56.202.187	16625 (AKAMAI-AS) (AKAMAI-AS)
2	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1 1	35.214.179.14 35.214.179.14	15169 (GOOGLE) (GOOGLE)
1 1	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
2	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 ^_^) (CDN77 ^_^)
2 2	52.212.215.149 52.212.215.149	16509 (AMAZON-02) (AMAZON-02)
1	37.18.16.21 37.18.16.21	205675 (HYBRID-AS) (HYBRID-AS)
3	18.195.47.22 18.195.47.22	16509 (AMAZON-02) (AMAZON-02)
2	23.212.89.151 23.212.89.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	146.75.122.132 146.75.122.132	54113 (FASTLY) (FASTLY)
1 7	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
2	20.13.96.71 20.13.96.71	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	8.43.72.98 8.43.72.98	() ()
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	142.250.74.194 142.250.74.194	() ()
1 1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	212.36.83.245 212.36.83.245	() ()
170	64

16 2a06:98c1:3121::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www1.ihdstreams.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hd.ihdstreams.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

jscdn.greeter.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:c::5c7b:682b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tg1.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.169.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-169-46.cdg52.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.233.137.36 (United States)

ASN7979 (SERVERS-COM, US)

www.profitabledisplaynetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.effectivecreativeformat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25e8:8200:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.51.27 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-51-27.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:41d (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-126.fra60.r.cloudfront.net

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:218f:ca00:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.132 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534300.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:5000:a:e047:753:6381 (United States)

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.24.112 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.239.173.226 (United Kingdom)

ASN55081 (24SHELLS, US)

ghb.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.170.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-170-80.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

feed.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content1.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.211.28.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-28-187.compute-1.amazonaws.com

servt.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:7b5::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.4.196 (France)

ASN16276 (OVH, FR)
PTR: ip196.ip-141-95-4.eu

storage.de.cloud.ovh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 184.30.17.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-67.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.229.139.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-139-253.compute-1.amazonaws.com

serv.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.108.153.18 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-18.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:c020:400d:3000:f50:982a:7877:65bd (Ashburn, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.93.205.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-205-133.compute-1.amazonaws.com

servs.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.40.97.66 (Amsterdam, Netherlands) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.202.187 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.174.117 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.179.14 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 14.179.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.93.169.131 (United States) 1 redirects

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.215.149 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-215-149.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.21 (Russian Federation)

ASN205675 (HYBRID-AS, DE)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.47.22 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-47-22.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.212.89.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-89-151.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.122.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

vpaid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.13.96.71 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mcdp-nldc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (None, )

ASN- ()

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (None, )

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.36.83.245 (None, )

ASN- ()

p.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 151	142 KB
19	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 206 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net	246 KB
16	ihdstreams.xyz 2 redirects www1.ihdstreams.xyz hd.ihdstreams.xyz	191 KB
14	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4649 buttons-config.sharethis.com — Cisco Umbrella Rank: 5286 l.sharethis.com — Cisco Umbrella Rank: 4780 count-server.sharethis.com — Cisco Umbrella Rank: 11537 platform-cdn.sharethis.com — Cisco Umbrella Rank: 10345	58 KB
11	rubiconproject.com 2 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1187 eus.rubiconproject.com — Cisco Umbrella Rank: 636 token.rubiconproject.com — Cisco Umbrella Rank: 632 pixel.rubiconproject.com — Cisco Umbrella Rank: 361 pixel-us-east.rubiconproject.com	13 KB
10	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1432 widget-pixels.outbrain.com — Cisco Umbrella Rank: 3525 odb.outbrain.com — Cisco Umbrella Rank: 2457 mcdp-nldc1.outbrain.com — Cisco Umbrella Rank: 36670	177 KB
10	modoro360.com tg1.modoro360.com — Cisco Umbrella Rank: 84546 servt.modoro360.com — Cisco Umbrella Rank: 93360 serv.modoro360.com — Cisco Umbrella Rank: 109157 servs.modoro360.com — Cisco Umbrella Rank: 221198	13 KB
9	adipolo.com player.aplhb.adipolo.com — Cisco Umbrella Rank: 69981 adipolo.com — Cisco Umbrella Rank: 63033 ghb.aplhb.adipolo.com — Cisco Umbrella Rank: 76975	162 KB
4	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 2194 vpaid.vidoomy.com — Cisco Umbrella Rank: 3006 p.vidoomy.com	35 KB
4	avplayer.com feed.avplayer.com — Cisco Umbrella Rank: 17853 player.avplayer.com — Cisco Umbrella Rank: 13782 content1.avplayer.com — Cisco Umbrella Rank: 19293	261 KB
4	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com — Cisco Umbrella Rank: 2553 dis.criteo.com — Cisco Umbrella Rank: 608	8 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	197 KB
3	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 354	436 B
3	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 553 image6.pubmatic.com — Cisco Umbrella Rank: 809	12 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3	1 KB
3	creativecdn.com 2 redirects invstatic101.creativecdn.com — Cisco Umbrella Rank: 1539 creativecdn.com — Cisco Umbrella Rank: 509	2 KB
3	histats.com s10.histats.com — Cisco Umbrella Rank: 13571 s4.histats.com — Cisco Umbrella Rank: 13513	11 KB
3	greeter.me jscdn.greeter.me — Cisco Umbrella Rank: 77574	18 KB
2	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 9709	928 B
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 670	796 B
2	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 556	1 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 150
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1034 bcp.crwdcntrl.net — Cisco Umbrella Rank: 886	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 887 id5-sync.com — Cisco Umbrella Rank: 423	26 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	1 KB
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 814	98 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 363	265 B
1	hybrid.ai dm.hybrid.ai — Cisco Umbrella Rank: 8544
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 558	657 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 1056	316 B
1	1rx.io 1 redirects sync.1rx.io — Cisco Umbrella Rank: 601	276 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 757
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 320
1	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 1006	215 B
1	technoratimedia.com 1 redirects sync.technoratimedia.com — Cisco Umbrella Rank: 1398	432 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 812
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1264	106 B
1	ovh.net storage.de.cloud.ovh.net — Cisco Umbrella Rank: 152534	15 KB
1	aniview.com player.aniview.com — Cisco Umbrella Rank: 1702	128 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1378	9 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 617	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1676	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 356	1 KB
1	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 6936	5 KB
1	effectivecreativeformat.com www.effectivecreativeformat.com — Cisco Umbrella Rank: 253522
1	profitabledisplaynetwork.com www.profitabledisplaynetwork.com — Cisco Umbrella Rank: 68552
1	gstatic.com fonts.gstatic.com	31 KB
0	mxptint.net Failed rbp.mxptint.net Failed
0	Failed function sub() { [native code] }. Failed
170	49

	Domain	Requested by
16	securepubads.g.doubleclick.net	1 redirects jscdn.greeter.me www.googletagservices.com securepubads.g.doubleclick.net www1.ihdstreams.xyz
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www1.ihdstreams.xyz 5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com
15	www1.ihdstreams.xyz	1 redirects www1.ihdstreams.xyz
10	platform-cdn.sharethis.com
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	servs.modoro360.com	player.aniview.com
5	token.rubiconproject.com	1 redirects eus.rubiconproject.com
4	widgets.outbrain.com	securepubads.g.doubleclick.net widgets.outbrain.com
4	ghb.aplhb.adipolo.com	player.aplhb.adipolo.com
4	www.googletagservices.com	jscdn.greeter.me securepubads.g.doubleclick.net 5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com
4	player.aplhb.adipolo.com	jscdn.greeter.me player.aplhb.adipolo.com
3	x.bidswitch.net
3	www.google.com	1 redirects tpc.googlesyndication.com 5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com
3	jscdn.greeter.me	www1.ihdstreams.xyz
2	pixel.rubiconproject.com	eus.rubiconproject.com
2	creativecdn.com	2 redirects
2	mcdp-nldc1.outbrain.com	widgets.outbrain.com
2	odb.outbrain.com	widgets.outbrain.com
2	widget-pixels.outbrain.com	www1.ihdstreams.xyz widgets.outbrain.com
2	tcheck.outbrainimg.com	widgets.outbrain.com
2	ad.360yield.com	2 redirects
2	vid.vidoomy.com	player.aniview.com vid.vidoomy.com
2	eus.rubiconproject.com	player.aniview.com eus.rubiconproject.com
2	ads.pubmatic.com	player.aniview.com
2	ads.stickyadstv.com	player.aniview.com
2	www.googleadservices.com
2	googleads.g.doubleclick.net	5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com
2	servt.modoro360.com
2	player.avplayer.com	tg1.modoro360.com
2	gum.criteo.com	1 redirects static.criteo.net
2	5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	s10.histats.com	www1.ihdstreams.xyz s10.histats.com
2	fonts.googleapis.com	www1.ihdstreams.xyz
1	p.vidoomy.com	vid.vidoomy.com
1	id.rlcdn.com	eus.rubiconproject.com
1	dis.criteo.com	1 redirects
1	cm.g.doubleclick.net	eus.rubiconproject.com
1	match.adsrvr.org	eus.rubiconproject.com
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	vpaid.vidoomy.com	vid.vidoomy.com
1	image6.pubmatic.com	ads.pubmatic.com
1	dm.hybrid.ai	player.aniview.com
1	bh.contextweb.com	1 redirects
1	csync.loopme.me	1 redirects
1	sync.1rx.io	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	ap.lijit.com	player.aniview.com
1	ups.analytics.yahoo.com	player.aniview.com
1	prebid.a-mo.net	1 redirects
1	sync.technoratimedia.com	1 redirects
1	onetag-sys.com	player.aniview.com
1	cm.adform.net	player.aniview.com
1	serv.modoro360.com	player.aniview.com
1	storage.de.cloud.ovh.net
1	content1.avplayer.com
1	player.aniview.com	player.avplayer.com
1	feed.avplayer.com	tg1.modoro360.com
1	mug.criteo.com
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	player.adtelligent.com	player.aplhb.adipolo.com
1	s4.histats.com	s10.histats.com
1	adipolo.com
1	count-server.sharethis.com	platform-api.sharethis.com
1	www.effectivecreativeformat.com	www1.ihdstreams.xyz
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	www.profitabledisplaynetwork.com	www1.ihdstreams.xyz
1	platform-api.sharethis.com	www1.ihdstreams.xyz
1	tg1.modoro360.com	www1.ihdstreams.xyz
1	fonts.gstatic.com	fonts.googleapis.com
1	hd.ihdstreams.xyz	1 redirects
0	rbp.mxptint.net Failed	eus.rubiconproject.com
0	us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif Failed	player.aniview.com
170	81

This site contains links to these domains. Also see Links.

Domain
signup.adipolo.com
v2.sportsurge.net
www.histats.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-10` - `2024-03-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
greeter.me E1	`2023-07-14` - `2023-10-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
wl1.aniview.com R3	`2023-08-09` - `2023-11-07`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-20` - `2024-06-17`	a year	crt.sh
profitabledisplaynetwork.com R3	`2023-07-01` - `2023-09-29`	3 months	crt.sh
effectivecreativeformat.com R3	`2023-06-21` - `2023-09-19`	3 months	crt.sh
player.aplhb.adipolo.com R3	`2023-07-18` - `2023-10-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
adipolo.com E1	`2023-07-04` - `2023-10-02`	3 months	crt.sh
histats.com R3	`2023-06-06` - `2023-09-04`	3 months	crt.sh
player.adtelligent.com R3	`2023-07-19` - `2023-10-17`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-06-27` - `2023-09-25`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
ghb.aplhb.adipolo.com ZeroSSL ECC Domain Secure Site CA	`2023-08-04` - `2023-11-02`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.avplayer.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-08-08` - `2023-09-08`	a year	crt.sh
*.adservrs.com Amazon RSA 2048 M01	`2023-05-26` - `2024-06-23`	a year	crt.sh
*.aniview.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-11-09`	a year	crt.sh
storage.de.cloud.ovh.net Sectigo RSA Domain Validation Secure Server CA	`2023-01-25` - `2024-01-25`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-16` - `2024-04-16`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-26` - `2023-09-26`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-02` - `2024-03-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh

This page contains 32 frames:

Primary Page: https://www1.ihdstreams.xyz/
Frame ID: 4A02FF535B2AB4A2667F4BE28C39FCFF
Requests: 85 HTTP requests in this frame

Frame: https://5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DB4DED78C04F8A50691234344BF5B852
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www1.ihdstreams.xyz
Frame ID: C04E102B2BD109A46A567022F32278D3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F0D5AA9C0566D0E5FD0562B936B07E04
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 83881CE78DBA270C63AF8C4E9BE209C4
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Frame ID: 5054520DA1B0BD0C8ED9247922EEFCBB
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstpRB6KMTE40_kl-yzikbaQu70ivaLKeier3EajEI6LfMaHmBju6L0t3SHCe-5o8LPE0mr4tn2-ZBnjl7Sx-pgmUIZjA17NwFd877Pq8DJk74peQWp5-3YGvuIFxL34i5Uc177a_qAdQUixxjdaw3ONXoUND-d1wNsCLttnix2e2dlQm4MQbkxCtdqDU9zR1N6Eydsb6cus9LJXkQELsDF63dcMjOUwkB63daEO72ptCcIYHYAogWHyPXFjabfeAJ6In0hHGDr7eH1JwpEascMp9fRW3LrQm_A9pW7uogiGfTLs9GpmdHDszTrX4bz1ehL7W4odxqsOYEE3kw&sai=AMfl-YTFOcmuW4jdF9Hm2loT8PiCmHuE2WzkicTifg9eA1DfDhDiwz-Rs_Tx74ATFIc18jcRHgq831ZOLGoWhN-5OR_jukG8FPitGoVtrCs3ovvFNnBEhKWLO2F3xUxW4g&sig=Cg0ArKJSzPIpYQquZzJtEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: EA68FA114444D9ABB6FC8CC0DF55B7DE
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuAJpv7z_OZAOZQqttjS_RBfa1-cQ0R3JnEa7hfhEEFnbLF515vQ6L9HvlfJ39B9BLNtH2xGnwM3aC6ERY2Puuq0UzrHwLGkv5svBf0Qlvh5k3WgMsBqkQ2pdtQBdvGq8JBSOXLAHC3ZleQRSkqlXx19TSuaQnUI1lQiJ1Az7HRxxYfwTk8sngcXn10sE9Va37RP-xyzqB_NLGcubwaiSEwj71xi-1UO53Hs7mhsgo6WCRDL-1Uqt445fCzXawoGhrjvgu6sUQstRuVksQJsRgXRp288JFlLhkpooTwRjAtwhd4F-_cmJMD6wLHLOmsRXQge4cTP-CtRaQGWVEV77aq&sai=AMfl-YTnkq6eZUmss77xJKi7VZ-W5SwmOSn2-c65TPo0PrZdg9gJoSu-ljVQn4S4NRTjCVoEjygYHsgqFrAlOLn1_bgjq3lhOKixOzNT2k49B-mWILpaa2Q0vY_pSlCqjw&sig=Cg0ArKJSzG6p0740x7OVEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C6119A277801796A42C52AD600F0D678
Requests: 10 HTTP requests in this frame

Frame: https://5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 87779FC1F7138B078838FB59D382B557
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12750572431565262900/index.html
Frame ID: 61CE3542AC46F144A8E683479E3FE6C4
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 97E728E8E60B91B06FBBA94FD96204B8
Requests: 2 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D60095c900c0799791c46d8d4%26biddername%3D46%26auid%3D1691796079601-972754985719-001231-004-009764%26key%3D%24UID
Frame ID: 41C5E7178E43A5320E93D3F62E99D12C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=60095c900c0799791c46d8d4&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: 595715650FC38B46EF55DA2D698FB093
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/user-matching?id=&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: 120F6AC23310DD6520DA9B10D3D7E623
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: BAD03E9109BF56DA495441185F697AAF
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=3&auid=1691796079601-972754985719-001231-004-009764&key=GDPR
Frame ID: E454695FE27CB05917A47B03E459EFC6
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=105&auid=1691796079601-972754985719-001231-004-009764&key=&gdpr=1
Frame ID: 7057831BB7722266BA518F65A8F52E69
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1691796079601-972754985719-001231-004-009764%26key%3D
Frame ID: 707651F379A6764D15779BC916DEBBF1
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: AA131391A91618FF6020077712FA5CC3
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D18%26auid%3D1691796079601-972754985719-001231-004-009764%26key%3D%24UID
Frame ID: A6704B38DDEADEACD4582944F577F78F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fpbs.aniview.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: C41D67DA07FAB203EA13DA29C7317FA9
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: 44D71E911D0C6B5608B22BE55AED029F
Requests: 12 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1691796079601-972754985719-001231-004-009764&key=OPTOUT
Frame ID: FCC9FE0DD57715E1A8A8532C3E1877A5
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1691796079601-972754985719-001231-004-009764&key=e6e61df0-4555-4fbd-b386-3772092982ff&gdpr_consent=null&gdpr=1
Frame ID: 3B044765C0E402D52F50FC1501972E35
Requests: 1 HTTP requests in this frame

Frame: https://us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif/?gdpr=1&gdpr_consent=&us_privacy=1---&coppa=0&puid=1691796079601-972754985719-001231-004-009764&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D57%26auid%3D1691796079601-972754985719-001231-004-009764%26key%3D%24%7BUID%7D
Frame ID: 5F3F0BB9A1DB82AC27A398DAA2C62545
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1691796079601-972754985719-001231-004-009764&key=Or0QuhCSCBl3&ev=1&us_privacy=1---&pid=562704
Frame ID: 5410644265FAF8AACF6E60A38030AAEB
Requests: 1 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1691796079601-972754985719-001231-004-009764%26key%3D%7B%7BVID%7D%7D
Frame ID: 6EFC248E52CCB2AF8A6C13A1B3B21A97
Requests: 4 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1691796079601-972754985719-001231-004-009764&key=92846fa1-0877-4a56-8a01-688efdbab2d1
Frame ID: 5F896E18064853712A621305304FDACB
Requests: 1 HTTP requests in this frame

Frame: https://dm.hybrid.ai/match?id=407&vid=1691796079601-972754985719-001231-004-009764&gdpr=1&gdpr_consent=&burl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D5e7b9048180bd02ded4b0937%26biddername%3D166%26auid%3D1691796079601-972754985719-001231-004-009764%26key%3D%24%7BVID%7D
Frame ID: 70BBC3559CA54CD4BD0C5D6B9A678848
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Frame ID: F5B0932804F13AC7B0B8620164E547C4
Requests: 1 HTTP requests in this frame

Frame: https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=z8Ym7elwwjltiBNbxzib&pi=vidoomy&tc=1
Frame ID: FE2EC79907C1531E2E80751C3546CB70
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Frame ID: BA8F8014542BF03E0F82D2F4B12E8782
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Crackstreams - NBA Streams | NFL - MMA Streams - UFC - Boxing - Formula 1MenuMenu

Page URL History Show full URLs

http://www1.ihdstreams.xyz/ HTTP 301
https://www1.ihdstreams.xyz/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

basket.js (JavaScript Libraries) Expand

Overall confidence: 10%
Detected patterns

basket.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

170
Requests

95 %
HTTPS

32 %
IPv6

49
Domains

81
Subdomains

64
IPs

10
Countries

1790 kB
Transfer

4976 kB
Size

36
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://signup.adipolo.com/
Title: Adipolo

Search URL Search Domain Scan URL

URL: https://v2.sportsurge.net/
Title: Sportsurge

Search URL Search Domain Scan URL

URL: http://www.histats.com/viewstats/?sid=2633223&ccid=514

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www1.ihdstreams.xyz/ HTTP 301
https://www1.ihdstreams.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://hd.ihdstreams.xyz/images/Sportsurge.png HTTP 301
https://www1.ihdstreams.xyz/images/Sportsurge.png

Request Chain 67

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ihdstreams.xyz&sn=ChromeSyncframe&so=0&topUrl=www1.ihdstreams.xyz&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=oLe7PXxXcHZFWEo4L0txdjdtWUEwNFhYMFZSeldLZ0tScXc4SXlSUkZCcE5YZGJYQW5mNDVFcnJEUWRGdWgzc0owbzlYQVpjN3o2TjJ6R3JpNEMwY2Nwc2xzSVdpeXRScFo1Wm4wVm9vZ25ZbDZuc3h5bU54MklRdnJpMWRFN0l5L1FoQjBVR3VSSXgvMXA2THArMko0eEZoN1l0NXJIdXdjYmlmcDYxZWRLdVVqc1Rhd0x1bGhqMTEzSEdIZlJKb25uWmJNT0VGUktpUFhLUVhoL0x4T2NlaGwySjBkeDVocUhSbHRFTklNMkFzMG5adUh6VHBVVG1yNllWaG4rNEtNVFdqVTBPMTVPdGJDd2F6SlNGYXUvbW5BM1cvSmE4UnpETUZvcUNaY1lEczY5UT18&cppv=2

Request Chain 105

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 112

https://securepubads.g.doubleclick.net/pagead/adview?ai=C_7X7bsLWZMiXN4Wj-gaX6YLQDLyYx4ByuNeqwrER2tkeEAEgudvzJmCRBKAB5vDC7gLIAQmpAgcCFcmwXrI-4AIAqAMByANIqgT9AU_QSxSmNuhCxJhKu4KK2eUw4Z_Dhlh3SyU-ROY2zeCQj-qk7MuoTi4ablbuVOTlqJo9bwT3_QLiHXCkK3z0On_un3kbuSnuWJ4sLW2oIGvevizov_gqeyhmHl3gD7RZJC8Yzpqv5prAqhaPoUgVueIlSN-goUIP5zRfM8H01aKEXgm0LMONNcShcoRP-LrLl6i1Xg_OYMkuNOcKUzONIRAJ4vN8lqM6ja8FQMBZqkH2qJefi8Y4Kv_xVYZg_LgLGU-WN0pQoVEPaiUaF4gz22499P2EY8hRYz2Ne6a7OYNuYw_3o7oloIraxa8cPdlHDMrct1YmZsmOsfGB-0TABK293o6qBOAEAaAGLoAHgo-9kQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD10g3SCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgkbaHR0cHM6Ly9hcnRzdmdvcGxlaWRpbmcubmwvgAoDyAsBogwIKgYKBMOwsQLYEwPQFQGAFwGyFx4KHAgAEhRwdWItNjczNjI1NjQ3MzIwMjczMxjkww4&sigh=lWmmk7SC6Xg&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJW-6eQS9Evp-XvFIWCkMlUQmmwKeAnKm1yE0nwjUuC6IPwm51D7pg_ulkUfKEp_RTByibhXuT2GAE&template_id=419&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222340548600409683319%22,%22debug_reporting%22:true,%22destination%22:%22https://artsvgopleiding.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22768653414%22],%224%22:[%2208-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210005516832762376641%22}&andc=true

Request Chain 120

https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1691796079601-972754985719-001231-004-009764&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D3%26auid%3D1691796079601-972754985719-001231-004-009764%26key%3D%5BUSER_ID%5D HTTP 307
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=3&auid=1691796079601-972754985719-001231-004-009764&key=GDPR

Request Chain 121

https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D105%26auid%3D1691796079601-972754985719-001231-004-009764%26key%3D HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=105&auid=1691796079601-972754985719-001231-004-009764&key=&gdpr=1

Request Chain 126

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

Request Chain 127

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1691796079601-972754985719-001231-004-009764%26key%3D%5BRX_UUID%5D HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1691796079601-972754985719-001231-004-009764&key=OPTOUT

Request Chain 128

https://csync.loopme.me/?pubid=11455&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D56%26auid%3D1691796079601-972754985719-001231-004-009764%26key%3D%7Bdevice_id%7D HTTP 307
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1691796079601-972754985719-001231-004-009764&key=e6e61df0-4555-4fbd-b386-3772092982ff&gdpr_consent=null&gdpr=1

Request Chain 130

https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1691796079601-972754985719-001231-004-009764%26key%3D%25%25VGUID%25%25 HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1691796079601-972754985719-001231-004-009764&key=Or0QuhCSCBl3&ev=1&us_privacy=1---&pid=562704

Request Chain 132

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1691796079601-972754985719-001231-004-009764%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1691796079601-972754985719-001231-004-009764%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1691796079601-972754985719-001231-004-009764&key=92846fa1-0877-4a56-8a01-688efdbab2d1

Request Chain 153

https://creativecdn.com/cm-notify?pi=vidoomy HTTP 302
https://creativecdn.com/cm-notify?pi=vidoomy&tc=1 HTTP 302
https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=z8Ym7elwwjltiBNbxzib&pi=vidoomy&tc=1

Request Chain 160

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

Request Chain 161

https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=ebffb854-8dd8-4ddc-8d6e-79199f09d8f8

170 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www1.ihdstreams.xyz/
Redirect Chain

http://www1.ihdstreams.xyz/
https://www1.ihdstreams.xyz/

19 KB
4 KB

104ms
57ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62ecb24c3ab134ea5eed35478984adb84b62bd1c45a500ef83252ce40f01165c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f5436c5683b9137-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 11 Aug 2023 23:21:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyOvl7aEUo169QAya7kZK1Pv6KlVBBTBD5aK4yMnZooRs16j%2BXP4VSSqFEL17g%2BnWxXkggr6qiiZ0%2BpllZ1nWpGB4L3tUCTA0mwP61K3SNby2v%2BgLvypq%2BBlgrxoPuntMb%2F5WdQIkizYpcGZ8WkIyC7a"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 7f5436c4ffda37cb-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 11 Aug 2023 23:21:16 GMT
Expires: Sat, 12 Aug 2023 00:21:16 GMT
Location: https://www1.ihdstreams.xyz/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tJOBEduuIdUP64IeZeLnxc3po%2FJdZaYJmtWHnHbgXsFl9HOxNSygvc9jDuEmSjzgxkihi31%2FfAzuCZ5zDexMbVUtBGQA8rdQragUSnGEG0eY9hLaC7mv59uQ5xkPZ6Lf8KYXN12jz7F5V8LhS7TNBIh"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 76ms
28ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,700&display=swap

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

96d4232bf99fe635311418e7b4ed053381427c805bbf8075aa9b000bad3a0365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 11 Aug 2023 23:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 11 Aug 2023 22:48:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Aug 2023 23:21:16 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
439 B 76ms
28ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 11 Aug 2023 23:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 11 Aug 2023 23:21:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Aug 2023 23:21:16 GMT

GET
H2 200 app.css
www1.ihdstreams.xyz/css/ 9 KB
3 KB 31ms
29ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.ihdstreams.xyz/css/app.css
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29828638d01d73bfd6bd1ff7c87772facd6910124912ebae7e0ac6429f347196

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 551506
cf-polished: origSize=9528
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 01 Nov 2021 18:21:07 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKA4NPLnyhp5QxmbAuIJajDOSVDB2Im6khyt72OSRU%2FDAhVeYfE0SMknHe6YmNFPjYhq%2F1aRBN%2BTqQ4%2BxcKYTjfrHEknfVe4v%2FmbeQUIKjo0vu0%2FGzS1ydmdJnCrl2eFwME1B4aU22xNPEcMUy%2FiTm7j"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7f5436c5d88d9137-FRA
expires: Mon, 07 Aug 2023 20:02:56 GMT

GET
H2 200 A-letterbigger_Savir.png
jscdn.greeter.me/ 945 B
1 KB 158ms
25ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jscdn.greeter.me/A-letterbigger_Savir.png

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Sun, 10 Jul 2022 13:45:06 GMT
x-amz-request-id: tx0000000000000747ccc56-0064d6b52c-adcbe5b3-fra1b
etag: "f07519ec5fbc46385f386b577e6e2a1d"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1691796076.dop205.am5.t,1691796076.cds231.am5.hn,1691796076.cds118.am5.c
content-type: image/png
cache-control: max-age=208
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 945

GET
H2 200 nba.png
www1.ihdstreams.xyz/images/ 2 KB
2 KB 35ms
27ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.ihdstreams.xyz/images/nba.png
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9953f046235e5dff6ad5d40a6ee2927f53de1ab7c0a6e061e0551e69e9acddc4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:16 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Feb 2021 20:44:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 231244
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFbJsgc5CrOuS2GQT1kH1mEtnuPShB0AAjNRHWBDaYd0tXl6%2FVzlKkds9fgeqknccGtqAKqkjv3Zrv%2FaVzwN7BiAr%2F6lhhqBAz4su3CgZ3B8wj%2BL%2BwSKOJRk77TI4JJbl26c3Aq%2FrGvaq0Nwy87Rmque"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f5436c5f89a9137-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1807
expires: Mon, 14 Aug 2023 16:59:26 GMT

GET
H2 200 nfl.png
www1.ihdstreams.xyz/images/ 4 KB
4 KB 32ms
24ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.ihdstreams.xyz/images/nfl.png
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c542012c84c6c9b8b31b62c0919d8c76fe2ceb18c8721646cb57f382f38d3020

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:16 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Feb 2021 20:44:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41904
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VBTknPBaLp7Ye8ZVFNNUgomT5A4Rx6KOmKE0xw80ugv%2B5sr%2FwwKU42ObPctBV%2Bvru%2FnUZnoDdDUPE1rKl6Ok2qwotfpsvXnmn62bs8mQ70%2Fm8zChi6pmtxfCs0BYvxFI4BG0ThVBXbXhYHryA%2Bp9NSPq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f5436c5f89b9137-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4018
expires: Wed, 16 Aug 2023 18:53:04 GMT

GET
H2 200 mlbs.png
www1.ihdstreams.xyz/images/ 734 B
1 KB 33ms
26ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.ihdstreams.xyz/images/mlbs.png
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c49942d851969cee2ed7c9d24370dfa247d7507c35af5218f2b47464eb14b2c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:16 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Sep 2022 14:14:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 98238
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BnZoqCWrIVEUUZAy7kGvMF%2BMVNLpztaer65xo7XMah%2B%2ByGQ2qxJ5tKSnGGBZgVSkZrGD2QxawxUtFWD%2BWt%2BFeIm%2BGd23%2F2BC3doeGGztd4LZ%2FeiqW5mMa7GMU6SVj0FXo4FlIN%2B%2BBHfk9MWs3XhHkrvt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f5436c5f89c9137-FRA
alt-svc: h3=":443"; ma=86400
content-length: 734
expires: Mon, 14 Aug 2023 23:22:48 GMT

GET
H2 200 mma.png
www1.ihdstreams.xyz/images/ 7 KB
7 KB 32ms
26ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.ihdstreams.xyz/images/mma.png
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9757415edc6793a3544240a995b7f19f49c96bacf8d6ae41b2657d9f7bac1be7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:16 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Feb 2021 20:44:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 176291
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3Lu%2BFNzM%2BcLuPyE6rlg4QSRyoFvSaT4aJOjh4PdLvgxJh%2BY%2Fky7%2BL4wjgnE9MrPLLuTJLgJWIJyXUPvToroAhIthz9RzdSaJI0t%2B6HWpHjU4%2FlFTFkAIhIR6D2ZTQg2Q%2Fsz9gSch6ESkrWjLU0CVYmf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f5436c5f89d9137-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6673
expires: Fri, 11 Aug 2023 01:17:04 GMT

GET
H2 200 boxing.png
www1.ihdstreams.xyz/images/ 9 KB
9 KB 60ms
53ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.ihdstreams.xyz/images/boxing.png
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef4e851bde18d7fc0111215f4d6a622bc9f648b0b96700b2e98a67c2cd633799

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:16 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Feb 2021 20:44:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STWjFMENi%2F6gnpa3tW0X3%2BZ42XewXkYCZ7llXcLxijWj9ErDHIHo%2BW6EfZ05kDrx5jOKqTSyOrpcMUseiqldHwb%2FL%2BMUVihm2KF43EQJb%2Ft%2FZdVMvfdOeV5qjVxoFyHY5jpCW5kP2cgyiTF%2FKG47OBH0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f5436c5f89e9137-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9140
expires: Mon, 14 Aug 2023 03:34:01 GMT

GET
H2 200 f1.png
www1.ihdstreams.xyz/images/ 2 KB
2 KB 31ms
24ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.ihdstreams.xyz/images/f1.png
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8511af2c0e0f877701ecceabdb9833984f9e4539d05196c05dfd78251dc55a1b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:16 GMT
cf-cache-status: HIT
last-modified: Sun, 28 Mar 2021 15:44:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 536145
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mp9r8s24TOvJWwksnEyQPrggh7yVXsxN1uBi88d%2Bx7pO0LPUM706NnNnZ8HkKK2fLAem%2BATexVeJMj1xpGcYnY5FNnMF0dPgU1TJZRLD5VTl8bSYXkCF5pWrsRTv8G0pc22HTtK69RXZB8BIF7yDYk25"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f5436c5f89f9137-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2022
expires: Wed, 09 Aug 2023 09:39:26 GMT

GET
H2 200 nhl.jpg
www1.ihdstreams.xyz/images/ 35 KB
35 KB 35ms
29ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.ihdstreams.xyz/images/nhl.jpg
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f5ba267e4a28eeeeb5f692e2f89a08cb2d87be40ca4aca4a622c375939578fb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:16 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Mar 2023 20:38:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 458333
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOCvwGciHvirOizqejcLJSNwmjU%2BWQQDaEY2oo1yfdnrf0qDBrd0UBIaIX4Cs6FuvbnU8lu1Y0RwgxNkgPgwFQG1gkZIqrxD%2BknS%2Bg%2BEPY1RRTBZhWk5wZK2InUTpn7Qd5VYMRTuE5x%2FwT6VRpRj7%2BnC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f5436c5f8a09137-FRA
alt-svc: h3=":443"; ma=86400
content-length: 35380
expires: Mon, 07 Aug 2023 20:44:17 GMT

GET
H2 200 nccab.png
www1.ihdstreams.xyz/images/ 28 KB
28 KB 50ms
45ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.ihdstreams.xyz/images/nccab.png
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3415d1f3f46175bc47b0e1055fc044b0ca4743150abbdfb8ff2029b80029f36c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:16 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Mar 2023 18:23:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9307
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yaP4suLMXt3cQGjCuqIcL9Or6dNS6%2FrYb%2Fl%2B%2FT5E%2B3aJ2537vHQ5vIyUtrol7pKz8T90MMaZ9bnbVP0ntQRK711YJH4GN2HsCgjfgbGaWlk6OHowEcKijz8ygUX%2Fg8bEOG%2BM1ojHiB7HpDuiZ38EprvG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f5436c5f8a99137-FRA
alt-svc: h3=":443"; ma=86400
content-length: 28608
expires: Thu, 17 Aug 2023 00:04:22 GMT

GET
H2 200 xfl.png
www1.ihdstreams.xyz/images/ 51 KB
52 KB 52ms
47ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.ihdstreams.xyz/images/xfl.png
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94250774030be67093bb2b17844ecb5c73f9fd12afcdaca0fee1f279f709d32a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:16 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 07:44:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 486968
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cnG9uJ3EyAuit2%2BQIRrMcnF0nM1aE6FupcL7vKaHy0ZAnbOFHmteyAXxf8KTyWeoFL8T33Cn6%2FEwc1qwQEANANIocle0xcj3D3esFx3y1ax3WHpdrHvtFWXLoh%2FOYKWo%2FlfHxjVfQS4JpfZTf8Y9RYqk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f5436c5f8aa9137-FRA
alt-svc: h3=":443"; ma=86400
content-length: 52428
expires: Mon, 07 Aug 2023 09:00:52 GMT

GET
H2 200 wwe.png
www1.ihdstreams.xyz/images/ 33 KB
34 KB 72ms
68ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.ihdstreams.xyz/images/wwe.png
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fca03541a50907237eb1c1872eed044c5a98c6049e9f6064419e08e9cc82af6c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:16 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 08:15:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ioLELZBceKtbuISdzcodDqmlDCjfKrE5Jlc5bLkbWlvEIU5nZlBKF2Enrz%2FjaHm9STZXScfyYDKUcKFBI%2B%2B2PXJuY2sIqjsu26n6DUYdLsYCMJS1E%2F9wkQ9l76eWZgPR3Z3ynhac6uHTk8kNYvi1jI54"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f5436c608b99137-FRA
alt-svc: h3=":443"; ma=86400
content-length: 34006
expires: Mon, 14 Aug 2023 08:30:36 GMT

GET
H3

200

Sportsurge.png
www1.ihdstreams.xyz/images/
Redirect Chain

https://hd.ihdstreams.xyz/images/Sportsurge.png
https://www1.ihdstreams.xyz/images/Sportsurge.png

3 KB
4 KB

26ms
26ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.ihdstreams.xyz/images/Sportsurge.png
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H3
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9ae233e8c3c3cf459ffa8b7ae75983cf1ca35bf6eb21468716423cb30475d51

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:16 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Oct 2022 19:52:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 538564
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mSGDC1zM%2F1cDr6URS9SSQu3Yfk%2B%2BAzdVPyULK3w6ATpUfQ3stY12uk9O%2Bue0kHtbTF5UlVn6AL%2FFoAunCGDe5%2B38VpEZisAPWQC1d8787RQlkr2AhcsDKfW%2BWRqrIClK56QECvofvOAN02UgruSQXLHW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f5436c68b014d6e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3307
expires: Mon, 07 Aug 2023 21:08:14 GMT

Redirect headers

date: Fri, 11 Aug 2023 23:21:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZ63v%2Bix9aZWavbWLORk36Y1SE2yE%2FbHaOH2df2EQDrmJtKQtCMM01LNC9kOhW%2FGoM2AuChiM0eveQDw6HQrMt4AUxz3GGYZgrNDMMYDE%2Fhrx44mFZDkNfgRqKxp%2B6CjhYQxz%2BNdeyzEt6zsparpUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www1.ihdstreams.xyz/images/Sportsurge.png
cache-control: max-age=14400
cf-ray: 7f5436c608bb9137-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 rocket-loader.min.js Show response
www1.ihdstreams.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 52ms
48ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.ihdstreams.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Aug 2023 17:26:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64d1293d-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=arW7KDAYi6jMSUuEFI9phoM%2F%2BkNtWerRYYbxXZ73rJq6wHYRzRIyP8tmDcGa61GM0CgqsIpXV1PP0C91hTPotOqpOiPfUoAPIRQRGNez0ETB5o8jT4lNht4Tjfr9uM2WRFgMRtnuMLaiKa9QNPH9ytgz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7f5436c608ba9137-FRA
expires: Sun, 13 Aug 2023 23:21:16 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 76ms
30ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www1.ihdstreams.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 11:44:08 GMT
x-content-type-options: nosniff
age: 301028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Aug 2024 11:44:08 GMT

GET
H/1.1 200
OK spt Show response
tg1.modoro360.com/api/adserver/ 29 KB
8 KB 239ms
124ms Script
text/javascript 2a02:26f0:3500:c::5c7b:682b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=632c400f6736d736c5787e64&AV_PUBLISHERID=632c3dff8e62a32fb323cd86
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:682b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 112d4cc7dd3dd5b1e0139a85832ceb2156ee2f7638f7f4a6daf4abdfd77e9208

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

X-Bamboo-C-SkSt: 1
Content-Encoding: gzip
X-Bamboo-C-SkFe: 1
X-Bamboo-C-S: BYPASS
Date: Fri, 11 Aug 2023 23:21:16 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Vary: Accept-Encoding
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Content-Length: 7220
Expires: Fri, 11 Aug 2023 23:26:16 GMT

GET
H2 200 ihdstreams.xyzdynamic.js Show response
jscdn.greeter.me/ 8 KB
8 KB 48ms
16ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/ihdstreams.xyzdynamic.js

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

cecdb772902480238ed72f56e63233f74af64e5db96706a47d8d40363e6f6332

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Sun, 02 Oct 2022 07:54:26 GMT
x-amz-request-id: tx00000000000007d087301-0064d6b4ab-ad9364d7-fra1b
etag: "06342141a46f1a42c83deb96dfde3cba"
x-envoy-upstream-healthchecked-cluster
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1691796076.dop205.am5.t,1691796076.cds231.am5.hn,1691796076.cds312.am5.c
content-type: text/javascript
cache-control: max-age=79
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7957

GET
H2 200 ihdstreams.xyzhead.js Show response
jscdn.greeter.me/ 8 KB
9 KB 50ms
17ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/ihdstreams.xyzhead.js

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

59848ac7fa952227246d55a015096752802cb43ca29d530e1309f770ee54ab7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Sun, 02 Oct 2022 07:54:26 GMT
x-amz-request-id: tx00000000000007d0872fa-0064d6b4ab-ad9364d7-fra1b
etag: "facc79495eb5555fbbf60d0288371d83"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1691796076.dop205.am5.t,1691796076.cds231.am5.hn,1691796076.cds212.am5.c
content-type: text/javascript
cache-control: max-age=79
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 8633

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 203 KB
45 KB 88ms
24ms Script
text/javascript 52.222.169.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.169.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-169-46.cdg52.r.cloudfront.net

Software

Resource Hash

64ffd4b2224c9e2a0f2193cf1d37239572a67ce9d2bf3d97c58d6939139af61b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:18:38 GMT
content-encoding: gzip
via: 1.1 d0229dbe69f77738f3ccab386a045ad8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: CDG52-P2
age: 161
etag: W/"32a36-40XB9TFKL290b/MnE4xfx5SGfVQ"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: TILffe2g3r3o3rTAI_yR34b2iYR9c7gD9Q0Lxrwr0FoU6-0tOWzyJw==

GET
H/1.1 403
Forbidden invoke.js
www.profitabledisplaynetwork.com/3ca0f619c604ae8a19b9799a144e8ee5/ 0
0 911ms
105ms Script
application/javascript 173.233.137.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.profitabledisplaynetwork.com/3ca0f619c604ae8a19b9799a144e8ee5/invoke.js
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.36 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 23:21:17 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 602045c93485470012219531.js Show response
buttons-config.sharethis.com/js/ 554 B
998 B 451ms
404ms Script
text/javascript 2600:9000:25e8:8200:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/602045c93485470012219531.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25e8:8200:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2319dbc0d652282694fa0847f099ecb17e4dca70baadde117a227a22e188860f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:18 GMT
via: 1.1 6553b2bbd8fca4153c739e94065a1184.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Sun, 06 Jun 2021 23:18:05 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P3
x-amz-server-side-encryption: AES256
etag: "2b6a1b0751a89208a9aef5d82f937db6"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 554
x-amz-cf-id: zbxWRj1fZ_vCFtyGRq4QVG54dT5n-YNLrucfbEzLLZFTnroB7FnLcg==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
406 B 95ms
20ms XHR
text/plain 18.196.51.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=www1.ihdstreams.xyz&location=%2F&product=sop&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Crackstreams%20-%20NBA%20Streams%20%7C%20NFL%20-%20MMA%20Streams%20-%20UFC%20-%20Boxing%20-%20Formula%201&cms=unknown&publisher=602045c93485470012219531&sop=true&version=st_sop.js&lang=en&description=HDStreams%20is%20new%20Platform%20to%20Reddit%20NBA%20Basketball%20free%20streams%2C%20access%20every%20NBA%20live%20stream%20on%20your%20mobile%2C%20desktop%20and%20tablet%20for%20free&ua=&ua_mobile=false&ua_full_version_list=

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.51.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-51-27.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 23:21:16 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://www1.ihdstreams.xyz
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 403
Forbidden invoke.js
www.effectivecreativeformat.com/0154b07ef3e758a91da6b0cd107ed2d2/ 0
0 471ms
104ms Script
application/javascript 173.233.137.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.effectivecreativeformat.com/0154b07ef3e758a91da6b0cd107ed2d2/invoke.js
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.36 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 23:21:17 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 83ms
31ms Script
text/javascript 2606:4700:10::6814:41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 26542
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 7f5436d00d529b31-FRA
content-length: 4547

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 285 B
663 B 80ms
28ms Script
text/javascript 13.32.121.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-126.fra60.r.cloudfront.net

Software

Resource Hash

ea49c90fa2220097f445c6d79f394938c1a87b109c2656f9229f97b0f45d936b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:19:51 GMT
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
age: 180
etag: 1fe49441123f0cc31414d0cb59eb35ef
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=900
content-length: 285
apigw-requestid: Jf64YhnoIAMEa_Q=
x-amz-cf-id: Mz0qx0LClxnDA40kH3hve4JUzjZ2A_7iEwe2kvAGeaZgx04Z1QYRcw==

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
727 B 81ms
22ms Image
image/svg+xml 2600:9000:218f:ca00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/facebook.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218f:ca00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 20:26:44 GMT
via: 1.1 1cfb3433a86e7969c88f0dfbfd15af32.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P2
age: 1392875
etag: "c6e9be45643e197ce1db1d7e24a99adc"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 301
x-amz-cf-id: L-8XJ7PILonGAQo_5OdgD23cOFPVprVqemmQwvKbZd-ptjUfVyDFCQ==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 731 B
1 KB 82ms
23ms Image
image/svg+xml 2600:9000:218f:ca00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/twitter.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218f:ca00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 01:17:43 GMT
via: 1.1 1cfb3433a86e7969c88f0dfbfd15af32.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P2
age: 1721016
etag: "0af2fb38987598376c99e21af17ade45"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 731
x-amz-cf-id: 4H6A5qRTP8ioJbFM1dUle1vFKQtE7dpA88KLOYkdG2px2lCB8zJCXA==

GET
H2 200 reddit.svg
platform-cdn.sharethis.com/img/ 910 B
1 KB 82ms
23ms Image
image/svg+xml 2600:9000:218f:ca00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/reddit.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218f:ca00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:02:24 GMT
via: 1.1 1cfb3433a86e7969c88f0dfbfd15af32.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P2
age: 2035134
etag: "78d796ca648d8a5e665b48ed0217c56a"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 910
x-amz-cf-id: 338SCRaCUQ_pcdK-zaxCiHFl5vPa-bj7jcj2zfY6ygyAIAXPSJs4Vg==

GET
H2 200 whatsapp.svg
platform-cdn.sharethis.com/img/ 832 B
1 KB 82ms
24ms Image
image/svg+xml 2600:9000:218f:ca00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/whatsapp.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218f:ca00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 16:14:20 GMT
via: 1.1 1cfb3433a86e7969c88f0dfbfd15af32.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P2
age: 2358419
etag: "afe7fc60ed757db39a88d2950fce69c9"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 832
x-amz-cf-id: CwEDQ3wyJ2URVu7M9AoS29jryexB3IvXtqevh-51O6daW1W4zft3Mw==

GET
H2 200 messenger.svg
platform-cdn.sharethis.com/img/ 372 B
796 B 82ms
24ms Image
image/svg+xml 2600:9000:218f:ca00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/messenger.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218f:ca00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 10:16:04 GMT
via: 1.1 1cfb3433a86e7969c88f0dfbfd15af32.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P2
age: 1429515
etag: "a5aa43fa302867d3e888ac2f69b7b288"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 372
x-amz-cf-id: STF0A2AbiBZlRRjaJllaRanvGuAGI8W86S07D5xVAscqK35kysIO6g==

GET
H2 200 linkedin.svg
platform-cdn.sharethis.com/img/ 456 B
881 B 82ms
24ms Image
image/svg+xml 2600:9000:218f:ca00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/linkedin.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218f:ca00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 01:19:54 GMT
via: 1.1 1cfb3433a86e7969c88f0dfbfd15af32.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P2
age: 1980085
etag: "fa43b4ede18498b114fc7185993f6da7"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 456
x-amz-cf-id: GIWKZHkrggWfGZ8dX27NatSu-Ic_jZzi--AaZy391DIewo0EG3XTOA==

GET
H2 200 pinterest.svg
platform-cdn.sharethis.com/img/ 771 B
1 KB 23ms
22ms Image
image/svg+xml 2600:9000:218f:ca00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/pinterest.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218f:ca00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 02:22:15 GMT
via: 1.1 1cfb3433a86e7969c88f0dfbfd15af32.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P2
age: 1803544
etag: "2b10a062e719c64b686e2e8fcdc216dc"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 771
x-amz-cf-id: IF4TIsZpgiFR9b4MajajbbffUuDn2JH-2KfgSufoibqgrX6xZ9ipvA==

GET
H2 200 sharethis.svg
platform-cdn.sharethis.com/img/ 514 B
939 B 23ms
23ms Image
image/svg+xml 2600:9000:218f:ca00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/sharethis.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218f:ca00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 10:26:15 GMT
via: 1.1 1cfb3433a86e7969c88f0dfbfd15af32.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P2
age: 2465704
etag: "deecdaa377907db5cc1722fc831670a1"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 514
x-amz-cf-id: vIfgBBzfbU_nRCf1lTzq9k6lQvC_WVTkwwMay8yP8wqCsG1Mf9j-NA==

GET
H2 200 arrow_left.svg
platform-cdn.sharethis.com/img/ 565 B
991 B 30ms
30ms Image
image/svg+xml 2600:9000:218f:ca00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/arrow_left.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218f:ca00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 01:14:22 GMT
via: 1.1 1cfb3433a86e7969c88f0dfbfd15af32.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P2
age: 1634817
etag: "b55d8d2b9321e381a3c38a4bddb74037"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 565
x-amz-cf-id: HRGWIXcEJznrKwfwp0TT3NL6PExCQ8VpYgMies9TZCz7po-sbVP52Q==

GET
H2 200 arrow_right.svg
platform-cdn.sharethis.com/img/ 565 B
989 B 30ms
30ms Image
image/svg+xml 2600:9000:218f:ca00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/arrow_right.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218f:ca00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:50:29 GMT
via: 1.1 1cfb3433a86e7969c88f0dfbfd15af32.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P2
age: 1974650
etag: "9928d025bd5792b718ee0a185f62e67c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 565
x-amz-cf-id: jerONjbFa_qnNfD5txts9xP8Vgq173nG-FvzghiMJbLEmVbWblj7MA==

GET
H2 200 hb_736354_16735.js Show response
player.aplhb.adipolo.com/prebidlink/469943/ 922 B
777 B 156ms
94ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/469943/hb_736354_16735.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ihdstreams.xyzhead.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 382f98ee9c7df50ab64c0a9b6973cd902eaf31198b4241f38bea7fac68d2f04d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Aug 2023 10:52:39 GMT
server: nginx
etag: W/"64d4c177-39a"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Sat, 12 Aug 2023 00:21:18 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 85 KB
28 KB 167ms
86ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ihdstreams.xyzhead.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad5bafb6f32e1399954a27804ccf6332bac310de57714bd50e04d053ecd4676b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28586
x-xss-protection: 0
server: cafe
etag: 736 / 19580 / 31076971 / config-hash: 9566803040182507923
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 11 Aug 2023 23:21:18 GMT

GET
H2 200 wrapper_hb_736354_16735.js Show response
player.aplhb.adipolo.com/prebidlink/469943/ 2 KB
1 KB 125ms
93ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/469943/wrapper_hb_736354_16735.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ihdstreams.xyzhead.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 16e4ee38453e79625c723d0c72fd0e2e250d9e8816f74ccd7583c6d291187be9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Aug 2023 10:52:39 GMT
server: nginx
etag: W/"64d4c177-867"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Sat, 12 Aug 2023 00:21:18 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 85 KB
28 KB 83ms
77ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/ihdstreams.xyzhead.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b6fc8e3bb8719e95688185f95b7ec236b8a2f764fd5ffd37ee8b3e0ddee17ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28572
x-xss-protection: 0
server: cafe
etag: 70 / 19580 / m202308030102 / config-hash: 9566803040182507923
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 11 Aug 2023 23:21:18 GMT

GET
H2 200 adipolo_logo.png
adipolo.com/wp-content/uploads/2020/06/ 7 KB
7 KB 78ms
26ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:18 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Jun 2020 09:04:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4876072
etag: "5ed61610-1b9c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVc8fLqnKVDOaeOe71hfWsL05Axk%2FG9NkGAAP4Zx4QbVGHrq3DQNZ%2F59youvev2yvzVKcSvbTRacwokK3MlgecikFTwCUmUGfBj80yYPZRygyGOPP2ymG%2B0q3I1xG8x2Kr0dAMQZvSbNHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7f5436d0e9c38fce-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7068

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 51 B
185 B 305ms
95ms Script
text/html 149.56.240.132
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?2633223&@f16&@g1&@h1&@i1&@j1691796078114&@k0&@l1&@mCrackstreams%20-%20NBA%20Streams%20%7C%20NFL%20-%20MMA%20Streams%20-%20UFC%20-%20Boxing%20-%20Formula%201&@n0&@o1000&@q0&@r0&@s514&@ten-US&@u1600&@b1:9405090&@b3:1691796078&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fwww1.ihdstreams.xyz%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.132 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534300.ip-149-56-240.net
Software: /
Resource Hash: fa1e4e3a15f57d72eb1d0b8b08f2f6e7dc7d4d3603e4c563e6e06948bd659a1b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 23:21:19 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

GET
H2 200 cc_514.js Show response
s10.histats.com/counters/ 15 KB
6 KB 30ms
30ms Script
text/javascript 2606:4700:10::6814:41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_514.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: babfdd8d96853154749421058a8b281d3fa13dc64df98d8e57c477c7c56e41a4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 81355
etag: "1889425552"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 7f5436d04d7e9b31-FRA
content-length: 6447

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4558415f627880263b408b58c30f1c9ae4765038c86beaf568d9c067b79c936

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 hbw_master_736354_16735.js Show response
player.aplhb.adipolo.com/prebidlink/kqqam/ 122 KB
39 KB 121ms
120ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/kqqam/hbw_master_736354_16735.js
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/469943/wrapper_hb_736354_16735.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: f25ac32bf1c2e9d888b5e687d4c60d717af67e9904cb7054d00d4afad2c4bf38

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Aug 2023 10:52:39 GMT
server: nginx
etag: W/"64d4c177-1e878"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Sat, 12 Aug 2023 00:21:18 GMT

GET
H2 200 hbp_master_736354_16735.js Show response
player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ 352 KB
112 KB 97ms
97ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_736354_16735.js
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/469943/hb_736354_16735.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 21d37f9066429269a82775b7e6c0f1322f99d5fb928f07aefdee839a4bd14cab

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:18 GMT
content-encoding: gzip
last-modified: Mon, 10 Jul 2023 14:56:05 GMT
server: nginx
etag: W/"64ac1c05-581d1"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Sat, 12 Aug 2023 00:21:18 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/ 400 KB
127 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b4bb74c7f550162d688cef16db8298a8b697ed71082729828f0bfc3b6bbe4dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 378
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129487
x-xss-protection: 0
server: cafe
etag: 4885750571797100496
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 10 Aug 2024 23:15:00 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/313490/ 11 KB
5 KB 56ms
13ms XHR
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fwww1.ihdstreams.xyz%2F
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_736354_16735.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: f077127558b72bd4739d48a7b877027cfed9391fda12c43643e3652a90cf1a44

Request headers

Referer: https://www1.ihdstreams.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

expires: Sun, 13 Aug 2023 23:21:18 GMT
date: Fri, 11 Aug 2023 23:21:18 GMT
content-encoding: gzip
last-modified: Fri, 11 Aug 2023 12:02:42 GMT
server: nginx
etag: W/"64d62362-2ad6"
content-type: application/json
access-control-allow-origin: https://www1.ihdstreams.xyz
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 71ms
29ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9711
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-yyz4568-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pBJUIxq6fOCLvid%2FdMLvVjGK9QXA1syIvnr5bmKTQ5QFmyhJZFkCNctuXmnGSvgEtxwt9zVjdE6GFjKuZFk5iMraqZLUUpQCPwITTRIK%2Fwe1jD8tMUCub7%2FD%2F8wS%2FfGxrJQFNAy0dB0E2Co4HvE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7f5436d268e09207-FRA

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 71ms
20ms Script
text/javascript 2600:9000:2250:5000:a:e047:753:6381

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:a:e047:753:6381 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: null
Date: Fri, 11 Aug 2023 04:55:30 GMT
Via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 66349
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: 3AkIv9rDkUlipnvSD0yRlvBY-3h4IPXs_7PWG-x-Rm19WeMDAWMd_Q==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 112 KB
26 KB 81ms
30ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Aug 2023 11:32:19 GMT
server: cloudflare
x-amz-request-id: T1F6DASF0JTF1SQ6
age: 1866
etag: W/"25c6f4638264ba52fb77e06351d38d61"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7f5436d2799b692e-FRA
x-amz-id-2: H5uqYVaRdnvegMAsggzpIypU+/tjpNgekWMG1JsB17A8dorI25AZGPRnNKy4NA2SDfzE85b74dY=

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 86ms
20ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 12:15:10 GMT
content-encoding: gzip
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 39969
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: pgdB1pzie8ch6Rt158PZQtAAo0WVfx0mzry7jOvvEAVn867tPCiAhA==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 64ms
30ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:18 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 5925115698fccaf614b5cfc766e27703
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 89ms
42ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-aa04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 12 Aug 2023 23:21:18 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 40 KB
9 KB 89ms
27ms Script
application/javascript 104.18.24.112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.112 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 04 Aug 2023 18:38:49 GMT
server: cloudflare
age: 110808
etag: W/"64cd45b9-a13f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7f5436d28c529b33-FRA
expires: Mon, 14 Aug 2023 23:21:18 GMT

GET
H/1.1 200
OK / Show response
ghb.aplhb.adipolo.com/geo/ 130 B
405 B 406ms
18ms XHR
application/json 185.239.173.226
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/geo/
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/kqqam/hbw_master_736354_16735.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.226 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 06631c912d2df079842f68e549cadc9bcc6d2b23b450f23cbca3d9227a708b7c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 23:21:18 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://www1.ihdstreams.xyz
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 130

GET
H/1.1 200
OK tracking Show response
ghb.aplhb.adipolo.com/adunit/ 43 B
438 B 407ms
19ms XHR
image/gif 185.239.173.226
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=736354&site_id=16735&pbjsv=v7.37.3&full_page_url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&adid=77pcmy.3x&features=81952&vpbv=N168&tte=338&lifecycle_tte=2166
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/kqqam/hbw_master_736354_16735.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.226 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 23:21:18 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://www1.ihdstreams.xyz
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 862 B
451 B 188ms
187ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=492482791209303&correlator=3907265318416547&eid=31076923&output=ldjh&gdfp_req=1&vrg=202308030102&ptt=17&impl=fifs&iu_parts=7047%3A22821132256%2Capl%2Cinter&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&didk=1421344310&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1691796078434&lmt=1691788878&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=2103354105.1691796078&ga_sid=1691796078&ga_hid=136762602&ga_fc=false&dlt=1691796076442&idt=1912&adks=3977417493

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d36627397605b9d5bfd8431f6f2487d4ca67ba288925eb7df468a11e3269bf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 420
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www1.ihdstreams.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 819 B
407 B 253ms
253ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=492482791209303&correlator=267115131715441&eid=31076923&output=ldjh&gdfp_req=1&vrg=202308030102&ptt=17&impl=fifs&iu_parts=7047%3A22821132256%2Capl%2Canchor%2Canchortop&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=2&didk=253446373&sfv=1-0-40&ists=1&fas=2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1691796078440&lmt=1691788878&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=2103354105.1691796078&ga_sid=1691796078&ga_hid=136762602&ga_fc=false&dlt=1691796076442&idt=1912&adks=2809816177

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79b8ff3ad5affc11c25c059cbf80cf6fc6b9cc6c10693f70a6b613c36fdaa214

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 376
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www1.ihdstreams.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 119ms
67ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308030102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f49eea6f514decdc9bd692ef59c01a791fae49eaa3fa6f4234d0735b7bf9c015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11826
x-xss-protection: 0

GET
H2 200 container.html Show response
5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DB4D 6 KB
3 KB 93ms
27ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 23:21:18 GMT
expires: Sat, 10 Aug 2024 23:21:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/ 37 KB
13 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

faeb6d012c1f08d0a2ea575791d66217350de87228460610fbd80a0ee85aca88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 04:09:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69100
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13146
x-xss-protection: 0
server: cafe
etag: 5712969799744571492
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 10 Aug 2024 04:09:38 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
338 B 99ms
30ms XHR
application/json 34.241.170.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.170.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-170-80.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: fb3002298698837bc545779a7e6896e272da69042d1ef8b7ccf734432993dfaf

Request headers

Referer: https://www1.ihdstreams.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 23:21:18 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www1.ihdstreams.xyz
cache-control: no-cache
x-server: 10.45.27.200
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
328 B 73ms
23ms XHR
text/plain 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www1.ihdstreams.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www1.ihdstreams.xyz
date: Fri, 11 Aug 2023 23:21:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C04E 15 KB
6 KB 42ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www1.ihdstreams.xyz

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 23:21:17 GMT
server: Kestrel
server-processing-duration-in-ticks: 329598
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 111ms
44ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 23:21:18 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame C04E
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ihdstreams.xyz&sn=ChromeSyncframe&so=0&topUrl=www1.ihdstreams.xyz&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=oLe7PXxXcHZFWEo4L0txdjdtWUEwNFhYMFZSeldLZ0tScXc4SXlSUkZCcE5YZGJYQW5mNDVFcnJEUWRGdWgzc0owbzlYQVpjN3o2TjJ6R3JpNEMwY2Nwc2xzSVdpeXRScFo1Wm4wVm9vZ25ZbDZuc3h5bU54MklRdnJpMW...

436 B
655 B

102ms
23ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=oLe7PXxXcHZFWEo4L0txdjdtWUEwNFhYMFZSeldLZ0tScXc4SXlSUkZCcE5YZGJYQW5mNDVFcnJEUWRGdWgzc0owbzlYQVpjN3o2TjJ6R3JpNEMwY2Nwc2xzSVdpeXRScFo1Wm4wVm9vZ25ZbDZuc3h5bU54MklRdnJpMWRFN0l5L1FoQjBVR3VSSXgvMXA2THArMko0eEZoN1l0NXJIdXdjYmlmcDYxZWRLdVVqc1Rhd0x1bGhqMTEzSEdIZlJKb25uWmJNT0VGUktpUFhLUVhoL0x4T2NlaGwySjBkeDVocUhSbHRFTklNMkFzMG5adUh6VHBVVG1yNllWaG4rNEtNVFdqVTBPMTVPdGJDd2F6SlNGYXUvbW5BM1cvSmE4UnpETUZvcUNaY1lEczY5UT18&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a36334acb444f8a3ffd4cd1bcb413d8ddb32b0481ed053ee727e54c31c86ef2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 23:21:17 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1276462
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 11 Aug 2023 23:21:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=oLe7PXxXcHZFWEo4L0txdjdtWUEwNFhYMFZSeldLZ0tScXc4SXlSUkZCcE5YZGJYQW5mNDVFcnJEUWRGdWgzc0owbzlYQVpjN3o2TjJ6R3JpNEMwY2Nwc2xzSVdpeXRScFo1Wm4wVm9vZ25ZbDZuc3h5bU54MklRdnJpMWRFN0l5L1FoQjBVR3VSSXgvMXA2THArMko0eEZoN1l0NXJIdXdjYmlmcDYxZWRLdVVqc1Rhd0x1bGhqMTEzSEdIZlJKb25uWmJNT0VGUktpUFhLUVhoL0x4T2NlaGwySjBkeDVocUhSbHRFTklNMkFzMG5adUh6VHBVVG1yNllWaG4rNEtNVFdqVTBPMTVPdGJDd2F6SlNGYXUvbW5BM1cvSmE4UnpETUZvcUNaY1lEczY5UT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 265840
content-length: 0
expires: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F0D5 13 KB
5 KB 21ms
19ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1208
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 23:01:10 GMT
expires: Sat, 10 Aug 2024 23:01:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8388 831 B
1 KB 74ms
28ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

53e4b49a9d28bec768620b1e6306d8f3efcf6f63f76e44dc103a13fd44117a8b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rVfZzHuw4LvhVLM2ZwIwFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 535
content-security-policy: script-src 'report-sample' 'nonce-rVfZzHuw4LvhVLM2ZwIwFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 23:21:18 GMT
expires: Fri, 11 Aug 2023 23:21:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 gDKveuiD6qzElJZQWCdHL_tXbW9wBzQNLi6nE-8m1ts.js Show response
pagead2.googlesyndication.com/bg/ Frame F0D5 38 KB
14 KB 62ms
23ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gDKveuiD6qzElJZQWCdHL_tXbW9wBzQNLi6nE-8m1ts.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8032af7ae883eaacc49496505827472ffb576d6f7007340d2e2ea713ef26d6db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 12:52:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 12:52:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8388 0
0 51ms
51ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308030102&jk=492482791209303&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 631a2480b3d08269680f4be2 Show response
feed.avplayer.com/backend/api/playlist/ 5 KB
934 B 69ms
17ms XHR
application/json 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://feed.avplayer.com/backend/api/playlist/631a2480b3d08269680f4be2?AV_TAGID=632c400f6736d736c5787e64&pid=632c3dff8e62a32fb323cd86&cid=632c3ef859ddd85dcd3fc897&AV_TEMPID=6192229fa59e3976bb4400aa&AV_PUBLISHERID=632c3dff8e62a32fb323cd86
Requested by: Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=632c400f6736d736c5787e64&AV_PUBLISHERID=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: 917737020d09defe47fd50dbb857c95126686ed140b6440fb52ad99f4b279fcf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:18 GMT
content-encoding: gzip
vary: origin
x-hw: 1691796078.dop131.am5.t,1691796078.cds149.am5.hn,1691796078.cds321.am5.c
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www1.ihdstreams.xyz
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 720

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/8.3/v/ 807 KB
209 KB 68ms
17ms Script
text/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Requested by: Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=632c400f6736d736c5787e64&AV_PUBLISHERID=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: 855350f90136950691eae399a0be7bb465e8329f03f669e2830f2bf404fe3964

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Aug 2023 13:35:01 GMT
etag: "1691674501"
x-hw: 1691796078.dop258.am5.t,1691796078.cds146.am5.hn,1691796078.cds018.am5.c
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 213326

GET
H2 200 track
servt.modoro360.com/ 0
98 B 346ms
97ms Image
text/plain 3.211.28.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?pid=632c3dff8e62a32fb323cd86&cid=632c3ef859ddd85dcd3fc897&cb=1691796078813&r=www1.ihdstreams.xyz&stagid=632c400f6736d736c5787e64&stplid=6192229fa59e3976bb4400aa&d35=&d65=Test1&d66=8&d74=&e=playerLoaded&cpid=631a2480b3d08269680f4be2&str=autostart
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.28.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-28-187.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:19 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 382 B
166 B 191ms
191ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=492482791209303&correlator=3501488658787133&eid=31076923&output=ldjh&gdfp_req=1&vrg=202308030102&ptt=17&impl=fifs&iu_parts=7047%3A22821132256%2Capl%2Caplmcm7047%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90&ifi=3&didk=1959687422&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D373969b1e9d96626%3AT%3D1691796078%3ART%3D1691796078%3AS%3DALNI_MaYhuWP4HM0dK9u1o6T7Bwl85Jc6A&gpic=UID%3D00000c5f7e61a8d6%3AT%3D1691796078%3ART%3D1691796078%3AS%3DALNI_MaBAhHQdQ6VykJUVCcwIFoGBheSLw&abxe=1&dt=1691796078843&lmt=1691788878&adxs=315&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&psts=AOrYGskojd0TJIXtLpW9GX8NEc4YMKG_ld42nPNFa0wl4Xc6%2CAOrYGsmFihiWPvSxETRgGBRENfOyrmDFk4R-ZF0fuHESPHZ_&ga_vid=2103354105.1691796078&ga_sid=1691796078&ga_hid=136762602&ga_fc=false&dlt=1691796076442&idt=1912&prev_scp=test%3Drefresh%26hb_rfBid%3D0%26excl_cat%3DPREPOST&adks=135192340

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5351433802de0a018489e9d88892c937b66541c493b4e12578f16ed072f0a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:19 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www1.ihdstreams.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 306ms
305ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=492482791209303&correlator=2594307332466459&eid=31076923&output=ldjh&gdfp_req=1&vrg=202308030102&ptt=17&impl=fifs&iu_parts=7047%3A22821132256%2Capl%2Caplmcm7047%2Ccube2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=4&didk=2675907388&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D373969b1e9d96626%3AT%3D1691796078%3ART%3D1691796078%3AS%3DALNI_MaYhuWP4HM0dK9u1o6T7Bwl85Jc6A&gpic=UID%3D00000c5f7e61a8d6%3AT%3D1691796078%3ART%3D1691796078%3AS%3DALNI_MaBAhHQdQ6VykJUVCcwIFoGBheSLw&abxe=1&dt=1691796078847&lmt=1691788878&adxs=1170&adys=571&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&frm=20&vis=1&psz=487x24&msz=487x0&fws=0&ohw=0&psts=AOrYGskojd0TJIXtLpW9GX8NEc4YMKG_ld42nPNFa0wl4Xc6%2CAOrYGsmFihiWPvSxETRgGBRENfOyrmDFk4R-ZF0fuHESPHZ_&ga_vid=2103354105.1691796078&ga_sid=1691796078&ga_hid=136762602&ga_fc=false&dlt=1691796076442&idt=1912&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&adks=1535134855

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93869e8b2d1e14b9a6be5dcee1ab87f9da79b31d1c334b1a5038006c01ac94fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:19 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11639
x-xss-protection: 0
google-lineitem-id: 5818019657
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374033787
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www1.ihdstreams.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 151 KB
53 KB 330ms
330ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=492482791209303&correlator=1118413925362768&eid=31076923&output=ldjh&gdfp_req=1&vrg=202308030102&ptt=17&impl=fifs&iu_parts=7047%3A22821132256%2Capl%2Caplmcm7047%2Crich&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=5&didk=2675907386&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D373969b1e9d96626%3AT%3D1691796078%3ART%3D1691796078%3AS%3DALNI_MaYhuWP4HM0dK9u1o6T7Bwl85Jc6A&gpic=UID%3D00000c5f7e61a8d6%3AT%3D1691796078%3ART%3D1691796078%3AS%3DALNI_MaBAhHQdQ6VykJUVCcwIFoGBheSLw&abxe=1&dt=1691796078849&lmt=1691788878&adxs=166&adys=163&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&frm=20&vis=1&psz=1019x0&msz=1019x0&fws=0&ohw=0&psts=AOrYGskojd0TJIXtLpW9GX8NEc4YMKG_ld42nPNFa0wl4Xc6%2CAOrYGsmFihiWPvSxETRgGBRENfOyrmDFk4R-ZF0fuHESPHZ_&ga_vid=2103354105.1691796078&ga_sid=1691796078&ga_hid=136762602&ga_fc=false&dlt=1691796076442&idt=1912&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&adks=3228686164

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fbce96820517a6b2a0ea6a8cc4243fa06fbf3c26a05318727f8ffeca27fe0d7

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12750572431565262900/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12750572431565262900/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMiGw8Lf1YADFYWR3godl7QAyg&gqi=&layout=/sadbundle/%24csp%253Der3%24/12750572431565262900/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12750572431565262900/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12750572431565262900/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMiGw8Lf1YADFYWR3godl7QAyg&gqi=&layout=/sadbundle/%24csp%253Der3%24/12750572431565262900/index.html
date: Fri, 11 Aug 2023 23:21:19 GMT
x-content-type-options: nosniff
content-encoding: br
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54300
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www1.ihdstreams.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 200ms
200ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=492482791209303&correlator=2431577708530867&eid=31076923&output=ldjh&gdfp_req=1&vrg=202308030102&ptt=17&impl=fifs&iu_parts=7047%3A22821132256%2Capl%2Caplmcm7047%2Csky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=120x600%7C160x600%7C300x600&ifi=6&didk=2675907384&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D373969b1e9d96626%3AT%3D1691796078%3ART%3D1691796078%3AS%3DALNI_MaYhuWP4HM0dK9u1o6T7Bwl85Jc6A&gpic=UID%3D00000c5f7e61a8d6%3AT%3D1691796078%3ART%3D1691796078%3AS%3DALNI_MaBAhHQdQ6VykJUVCcwIFoGBheSLw&abxe=1&dt=1691796078852&lmt=1691788878&adxs=1260&adys=611&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&frm=20&vis=1&psz=487x24&msz=487x0&fws=0&ohw=0&psts=AOrYGskojd0TJIXtLpW9GX8NEc4YMKG_ld42nPNFa0wl4Xc6%2CAOrYGsmFihiWPvSxETRgGBRENfOyrmDFk4R-ZF0fuHESPHZ_&ga_vid=2103354105.1691796078&ga_sid=1691796078&ga_hid=136762602&ga_fc=false&dlt=1691796076442&idt=1912&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&adks=2270408103

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36869b764419e90773fbf0fe24d43526bd93253313b6ed449031bebca9553a0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:19 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11678
x-xss-protection: 0
google-lineitem-id: 5850403633
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374456572
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www1.ihdstreams.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F0D5 0
10 B 18ms
18ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0FxUeQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 5054 475 KB
128 KB 74ms
20ms Script
text/javascript 2a02:26f0:480:7b5::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:7b5::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: c7b335cd4f99f54a92a1d88d6548647d52d94a3ceaafd5b36fd1d0a88b63897e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:19 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtovuSdbekC8kGElskVhM9JEb0Rdt0djdGX-fgeDnnWDRnsSUv3PHtB-W0k7AdyNcWA2-hobRJcPtiIBR3qKs_RUfURqURQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 130353
last-modified: Thu, 10 Aug 2023 14:53:46 GMT
server: UploadServer
etag: "2f3f0a7b8c93d6329e52026450f30184"
vary: Accept-Encoding
x-goog-generation: 1691679226027236
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=e6p0/A==, md5=Lz8Ke4yT1jKeUgJkUPMBhA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 130353
accept-ranges: bytes
expires: Fri, 11 Aug 2023 23:31:19 GMT

GET
H2 200 large-poster.jpg
content1.avplayer.com/60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/ 17 KB
17 KB 48ms
16ms Image
image/jpeg 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content1.avplayer.com/60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/large-poster.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 9f66145fbaf681859fb04fc4cdedf358806d85dd27355199545b97db90d48829

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:19 GMT
x-guploader-uploadid: ADPycdvhZyWCYA_7T85Ie4UnKklM9Z0YAxLhSa-tJjlzV5jxNjm14HhTSB4dG5lyQ7GmkommqtxFf7AOpZNWwY-bwS9IOg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 16959
last-modified: Thu, 08 Sep 2022 15:38:37 GMT
server: UploadServer
etag: "0ee97d2dcd219d582aee0cecbb70cafd"
x-goog-generation: 1662651517684609
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=SZ/7Cg==, md5=Dul9Lc0hnVgq7gzsu3DK/Q==
access-control-expose-headers: Content-Type, range
cache-control: public, max-age=2592000
x-hw: 1691796079.dop258.am5.t,1691796079.cds146.am5.hn,1691796079.cds310.am5.c
x-goog-stored-content-length: 16959
accept-ranges: bytes

GET
H/1.1 200
OK favicon.ico
storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/ 15 KB
15 KB 158ms
48ms Image
image/x-icon 141.95.4.196
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 141.95.4.196 , France, ASN16276 (OVH, FR),
Reverse DNS: ip196.ip-141-95-4.eu
Software: /
Resource Hash: fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 23:21:19 GMT
X-Openstack-Request-Id: txdf20faca133e4277a3510-0064d6c26f
Last-Modified: Sun, 31 Jan 2021 12:57:34 GMT
Etag: 7bf4f6782dee3b520a65ff84286e3691
Content-Type: image/x-icon
X-Timestamp: 1612097853.12655
Accept-Ranges: bytes
Content-Length: 15086
X-Trans-Id: txdf20faca133e4277a3510-0064d6c26f

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EA68 0
0 67ms
66ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstpRB6KMTE40_kl-yzikbaQu70ivaLKeier3EajEI6LfMaHmBju6L0t3SHCe-5o8LPE0mr4tn2-ZBnjl7Sx-pgmUIZjA17NwFd877Pq8DJk74peQWp5-3YGvuIFxL34i5Uc177a_qAdQUixxjdaw3ONXoUND-d1wNsCLttnix2e2dlQm4MQbkxCtdqDU9zR1N6Eydsb6cus9LJXkQELsDF63dcMjOUwkB63daEO72ptCcIYHYAogWHyPXFjabfeAJ6In0hHGDr7eH1JwpEascMp9fRW3LrQm_A9pW7uogiGfTLs9GpmdHDszTrX4bz1ehL7W4odxqsOYEE3kw&sai=AMfl-YTFOcmuW4jdF9Hm2loT8PiCmHuE2WzkicTifg9eA1DfDhDiwz-Rs_Tx74ATFIc18jcRHgq831ZOLGoWhN-5OR_jukG8FPitGoVtrCs3ovvFNnBEhKWLO2F3xUxW4g&sig=Cg0ArKJSzPIpYQquZzJtEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ Frame EA68 231 KB
84 KB 466ms
382ms Script
application/x-javascript 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a1ca74ef74490c6a0349e717b12cebcbbd0c9836029136a4d89a513a6adad188

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:19 GMT
content-encoding: gzip
last-modified: Thu, 10 Aug 2023 08:50:02 GMT
etag: "17-z0G37t71+b+deDXkoo8CLedalzE"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah-stg
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14500
access-control-allow-credentials: false
x-traceid: 16a8942674e00cbb05523377af0fdd31
timing-allow-origin: *, *
content-length: 85539
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EA68 179 KB
56 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Aug 2023 23:21:19 GMT

GET
H2 200 / Show response
serv.modoro360.com/api/adserver/tag/2/ 23 KB
4 KB 591ms
357ms XHR
application/json 3.229.139.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://serv.modoro360.com/api/adserver/tag/2/?AV_TAGID=632c400f6736d736c5787e64&AV_PUBLISHERID=632c3dff8e62a32fb323cd86&AV_DURATION=18&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&AV_CHANNELID=632c3ef859ddd85dcd3fc897&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=2&pce=1&npx=1&AV_DETDOMAIN=www1.ihdstreams.xyz&AV_DADPOS=1&AV_OPLACEMENT=1&AV_TAG=632c400f6736d736c5787e64&AV_TEMPLATE=6192229fa59e3976bb4400aa&AV_GPID=/632c3dff8e62a32fb323cd86/632c400f6736d736c5787e64/www1.ihdstreams.xyz&d36=6.2.119&responsive=1&sver=4&avtoken=79183&omv=1.0.1&AV_D65=Test1&AV_D66=8.3.15&clsid=267f6ecb-dba1-4cf9-9360-e755ca3e005d&rando=17&AV_WIDTH=500&AV_HEIGHT=281&AV_DNT=0&cb=1691796079185&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.139.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-139-253.compute-1.amazonaws.com
Software: /
Resource Hash: 9878d1285a11a114a01a05babdb3575af431ce969eb458c603501044309513e3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:19 GMT
x-bamboo-c-skst: 1
content-encoding: gzip
x-bamboo-c-skfe: 1
x-bamboo-c-s: BYPASS
access-control-max-age: 1728000
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin: https://www1.ihdstreams.xyz
content-type: application/json
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires: Mon, 31 Jul 2023 09:34:39 GMT

GET
H2 200 track
servt.modoro360.com/ 0
97 B 97ms
97ms Image
text/plain 3.211.28.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?r=www1.ihdstreams.xyz&sn=&ic=0&tgt=0&app=&wi=500&he=281&test=2&d36=6.2.119&apppkg=&fv=1&proto=https&d65=Test1&d66=8.3.15&clsid=267f6ecb-dba1-4cf9-9360-e755ca3e005d&rando=17&pid=632c3dff8e62a32fb323cd86&cid=632c3ef859ddd85dcd3fc897&stagid=632c400f6736d736c5787e64&stplid=6192229fa59e3976bb4400aa&e=inventory&vi=100&cb=1691796079184
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.28.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-28-187.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:19 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C611 0
0 55ms
55ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuAJpv7z_OZAOZQqttjS_RBfa1-cQ0R3JnEa7hfhEEFnbLF515vQ6L9HvlfJ39B9BLNtH2xGnwM3aC6ERY2Puuq0UzrHwLGkv5svBf0Qlvh5k3WgMsBqkQ2pdtQBdvGq8JBSOXLAHC3ZleQRSkqlXx19TSuaQnUI1lQiJ1Az7HRxxYfwTk8sngcXn10sE9Va37RP-xyzqB_NLGcubwaiSEwj71xi-1UO53Hs7mhsgo6WCRDL-1Uqt445fCzXawoGhrjvgu6sUQstRuVksQJsRgXRp288JFlLhkpooTwRjAtwhd4F-_cmJMD6wLHLOmsRXQge4cTP-CtRaQGWVEV77aq&sai=AMfl-YTnkq6eZUmss77xJKi7VZ-W5SwmOSn2-c65TPo0PrZdg9gJoSu-ljVQn4S4NRTjCVoEjygYHsgqFrAlOLn1_bgjq3lhOKixOzNT2k49B-mWILpaa2Q0vY_pSlCqjw&sig=Cg0ArKJSzG6p0740x7OVEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ Frame C611 231 KB
84 KB 415ms
389ms Script
application/x-javascript 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d9d3aafa45dd6f7d6ff0a91322dd8dd8027bba47b56dbbd79ef27c4785dc54c5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:19 GMT
content-encoding: gzip
last-modified: Thu, 10 Aug 2023 08:50:02 GMT
etag: "17-z0G37t71+b+deDXkoo8CLedalzE"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14500
access-control-allow-credentials: false
x-traceid: 12fe40960b4a8951958d68a00709e625
timing-allow-origin: *, *
content-length: 85538
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C611 179 KB
56 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Aug 2023 23:21:19 GMT

GET
H2 200 container.html Show response
5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8777 6 KB
3 KB 19ms
19ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 23:21:18 GMT
expires: Sat, 10 Aug 2024 23:21:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EA68 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1dcb7da38d699199d71093f74b560330bcd69a99f19e70c7f5543f3ea4b19811

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12750572431565262900/ Frame 61CE 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12750572431565262900/index.html

Requested by

Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

014dcfbdf6e82994135e5be2118bf2d10c251276febc2e7938207c8581bf7828

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2739
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 22:56:41 GMT
expires: Sat, 10 Aug 2024 22:56:41 GMT
last-modified: Tue, 01 Aug 2023 14:41:48 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 8777 23 KB
9 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Host: 5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com
URL: https://5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 23:53:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Aug 2023 23:53:50 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 97E7 143 B
383 B 64ms
18ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com
URL: https://5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 784
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 23:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 8777 3 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com
URL: https://5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:20:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Aug 2023 14:20:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 8777 20 KB
8 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com
URL: https://5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 23:57:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Aug 2023 23:57:21 GMT

GET
DATA 200
OK truncated
/ Frame C611 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a8fbe31a090147ec2c0cfafd8e816a3635d9dd7c42cc4ea6de09c9da19603b2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 61CE 6 KB
3 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12750572431565262900/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 02:43:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 12 Aug 2023 02:43:30 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 61CE 34 KB
13 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12750572431565262900/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 02:43:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 12 Aug 2023 02:43:30 GMT

GET
H3 200 HYPE-748.full.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12750572431565262900/ Frame 61CE 91 KB
39 KB 23ms
22ms Script
application/x-javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12750572431565262900/HYPE-748.full.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12750572431565262900/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce0be6d6f8bdde5a9c0deb06ee1a55257dd07455498b32dbcd276cb5e7e279f6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 08 Aug 2023 23:03:44 GMT
age: 260255
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39912
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 14:41:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Aug 2024 23:03:44 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8777 0
0 27ms
26ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQJ6t28-KNokKb9onsX6DiqNgHYZK8f-XJwLRRPEecsJ8aZHj7UcEK2sObbOID5t0F3a8OnMmshsjRGRR_77K2Cqd8tyw
Requested by: Host: 5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com
URL: https://5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8777 179 KB
56 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com
URL: https://5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Aug 2023 23:21:19 GMT

GET
DATA 200
OK truncated
/ Frame 8777 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67294dcc366e27300f2dbcad1378442779ea0ea230ac7a561853b0f262720a81

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 97E7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
307 B

34ms
33ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com
URL: https://5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 23:21:19 GMT
expires: Fri, 11 Aug 2023 23:21:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 23:21:19 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cta-artsvgopleiding.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12750572431565262900/ Frame 61CE 3 KB
1 KB 20ms
20ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12750572431565262900/cta-artsvgopleiding.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12750572431565262900/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

921f41020b54349b6a4dddaef2dff2c08c83751f39e101e4ee17d99755bcfe83

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 08 Aug 2023 23:03:45 GMT
age: 260254
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1273
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 14:41:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Aug 2024 23:03:45 GMT

GET
H3 200 logo-ArtsVG.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12750572431565262900/ Frame 61CE 9 KB
4 KB 21ms
21ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12750572431565262900/logo-ArtsVG.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12750572431565262900/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8c0e8b74bbc0d90fc5afd8fe1683c35da5d65f6b39262550d1ab5452f895fc7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 08 Aug 2023 23:03:45 GMT
age: 260254
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3880
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 14:41:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Aug 2024 23:03:45 GMT

GET
H3 200 heading-wordarts-1line.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12750572431565262900/ Frame 61CE 2 KB
1 KB 22ms
21ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12750572431565262900/heading-wordarts-1line.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12750572431565262900/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37c756549498046fbb71b81bc30d38666e9e7ae15d512d9ef1712be1fd3c35e4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 11 Aug 2023 22:56:41 GMT
age: 1478
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1136
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 14:41:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 10 Aug 2024 22:56:41 GMT

GET
H3 200 heading-patienten-2lines.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12750572431565262900/ Frame 61CE 6 KB
2 KB 21ms
20ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12750572431565262900/heading-patienten-2lines.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12750572431565262900/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91b8dc0d4eb319cd1fe63f36e9468e9df949d6123808ff0a365d4a1b45bb7332

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 08 Aug 2023 23:03:45 GMT
age: 260254
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1582
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 14:41:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Aug 2024 23:03:45 GMT

GET
H3 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 8777 225 B
249 B 19ms
19ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: 5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com
URL: https://5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 09:44:05 GMT
x-content-type-options: nosniff
server: cafe
age: 49034
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Sat, 12 Aug 2023 09:44:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
55ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308030102&jk=492482791209303&bg=!eHuley_NAAaiGN5Pghg7ADkAdvg8WliqSZ7SDTCwyWrP8KOM4DSx-w06fWnYEnntHqGHTwCTABTuWZqnOXKkOdlX3iP-FZrDysECAAAAa1IAAAAHaAEHmQLA9rLHft1RAUSaBMF-qaDuG2Cb0LSwYQRcG1p9IP4Q8pliY-75Al-9_2JNuU2Crcaq9E9_rCopOVw_rSXIGafxOeSzxXoxEaZnGCJFDcDPrqrEKP62603M_veaAOtj7obF51MYsKn7m6hGlFQ4l43b7TzC7Y1e9P6FSbjvQ4pYYm45OY4d5sMd1wWA6kHmf6N68q0bUTaCAIHsPYdQ0OTwi4xT_tmR3BAxPFjN2Wzd1U3eRHidWnYH7GKY-YWqgLM20ifpdY2hJopjPxltiynzQysr9uuWKXtbE244n6rrOt4ecJ8ncq8-QULWEJ1Dxwcil6XBR3UsNoG-QkTsX7vmVsxiMWjslXfXIAiYhBUHBwnvzGKtOaigSa4JN91Ybhl578jKJ07SjlINRvspfmAkinpv_Kmo1MMpKYEdnDhz1Izv_gbO1gl93mKNoDEuin-SsPYgeWZCFtXHqV4Q3jQqn0pUxkpKrLHLD98yKqRmKRUmxjhz7DERQBfmYx1IMC8iyUa2lAPRXlTHpeZLp0p2fUwruXNjRftcbumwSgYDm3mMHQokIQSpxZ4njjRP2g6P5mogj92H3UW8ye7Xn4-_byYhYUaRNsmD2J8qjKtwj-Pe2CvvKgBHRHEv-aOHK9Rgxe3m_2rnJvder_09RdX7gV1KLWbfLRHrSCuaYVW7iAT3Ntl_Cl4odvE7gfA-9ZMuIjlO3QjFX9Bu7oz6DBDWgKhGcrjWoQLPsy4N-ZWfRzA-NwiIWqz545KiUdQ4jKLBt-SFZEpdTOIc26zhH-ZtnIrwPGJ-6jncwhZXtKlwvNR2wjlxCO4sX71zbxrZyuzStIQzoxIqpyL_S98NG3hlKrv1_wZ2IPrPORAjljh0McrQKX-CoGIn9b7lQ3cYGxYpNFGhS3XzAr1teWMH7QOCmn5flM-56QpO2ZiS9ALIMxo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8777
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=C_7X7bsLWZMiXN4Wj-gaX6YLQDLyYx4ByuNeqwrER2tkeEAEgudvzJmCRBKAB5vDC7gLIAQmpAgcCFcmwXrI-4AIAqAMByANIqgT9AU_QSxSmNuhCxJhKu4KK2eUw4Z_Dhlh3SyU-ROY2...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222340548600409683319%22,%22debug_reporting%22:true,%22destination%22:%22https://artsvgopleiding.nl%22,%22event_report_windo...

0
0

98ms
51ms

Fetch
text/css

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222340548600409683319%22,%22debug_reporting%22:true,%22destination%22:%22https://artsvgopleiding.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22768653414%22],%224%22:[%2208-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210005516832762376641%22}&andc=true

Protocol

Server

142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:19 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"2340548600409683319","debug_reporting":true,"destination":"https://artsvgopleiding.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["768653414"],"4":["08-11"],"6":["true"]},"priority":"500","source_event_id":"10005516832762376641"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Aug 2023 23:21:19 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 11 Aug 2023 23:21:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2340548600409683319","debug_reporting":true,"destination":"https://artsvgopleiding.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["768653414"],"4":["08-11"],"6":["true"]},"priority":"500","source_event_id":"10005516832762376641"}&andc=true
access-control-allow-origin: https://5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 125ms
64ms Preflight
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=C_7X7bsLWZMiXN4Wj-gaX6YLQDLyYx4ByuNeqwrER2tkeEAEgudvzJmCRBKAB5vDC7gLIAQmpAgcCFcmwXrI-4AIAqAMByANIqgT9AU_QSxSmNuhCxJhKu4KK2eUw4Z_Dhlh3SyU-ROY2zeCQj-qk7MuoTi4ablbuVOTlqJo9bwT3_QLiHXCkK3z0On_un3kbuSnuWJ4sLW2oIGvevizov_gqeyhmHl3gD7RZJC8Yzpqv5prAqhaPoUgVueIlSN-goUIP5zRfM8H01aKEXgm0LMONNcShcoRP-LrLl6i1Xg_OYMkuNOcKUzONIRAJ4vN8lqM6ja8FQMBZqkH2qJefi8Y4Kv_xVYZg_LgLGU-WN0pQoVEPaiUaF4gz22499P2EY8hRYz2Ne6a7OYNuYw_3o7oloIraxa8cPdlHDMrct1YmZsmOsfGB-0TABK293o6qBOAEAaAGLoAHgo-9kQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD10g3SCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgkbaHR0cHM6Ly9hcnRzdmdvcGxlaWRpbmcubmwvgAoDyAsBogwIKgYKBMOwsQLYEwPQFQGAFwGyFx4KHAgAEhRwdWItNjczNjI1NjQ3MzIwMjczMxjkww4&sigh=lWmmk7SC6Xg&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJW-6eQS9Evp-XvFIWCkMlUQmmwKeAnKm1yE0nwjUuC6IPwm51D7pg_ulkUfKEp_RTByibhXuT2GAE&template_id=419&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 11 Aug 2023 23:21:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gDKveuiD6qzElJZQWCdHL_tXbW9wBzQNLi6nE-8m1ts.js Show response
pagead2.googlesyndication.com/bg/ Frame 61CE 38 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gDKveuiD6qzElJZQWCdHL_tXbW9wBzQNLi6nE-8m1ts.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8032af7ae883eaacc49496505827472ffb576d6f7007340d2e2ea713ef26d6db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 12:52:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 12:52:59 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 116ms
53ms Preflight
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 11 Aug 2023 23:21:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie Show response
cm.adform.net/ Frame 41C5 43 B
106 B 79ms
23ms Document
image/gif 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D60095c900c0799791c46d8d4%26biddername%3D46%26auid%3D1691796079601-972754985719-001231-004-009764%26key%3D%24UID
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Fri, 11 Aug 2023 23:21:19 GMT
server: nginx

GET
H2 204 /
onetag-sys.com/usync/ Frame 5957 0
0 73ms
21ms Document
text/plain 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=60095c900c0799791c46d8d4&gdpr=1&gdpr_consent=&us_privacy=1---

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK user-matching Show response
ads.stickyadstv.com/ Frame 120F 43 B
518 B 294ms
30ms Document
image/gif 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/user-matching?id=&_fw_gdpr=1&_fw_gdpr_consent=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Fri, 11 Aug 2023 23:21:20 GMT
Expires: Fri, 11 Aug 2023 23:21:20 GMT
Pragma: no-cache
Server: nginx
x-sticky-vk: 1691796079853074-355

GET
H/1.1 200
OK auto-user-sync Show response
ads.stickyadstv.com/ Frame BAD0 43 B
578 B 294ms
31ms Document
image/gif 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Fri, 11 Aug 2023 23:21:20 GMT
Expires: Fri, 11 Aug 2023 23:21:20 GMT
Pragma: no-cache
Server: nginx
x-sticky-vk: 1691796080059006-415

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame E454
Redirect Chain

https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1691796079601-972754985719-001231-004-009764&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%2...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=3&auid=1691796079601-972754985719-001231-004-009764&key=GDPR

0
194 B

96ms
96ms

Document
text/plain

3.93.205.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=3&auid=1691796079601-972754985719-001231-004-009764&key=GDPR
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.93.205.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-205-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 0
date: Fri, 11 Aug 2023 23:21:20 GMT

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: https://www1.ihdstreams.xyz/
age: 0
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 11 Aug 2023 23:21:20 GMT
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=3&auid=1691796079601-972754985719-001231-004-009764&key=GDPR
server: nginx
via: 1.1 varnish
x-varnish: 432245807

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame 7057
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D105%26auid%3D1691796079601-9727549857...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=105&auid=1691796079601-972754985719-001231-004-009764&key=&gdpr=1

0
189 B

371ms
99ms

Document
text/plain

3.93.205.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=105&auid=1691796079601-972754985719-001231-004-009764&key=&gdpr=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.93.205.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-205-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 0
date: Fri, 11 Aug 2023 23:21:20 GMT

Redirect headers

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Fri, 11 Aug 2023 23:21:19 GMT
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=105&auid=1691796079601-972754985719-001231-004-009764&key=&gdpr=1
server: envoy
x-envoy-upstream-service-time: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7076 15 KB
6 KB 79ms
32ms Document
text/html 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1691796079601-972754985719-001231-004-009764%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=89491
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Fri, 11 Aug 2023 23:21:19 GMT
expires: Sun, 13 Aug 2023 00:12:50 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58543/ Frame AA13 0
0 105ms
22ms Document
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 0
date: Fri, 11 Aug 2023 23:21:19 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.75
strict-transport-security: max-age=31536000

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame A670 0
0 56ms
14ms Document
text/plain 216.52.2.39
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D18%26auid%3D1691796079601-972754985719-001231-004-009764%26key%3D%24UID
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Fri, 11 Aug 2023 23:21:19 GMT
X-Sovrn-Pod: ad_ap7ams1

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C41D 15 KB
6 KB 62ms
20ms Document
text/html 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fpbs.aniview.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=89491
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Fri, 11 Aug 2023 23:21:19 GMT
expires: Sun, 13 Aug 2023 00:12:50 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 44D7
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

281 B
554 B

101ms
19ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 11 Aug 2023 23:21:19 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 11 Aug 2023 23:21:19 GMT
location: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server: AkamaiGHost

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame FCC9
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26au...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1691796079601-972754985719-001231-004-009764&key=OPTOUT

0
38 B

365ms
93ms

Document
text/plain

3.93.205.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1691796079601-972754985719-001231-004-009764&key=OPTOUT
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.93.205.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-205-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 0
date: Fri, 11 Aug 2023 23:21:20 GMT

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Fri, 11 Aug 2023 23:21:19 GMT
etag: OPTOUT
expires: 0
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1691796079601-972754985719-001231-004-009764&key=OPTOUT
pragma: no-cache

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame 3B04
Redirect Chain

https://csync.loopme.me/?pubid=11455&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D56%26auid%3D1691796079601-9...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1691796079601-972754985719-001231-004-009764&key=e6e61df0-4555-4fbd-b386-3772092982ff&gdpr_consent=nul...

0
241 B

340ms
97ms

Document
text/plain

3.93.205.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1691796079601-972754985719-001231-004-009764&key=e6e61df0-4555-4fbd-b386-3772092982ff&gdpr_consent=null&gdpr=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.93.205.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-205-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 0
date: Fri, 11 Aug 2023 23:21:20 GMT

Redirect headers

content-length: 0
date: Fri, 11 Aug 2023 23:21:19 GMT
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1691796079601-972754985719-001231-004-009764&key=e6e61df0-4555-4fbd-b386-3772092982ff&gdpr_consent=null&gdpr=1
server: _

GET /
us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif/ Frame 5F3F 0
0

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame 5410
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1691796079...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1691796079601-972754985719-001231-004-009764&key=Or0QuhCSCBl3&ev=1&us_privacy=1---&pid=562704

0
207 B

412ms
189ms

Document
text/plain

3.93.205.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1691796079601-972754985719-001231-004-009764&key=Or0QuhCSCBl3&ev=1&us_privacy=1---&pid=562704
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.93.205.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-205-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 0
date: Fri, 11 Aug 2023 23:21:20 GMT

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control: private, max-age=0, no-cache, no-store
content-language: nl-NL
cw-server: bh-deployment-6f79b8d6bf-pvccb
expires: -1
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1691796079601-972754985719-001231-004-009764&key=Or0QuhCSCBl3&ev=1&us_privacy=1---&pid=562704
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server: Jetty(10.0.14)
strict-transport-security: max-age=15768000

GET
H2 200 sync Show response
vid.vidoomy.com/ Frame 6EFC 49 KB
18 KB 130ms
36ms Document
text/html 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1691796079601-972754985719-001231-004-009764%26key%3D%7B%7BVID%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
date: Fri, 11 Aug 2023 23:21:19 GMT
etag: W/"64abbb76-c2af"
last-modified: Mon, 10 Jul 2023 08:04:06 GMT
server: CDN77-Turbo
vary: Accept-Encoding
x-77-cache: MISS
x-77-nzt: AcO1qhHLXmmh
x-77-nzt-ray: 4c156224c28e23b06fc2d664398a2e36
x-77-pop: frankfurtDE
x-cache: MISS

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame 5F89
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1691796079601-972754985719-...
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1691796079601-9727549...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1691796079601-972754985719-001231-004-009764&key=92846fa1-0877-4a56-8a01-688efdbab2d1

0
239 B

250ms
95ms

Document
text/plain

3.93.205.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1691796079601-972754985719-001231-004-009764&key=92846fa1-0877-4a56-8a01-688efdbab2d1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.93.205.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-205-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 0
date: Fri, 11 Aug 2023 23:21:20 GMT

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Fri, 11 Aug 2023 23:21:19 GMT
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1691796079601-972754985719-001231-004-009764&key=92846fa1-0877-4a56-8a01-688efdbab2d1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 match
dm.hybrid.ai/ Frame 70BB 0
0 171ms
55ms Document
text/plain 37.18.16.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dm.hybrid.ai/match?id=407&vid=1691796079601-972754985719-001231-004-009764&gdpr=1&gdpr_consent=&burl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D5e7b9048180bd02ded4b0937%26biddername%3D166%26auid%3D1691796079601-972754985719-001231-004-009764%26key%3D%24%7BVID%7D

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=632c3dff8e62a32fb323cd86

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.21 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www1.ihdstreams.xyz
cache-control: no-cache, no-store
date: Fri, 11 Aug 2023 23:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
pragma: no-cache
server: Hybrid Web Server
x-mode: 122
x-xss-protection: 1; mode=block

GET
H2 200 sync
x.bidswitch.net/ 43 B
146 B 251ms
19ms Image
image/gif 18.195.47.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=&user_id=1691796079601-972754985719-001231-004-009764&gdpr=1&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.47.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-47-22.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1691796079601-972754985719-001231-004-009764%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ 43 B
145 B 251ms
19ms Image
image/gif 18.195.47.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1691796079601-972754985719-001231-004-009764%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.47.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-47-22.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 31d54a4b841c0e438f13.woff
player.avplayer.com/script/8.3/v/assets/ 34 KB
35 KB 15ms
15ms Font
application/octet-stream 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/8.3/v/assets/31d54a4b841c0e438f13.woff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: 9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8

Request headers

Referer: https://www1.ihdstreams.xyz/
Origin: https://www1.ihdstreams.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:19 GMT
content-encoding: gzip
last-modified: Thu, 10 Aug 2023 13:35:01 GMT
etag: "1691674501"
x-hw: 1691796079.dop131.am5.t,1691796079.cds149.am5.hn,1691796079.cds154.am5.c
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 35197

POST
H/1.1 204
No Content multitracking Show response
ghb.aplhb.adipolo.com/adunit/ 0
230 B 18ms
18ms XHR
text/plain 185.239.173.226
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/kqqam/hbw_master_736354_16735.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.226 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www1.ihdstreams.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www1.ihdstreams.xyz
Date: Fri, 11 Aug 2023 23:21:19 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H/1.1 200
OK d3d3MS5paGRzdHJlYW1zLnh5eg== Show response
tcheck.outbrainimg.com/tcheck/check/ Frame EA68 16 B
464 B 117ms
32ms XHR
application/json 23.212.89.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3MS5paGRzdHJlYW1zLnh5eg==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-151.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 23:21:19 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=42049
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 9d3857870bf5979b58c515f9360a2759
Content-Length: 16
Expires: Sat, 12 Aug 2023 11:02:08 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ Frame EA68 43 B
371 B 68ms
21ms Image
image/gif 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www1.ihdstreams.xyz
URL: https://www1.ihdstreams.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Sun, 10 Sep 2023 23:21:19 GMT
date: Fri, 11 Aug 2023 23:21:19 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ Frame C611 43 B
371 B 57ms
19ms Image
image/gif 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Sun, 10 Sep 2023 23:21:19 GMT
date: Fri, 11 Aug 2023 23:21:19 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK d3d3MS5paGRzdHJlYW1zLnh5eg== Show response
tcheck.outbrainimg.com/tcheck/check/ Frame C611 16 B
464 B 100ms
33ms XHR
application/json 23.212.89.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3MS5paGRzdHJlYW1zLnh5eg==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-151.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 23:21:19 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=42067
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 9d3857870bf5979b58c515f9360a2759
Content-Length: 16
Expires: Sat, 12 Aug 2023 11:02:26 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame C41D 0
42 B 82ms
21ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=58806811&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fpbs.aniview.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:20 GMT
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C611 0
0 66ms
66ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvs1KpYL4OQ6e1pnjiTMUsep9syLk0OLisaVle-_wuqcd_raLwVr8R-WwRgF6sF5VplP5zt5I2dWe6L3nOJQv9cXWGb7u2cFE3U_CM927dvczI18IblpGpgnq0EzIhKN9zhYuCIaZjFej-Ao3OoJHEcUTIM1hYtuEIXOH22eGWUaxl0DJjoB8vL2SMkvdBYjE56MyjLVtivIcTPhfjcVhPjo5x8KptKOn9zWiX47tSojCrkVbobKhhkdGs5AReAav4d_w9O9Yj0ElUh2fqbh4jBFjagpi4emP_1Vp7ujeJJfrE129NrkhpRpf0fBGylGIJ_vxuIZLEPFY6Wiru4jwW7f-c&sai=AMfl-YQWYOHFxpcFnffNbW9DQlq0Embb6CFkwF2TvkacCNNRcf7MhUW5D61gqt-NjLkgIRG4VCdZVmTg3YWKsTRKdDHpbwa9hhokVMcKUWJw76-IrBwke2wktNglyJmaqQ&sig=Cg0ArKJSzAC9mXwmN1YuEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Aug 2023 23:21:20 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EA68 0
0 68ms
68ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvn5NuP7B2PMbsVC87RzojJ4QV1YlUQS_5z3E49ouajffUz3qEyYBVnx4tcwuUYbg4VTJEOfbDrpRjYiqD23oVkxOBFtXg97h658UBt6iKreghrs3TutpmbM73QBepgFWq5IPZtCKOQ1CQhCYH13dBiyRI2mYQSiwkvP21STu0Qk4CDgvVpmSxWnH69a-onuT7JhYlyIKquT3pa217dQY44jFXlz6iSQbdhPKSGlFG1DjMGp7DD8Mi39zJZC6tZpGw5VXQW4GCvVwqzmzQGqHngrLxf1k25FuzJ0-n6UNlCXv5j-PbiSGk0c5zsDtDviSetJhIKFGA4hnRir3ZC&sai=AMfl-YR_QppzIoNzGC7TFruLzO0n5mf7c9mUAX_o7EWbvQVNXAKZJNrFf-XGPnA03DzysZuqNXWEugk2Pwk6ptDHOYaw2ePeaT74xHgnbSn1Gy36_macAFRfXz0-b21JWQ&sig=Cg0ArKJSzMGRFdPxlik0EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Aug 2023 23:21:20 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 44D7 34 KB
10 KB 34ms
34ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 262a814d45ee12134111792833bce9d8e29983a7ff1f400442cf2d3b8d9702b3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 23:21:19 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Aug 2023 13:19:35 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=50245
Connection: keep-alive
Content-Length: 10115
Expires: Sat, 12 Aug 2023 13:18:44 GMT

GET
H2 200 platforms Show response
odb.outbrain.com/utils/ Frame EA68 4 KB
2 KB 243ms
177ms Script
text/javascript 146.75.122.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&idx=0&rand=35200&widgetJSId=AR_11&va=true&et=true&format=html&px=0&py=0&vpd=0&cw=300&settings=true&recs=true&key=ADIPO26N995I7C97HCI1JF7FG&adblck=false&abwl=false&ab=0&wl=0&umv=0&activeTab=true&version=2010411&sig=XaGilCXd&apv=false&osLang=en-US&winW=300&winH=600&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&chs=1&ref=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ogn=https%3A%2F%2Fwww1.ihdstreams.xyz%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e9face37d2b577b02ecf517f7c6da54a9ac2b44bc980e3b59c2a8f320d5cea29

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 11 Aug 2023 23:21:20 GMT
content-encoding: br
via: 1.1 varnish
traffic-path: NLDC1, FRA, Europe3
x-timer: S1691796080.105163,VS0,VE158
vary: Accept-Encoding, User-Agent
x-cache: MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-fra-etou8220083-FRA
x-traceid: 2209cf79c65f61229fefc2fd3befc5bf
accept-ranges: bytes
content-length: 1896
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 platforms Show response
odb.outbrain.com/utils/ Frame C611 4 KB
2 KB 530ms
467ms Script
text/javascript 146.75.122.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&idx=0&rand=81985&widgetJSId=AR_10&va=true&et=true&format=html&px=0&py=0&vpd=0&cw=300&settings=true&recs=true&key=ADIPO26N995I7C97HCI1JF7FG&adblck=false&abwl=false&ab=0&wl=0&umv=0&activeTab=true&version=2010411&sig=nBrOl9G5&apv=false&osLang=en-US&winW=300&winH=250&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&chs=1&ref=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&ogn=https%3A%2F%2Fwww1.ihdstreams.xyz%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e21e8997413faa4bb03450f36b357e249feb3fbd50b40553624b9f557385d563

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 11 Aug 2023 23:21:20 GMT
content-encoding: br
via: 1.1 varnish
traffic-path: NLDC1, FRA, Europe3
x-timer: S1691796080.105490,VS0,VE448
vary: Accept-Encoding, User-Agent
x-cache: MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-fra-etou8220083-FRA
x-traceid: 71afa20edda0897c0d3fac4f39cf7182
accept-ranges: bytes
content-length: 1848
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 44D7 284 B
536 B 239ms
21ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 urlsvid.json Show response
vpaid.vidoomy.com/sync/ Frame 6EFC 1 KB
840 B 216ms
18ms XHR
application/json 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1691796079601-972754985719-001231-004-009764%26key%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 11 Aug 2023 23:21:20 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 746178
x-accel-date: 1691049902
x-77-nzt: AcO1rye8fWP/wmILAA
x-accel-expires: @1692086702
last-modified: Mon, 10 Jul 2023 08:02:46 GMT
server: CDN77-Turbo
etag: W/"64abbb26-479"
x-77-nzt-ray: 25b02131fd0c8f7570c2d664fa635410
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://vid.vidoomy.com
access-control-allow-credentials: true

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 383 B
165 B 217ms
216ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=492482791209303&correlator=4021173358515281&eid=31076923&output=ldjh&gdfp_req=1&vrg=202308030102&ptt=17&impl=fifs&iu_parts=7047%3A22821132256%2Capl%2Caplmcm7047%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=7&didk=1487574659&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D373969b1e9d96626%3AT%3D1691796078%3ART%3D1691796078%3AS%3DALNI_MaYhuWP4HM0dK9u1o6T7Bwl85Jc6A&gpic=UID%3D00000c5f7e61a8d6%3AT%3D1691796078%3ART%3D1691796078%3AS%3DALNI_MaBAhHQdQ6VykJUVCcwIFoGBheSLw&abxe=1&dt=1691796080103&lmt=1691788880&adxs=436&adys=1219&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=728&psts=AOrYGskpAjLe6IHXxzvJ9nB0drPYe1KA-mBx6eaZKG4V3mWT_LI1CdTlmIlx7-ebhIdsWbzfTgcfTw_qSOgEUssLjQWJuyE%2CAOrYGslvqSZPrUqc54rj7UkortYvgCwdLX6Jg41hp696uRblm5s4_C-Uun-NqQvXTCHcw41Lpn_JkRgraxAFzWQpTOHcjCU%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGskojd0TJIXtLpW9GX8NEc4YMKG_ld42nPNFa0wl4Xc6%2CAOrYGsmFihiWPvSxETRgGBRENfOyrmDFk4R-ZF0fuHESPHZ_&ga_vid=2103354105.1691796078&ga_sid=1691796078&ga_hid=136762602&ga_fc=false&dlt=1691796076442&idt=1912&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26excl_cat%3DPREPOST&adks=2644333949

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1c9beb007b8f05ca95c1e3004fa70d7dd75f0f6e7621678d70429b10be3ac7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:20 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www1.ihdstreams.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK l Show response
mcdp-nldc1.outbrain.com/ Frame EA68 2 B
356 B 81ms
16ms Fetch
text/plain 20.13.96.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nldc1.outbrain.com/l?token=212ede1e469359a0942a56288d24df7c_119225_1691796080253&tm=384&eT=6&wRV=2010411&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 23:21:20 GMT
content-encoding: br
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: c99372ece57cb321988be46e32acb232
Content-Length: 6

GET
H2 200 monitor.html Show response
widgets.outbrain.com/widgetMonitor/ Frame F5B0 4 KB
2 KB 32ms
31ms Document
text/html 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 1606
content-type: text/html
date: Fri, 11 Aug 2023 23:21:20 GMT
etag: "1295e69d949ede7964200763acaebc50:1679841729.42395"
expires: Fri, 18 Aug 2023 23:21:20 GMT
last-modified: Sun, 26 Mar 2023 14:35:45 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2

200

dspsync Show response
vid.vidoomy.com/ Frame FE2E
Redirect Chain

https://creativecdn.com/cm-notify?pi=vidoomy
https://creativecdn.com/cm-notify?pi=vidoomy&tc=1
https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=z8Ym7elwwjltiBNbxzib&pi=vidoomy&tc=1

37 KB
15 KB

256ms
255ms

Document
text/html

2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=z8Ym7elwwjltiBNbxzib&pi=vidoomy&tc=1
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1691796079601-972754985719-001231-004-009764%26key%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 374018aee649958e1ae4a55f5c4c7adad1d84334c8d4ea6805f10f152734de1e

Request headers

Referer: https://vid.vidoomy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
date: Fri, 11 Aug 2023 23:21:20 GMT
etag: W/"621c89af-93db"
last-modified: Mon, 28 Feb 2022 08:37:03 GMT
server: CDN77-Turbo
vary: Accept-Encoding
x-77-cache: MISS
x-77-nzt: AcO1qhEQ+56h
x-77-nzt-ray: 4c156224c28e23b070c2d664e8f53e17
x-77-pop: frankfurtDE
x-cache: MISS

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Fri, 11 Aug 2023 23:21:20 GMT Fri, 11 Aug 2023 23:21:20 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=z8Ym7elwwjltiBNbxzib&pi=vidoomy&tc=1
pragma: no-cache

GET
H2 200 sync
x.bidswitch.net/ Frame 6EFC 43 B
145 B 19ms
19ms Image
image/gif 18.195.47.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.47.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-47-22.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 6EFC 0
239 B 90ms
20ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=1&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 44D7 0
239 B 407ms
94ms Image
image/gif 8.43.72.98

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e1bf03b8e0c0366715a8d9abd31b9f35
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 44D7 0
214 B 23ms
21ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=36584
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 44D7 70 B
265 B 103ms
31ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 11 Aug 2023 23:21:20 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 44D7 0
214 B 43ms
21ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=25470
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 44D7
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

170 B
409 B

95ms
30ms

Image
image/png

142.250.74.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

Protocol

Server

142.250.74.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 23:21:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 44D7
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=ebffb854-8dd8-4ddc-8d6e-79199f09d8f8

0
239 B

20ms
20ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=ebffb854-8dd8-4ddc-8d6e-79199f09d8f8
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 11 Aug 2023 23:21:19 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=ebffb854-8dd8-4ddc-8d6e-79199f09d8f8
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 684881
content-length: 0
expires: Fri, 11 Aug 2023 00:00:00 GMT

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 44D7 0
98 B 71ms
18ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:21:20 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 44D7 0
214 B 78ms
20ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=6404
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET sn.ashx
rbp.mxptint.net/ Frame 44D7 0
0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8777 42 B
174 B 65ms
63ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1pMDnZoyUfWbh2LOHzC9ltvEasz47WFtm47wn2ah66OSK5c4HzwMuqyWwvGhj-IjCrpKzc1qSP38Ta1q7oloP7_wn7z2JAH7oJydbNhyIyVuzA3fxM0WGvJcbtHnnGkY2h_IoaxgXjdSkytWPIoQ0pC1NITOOTlobo-OJanHT5lXJMX-SC7lv7MOr1Hkl9zm3jrQyY8W6Ix_KaF5Avd_rTVySpbgMZOKmLD1lxVm4PltCtSTPsPJWDHzlZu4a65fgnAdNYof2AtmMPyrbXUnN0BThAvfsyiojaPaaynWM9-Gw3XiNI5Sq01cThwL7zd7DSubYddKgMnbEBIFjSpAwBWTI641buYUTL6OqN4zcfv8gcGwY1OVQ9zYqZsv4gQ9In6LxaCmqo6p6WrEgCnlhl4FjusD2T9aEar6UXRYJF5L_46sO-0hbXMgmoE9ca7sDjqjG5LZt0_dvEBrPqkk5NxWdzASDjyOIIKPGlV_71q8jWvF44u6u1t1hH8g0YCf5eEDh-gsj_uzqMP8ny2Ty5N7GJdKSFm1crP1WPe8qN9FPaEb11P3tFox_d7LDjGNyRUTyKqzVYTaisLIq-yDlj9Bpx66IhC6tghQbgLTfbEfb3q1rFaKG0v3v8KWtnbyiJdif6rDYVQnytUiBoJGJddhUX0RsNKO3Op3Oz2V3nZ77KhVx9A-arFhxNzGG4rZvGU_Wmlnkx9klKtQL70NsjERbIFoEPpMdI3PCh5Jppf_KYCRlWKJJGgBv5m_nth5V6u-ipb3wgeVOVPWcaZmNaGeQ9-cmmlAVLUYcLQX4gcsbfcmMw5dOSNHzQAJEj2zHrQAyukk2wWS0vwc2QXL9AayOrEZmXS46lNe2Bwae2KZ24gVW30LRL8iTLpLRa2UmqYO3ZXMiTiGVXrYx8XndxLGXjEfJ7IjQgFaApEM0dl6v9GjQKU5ZGyePogBlb3D-kaI6AZuy-DdeIs_Z0GVwyqtd35fnM7HDMOZ57YW_iWab1SLq3JBtl4x521Qr_lSQ7eTYtV-pICCuOMYDXu3A6ZUpXeolVRjqXlmMISN_46a5N8pioQaeyiC46eKwHY113AwTzQs7AZqAeFOOvLWzUceNoSu9RJ0k1ve2Xjg6Pd4yVYE&sai=AMfl-YQKZwVqJPeiZsOIoj3mURRjuRANLqdiVbqBjCU0giAnbP4P6gHsDWm7VwXklUzzhkMTeqwhXnS-GJbbs1vuXuMwpdwAxrnqkVZglUWGZWsjGvnDwfq4TjyutY2NNaGGfM8IE2oN7dWX&sig=Cg0ArKJSzMocwSnk-QtqEAE&cid=CAQSOwBpAlJW-6eQS9Evp-XvFIWCkMlUQmmwKeAnKm1yE0nwjUuC6IPwm51D7pg_ulkUfKEp_RTByibhXuT2GAE&id=lidar2&mcvt=1006&p=163,165,253,893&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3228686164&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691796079219&rpt=187&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 23:21:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK l Show response
mcdp-nldc1.outbrain.com/ Frame C611 2 B
356 B 15ms
15ms Fetch
text/plain 20.13.96.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nldc1.outbrain.com/l?token=25dc73280f0a51938466118ae933167a_119225_1691796080544&tm=655&eT=6&wRV=2010411&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 23:21:20 GMT
content-encoding: br
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: e81bfead02ee82abb2cf3d2bcb8a3318
Content-Length: 6

GET
H2 200 monitor.html Show response
widgets.outbrain.com/widgetMonitor/ Frame BA8F 4 KB
2 KB 23ms
22ms Document
text/html 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Referer: https://www1.ihdstreams.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 1606
content-type: text/html
date: Fri, 11 Aug 2023 23:21:20 GMT
etag: "1295e69d949ede7964200763acaebc50:1679841729.42395"
expires: Fri, 18 Aug 2023 23:21:20 GMT
last-modified: Sun, 26 Mar 2023 14:35:45 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H/1.1 204
No Content pbscookie Show response
p.vidoomy.com/api/rtbserver/ Frame FE2E 0
365 B 442ms
122ms XHR
text/plain 212.36.83.245

General

Check archive.org

Show headers Download Go to

Full URL: https://p.vidoomy.com/api/rtbserver/pbscookie?dspid=RTBH&uid=z8Ym7elwwjltiBNbxzib&vid=e082edceb7d7f9e477e6a8ebbeb83cd0
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=z8Ym7elwwjltiBNbxzib&pi=vidoomy&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.245 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 23:21:21 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://vid.vidoomy.com
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C611 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbdluoOt8NFZmRYLaQK-I0Ez5uWSw6cM_T0km0cM1dqUN7jT7iAOdjNOG25T5WIRx013FN9CT4_bxH3ioxFq5UxHzB9DXrR565zuLJGjIlT8YmW_rt&sig=Cg0ArKJSzDK5XPRCCsMaEAE&id=lidar2&mcvt=1000&p=571,1169,821,1469&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230809&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1535134855&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691796079190&rpt=780&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 23:21:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EA68 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssYnCenBmoE1PSCgLGM-Q3VLm7CimQZ9IHM9xu2xFTfXicYU8KJfoQV2EoNgqmqFwC8PM1T9fvZFGJEEv8UrvvUu4ayAQFnpQIR68_hteduzJV5WDPV&sig=Cg0ArKJSzD2TFp6BzXxSEAE&id=lidar2&mcvt=1002&p=861,1169,1461,1469&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&v=20230809&bin=7&avms=nio&bs=1600,1200&mc=0.56&vu=1&app=0&itpl=19&adk=2270408103&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691796079130&rpt=845&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www1.ihdstreams.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 23:21:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.aplhb.adipolo.com/adunit/ 0
230 B 18ms
18ms XHR
text/plain 185.239.173.226
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/kqqam/hbw_master_736354_16735.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.226 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www1.ihdstreams.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www1.ihdstreams.xyz
Date: Fri, 11 Aug 2023 23:21:20 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET ads
securepubads.g.doubleclick.net/gampad/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif
URL: https://us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif/?gdpr=1&gdpr_consent=&us_privacy=1---&coppa=0&puid=1691796079601-972754985719-001231-004-009764&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D57%26auid%3D1691796079601-972754985719-001231-004-009764%26key%3D%24%7BUID%7D

Domain: rbp.mxptint.net
URL: https://rbp.mxptint.net/sn.ashx

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=492482791209303&correlator=2070258524885157&eid=31076923&output=ldjh&gdfp_req=1&vrg=202308030102&ptt=17&impl=fifs&iu_parts=7047%3A22821132256%2Capl%2Caplmcm7047%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=8&didk=1817673143&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D373969b1e9d96626%3AT%3D1691796078%3ART%3D1691796078%3AS%3DALNI_MaYhuWP4HM0dK9u1o6T7Bwl85Jc6A&gpic=UID%3D00000c5f7e61a8d6%3AT%3D1691796078%3ART%3D1691796078%3AS%3DALNI_MaBAhHQdQ6VykJUVCcwIFoGBheSLw&abxe=1&dt=1691796081858&lmt=1691788881&adxs=436&adys=1309&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww1.ihdstreams.xyz%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=644&ohw=728&psts=AOrYGskpAjLe6IHXxzvJ9nB0drPYe1KA-mBx6eaZKG4V3mWT_LI1CdTlmIlx7-ebhIdsWbzfTgcfTw_qSOgEUssLjQWJuyE%2CAOrYGslvqSZPrUqc54rj7UkortYvgCwdLX6Jg41hp696uRblm5s4_C-Uun-NqQvXTCHcw41Lpn_JkRgraxAFzWQpTOHcjCU%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGskojd0TJIXtLpW9GX8NEc4YMKG_ld42nPNFa0wl4Xc6%2CAOrYGsmFihiWPvSxETRgGBRENfOyrmDFk4R-ZF0fuHESPHZ_%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=2103354105.1691796078&ga_sid=1691796078&ga_hid=136762602&ga_fc=false&dlt=1691796076442&idt=1912&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26excl_cat%3DPREPOST&adks=2787720100

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www1.ihdstreams.xyz/	1970-01-20 22:42:12	Name: HstCfa2633223 Value: 1691796078114
www1.ihdstreams.xyz/	1970-01-20 22:42:12	Name: HstCla2633223 Value: 1691796078114
www1.ihdstreams.xyz/	1970-01-20 22:42:12	Name: HstCmu2633223 Value: 1691796078114
www1.ihdstreams.xyz/	1970-01-20 22:42:12	Name: HstPn2633223 Value: 1
www1.ihdstreams.xyz/	1970-01-20 22:42:12	Name: HstPt2633223 Value: 1
www1.ihdstreams.xyz/	1970-01-20 22:42:12	Name: HstCnv2633223 Value: 1
www1.ihdstreams.xyz/	1970-01-20 22:42:12	Name: HstCns2633223 Value: 1
www1.ihdstreams.xyz/	1970-01-20 14:39:48	Name: _pbjs_userid_consent_data Value: 3524755945110770
.ihdstreams.xyz/	1970-01-20 22:42:12	Name: _pubcid Value: 30481760-bd70-4e4d-9552-96c6571467e2
.ihdstreams.xyz/	1970-01-20 13:56:36	Name: lotame_domain_check Value: ihdstreams.xyz
.criteo.com/	1970-01-20 23:18:12	Name: uid Value: ebffb854-8dd8-4ddc-8d6e-79199f09d8f8
.ihdstreams.xyz/	1970-01-20 23:18:12	Name: __gads Value: ID=373969b1e9d96626:T=1691796078:RT=1691796078:S=ALNI_MaYhuWP4HM0dK9u1o6T7Bwl85Jc6A
.ihdstreams.xyz/	1970-01-20 23:18:12	Name: __gpi Value: UID=00000c5f7e61a8d6:T=1691796078:RT=1691796078:S=ALNI_MaBAhHQdQ6VykJUVCcwIFoGBheSLw
.ihdstreams.xyz/	1970-01-20 23:18:12	Name: cto_bundle Value: MCvj7l95UU1VOEtsejJvU0kwb20xSDJhTlMwMmdRRW0yc2VKWU10aWRkeEpnY0FEM1c2JTJGTUdRNWltVSUyQkFKMHhQNVMyWnlkanBRbmY4ZjMzb0RqUE01TGpHdDd2JTJGNnRSdjZJcHNlRmpucnVjTnk2ZVpIZmFrSHlZQXdZTnN1cjROMmpraUFmNE5oYTlnYXd4dmlDRVhvRllQJTJCUSUzRCUzRA
.doubleclick.net/	1970-01-20 23:18:12	Name: IDE Value: AHWqTUkO8e-O7P3C-FtoNGXHXLvBtfr9-fCPXmLjuLvSA19_mR15t7SXoq3Sjg8klqs
.doubleclick.net/	1970-01-20 13:56:39	Name: DSID Value: NO_DATA
.modoro360.com/	1970-01-20 14:25:24	Name: aniC Value: 1691796079601-972754985719-001231-004-009764
.googleadservices.com/	1970-01-20 16:06:12	Name: ar_debug Value: 1
.csync.loopme.me/	1970-01-20 16:09:04	Name: viewer_token Value: e6e61df0-4555-4fbd-b386-3772092982ff
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 263f6e87748633ea
.360yield.com/	1970-01-20 16:06:12	Name: tuuid Value: 92846fa1-0877-4a56-8a01-688efdbab2d1
.360yield.com/	1970-01-20 16:06:12	Name: tuuid_lu Value: 1691796079
.ads.pubmatic.com/	1970-01-20 13:58:02	Name: KCCH Value: YES
.technoratimedia.com/	1970-01-20 23:32:36	Name: tads_uid Value: GDPR
.modoro360.com/	1970-01-20 14:11:00	Name: 1_C_22 Value: 92846fa1-0877-4a56-8a01-688efdbab2d1
servs.modoro360.com/	1970-01-20 14:11:00	Name: 1_C_22 Value: 92846fa1-0877-4a56-8a01-688efdbab2d1
.modoro360.com/	1970-01-20 14:11:00	Name: 1_C_56 Value: e6e61df0-4555-4fbd-b386-3772092982ff
servs.modoro360.com/	1970-01-20 14:11:00	Name: 1_C_56 Value: e6e61df0-4555-4fbd-b386-3772092982ff
.modoro360.com/	1970-01-20 14:11:00	Name: 1_C_105 Value:
servs.modoro360.com/	1970-01-20 14:11:00	Name: 1_C_105 Value:
.modoro360.com/	1970-01-20 14:11:00	Name: 1_C_3 Value: GDPR
servs.modoro360.com/	1970-01-20 14:11:00	Name: 1_C_3 Value: GDPR
.modoro360.com/	1970-01-20 14:11:00	Name: 1_C_10 Value: Or0QuhCSCBl3
servs.modoro360.com/	1970-01-20 14:11:00	Name: 1_C_10 Value: Or0QuhCSCBl3
.creativecdn.com/	1970-01-20 22:42:12	Name: u Value: z8Ym7elwwjltiBNbxzib
.creativecdn.com/	1970-01-20 22:42:12	Name: ts Value: 1691796080

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.profitabledisplaynetwork.com/3ca0f619c604ae8a19b9799a144e8ee5/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://www.effectivecreativeformat.com/0154b07ef3e758a91da6b0cd107ed2d2/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	error	URL: https://5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/12750572431565262900/index.html".
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://rbp.mxptint.net/sn.ashx Message: Failed to load resource: net::ERR_CONNECTION_REFUSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5eae35412932bf64c974def5104bf9db.safeframe.googlesyndication.com
ad.360yield.com
adipolo.com
ads.pubmatic.com
ads.stickyadstv.com
ap.lijit.com
bcp.crwdcntrl.net
bh.contextweb.com
buttons-config.sharethis.com
cdn-ima.33across.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.adform.net
cm.g.doubleclick.net
content1.avplayer.com
count-server.sharethis.com
creativecdn.com
csync.loopme.me
dis.criteo.com
dm.hybrid.ai
eus.rubiconproject.com
feed.avplayer.com
fonts.googleapis.com
fonts.gstatic.com
ghb.aplhb.adipolo.com
googleads.g.doubleclick.net
gum.criteo.com
hd.ihdstreams.xyz
id.rlcdn.com
id5-sync.com
image6.pubmatic.com
invstatic101.creativecdn.com
jscdn.greeter.me
l.sharethis.com
match.adsrvr.org
mcdp-nldc1.outbrain.com
mug.criteo.com
odb.outbrain.com
onetag-sys.com
p.vidoomy.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
platform-api.sharethis.com
platform-cdn.sharethis.com
player.adtelligent.com
player.aniview.com
player.aplhb.adipolo.com
player.avplayer.com
prebid.a-mo.net
rbp.mxptint.net
s10.histats.com
s4.histats.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
serv.modoro360.com
servs.modoro360.com
servt.modoro360.com
static.criteo.net
storage.de.cloud.ovh.net
sync.1rx.io
sync.technoratimedia.com
tags.crwdcntrl.net
tcheck.outbrainimg.com
tg1.modoro360.com
token.rubiconproject.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif
vid.vidoomy.com
vpaid.vidoomy.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.effectivecreativeformat.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.profitabledisplaynetwork.com
www1.ihdstreams.xyz
x.bidswitch.net
rbp.mxptint.net
securepubads.g.doubleclick.net
us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif
104.18.24.112
13.32.121.126
141.95.4.196
141.95.98.64
142.250.184.194
142.250.74.194
145.40.97.66
146.75.122.132
149.56.240.132
173.233.137.36
178.250.7.11
178.250.7.13
18.195.47.22
18.196.51.27
184.30.16.195
184.30.17.67
185.184.8.90
185.239.173.226
185.64.190.78
193.108.153.18
20.13.96.71
205.185.216.10
208.93.169.131
212.36.83.245
216.52.2.39
23.212.89.151
23.56.202.187
2600:9000:218f:ca00:1d:85c3:6640:93a1
2600:9000:2250:5000:a:e047:753:6381
2600:9000:25e8:8200:c:abe:f440:93a1
2603:c020:400d:3000:f50:982a:7877:65bd
2606:4700:10::6814:41d
2606:4700:10::6816:3456
2606:4700::6810:5814
2a00:1450:4001:806::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a02:2638:3::c
2a02:2638:d::2
2a02:26f0:3500:c::5c7b:682b
2a02:26f0:480:7b5::2c79
2a02:6ea0:c700::11
2a02:6ea0:c700::19
2a06:98c1:3120::3
2a06:98c1:3121::3
3.211.28.187
3.229.139.253
3.71.149.231
3.93.205.133
34.241.170.80
34.96.70.87
35.214.179.14
35.244.174.68
37.157.6.243
37.18.16.21
45.133.44.3
46.228.174.117
51.38.120.206
52.212.215.149
52.222.169.46
52.223.40.198
65.9.66.97
69.16.175.10
69.16.175.42
69.173.144.138
8.43.72.98
95.101.149.233
014dcfbdf6e82994135e5be2118bf2d10c251276febc2e7938207c8581bf7828
06631c912d2df079842f68e549cadc9bcc6d2b23b450f23cbca3d9227a708b7c
0b4bb74c7f550162d688cef16db8298a8b697ed71082729828f0bfc3b6bbe4dd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
112d4cc7dd3dd5b1e0139a85832ceb2156ee2f7638f7f4a6daf4abdfd77e9208
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
16e4ee38453e79625c723d0c72fd0e2e250d9e8816f74ccd7583c6d291187be9
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
1dcb7da38d699199d71093f74b560330bcd69a99f19e70c7f5543f3ea4b19811
21d37f9066429269a82775b7e6c0f1322f99d5fb928f07aefdee839a4bd14cab
2319dbc0d652282694fa0847f099ecb17e4dca70baadde117a227a22e188860f
262a814d45ee12134111792833bce9d8e29983a7ff1f400442cf2d3b8d9702b3
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29828638d01d73bfd6bd1ff7c87772facd6910124912ebae7e0ac6429f347196
2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fbce96820517a6b2a0ea6a8cc4243fa06fbf3c26a05318727f8ffeca27fe0d7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3415d1f3f46175bc47b0e1055fc044b0ca4743150abbdfb8ff2029b80029f36c
36869b764419e90773fbf0fe24d43526bd93253313b6ed449031bebca9553a0b
374018aee649958e1ae4a55f5c4c7adad1d84334c8d4ea6805f10f152734de1e
37c756549498046fbb71b81bc30d38666e9e7ae15d512d9ef1712be1fd3c35e4
382f98ee9c7df50ab64c0a9b6973cd902eaf31198b4241f38bea7fac68d2f04d
3a8fbe31a090147ec2c0cfafd8e816a3635d9dd7c42cc4ea6de09c9da19603b2
3c49942d851969cee2ed7c9d24370dfa247d7507c35af5218f2b47464eb14b2c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768
53e4b49a9d28bec768620b1e6306d8f3efcf6f63f76e44dc103a13fd44117a8b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
59848ac7fa952227246d55a015096752802cb43ca29d530e1309f770ee54ab7b
5b6fc8e3bb8719e95688185f95b7ec236b8a2f764fd5ffd37ee8b3e0ddee17ad
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ecb24c3ab134ea5eed35478984adb84b62bd1c45a500ef83252ce40f01165c
64ffd4b2224c9e2a0f2193cf1d37239572a67ce9d2bf3d97c58d6939139af61b
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
67294dcc366e27300f2dbcad1378442779ea0ea230ac7a561853b0f262720a81
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
79b8ff3ad5affc11c25c059cbf80cf6fc6b9cc6c10693f70a6b613c36fdaa214
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
8032af7ae883eaacc49496505827472ffb576d6f7007340d2e2ea713ef26d6db
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
8511af2c0e0f877701ecceabdb9833984f9e4539d05196c05dfd78251dc55a1b
855350f90136950691eae399a0be7bb465e8329f03f669e2830f2bf404fe3964
8d36627397605b9d5bfd8431f6f2487d4ca67ba288925eb7df468a11e3269bf6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f5ba267e4a28eeeeb5f692e2f89a08cb2d87be40ca4aca4a622c375939578fb
917737020d09defe47fd50dbb857c95126686ed140b6440fb52ad99f4b279fcf
91b8dc0d4eb319cd1fe63f36e9468e9df949d6123808ff0a365d4a1b45bb7332
921f41020b54349b6a4dddaef2dff2c08c83751f39e101e4ee17d99755bcfe83
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
93869e8b2d1e14b9a6be5dcee1ab87f9da79b31d1c334b1a5038006c01ac94fe
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94250774030be67093bb2b17844ecb5c73f9fd12afcdaca0fee1f279f709d32a
96d4232bf99fe635311418e7b4ed053381427c805bbf8075aa9b000bad3a0365
9757415edc6793a3544240a995b7f19f49c96bacf8d6ae41b2657d9f7bac1be7
9878d1285a11a114a01a05babdb3575af431ce969eb458c603501044309513e3
9953f046235e5dff6ad5d40a6ee2927f53de1ab7c0a6e061e0551e69e9acddc4
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8
9f66145fbaf681859fb04fc4cdedf358806d85dd27355199545b97db90d48829
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ca74ef74490c6a0349e717b12cebcbbd0c9836029136a4d89a513a6adad188
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
a36334acb444f8a3ffd4cd1bcb413d8ddb32b0481ed053ee727e54c31c86ef2b
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
ad5bafb6f32e1399954a27804ccf6332bac310de57714bd50e04d053ecd4676b
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
babfdd8d96853154749421058a8b281d3fa13dc64df98d8e57c477c7c56e41a4
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c5351433802de0a018489e9d88892c937b66541c493b4e12578f16ed072f0a4d
c542012c84c6c9b8b31b62c0919d8c76fe2ceb18c8721646cb57f382f38d3020
c7b335cd4f99f54a92a1d88d6548647d52d94a3ceaafd5b36fd1d0a88b63897e
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce0be6d6f8bdde5a9c0deb06ee1a55257dd07455498b32dbcd276cb5e7e279f6
cecdb772902480238ed72f56e63233f74af64e5db96706a47d8d40363e6f6332
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d9d3aafa45dd6f7d6ff0a91322dd8dd8027bba47b56dbbd79ef27c4785dc54c5
dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba
e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2
e1c9beb007b8f05ca95c1e3004fa70d7dd75f0f6e7621678d70429b10be3ac7a
e21e8997413faa4bb03450f36b357e249feb3fbd50b40553624b9f557385d563
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4558415f627880263b408b58c30f1c9ae4765038c86beaf568d9c067b79c936
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f
e8c0e8b74bbc0d90fc5afd8fe1683c35da5d65f6b39262550d1ab5452f895fc7
e9face37d2b577b02ecf517f7c6da54a9ac2b44bc980e3b59c2a8f320d5cea29
ea49c90fa2220097f445c6d79f394938c1a87b109c2656f9229f97b0f45d936b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4e851bde18d7fc0111215f4d6a622bc9f648b0b96700b2e98a67c2cd633799
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
f077127558b72bd4739d48a7b877027cfed9391fda12c43643e3652a90cf1a44
f25ac32bf1c2e9d888b5e687d4c60d717af67e9904cb7054d00d4afad2c4bf38
f49eea6f514decdc9bd692ef59c01a791fae49eaa3fa6f4234d0735b7bf9c015
f9ae233e8c3c3cf459ffa8b7ae75983cf1ca35bf6eb21468716423cb30475d51
fa1e4e3a15f57d72eb1d0b8b08f2f6e7dc7d4d3603e4c563e6e06948bd659a1b
faeb6d012c1f08d0a2ea575791d66217350de87228460610fbd80a0ee85aca88
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8
fb3002298698837bc545779a7e6896e272da69042d1ef8b7ccf734432993dfaf
fca03541a50907237eb1c1872eed044c5a98c6049e9f6064419e08e9cc82af6c
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

www1.ihdstreams.xyz Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

170 Requests

95 %HTTPS

32 %IPv6

49 Domains

81 Subdomains

64 IPs

10 Countries

1790 kBTransfer

4976 kBSize

36 Cookies

3 Outgoing links

Page URL History

Redirected requests

170 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www1.ihdstreams.xyz Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

170
Requests

95 %
HTTPS

32 %
IPv6

49
Domains

81
Subdomains

64
IPs

10
Countries

1790 kB
Transfer

4976 kB
Size

36
Cookies

170 HTTP transactions
4 data transactions