filonl.demura.tv Open in urlscan Pro
216.158.236.18  Public Scan

26 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 116

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 118

• https://googleads.g.doubleclick.net/pagead/adview?ai=C3vz8O4d7ZePINJ6ooPMP_9642A-WkvmgdIzyu-yFEvWN_MIDEAEg6uGHImDJ7o6LwKSMEKABqsDC7inIAQmoAwHIA8uEgIAEqgSJAk_QJJdhYinQuCQkL4C65QBfAN13vM7H9sNRh1UNSz0JY0z27ZpSTdkih1gre1xaOWb-FdkJixhT3yDMLv7uGuwAFaJf3eLpSl86UyUSJgD1yLwdcdaL9G4I02BSrWOv2M0sy2ikvYwv2hWapfr2mh8RI3nOFM8O3BIZeYU3k7AtOUDTWhgQl0uzmlVR4Ynb7J74TnzMesaL1MAVRIrDMcKnx6ipXV7oRNR-wFR8Swx134HlSbKLzfztfoMdhUgozFd3DXBFOtwMncGEmkvsZwpfeYSjIaFZms-UNU5g_1X7veGBz3Yn2CId0iA0vRNVaQMaMabB5AtRecu7PyCYUqGwaXy1E_mWZWrABM21o9i9BIgFhPH1rk2SBQQIBBgBkgUECAUYBKAGLoAHh7yklwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBD1_xfSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WJGuhKKCkIMDmgnqA2h0dHBzOi8vb3B0aW9uaXNoLmNvbS9hcnRpY2xlL3VubG9ja2luZy10aGUtcG93ZXItb2YtZ29vZ2xlLWFkdmVydGlzaW5nLXNlcnZpY2UtYWRzLWEtY29tcHJlaGVuc2l2ZS1ndWlkZT9xdWVyeT1zZXR1cCtHb29nbGUrQWR2ZXJ0aXNpbmcrU2VydmljZStBZHMmdXRtX3NvdXJjZT1nb29nbGVzJnBfaWQ9NjM0NCZjX2lkPTIwNzY3OTMwNTAwJmFfaWQ9MTUzOTk4NjQ1OTY1JnV0bV9jb250ZW50PXNldHVwK0dvb2dsZStBZHZlcnRpc2luZytTZXJ2aWNlK0FkcyZwbD05MDA1NTMyJnV0bV90ZXJtPVNldHVwK0dvb2dsZStBZHZlcnRpc2luZytTZXJ2aWNlK0FkcyxHb29nbGUrUHJvZmVzc2lvbmFsK0FkcytTZXJ2aWNlcyxHb29nbGUrUFBDK0NhbXBhaWduK01hbmFnZW1lbnQrU2VydmljZXMsR29vZ2xlK1Byb2Zlc3Npb25hbCtBZHdvcmRzK0FkdmVydGlzaW5nK1NlcnZpY2VzLE11c3QtdHJ5K1Byb2Zlc3Npb25hbCtHb29nbGUrQWRzK1NlcnZpY2UrU3RyYXRlZ3mACgHICwGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAtoMEAoKELCUkrm92Oj8DhICAQO4E-QD2BMMiBQD0BUBgBcBshccChoIABIUcHViLTQ4OTkzMDA0Nzc3Njc5MDQYAA&sigh=ae5k3jo4BAc&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_LuGEZNHSaNFrXJQZAlLGaG8FkwFk0o5s6VzY7oLCQYzDGywS7slre06Htfc879qGABaquXDXqMmKRz4wdAkmomFq_yzZ7XM32hgB&template_id=484&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5fca8c2e5032c2660000000000000000%22,%222%22:%220xaf79f80feb5501ee0000000000000000%22,%223%22:%220xe599a64f39a3d1ca0000000000000000%22,%224%22:%220xfcecb94eb05cfeb90000000000000000%22,%225%22:%220x503a5b1f8008ca600000000000000000%22},%22debug_key%22:%223971774293948946462%22,%22debug_reporting%22:true,%22destination%22:%22https://optionish.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211237629994%22],%2222%22:[%22true%22],%224%22:[%2212-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228839025779286862353%22}&andc=true

151 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response filonl.demura.tv/	19 KB 6 KB	1522ms 1424ms	Document text/html	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Full URL https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 644c9c981a15dfb74adc50c9f468a8b39f79b11c9b0e922b840121d645bd07df Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control private content-encoding br content-length 6239 content-type text/html; charset=utf-8 date Thu, 14 Dec 2023 22:52:43 GMT server Microsoft-IIS/10.0 vary Accept-Encoding x-powered-by ASP.NET x-powered-by-plesk PleskWin
GET H2	200	font-awesome.min.css maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/	30 KB 7 KB	111ms 37ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:43 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 871 age 1771612 cdn-cachedat 10/31/2023 18:51:50 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:55 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"269550530cc127b6aa5a35925a7de6ce" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid f99c225dea09fd9a1dc0298de4f8988a timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 835a04d1bf344bcd-BUF cdn-requestpullsuccess True
GET H2	200	jquery.smartmenus.bootstrap.css filonl.demura.tv/Data/Sites/1/skins/framework/js/vendors/smartmenus/	4 KB 1 KB	65ms 61ms	Stylesheet text/css	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Full URL https://filonl.demura.tv/Data/Sites/1/skins/framework/js/vendors/smartmenus/jquery.smartmenus.bootstrap.css?v=668b82f3-041b-4571-9151-18e0fdba415b Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash ff169f2edd0b2200737fe85a1b4115f09a1c719f3537bf7949599ae1855bb385 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT content-encoding br last-modified Tue, 09 Nov 2021 20:52:01 GMT server Microsoft-IIS/10.0 etag "27ab5a4abd5d71:0" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 1257
GET H2	200	jquery-ui.css code.jquery.com/ui/1.12.1/themes/smoothness/	36 KB 9 KB	99ms 29ms	Stylesheet text/css	2a04:4e42:200::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/ui/1.12.1/themes/smoothness/jquery-ui.css Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:43 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 7792154 x-cache HIT, HIT content-length 8422 x-served-by cache-lga21952-LGA, cache-nyc-kteb1890039-NYC last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1702594363.156043,VS0,VE0 etag W/"28feccc0-8eb8" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 56, 274
GET H2	200	default.css filonl.demura.tv/Data/Sites/1/skins/framework/js/vendors/nivo-slider/themes/default/	2 KB 916 B	88ms 84ms	Stylesheet text/css	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Full URL https://filonl.demura.tv/Data/Sites/1/skins/framework/js/vendors/nivo-slider/themes/default/default.css?v=668b82f3-041b-4571-9151-18e0fdba415b Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 3b5fd7fd21093ef27c4f6402dcd42fa0046069e024d62187b2d7f4c148ee3640 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT content-encoding br last-modified Fri, 17 Mar 2023 21:29:09 GMT server Microsoft-IIS/10.0 etag "90b98d821759d91:0" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 857
GET H2	200	light.css filonl.demura.tv/Data/Sites/1/skins/framework/js/vendors/nivo-slider/themes/light/	2 KB 962 B	63ms 60ms	Stylesheet text/css	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Full URL https://filonl.demura.tv/Data/Sites/1/skins/framework/js/vendors/nivo-slider/themes/light/light.css?v=668b82f3-041b-4571-9151-18e0fdba415b Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 22cadc443623c1ba18d96189a7d859eeb8531e1b296b608011ee61f6b3381465 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT content-encoding br last-modified Fri, 17 Mar 2023 21:29:09 GMT server Microsoft-IIS/10.0 etag "abe08d821759d91:0" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 875
GET H2	200	dark.css filonl.demura.tv/Data/Sites/1/skins/framework/js/vendors/nivo-slider/themes/dark/	2 KB 946 B	65ms 61ms	Stylesheet text/css	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Full URL https://filonl.demura.tv/Data/Sites/1/skins/framework/js/vendors/nivo-slider/themes/dark/dark.css?v=668b82f3-041b-4571-9151-18e0fdba415b Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 7119294f6861a8d3ba44377846fc8198f28db73d59c61124a7b9564c763e6940 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT content-encoding br last-modified Fri, 17 Mar 2023 21:29:09 GMT server Microsoft-IIS/10.0 etag "716b8d821759d91:0" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 887
GET H2	200	bar.css filonl.demura.tv/Data/Sites/1/skins/framework/js/vendors/nivo-slider/themes/bar/	4 KB 1 KB	65ms 62ms	Stylesheet text/css	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Full URL https://filonl.demura.tv/Data/Sites/1/skins/framework/js/vendors/nivo-slider/themes/bar/bar.css?v=668b82f3-041b-4571-9151-18e0fdba415b Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 4a3c75b68f7264001cd11ff1a8b06477adf1024c942bad6024229a6d610e6427 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT content-encoding br last-modified Fri, 17 Mar 2023 21:29:09 GMT server Microsoft-IIS/10.0 etag "4e448d821759d91:0" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 1313
GET H2	200	nivo-slider.css filonl.demura.tv/Data/Sites/1/skins/framework/js/vendors/nivo-slider/	2 KB 1 KB	88ms 85ms	Stylesheet text/css	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Full URL https://filonl.demura.tv/Data/Sites/1/skins/framework/js/vendors/nivo-slider/nivo-slider.css?v=668b82f3-041b-4571-9151-18e0fdba415b Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash a330a0196da3072001cf3494d57e3ae7bd7ed26db7214a24e9f7488d2e7e9d54 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT content-encoding br last-modified Fri, 17 Mar 2023 21:29:09 GMT server Microsoft-IIS/10.0 etag "3df68c821759d91:0" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 979
GET H2	200	csshandler.ashx filonl.demura.tv/	317 KB 46 KB	38ms 35ms	Stylesheet text/css	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Full URL https://filonl.demura.tv/csshandler.ashx?skin=framework&s=1&sv=668b82f3-041b-4571-9151-18e0fdba415b Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 3544b53fe45f8d9a64792036c4f1019059fbbd473050c00fde97302a3621dd40 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT content-encoding gzip server Microsoft-IIS/10.0 x-powered-by ASP.NET content-type text/css cache-control public, must-revalidate, proxy-revalidate, max-age=604800 content-length 47349 expires Thu, 21 Dec 2023 22:52:43 GMT
GET H2	200	jquery-3.7.0.min.js Show response code.jquery.com/	85 KB 30 KB	103ms 34ms	Script application/javascript	2a04:4e42:200::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.7.0.min.js Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8 Request headers Referer https://filonl.demura.tv/ Origin https://filonl.demura.tv accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:43 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 7792166 x-cache HIT, HIT content-length 30308 x-served-by cache-lga13623-LGA, cache-nyc-kteb1890070-NYC last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1702594363.156339,VS0,VE0 etag W/"28feccc0-155a6" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 43, 38302
GET H2	200	jquery-ui.min.js Show response code.jquery.com/ui/1.12.1/	248 KB 67 KB	98ms 30ms	Script application/javascript	2a04:4e42:200::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/ui/1.12.1/jquery-ui.min.js Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5 Request headers Referer https://filonl.demura.tv/ Origin https://filonl.demura.tv accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:43 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 6281283 x-cache HIT, HIT content-length 67751 x-served-by cache-lga13623-LGA, cache-nyc-kteb1890070-NYC last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1702594363.156340,VS0,VE0 etag W/"28feccc0-3dee4" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 5, 92559
GET H2	200	jquery.nivo.slider.pack.js Show response filonl.demura.tv/Data/Sites/1/skins/framework/js/vendors/nivo-slider/	12 KB 4 KB	172ms 170ms	Script application/javascript	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Full URL https://filonl.demura.tv/Data/Sites/1/skins/framework/js/vendors/nivo-slider/jquery.nivo.slider.pack.js Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e1684fc4ce4e99adbe5d9f0a4eb19ce2c54116da8b0f9224cdc94d33988aa387 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT content-encoding br last-modified Fri, 17 Mar 2023 21:29:09 GMT server Microsoft-IIS/10.0 etag "3df68c821759d91:0" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 4358
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	145 KB 51 KB	127ms 58ms	Script text/javascript	2607:f8b0:4004:c17::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4899300477767904 Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fbf95c138423953057cdb4cbb6ff61abb92f9e48f0cf5cbcf2e3e1b6d4e7a736 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://filonl.demura.tv/ Origin https://filonl.demura.tv accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:43 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51288 x-xss-protection 0 server cafe etag 14078262750857488109 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 14 Dec 2023 22:52:43 GMT
GET H2	200	mojocombinedfull.js Show response filonl.demura.tv/ClientScript/mojocombined/	2 KB 1 KB	64ms 62ms	Script application/javascript	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Full URL https://filonl.demura.tv/ClientScript/mojocombined/mojocombinedfull.js?v3 Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 4dbb016c3af45e3fe2116d1aa273728ad949e386f5767b6eb25b36a67c4850e3 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT content-encoding br last-modified Fri, 23 Dec 2022 19:57:08 GMT server Microsoft-IIS/10.0 etag "43e4ffbc817d91:0" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 958
GET H2	200	WebFormsJs Show response filonl.demura.tv/bundles/	60 KB 20 KB	111ms 109ms	Script text/javascript	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Full URL https://filonl.demura.tv/bundles/WebFormsJs?v=N8tymL9KraMLGAMFuPycfH3pXe6uUlRXdhtYv8A_jUU1 Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash c33d2eeb46f41ebdccc2b62b178a76466645fc91a640c3e718a9999a6b4b9965 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT content-encoding br last-modified Thu, 14 Dec 2023 22:52:43 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET vary User-Agent,Accept-Encoding content-type text/javascript; charset=utf-8 cache-control public content-length 20817 expires Fri, 13 Dec 2024 22:52:43 GMT
GET H2	200	MsAjaxJs Show response filonl.demura.tv/bundles/	142 KB 47 KB	87ms 85ms	Script text/javascript	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Full URL https://filonl.demura.tv/bundles/MsAjaxJs?v=D6VN0fHlwFSIWjbVzi6mZyE9Ls-4LNrSSYVGRU46XF81 Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 594e60989897c3fe7e623be3e586d11d1e80d5288270d9604ab2b492d79cbcc9 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT content-encoding br last-modified Thu, 14 Dec 2023 22:52:43 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET vary User-Agent,Accept-Encoding content-type text/javascript; charset=utf-8 cache-control public content-length 47665 expires Fri, 13 Dec 2024 22:52:43 GMT
GET H2	200	logo.png filonl.demura.tv/Data/Sites/1/media/logos/	2 KB 2 KB	157ms 155ms	Image image/png	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://filonl.demura.tv/Data/Sites/1/media/logos/logo.png Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 9398a560c3c6896af84a741dafaabf427706d70ccf4c87d3aef29471bcca8c65 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT last-modified Thu, 07 Dec 2023 14:08:20 GMT server Microsoft-IIS/10.0 etag "d57670d51629da1:0" x-powered-by ASP.NET content-type image/png accept-ranges bytes content-length 2007
GET H2	200	sagen-najib.jpg filonl.demura.tv/Data/Sites/1/media/images/video/	43 KB 44 KB	84ms 83ms	Image image/jpeg	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://filonl.demura.tv/Data/Sites/1/media/images/video/sagen-najib.jpg Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 253eb0d1ba466d441b7581b014f38ee10bc897b22cd5c6d2940323807e2a00ec Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT last-modified Thu, 14 Dec 2023 21:14:11 GMT server Microsoft-IIS/10.0 etag "88c0987bd22eda1:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 44461
GET H2	200	kaikea-niklas.jpg filonl.demura.tv/Data/Sites/1/media/images/video/	42 KB 42 KB	85ms 85ms	Image image/jpeg	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://filonl.demura.tv/Data/Sites/1/media/images/video/kaikea-niklas.jpg Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 60afb97e6593627be18d78653646a2cb8fb5578c0e3cc7b07633674058f9b864 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT last-modified Mon, 20 Nov 2023 17:58:53 GMT server Microsoft-IIS/10.0 etag "ef54f39db1bda1:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 43298
GET H2	200	amir-whit.jpg filonl.demura.tv/Data/Sites/1/media/images/video/	32 KB 32 KB	122ms 122ms	Image image/jpeg	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://filonl.demura.tv/Data/Sites/1/media/images/video/amir-whit.jpg Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash de067c9e5a3bf728876d3df694ed76046a161ba2d1bbea869fb7c7c41a7803dd Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT last-modified Thu, 07 Dec 2023 06:51:03 GMT server Microsoft-IIS/10.0 etag "1496f9bed928da1:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 32913
GET H2	200	toben-walker.jpg filonl.demura.tv/Data/Sites/1/media/images/video/	30 KB 30 KB	28ms 28ms	Image image/jpeg	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://filonl.demura.tv/Data/Sites/1/media/images/video/toben-walker.jpg Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash af2772fbea86b0d40749b9518f926be097e46b2523260084c0c5d9ae0bdc135b Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT last-modified Thu, 30 Nov 2023 13:37:28 GMT server Microsoft-IIS/10.0 etag "48e7395c9223da1:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 30536
GET H2	200	javanni-archer.jpg filonl.demura.tv/Data/Sites/1/media/images/video/	24 KB 25 KB	35ms 30ms	Image image/jpeg	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://filonl.demura.tv/Data/Sites/1/media/images/video/javanni-archer.jpg Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 8b3a63edf3920e74c76ff81868ffcbf2a12e3bed18f18910c789b2180b821141 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT last-modified Tue, 14 Nov 2023 11:25:00 GMT server Microsoft-IIS/10.0 etag "19e76434ed16da1:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 25038
GET H2	200	duy-daren.jpg filonl.demura.tv/Data/Sites/1/media/images/video/	27 KB 27 KB	173ms 168ms	Image image/jpeg	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://filonl.demura.tv/Data/Sites/1/media/images/video/duy-daren.jpg Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 2d5375a67d2f88b55fed4d52273bdefdafe05933ccd60fe30e5807c3ea721452 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT last-modified Wed, 25 Oct 2023 17:50:34 GMT server Microsoft-IIS/10.0 etag "b5b6fcc06b7da1:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 27688
GET H2	200	billy-kamarii.jpg filonl.demura.tv/Data/Sites/1/media/images/video/	46 KB 46 KB	169ms 164ms	Image image/jpeg	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://filonl.demura.tv/Data/Sites/1/media/images/video/billy-kamarii.jpg Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash d7e9428250ba5a900914eddc663878e5bd58d8b7048f68498bf1bbc556ef4632 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT last-modified Wed, 25 Oct 2023 17:46:10 GMT server Microsoft-IIS/10.0 etag "8aad90236b7da1:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 47016
GET H2	200	shaden-chibueze.jpg filonl.demura.tv/Data/Sites/1/media/images/video/	30 KB 30 KB	170ms 165ms	Image image/jpeg	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://filonl.demura.tv/Data/Sites/1/media/images/video/shaden-chibueze.jpg Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash da04bde7c4d89dee7f63e3de88fa8ba0a6f4220e6af3e4414641da6388bf4086 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT last-modified Wed, 25 Oct 2023 17:44:20 GMT server Microsoft-IIS/10.0 etag "97cc23e26a7da1:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 30355
GET H2	200	jacari-dayjon.jpg filonl.demura.tv/Data/Sites/1/media/images/video/	25 KB 25 KB	169ms 165ms	Image image/jpeg	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://filonl.demura.tv/Data/Sites/1/media/images/video/jacari-dayjon.jpg Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 07cd2298da8b62d727cfd7f87262a1d64252b99223c54cc848e517347f804b84 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT last-modified Wed, 25 Oct 2023 17:42:42 GMT server Microsoft-IIS/10.0 etag "5fecaca76a7da1:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 25925
GET H2	200	enzo-caymen.jpg filonl.demura.tv/Data/Sites/1/media/images/video/	34 KB 34 KB	37ms 32ms	Image image/jpeg	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://filonl.demura.tv/Data/Sites/1/media/images/video/enzo-caymen.jpg Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash a6384f09f8ad88f944383581bca0ad3ef8c1a498a367da70d81d9b31832245f4 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT last-modified Sat, 21 Oct 2023 15:30:24 GMT server Microsoft-IIS/10.0 etag "2e72d082334da1:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 34305
GET H2	200	kiron-tashawn.jpg filonl.demura.tv/Data/Sites/1/media/images/video/	36 KB 36 KB	170ms 166ms	Image image/jpeg	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://filonl.demura.tv/Data/Sites/1/media/images/video/kiron-tashawn.jpg Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash ae5cdb10a43402ba53da3bcbe4c8ea38ca582e3446d684e2831ff3e3c925719b Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT last-modified Sat, 21 Oct 2023 15:27:52 GMT server Microsoft-IIS/10.0 etag "f5d96d28334da1:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 36787
GET H2	200	kaceton-ford.jpg filonl.demura.tv/Data/Sites/1/media/images/video/	17 KB 17 KB	177ms 173ms	Image image/jpeg	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://filonl.demura.tv/Data/Sites/1/media/images/video/kaceton-ford.jpg Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 2071f0bbf5876dca6084bd8d1501e5f06541e79862121f373c7fa16e6a3e3b20 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT last-modified Fri, 20 Oct 2023 17:39:49 GMT server Microsoft-IIS/10.0 etag "f8ddbc6c7c3da1:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 17080
GET H2	200	ledion-devam.jpg filonl.demura.tv/Data/Sites/1/media/images/video/	47 KB 47 KB	171ms 167ms	Image image/jpeg	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://filonl.demura.tv/Data/Sites/1/media/images/video/ledion-devam.jpg Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 5ae3ef2af211234e705626d4c60bbf2fbea58ecb607e70ed60197c67c186f5b2 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT last-modified Fri, 20 Oct 2023 17:38:31 GMT server Microsoft-IIS/10.0 etag "3ed2fe3d7c3da1:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 48257
GET H2	200	essam-nissim.jpg filonl.demura.tv/Data/Sites/1/media/images/video/	38 KB 38 KB	174ms 170ms	Image image/jpeg	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://filonl.demura.tv/Data/Sites/1/media/images/video/essam-nissim.jpg Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash d94bf45c98b4a71fe4c2081c392572cb51a1e284fa88ad6d12a8daa38d7eee19 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT last-modified Fri, 20 Oct 2023 17:36:40 GMT server Microsoft-IIS/10.0 etag "65cd4ffc7b3da1:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 38559
GET H2	200	taveon-kadien.jpg filonl.demura.tv/Data/Sites/1/media/images/video/	26 KB 26 KB	176ms 173ms	Image image/jpeg	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://filonl.demura.tv/Data/Sites/1/media/images/video/taveon-kadien.jpg Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash c61513cf473b75aa6d74632ffc981258aa818997c7bdc271deb9fb383ac3501b Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT last-modified Wed, 18 Oct 2023 14:51:26 GMT server Microsoft-IIS/10.0 etag "8a263e92d21da1:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 26578
GET H2	200	koji-natnael.jpg filonl.demura.tv/Data/Sites/1/media/images/video/	23 KB 24 KB	44ms 40ms	Image image/jpeg	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://filonl.demura.tv/Data/Sites/1/media/images/video/koji-natnael.jpg Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 531a2fd2cb7ac563f131570b9bd717639d3dc1ac49f7d989898ac9bca829ea41 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT last-modified Wed, 18 Oct 2023 14:49:32 GMT server Microsoft-IIS/10.0 etag "a27294ed21da1:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 24037
GET H2	200	zavi-reegan.jpg filonl.demura.tv/Data/Sites/1/media/images/video/	19 KB 19 KB	45ms 41ms	Image image/jpeg	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://filonl.demura.tv/Data/Sites/1/media/images/video/zavi-reegan.jpg Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 63cb436d3ea9a8d0ea30cc9658c8fd2e8283143f8501a2cb9d2c2ae9b8cdf3fa Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT last-modified Wed, 18 Oct 2023 14:47:19 GMT server Microsoft-IIS/10.0 etag "b21ed0fed11da1:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 19267
GET H2	200	corvus-michelangelo.jpg filonl.demura.tv/Data/Sites/1/media/images/video/	44 KB 44 KB	46ms 43ms	Image image/jpeg	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://filonl.demura.tv/Data/Sites/1/media/images/video/corvus-michelangelo.jpg Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash d428125f59facfcfaca7d20ee6896a191dc15041c9f2eb4ce965b23740bd51c1 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT last-modified Tue, 17 Oct 2023 14:16:14 GMT server Microsoft-IIS/10.0 etag "b919db7c41da1:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 45358
GET H2	200	kairen-eithen.jpg filonl.demura.tv/Data/Sites/1/media/images/video/	31 KB 31 KB	49ms 46ms	Image image/jpeg	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://filonl.demura.tv/Data/Sites/1/media/images/video/kairen-eithen.jpg Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash a858a0e4eda1056b251e6ef3b76341acbaf7209261a0ade9f9393d02cea4af82 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT last-modified Tue, 17 Oct 2023 08:56:55 GMT server Microsoft-IIS/10.0 etag "6899dce0d70da1:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 31825
GET H2	200	jaidyn-terry.jpg filonl.demura.tv/Data/Sites/1/media/images/serials/	42 KB 42 KB	173ms 171ms	Image image/jpeg	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://filonl.demura.tv/Data/Sites/1/media/images/serials/jaidyn-terry.jpg Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 865dfdde2c70764628dce122d448e0fff41620867d4184bbbf94c5de6bb793eb Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT last-modified Sun, 08 Oct 2023 11:12:20 GMT server Microsoft-IIS/10.0 etag "6f23344ed8f9d91:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 42512
GET H2	200	madsen-abdullah.jpg filonl.demura.tv/Data/Sites/1/media/images/video/	22 KB 22 KB	45ms 42ms	Image image/jpeg	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://filonl.demura.tv/Data/Sites/1/media/images/video/madsen-abdullah.jpg Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash c9de002c1dc472d887e50fc7805715876d66dc55dec6929788b507778d2b35fc Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT last-modified Sat, 14 Oct 2023 19:02:26 GMT server Microsoft-IIS/10.0 etag "91be0f8d0fed91:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 22477
GET H2	200	andrea-jaykub.jpg filonl.demura.tv/Data/Sites/1/media/images/video/	32 KB 32 KB	177ms 174ms	Image image/jpeg	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://filonl.demura.tv/Data/Sites/1/media/images/video/andrea-jaykub.jpg Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 8ed6b4b2f215572717f9600055354aca580990c14da9ae3cc28bc306c864c729 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT last-modified Sat, 14 Oct 2023 19:05:28 GMT server Microsoft-IIS/10.0 etag "cd7f065d1fed91:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 32855
GET H2	200	liban-sarp.jpg filonl.demura.tv/Data/Sites/1/media/images/video/	20 KB 20 KB	177ms 175ms	Image image/jpeg	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://filonl.demura.tv/Data/Sites/1/media/images/video/liban-sarp.jpg Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 655a81d49a544b360c69d96b955c7f01ccbc053efbfedf8724f51ef5f5ca6487 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT last-modified Sat, 14 Oct 2023 19:00:30 GMT server Microsoft-IIS/10.0 etag "67cb2b3d0fed91:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 20233
GET H2	200	shaya-camron.jpg filonl.demura.tv/Data/Sites/1/media/images/serials/	31 KB 31 KB	171ms 169ms	Image image/jpeg	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://filonl.demura.tv/Data/Sites/1/media/images/serials/shaya-camron.jpg Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash c8331abc8968793c3b1a04f63b4ccddc2675a433831966b9bbd24a08f354eab3 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT last-modified Thu, 14 Sep 2023 16:10:40 GMT server Microsoft-IIS/10.0 etag "57cf57126e7d91:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 31259
GET H2	200	ambrosio-princeten.jpg filonl.demura.tv/Data/Sites/1/media/images/serials/	40 KB 41 KB	174ms 172ms	Image image/jpeg	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://filonl.demura.tv/Data/Sites/1/media/images/serials/ambrosio-princeten.jpg Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 126f930eeabf437930180bf39b18d0d5919ca414e05c8de842cf6b997e56b5b5 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT last-modified Tue, 12 Sep 2023 08:56:30 GMT server Microsoft-IIS/10.0 etag "f9cbb0557e5d91:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 41440
GET H2	200	bootstrap.min.js Show response filonl.demura.tv/Data/Sites/1/skins/framework/js/	27 KB 12 KB	78ms 78ms	Script application/javascript	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Full URL https://filonl.demura.tv/Data/Sites/1/skins/framework/js/bootstrap.min.js Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash fa46ef1808d9268fa38fe8e5ab02c6e96b9dd8ae60be3b571110970a094afe36 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT content-encoding br last-modified Tue, 09 Nov 2021 20:52:01 GMT server Microsoft-IIS/10.0 etag "7bf8b3a4abd5d71:0" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 11908
GET H2	200	jquery.smartmenus.min.js Show response filonl.demura.tv/Data/Sites/1/skins/framework/js/vendors/smartmenus/	24 KB 11 KB	30ms 28ms	Script application/javascript	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Full URL https://filonl.demura.tv/Data/Sites/1/skins/framework/js/vendors/smartmenus/jquery.smartmenus.min.js Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 057502a6696fc13b235dfc74c2fc1c338023343f4690c869a19c6a5e4f3fbfb0 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT content-encoding br last-modified Tue, 09 Nov 2021 20:52:01 GMT server Microsoft-IIS/10.0 etag "27ab5a4abd5d71:0" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 10773
GET H2	200	jquery.smartmenus.bootstrap.min.js Show response filonl.demura.tv/Data/Sites/1/skins/framework/js/vendors/smartmenus/	3 KB 1 KB	27ms 26ms	Script application/javascript	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Full URL https://filonl.demura.tv/Data/Sites/1/skins/framework/js/vendors/smartmenus/jquery.smartmenus.bootstrap.min.js Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b86dfb0bb9dcc119bca0ad20e323c41ce31661a27b765fda35fed1eb2cac8d16 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT content-encoding br last-modified Tue, 09 Nov 2021 20:52:01 GMT server Microsoft-IIS/10.0 etag "27ab5a4abd5d71:0" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1280
GET H2	200	main.min.js Show response filonl.demura.tv/Data/Sites/1/skins/framework/js/	4 KB 2 KB	35ms 29ms	Script application/javascript	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Full URL https://filonl.demura.tv/Data/Sites/1/skins/framework/js/main.min.js Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 2be07909eaa8f9b61cb494700883e45636aea2313391a26c7b6b0bdf686050df Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT content-encoding br last-modified Thu, 07 Dec 2023 16:07:09 GMT server Microsoft-IIS/10.0 etag "fda19a6e2729da1:0" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 2337
GET H2	200	jquery-3.7.0.min.js Show response filonl.demura.tv/Data/Sites/1/skins/framework/js/vendors/jquery/	85 KB 42 KB	137ms 137ms	Script application/javascript	216.158.236.18 IS-AS-1
General Check archive.org Show headers Download Go to Full URL https://filonl.demura.tv/Data/Sites/1/skins/framework/js/vendors/jquery/jquery-3.7.0.min.js Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.158.236.18 , United States, ASN19318 (IS-AS-1, US), Reverse DNS plesk6100.is.cc Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 32b42f9bc813dd6bad1b45129eade1df8dd1463908f79505209fbfa1aa71018a Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Thu, 14 Dec 2023 22:52:43 GMT content-encoding br last-modified Tue, 20 Jun 2023 20:46:30 GMT server Microsoft-IIS/10.0 etag "93f7e04ab8a3d91:0" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 43086
GET H2	200	external.min.js Show response secure.rating-widget.com/js/	115 KB 34 KB	208ms 128ms	Script text/javascript	2606:4700:3030::6815:18c3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://secure.rating-widget.com/js/external.min.js?ck=Y2023M11D14 Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/Data/Sites/1/skins/framework/js/main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:18c3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 319cfe60bbe92497d3ad526fb4b252ed14f9f3e64e7493712382fba2ac21d97f Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:43 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 28 May 2018 10:01:00 UTC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Lc8ieY%2BravvrNJgijpwoSwD8yBe3COcGtSc3p%2F2CkU%2BjfnOQHc7U%2BE%2F6bklSdhTxIaPgTdv0W5jGoyZjxkcc%2BPs5Pk3zhCvNof7qXDVexHvmsl7PXa5qTbZqoKbZkh25xdq7myz4FIM7o6Bza%2F%2FIoSitxTC2Fg%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 835a04d3fe324bbd-BUF alt-svc h3=":443"; ma=86400 expires Tue, 28 May 2019 10:01:00 GMT
GET H2	200	embed.js Show response www.chatbro.com/	537 KB 106 KB	589ms 511ms	XHR application/javascript	2606:4700:3038::6815:eb3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.chatbro.com/embed.js?eyJlbWJlZENoYXRzUGFyYW1ldGVycyI6W3siZW5jb2RlZENoYXRJZCI6Ijk4VDVnIn1dLCJsYW5nIjoiZW4tVVMiLCJuZWVkTG9hZENvZGUiOnRydWV9 Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/Data/Sites/1/skins/framework/js/main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:eb3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7e41402ab32145b216a5fc23fce3a5c7d02a45b2586514147f92c85ed014414 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:43 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 14 Dec 2023 22:52:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=819U%2Fss7KLSf4qEV%2BlL9GGz35YTJe3XLs8TmLD7n3YLT1QBod4UEFiji7XXw3v%2Bx13fuCREoC8NpnRfct2tDCvdBJq4ir%2BpPg1jUptM0XCb04fFT%2BcYPd5%2BBTT%2BAvana1ZYySyhm6ifrbKbR4pc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript;charset=utf-8 access-control-allow-origin https://filonl.demura.tv cache-control public, max-age=31536000, s-maxage=200 access-control-allow-credentials true cf-ray 835a04d3fca76aee-BUF alt-svc h3=":443"; ma=86400
GET H2	200	1g3ggjuci Show response embed.tawk.to/62876f18b0d10b6f3e733393/	2 KB 924 B	156ms 91ms	Script application/x-javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/62876f18b0d10b6f3e733393/1g3ggjuci Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/Data/Sites/1/skins/framework/js/main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 72955e3e38bb55b450ea4dc400d4623ddedb5ca546390674710ce2c40040eefa Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://filonl.demura.tv/ Origin https://filonl.demura.tv accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:43 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS content-encoding br server cloudflare etag W/"stable-v4-6579dd43930" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=7200, s-maxage=3600 cf-ray 835a04d3e8ab4bc9-BUF alt-svc h3=":443"; ma=86400
GET H3	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/	399 KB 135 KB	131ms 69ms	Script text/javascript	2607:f8b0:4004:c17::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4899300477767904 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6efda48e80b2f1710bea21e24048d2b7175905403d026a9cda5f3b8130663d5c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:43 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 137916 x-xss-protection 0 server cafe etag 1916131603004031834 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Thu, 14 Dec 2023 22:52:43 GMT
GET H2	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 12D6	9 KB 4 KB	96ms 31ms	Document text/html	2607:f8b0:4004:c09::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4899300477767904 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::9a Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://filonl.demura.tv/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 69105 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4130 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 14 Dec 2023 03:40:58 GMT etag 5585625838579639069 expires Thu, 28 Dec 2023 03:40:58 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame CF2E	650 KB 110 KB	1360ms 1360ms	Document text/html	2607:f8b0:4004:c09::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4899300477767904&output=html&adk=1330213361&adf=2590715279&lmt=1702594363&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Ffilonl.demura.tv%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702594363591&bpp=3&bdt=520&idt=211&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6120373109424&frm=20&pv=2&ga_vid=978712808.1702594364&ga_sid=1702594364&ga_hid=1949246271&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C42532523%2C42532360%2C95320884&oid=2&pvsid=2592641645674657&tmod=948132089&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=232 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::9a Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3d42bd4d5bcd11aa4ecd95da1688cc0ba7b2212782347c045288aed1c645db93 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://filonl.demura.tv/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 112743 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 14 Dec 2023 22:52:45 GMT expires Thu, 14 Dec 2023 22:52:45 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
POST H2	200	g Show response lpgs.chatbro.com/	9 B 358 B	393ms 380ms	XHR text/plain	2606:4700:3038::6815:eb3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lpgs.chatbro.com/g Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:eb3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8b2331781068f9af00a526bf4b4e37b4d7a70aabf0adef47a97853af5d764e3c Request headers Referer https://filonl.demura.tv/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 14 Dec 2023 22:52:44 GMT content-encoding gzip cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=34hiskHEO7d0gc8Qznt7fyGOpQKr3qh4xsA%2FT1pgBG7Z4PkKoxVJHSCl3%2FiynVCiqw3JZbbgOTzwvMePNPuY7e4Rx3QE7R7NeZK83rzd6M3RaWjGEwE70hwDy%2BZtspihAmgHv7FSflkYydTise2W"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=utf-8 access-control-allow-origin https://filonl.demura.tv cache-control no-cache, must-revalidate access-control-allow-credentials true cf-ray 835a04d8c89e6aee-BUF alt-svc h3=":443"; ma=86400
GET H3	200	chatbro.woff www.chatbro.com/fonts/	14 KB 15 KB	558ms 497ms	Font application/font-woff	2606:4700:3038::6815:eb3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.chatbro.com/fonts/chatbro.woff?10 Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3038::6815:eb3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f74fcaf9c728521c218b7bf05a0bf7173b522e7769165c8f97fdf74734cf0907 Request headers Referer https://filonl.demura.tv/ Origin https://filonl.demura.tv accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:44 GMT content-encoding gzip cf-cache-status MISS last-modified Tue, 30 Aug 2022 18:54:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"630e5cd2-383c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSJfThMD1omtgmT0sRUya4lw1gOAC0%2F84sz%2FoZbcpfcIaVHVh%2FeIR7Lqa5spaPgWdmZKazqfeyULkitSMU8c519iace%2BjvBjj500YJjbje5Xt5lnQEwBnL%2FbWCa%2BWbxMzuU8zJ%2FOLCOgTzw1v%2F0%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff access-control-allow-origin * cache-control max-age=31536000 cf-ray 835a04d91bf44bcf-BUF alt-svc h3=":443"; ma=86400 expires Thu, 14 Dec 2023 23:02:44 GMT
GET H2	200	chat_vk_logo.png www.chatbro.com/images/	735 B 1 KB	37ms 35ms	Image image/png	2606:4700:3038::6815:eb3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.chatbro.com/images/chat_vk_logo.png Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:eb3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 163a89e59b219649c013ead3230f372f0e7dca9c8ea0dc0463f991b671b14404 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:44 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 493 alt-svc h3=":443"; ma=86400 content-length 735 last-modified Tue, 30 Aug 2022 18:54:10 GMT server cloudflare etag "630e5cd2-2df" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3nC6RgvO%2B0nyhI5st1D2JGhhI5oQGLY4xZ5RjEOJE%2FcBRkeRA%2BdDJgiHY6uew22VM1LEEke5NXaLd2DfSAtTtbBqdO%2FlOX7XBODrUVFOQKy9Fir6cPJB73htnin34gyMr8pGBPbmb9hIKfC33Iw%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 835a04d8f8ad6aee-BUF expires Thu, 14 Dec 2023 22:54:31 GMT
GET H2	200	chat_telegram_logo.png www.chatbro.com/images/	777 B 1 KB	37ms 36ms	Image image/png	2606:4700:3038::6815:eb3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.chatbro.com/images/chat_telegram_logo.png Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:eb3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a2f63f18bbbe390a7a2d93c0f42bd05c549d856969ccba17ee2f1fc734a77f51 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:44 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 493 alt-svc h3=":443"; ma=86400 content-length 777 last-modified Tue, 30 Aug 2022 18:54:10 GMT server cloudflare etag "630e5cd2-309" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQHMag6rpu%2FEuvq1Zt7JYdLG%2Bl6kuEhSiCj5DYHeymNvgtfHP7fm6KyV5Dpaqa0aiv9FLT%2BNbv89ueGsg5O4pSmvi7hMWWyxXIMcSPTQJyC5Hrq5yTiqT9h8KVLM4XYJ1sVT6HpEGCYOOvo2Zls%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 835a04d8f8ae6aee-BUF expires Thu, 14 Dec 2023 22:54:31 GMT
GET H2	200	chat_facebook_logo.png www.chatbro.com/images/	329 B 631 B	38ms 37ms	Image image/png	2606:4700:3038::6815:eb3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.chatbro.com/images/chat_facebook_logo.png Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:eb3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d813de68c702196d2eeaa7e2e5d55167638741533191d3e5038e329ac3f54940 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:44 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 493 alt-svc h3=":443"; ma=86400 content-length 329 last-modified Tue, 30 Aug 2022 18:54:10 GMT server cloudflare etag "630e5cd2-149" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYdvXwDAaE7dlPCpp2ln%2Ba4r%2Bf2TroqqG4Lf65r965r6qBFwtxAP%2FR5i3%2FEAnF5Did46G%2BTobVIQI6bD60LzIgzFyddMwSSKcu5Fz4C1VkKXjJoHLeNaDUggq1QDo35e96olRZ2T0D5uwkI4Vk8%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 835a04d8f8af6aee-BUF expires Thu, 14 Dec 2023 22:54:31 GMT
GET H2	200	chat_google_logo.png www.chatbro.com/images/	656 B 959 B	38ms 37ms	Image image/png	2606:4700:3038::6815:eb3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.chatbro.com/images/chat_google_logo.png Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:eb3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c1fc1f22827f0dabf3486fdc286f1c909e7acc4b5999365b9328c36c18d17d7 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:44 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 493 alt-svc h3=":443"; ma=86400 content-length 656 last-modified Tue, 30 Aug 2022 18:54:10 GMT server cloudflare etag "630e5cd2-290" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kFOBw4JCikRCwG4WqI%2FVumKXw0tUANI2SJbe0RvTbSHEI7FkJFfjVilobvgmCsSHc7pnnd%2FMQElmWKZckhCQYOYOx2xug4E0s3usx2GsKhzL9X%2Bo%2F6Stzz3FKldrzdoRomGSg7Ye%2BI49TpgwfA%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 835a04d8f8b06aee-BUF expires Thu, 14 Dec 2023 22:54:31 GMT
GET H2	200	no_connection.png www.chatbro.com/images/	2 KB 2 KB	38ms 38ms	Image image/png	2606:4700:3038::6815:eb3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.chatbro.com/images/no_connection.png Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:eb3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d026f555341e85649cd2edd6848b55b6cedfcca0c62bba5099e69b62ea713e40 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:44 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 485 alt-svc h3=":443"; ma=86400 content-length 1614 last-modified Tue, 30 Aug 2022 18:54:10 GMT server cloudflare etag "630e5cd2-64e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sH1N69Yq0uv3zoD2Mm4ob8dwBNuvgrDKWYbnXpYYUdheI3pOaKGcu9kOOHxwnJ4hUAuBzF1uwUan06k8ZfFSYzYeFYNAtE0cLUaVoI9OguKE9OK07TxtBH1qZzTFRCMHs4dNZGDt%2BKElODTNVkk%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 835a04d8f8b16aee-BUF expires Thu, 14 Dec 2023 22:54:39 GMT
GET H2	200	twk-main.js Show response embed.tawk.to/_s/v4/app/6579dd43930/js/	121 B 286 B	82ms 79ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-main.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/62876f18b0d10b6f3e733393/1g3ggjuci Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://filonl.demura.tv/ Origin https://filonl.demura.tv accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:45 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS last-modified Wed, 13 Dec 2023 16:37:47 GMT server cloudflare content-encoding br etag W/"da5bb1dc647470204df0e49f5afac2de" x-cache-status HIT vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 835a04df0d884bc9-BUF alt-svc h3=":443"; ma=86400
GET H2	200	twk-vendor.js Show response embed.tawk.to/_s/v4/app/6579dd43930/js/	81 KB 29 KB	127ms 125ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-vendor.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/62876f18b0d10b6f3e733393/1g3ggjuci Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://filonl.demura.tv/ Origin https://filonl.demura.tv accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:45 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS last-modified Wed, 13 Dec 2023 16:37:47 GMT server cloudflare content-encoding br etag W/"ce3014b09c6dfbd6f92bc585fd840580" x-cache-status HIT vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 835a04df0d894bc9-BUF alt-svc h3=":443"; ma=86400
GET H2	200	twk-chunk-vendors.js Show response embed.tawk.to/_s/v4/app/6579dd43930/js/	212 KB 62 KB	174ms 172ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-chunk-vendors.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/62876f18b0d10b6f3e733393/1g3ggjuci Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fcd1fa4d2007137da13dd581c678acfda42358cbdbda0f0204874fbe2e2c4663 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://filonl.demura.tv/ Origin https://filonl.demura.tv accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:45 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS last-modified Wed, 13 Dec 2023 16:37:47 GMT server cloudflare content-encoding br etag W/"86b32a04921a039ace69980bacd1b639" x-cache-status HIT vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 835a04df0d8b4bc9-BUF alt-svc h3=":443"; ma=86400
GET H2	200	twk-chunk-common.js Show response embed.tawk.to/_s/v4/app/6579dd43930/js/	219 KB 43 KB	171ms 169ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-chunk-common.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/62876f18b0d10b6f3e733393/1g3ggjuci Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c4ae1632a9d343e74a4fd1ad8970d80924c1dbb776e034931114567954740181 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://filonl.demura.tv/ Origin https://filonl.demura.tv accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:45 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS last-modified Wed, 13 Dec 2023 16:37:47 GMT server cloudflare content-encoding br etag W/"d06b05e2dd40119a006690b9909653c3" x-cache-status HIT vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 835a04df0d8c4bc9-BUF alt-svc h3=":443"; ma=86400
GET H2	200	twk-runtime.js Show response embed.tawk.to/_s/v4/app/6579dd43930/js/	2 KB 1 KB	82ms 81ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-runtime.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/62876f18b0d10b6f3e733393/1g3ggjuci Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 464505e1e4e85a3532b751d65ab7801f12b485bf70c83b85a5e66cec7dcf29cf Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://filonl.demura.tv/ Origin https://filonl.demura.tv accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:45 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS last-modified Wed, 13 Dec 2023 16:37:47 GMT server cloudflare content-encoding br etag W/"a386c6880175b560a62a16438b9fb69e" x-cache-status HIT vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 835a04df0d8d4bc9-BUF alt-svc h3=":443"; ma=86400
GET H2	200	twk-app.js Show response embed.tawk.to/_s/v4/app/6579dd43930/js/	151 B 206 B	85ms 84ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-app.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/62876f18b0d10b6f3e733393/1g3ggjuci Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://filonl.demura.tv/ Origin https://filonl.demura.tv accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:45 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS last-modified Wed, 13 Dec 2023 16:37:47 GMT server cloudflare content-encoding br etag W/"e736e189edb5d0d9d5b8e7f23dd9114a" x-cache-status HIT vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 835a04df0d8e4bc9-BUF alt-svc h3=":443"; ma=86400
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	53ms 52ms	XHR application/json	2607:f8b0:4004:c17::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 163032013613cf55c26197f412ad810358a6e078d38c68eb56c4df27d7070c5d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:45 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12264 x-xss-protection 0
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/	160 KB 55 KB	72ms 72ms	Script text/javascript	2607:f8b0:4004:c17::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7b07bffbf21142fa51120eb03293d0d27d8e76099c8f55bb23d951ceca89bc31 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:45 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56000 x-xss-protection 0 server cafe etag 5801105394885294221 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Thu, 14 Dec 2023 22:52:45 GMT
GET H2	200	ca-pub-4899300477767904 Show response fundingchoicesmessages.google.com/i/	182 KB 61 KB	128ms 60ms	Script application/javascript	2607:f8b0:4004:c08::71 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/ca-pub-4899300477767904?ers=2 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::71 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b4650848c809321e528177e09b761aea2e28254c478c81fcd935181b717c5f3f Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-LIhNXhs6LvLUq57o_uZpDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:45 GMT content-security-policy script-src 'report-sample' 'nonce-LIhNXhs6LvLUq57o_uZpDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	104ms 35ms	Script text/javascript	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:45 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 14 Dec 2023 22:52:45 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame C871	13 KB 5 KB	34ms 31ms	Document text/html	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://filonl.demura.tv/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 11661 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 14 Dec 2023 19:38:24 GMT expires Fri, 13 Dec 2024 19:38:24 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 2EC2	829 B 1 KB	117ms 49ms	Document text/html	2607:f8b0:4004:c09::69 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::69 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash e56d6f58063e425bdcc2dea9f6db9bbd0f6de5e7325b54302e99f89c6b857774 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-feYfHYgncCWKLtMrnQbtog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://filonl.demura.tv/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-feYfHYgncCWKLtMrnQbtog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 14 Dec 2023 22:52:45 GMT expires Thu, 14 Dec 2023 22:52:45 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 7859	9 KB 4 KB	34ms 33ms	Document text/html	2607:f8b0:4004:c09::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::9a Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://filonl.demura.tv/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 71399 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4130 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 14 Dec 2023 03:02:46 GMT etag 5585625838579639069 expires Thu, 28 Dec 2023 03:02:46 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame E714	9 KB 4 KB	35ms 33ms	Document text/html	2607:f8b0:4004:c09::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::9a Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://filonl.demura.tv/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 71399 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4130 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 14 Dec 2023 03:02:46 GMT etag 5585625838579639069 expires Thu, 28 Dec 2023 03:02:46 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 4CB8	9 KB 4 KB	33ms 33ms	Document text/html	2607:f8b0:4004:c09::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::9a Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://filonl.demura.tv/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 71399 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4130 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 14 Dec 2023 03:02:46 GMT etag 5585625838579639069 expires Thu, 28 Dec 2023 03:02:46 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 4C45	9 KB 4 KB	33ms 33ms	Document text/html	2607:f8b0:4004:c09::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::9a Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://filonl.demura.tv/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 71399 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4130 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 14 Dec 2023 03:02:46 GMT etag 5585625838579639069 expires Thu, 28 Dec 2023 03:02:46 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	AGSKWxX6NMNmloxfdCV0090LExHJnVRX27sj8AQrgvKKcpRHAEchsghFwhbhiKNDj8ave0h9MEsmAS35Gb5-pbsTngRGF5zIJD8ZgB6nxNZzDtY_AOniAezcnAGYH_vYupmHJSh9N3VuxQ== Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	66ms 65ms	Script application/javascript	2607:f8b0:4004:c08::71 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxX6NMNmloxfdCV0090LExHJnVRX27sj8AQrgvKKcpRHAEchsghFwhbhiKNDj8ave0h9MEsmAS35Gb5-pbsTngRGF5zIJD8ZgB6nxNZzDtY_AOniAezcnAGYH_vYupmHJSh9N3VuxQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyNTk0MzY1LDU0MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9maWxvbmwuZGVtdXJhLnR2LyIsbnVsbCxbWzgsInd1UnJjZllsWWh3Il0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.wuRrcfYlYhw.es5.O/am=wA/d=1/rs=AJlcJMyq4j3elD76bCvqI3Q9g6iUxioeVA/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::71 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 007ab53bbaeab75f8b6942e1c12aea9762526444347e1436ba570782c222d64e Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-FoYtDhrobEJr6FxXP-j4Bg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:45 GMT content-security-policy script-src 'report-sample' 'nonce-FoYtDhrobEJr6FxXP-j4Bg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	widget-settings Show response va.tawk.to/v1/	2 KB 1 KB	89ms 87ms	Fetch application/json	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://va.tawk.to/v1/widget-settings?propertyId=62876f18b0d10b6f3e733393&widgetId=1g3ggjuci&sv=null Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-chunk-common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 09142e99208925d73b0f7ea975c540685d456397ba9f182a3d4f39b61adab854 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:45 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-served-by visitor-application-preemptive-264g server cloudflare etag W/"2-10-0" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type application/json access-control-allow-origin * cache-control public, max-age=7200, s-maxage=1800 cf-ray 835a04e10e764bc9-BUF access-control-allow-headers content-type,x-tawk-token
GET H2	200	css2 fonts.googleapis.com/ Frame 7859	4 KB 1 KB	110ms 39ms	Stylesheet text/css	2607:f8b0:4004:c09::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 14 Dec 2023 22:52:45 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 14 Dec 2023 21:46:03 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 14 Dec 2023 22:52:45 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 7859	205 B 650 B	100ms 30ms	Image image/png	2607:f8b0:4004:c0b::5e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 15:13:46 GMT x-content-type-options nosniff age 27539 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Fri, 13 Dec 2024 15:13:46 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 7859	604 B 695 B	100ms 31ms	Image image/png	2607:f8b0:4004:c0b::5e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 15:54:03 GMT x-content-type-options nosniff age 25122 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Fri, 13 Dec 2024 15:54:03 GMT
GET H3	200	fullscreen_api_adapter_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 7859	16 KB 7 KB	33ms 33ms	Script text/javascript	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 03:00:10 GMT content-encoding br x-content-type-options nosniff age 71555 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6766 x-xss-protection 0 server cafe etag 14924840246271906451 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 28 Dec 2023 03:00:10 GMT
GET H3	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 7859	22 KB 9 KB	32ms 31ms	Script text/javascript	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 03:05:30 GMT content-encoding br x-content-type-options nosniff age 71235 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9210 x-xss-protection 0 server cafe etag 13914886398874665762 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 28 Dec 2023 03:05:30 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E714	2 KB 822 B	33ms 33ms	Script text/javascript	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 03:35:45 GMT content-encoding br x-content-type-options nosniff age 69420 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 28 Dec 2023 03:35:45 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame E714	24 KB 9 KB	32ms 31ms	Script text/javascript	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 03:08:02 GMT content-encoding br x-content-type-options nosniff age 71083 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9318 x-xss-protection 0 server cafe etag 3562968281324141506 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 28 Dec 2023 03:08:02 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E714	3 KB 1 KB	42ms 41ms	Script text/javascript	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 03:08:00 GMT content-encoding br x-content-type-options nosniff age 71085 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 28 Dec 2023 03:08:00 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E714	20 KB 8 KB	33ms 32ms	Script text/javascript	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 03:40:58 GMT content-encoding br x-content-type-options nosniff age 69107 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8571 x-xss-protection 0 server cafe etag 5853369240893788875 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 28 Dec 2023 03:40:58 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame E714	203 KB 65 KB	104ms 34ms	Script text/javascript	2607:f8b0:4004:c17::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:45 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65731 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1702472459035717" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 14 Dec 2023 22:52:45 GMT
GET H2	200	f9d9b65dbd646119ce96bad0f484d579.js Show response www.gstatic.com/mysidia/ Frame E714	37 KB 15 KB	86ms 56ms	Script text/javascript	2607:f8b0:4004:c0b::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 08 Dec 2023 15:38:21 GMT content-encoding gzip x-content-type-options nosniff age 544464 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15460 x-xss-protection 0 last-modified Thu, 07 Dec 2023 22:13:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Thu, 07 Mar 2024 15:38:21 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4CB8	2 KB 822 B	33ms 33ms	Script text/javascript	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 03:35:45 GMT content-encoding br x-content-type-options nosniff age 69420 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 28 Dec 2023 03:35:45 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 4CB8	24 KB 9 KB	32ms 32ms	Script text/javascript	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 03:08:02 GMT content-encoding br x-content-type-options nosniff age 71083 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9318 x-xss-protection 0 server cafe etag 3562968281324141506 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 28 Dec 2023 03:08:02 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4CB8	3 KB 1 KB	44ms 43ms	Script text/javascript	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 03:08:00 GMT content-encoding br x-content-type-options nosniff age 71085 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 28 Dec 2023 03:08:00 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4CB8	20 KB 8 KB	33ms 33ms	Script text/javascript	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 03:40:58 GMT content-encoding br x-content-type-options nosniff age 69107 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8571 x-xss-protection 0 server cafe etag 5853369240893788875 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 28 Dec 2023 03:40:58 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 4CB8	203 KB 64 KB	178ms 121ms	Script text/javascript	2607:f8b0:4004:c17::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:45 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65731 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1702472459035717" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 14 Dec 2023 22:52:45 GMT
GET H2	200	f9d9b65dbd646119ce96bad0f484d579.js Show response www.gstatic.com/mysidia/ Frame 4CB8	37 KB 15 KB	85ms 68ms	Script text/javascript	2607:f8b0:4004:c0b::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 08 Dec 2023 15:38:21 GMT content-encoding gzip x-content-type-options nosniff age 544464 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15460 x-xss-protection 0 last-modified Thu, 07 Dec 2023 22:13:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Thu, 07 Mar 2024 15:38:21 GMT
GET H2	200	css fonts.googleapis.com/ Frame 4C45	4 KB 705 B	61ms 49ms	Stylesheet text/css	2607:f8b0:4004:c09::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 14 Dec 2023 22:52:45 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 14 Dec 2023 21:46:03 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 14 Dec 2023 22:52:45 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4C45	2 KB 822 B	32ms 31ms	Script text/javascript	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 03:35:45 GMT content-encoding br x-content-type-options nosniff age 69420 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 28 Dec 2023 03:35:45 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 4C45	24 KB 9 KB	33ms 32ms	Script text/javascript	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 03:08:02 GMT content-encoding br x-content-type-options nosniff age 71083 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9318 x-xss-protection 0 server cafe etag 3562968281324141506 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 28 Dec 2023 03:08:02 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4C45	3 KB 1 KB	32ms 31ms	Script text/javascript	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 03:08:00 GMT content-encoding br x-content-type-options nosniff age 71085 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 28 Dec 2023 03:08:00 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4C45	20 KB 8 KB	33ms 32ms	Script text/javascript	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 03:40:58 GMT content-encoding br x-content-type-options nosniff age 69107 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8571 x-xss-protection 0 server cafe etag 5853369240893788875 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 28 Dec 2023 03:40:58 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 4C45	203 KB 64 KB	136ms 93ms	Script text/javascript	2607:f8b0:4004:c17::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:45 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65731 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1702472459035717" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 14 Dec 2023 22:52:45 GMT
GET H2	200	f9d9b65dbd646119ce96bad0f484d579.js Show response www.gstatic.com/mysidia/ Frame 4C45	37 KB 15 KB	33ms 31ms	Script text/javascript	2607:f8b0:4004:c0b::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 08 Dec 2023 15:38:21 GMT content-encoding gzip x-content-type-options nosniff age 544464 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15460 x-xss-protection 0 last-modified Thu, 07 Dec 2023 22:13:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Thu, 07 Mar 2024 15:38:21 GMT
POST H3	200	start Show response va.tawk.to/v1/session/	1011 B 1022 B	200ms 200ms	Fetch application/json	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://va.tawk.to/v1/session/start Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-chunk-common.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9871a26778d725d177bf844bca97705b08a9faf1df77ace1ae3d83c097e53fcb Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://filonl.demura.tv/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type application/json; charset=utf-8 Response headers date Thu, 14 Dec 2023 22:52:45 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br server cloudflare vary Accept-Encoding access-control-allow-methods POST,OPTIONS content-type application/json access-control-allow-origin https://filonl.demura.tv access-control-allow-credentials true cf-ray 835a04e21b264bd2-BUF access-control-allow-headers content-type,x-tawk-token alt-svc h3=":443"; ma=86400 x-served-by visitor-application-preemptive-bm6j
OPTIONS H3	200	start va.tawk.to/v1/session/ Frame	0 0	79ms 79ms	Preflight	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://va.tawk.to/v1/session/start Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://filonl.demura.tv Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-tawk-token access-control-allow-methods POST,OPTIONS access-control-allow-origin https://filonl.demura.tv alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 835a04e1987d4bc1-BUF date Thu, 14 Dec 2023 22:52:45 GMT server cloudflare strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff x-served-by visitor-application-preemptive-bm6j
GET H3	200	AGSKWxXkFc3DRgzdCWmAsHMu7DKHj4wIDm-Vi-bzZuqRjwpEhco6HRMd86yYmgok68y2QOxkfHU1lc5mP8SajC3zRkKxBpBvjZ75A2PSczCbXQtCTym3XT_o6hoPuJO2EidgUNyhuvqTYg== Show response fundingchoicesmessages.google.com/f/	14 KB 6 KB	83ms 83ms	Script application/javascript	2607:f8b0:4004:c08::71 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxXkFc3DRgzdCWmAsHMu7DKHj4wIDm-Vi-bzZuqRjwpEhco6HRMd86yYmgok68y2QOxkfHU1lc5mP8SajC3zRkKxBpBvjZ75A2PSczCbXQtCTym3XT_o6hoPuJO2EidgUNyhuvqTYg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyNTk0MzY1LDY5NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vZmlsb25sLmRlbXVyYS50di8iLG51bGwsW1s4LCJ3dVJyY2ZZbFlodyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.wuRrcfYlYhw.es5.O/am=wA/d=1/rs=AJlcJMyq4j3elD76bCvqI3Q9g6iUxioeVA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c08::71 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 624a712378edf7782378ce8d873a22d3b152ab8f6d838b239a217652d18d58eb Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-FG7DxNNwPnFdMfgPjs5b-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:45 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-FG7DxNNwPnFdMfgPjs5b-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response pagead2.googlesyndication.com/bg/ Frame C871	39 KB 15 KB	31ms 30ms	Script text/javascript	2607:f8b0:4004:c17::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 17:41:45 GMT content-encoding br x-content-type-options nosniff age 18660 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15165 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 13 Dec 2024 17:41:45 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 2EC2	0 0	142ms 142ms	Image text/html	2607:f8b0:4004:c17::9c GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2592641645674657&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers
GET H3	200	ru.js Show response embed.tawk.to/_s/v4/app/6579dd43930/languages/	21 KB 5 KB	71ms 38ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/6579dd43930/languages/ru.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-chunk-common.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd1e6d003e04f1bb73c74f3d37f5f321b9da185b1796c574ca134ae51fb132bd Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:45 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 28867 x-cache-status HIT alt-svc h3=":443"; ma=86400 last-modified Wed, 13 Dec 2023 16:37:48 GMT server cloudflare etag W/"6dfb25265c985b75a29d371473e3e0da" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 835a04e1eb164bd2-BUF
GET H2	200	css fonts.googleapis.com/ Frame B1FA	14 KB 1 KB	41ms 41ms	Stylesheet text/css	2607:f8b0:4004:c09::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 14 Dec 2023 22:52:45 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 14 Dec 2023 21:50:00 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 14 Dec 2023 22:52:45 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B1FA	2 KB 822 B	32ms 31ms	Script text/javascript	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 03:35:45 GMT content-encoding br x-content-type-options nosniff age 69420 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 28 Dec 2023 03:35:45 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame B1FA	24 KB 9 KB	32ms 32ms	Script text/javascript	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 03:08:02 GMT content-encoding br x-content-type-options nosniff age 71083 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9318 x-xss-protection 0 server cafe etag 3562968281324141506 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 28 Dec 2023 03:08:02 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame C9F1	143 B 166 B	34ms 32ms	Document text/html	2607:f8b0:4004:c09::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::9a Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 1884 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 14 Dec 2023 22:21:21 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B1FA	3 KB 1 KB	32ms 32ms	Script text/javascript	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 03:08:00 GMT content-encoding br x-content-type-options nosniff age 71085 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 28 Dec 2023 03:08:00 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B1FA	20 KB 8 KB	33ms 31ms	Script text/javascript	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 03:40:58 GMT content-encoding br x-content-type-options nosniff age 69107 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8571 x-xss-protection 0 server cafe etag 5853369240893788875 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 28 Dec 2023 03:40:58 GMT
GET H3	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame B1FA	203 KB 64 KB	37ms 35ms	Script text/javascript	2607:f8b0:4004:c17::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:45 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65731 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1702472459035717" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 14 Dec 2023 22:52:45 GMT
GET H2	200	f9d9b65dbd646119ce96bad0f484d579.js Show response www.gstatic.com/mysidia/ Frame B1FA	37 KB 15 KB	32ms 30ms	Script text/javascript	2607:f8b0:4004:c0b::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 08 Dec 2023 15:38:21 GMT content-encoding gzip x-content-type-options nosniff age 544464 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15460 x-xss-protection 0 last-modified Thu, 07 Dec 2023 22:13:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Thu, 07 Mar 2024 15:38:21 GMT
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame C9F1 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	41ms 40ms	Document text/html	2607:f8b0:4004:c09::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::9a Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 14 Dec 2023 22:52:46 GMT expires Thu, 14 Dec 2023 22:52:46 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 14 Dec 2023 22:52:45 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response pagead2.googlesyndication.com/bg/ Frame 4394	50 KB 19 KB	32ms 31ms	Script text/javascript	2607:f8b0:4004:c17::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 18:16:09 GMT content-encoding br x-content-type-options nosniff age 16597 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19601 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 13 Dec 2024 18:16:09 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 4C45 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=C3vz8O4d7ZePINJ6ooPMP_9642A-WkvmgdIzyu-yFEvWN_MIDEAEg6uGHImDJ7o6LwKSMEKABqsDC7inIAQmoAwHIA8uEgIAEqgSJAk_QJJdhYinQuCQkL4C65QBfAN13vM7H9sNRh1UNSz0... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5fca8c2e5032c2660000000000000000%22,%222%22:%220xaf79f80feb5501ee0000000000000000%22,%223%22:%220xe599a6...	0 0	113ms 47ms	Fetch text/css	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5fca8c2e5032c2660000000000000000%22,%222%22:%220xaf79f80feb5501ee0000000000000000%22,%223%22:%220xe599a64f39a3d1ca0000000000000000%22,%224%22:%220xfcecb94eb05cfeb90000000000000000%22,%225%22:%220x503a5b1f8008ca600000000000000000%22},%22debug_key%22:%223971774293948946462%22,%22debug_reporting%22:true,%22destination%22:%22https://optionish.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211237629994%22],%2222%22:[%22true%22],%224%22:[%2212-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228839025779286862353%22}&andc=true Protocol H3 Server 142.251.167.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:46 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"1":"0x5fca8c2e5032c2660000000000000000","2":"0xaf79f80feb5501ee0000000000000000","3":"0xe599a64f39a3d1ca0000000000000000","4":"0xfcecb94eb05cfeb90000000000000000","5":"0x503a5b1f8008ca600000000000000000"},"debug_key":"3971774293948946462","debug_reporting":true,"destination":"https://optionish.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11237629994"],"22":["true"],"4":["12-14"],"6":["true"]},"priority":"500","source_event_id":"8839025779286862353"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 14 Dec 2023 22:52:46 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Thu, 14 Dec 2023 22:52:46 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x5fca8c2e5032c2660000000000000000","2":"0xaf79f80feb5501ee0000000000000000","3":"0xe599a64f39a3d1ca0000000000000000","4":"0xfcecb94eb05cfeb90000000000000000","5":"0x503a5b1f8008ca600000000000000000"},"debug_key":"3971774293948946462","debug_reporting":true,"destination":"https://optionish.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11237629994"],"22":["true"],"4":["12-14"],"6":["true"]},"priority":"500","source_event_id":"8839025779286862353"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	twk-chunk-2c776523.js Show response embed.tawk.to/_s/v4/app/6579dd43930/js/	10 KB 3 KB	39ms 38ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-chunk-2c776523.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-runtime.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd50385cef163eb376d93e7b1e07fe467de23b60c98373f7d69448214d3e9cdd Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:46 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 74432 x-cache-status HIT alt-svc h3=":443"; ma=86400 last-modified Wed, 13 Dec 2023 16:37:47 GMT server cloudflare etag W/"70aec2dd89cac4933594c25b71d61f46" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 835a04e3cc294bd2-BUF
GET H3	200	twk-chunk-9294da6c.js Show response embed.tawk.to/_s/v4/app/6579dd43930/js/	18 KB 5 KB	41ms 41ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-chunk-9294da6c.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-runtime.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ebee8f271600393cd8f3890112acc9d0651931ce34651953b720debd94dd6d37 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:46 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 74432 x-cache-status HIT alt-svc h3=":443"; ma=86400 last-modified Wed, 13 Dec 2023 16:37:47 GMT server cloudflare etag W/"9524b6654f1ea5dfc23ed6b629174c78" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 835a04e3cc2a4bd2-BUF
GET H3	200	twk-chunk-2d0b383d.js Show response embed.tawk.to/_s/v4/app/6579dd43930/js/	699 B 675 B	39ms 38ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-chunk-2d0b383d.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-runtime.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:46 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 74432 x-cache-status HIT alt-svc h3=":443"; ma=86400 last-modified Wed, 13 Dec 2023 16:37:47 GMT server cloudflare etag W/"838903127a65ec440893b4945c40ca4a" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 835a04e3cc2c4bd2-BUF
GET H3	200	twk-chunk-48f3b594.js Show response embed.tawk.to/_s/v4/app/6579dd43930/js/	19 KB 6 KB	44ms 43ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-chunk-48f3b594.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-runtime.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 41c4cbb784b958d14cb7273095704d17c42787d52c0ee13dd9ebf57ea629815c Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:46 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 74432 x-cache-status HIT alt-svc h3=":443"; ma=86400 last-modified Wed, 13 Dec 2023 16:37:47 GMT server cloudflare etag W/"82f0a981a3fc9f68108c7469734d8a2b" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 835a04e3cc2d4bd2-BUF
GET H3	200	twk-chunk-4fe9d5dd.js Show response embed.tawk.to/_s/v4/app/6579dd43930/js/	906 B 661 B	40ms 40ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-chunk-4fe9d5dd.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-runtime.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:46 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 74432 x-cache-status HIT alt-svc h3=":443"; ma=86400 last-modified Wed, 13 Dec 2023 16:37:47 GMT server cloudflare etag W/"1c5ecf371149feca23bd895ba9dfec4d" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 835a04e3cc2e4bd2-BUF
GET H3	200	twk-chunk-2d0b9454.js Show response embed.tawk.to/_s/v4/app/6579dd43930/js/	535 B 573 B	41ms 40ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-chunk-2d0b9454.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-runtime.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:46 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 74432 x-cache-status HIT alt-svc h3=":443"; ma=86400 last-modified Wed, 13 Dec 2023 16:37:47 GMT server cloudflare etag W/"c506281367048d4a134c9affbc68c8c6" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 835a04e3cc304bd2-BUF
GET H3	200	twk-chunk-24d8db78.js Show response embed.tawk.to/_s/v4/app/6579dd43930/js/	111 KB 24 KB	67ms 67ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-chunk-24d8db78.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-runtime.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9918b52b8d21ac9ccf2791c2debc1790793db6ca15322295ec37b033c17040dd Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:46 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 74432 x-cache-status HIT alt-svc h3=":443"; ma=86400 last-modified Wed, 13 Dec 2023 16:37:47 GMT server cloudflare etag W/"8692bceb86f2699f305f540e54df6f23" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 835a04e3cc314bd2-BUF
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame C871	0 10 B	34ms 33ms	Image text/plain	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?T1ZT1A Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:46 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response pagead2.googlesyndication.com/bg/ Frame ED21	50 KB 19 KB	34ms 34ms	Script text/javascript	2607:f8b0:4004:c17::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 18:16:09 GMT content-encoding br x-content-type-options nosniff age 16597 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19601 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 13 Dec 2024 18:16:09 GMT
GET H3	200	a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response pagead2.googlesyndication.com/bg/ Frame 732D	50 KB 19 KB	34ms 33ms	Script text/javascript	2607:f8b0:4004:c17::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 18:16:09 GMT content-encoding br x-content-type-options nosniff age 16597 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19601 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 13 Dec 2024 18:16:09 GMT
GET H3	200	a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response pagead2.googlesyndication.com/bg/ Frame 0DDB	50 KB 19 KB	32ms 31ms	Script text/javascript	2607:f8b0:4004:c17::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Requested by Host: filonl.demura.tv URL: https://filonl.demura.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 18:16:09 GMT content-encoding br x-content-type-options nosniff age 16597 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19601 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 13 Dec 2024 18:16:09 GMT
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	113ms 46ms	Preflight text/html	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5fca8c2e5032c2660000000000000000%22,%222%22:%220xaf79f80feb5501ee0000000000000000%22,%223%22:%220xe599a64f39a3d1ca0000000000000000%22,%224%22:%220xfcecb94eb05cfeb90000000000000000%22,%225%22:%220x503a5b1f8008ca600000000000000000%22},%22debug_key%22:%223971774293948946462%22,%22debug_reporting%22:true,%22destination%22:%22https://optionish.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211237629994%22],%2222%22:[%22true%22],%224%22:[%2212-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228839025779286862353%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Thu, 14 Dec 2023 22:52:46 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	min-widget.css embed.tawk.to/_s/v4/app/6579dd43930/css/ Frame F78F	24 KB 5 KB	38ms 38ms	Stylesheet text/css	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/6579dd43930/css/min-widget.css Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-chunk-2c776523.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:46 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 74432 cf-polished origSize=24831 x-cache-status HIT alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 13 Dec 2023 16:37:46 GMT server cloudflare etag W/"5742a34aaab2a5983c7c11cdeef1c0ee" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 835a04e47c684bd2-BUF
GET H3	200	message-preview.css embed.tawk.to/_s/v4/app/6579dd43930/css/ Frame 0FC8	40 KB 8 KB	38ms 37ms	Stylesheet text/css	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/6579dd43930/css/message-preview.css Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-chunk-2c776523.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7bd9666b0959d868276da481746b74e6a76fbc19f7957e528b8fb022367980bc Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:46 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 74432 cf-polished origSize=40832 x-cache-status HIT alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 13 Dec 2023 16:37:46 GMT server cloudflare etag W/"cf4a08d496f49489af30571e3cbb48f3" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 835a04e4dc8e4bd2-BUF
GET H3	200	max-widget.css embed.tawk.to/_s/v4/app/6579dd43930/css/ Frame 8A5C	76 KB 15 KB	39ms 39ms	Stylesheet text/css	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/6579dd43930/css/max-widget.css Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-chunk-2c776523.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799596c2833003b4bd92b1454ba52de29fb4fd07edb07648d64e567b0d293f85 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:46 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 74432 cf-polished origSize=78180 x-cache-status HIT alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 13 Dec 2023 16:37:46 GMT server cloudflare etag W/"0ab357443b798b4a1db6c4f22b1590f4" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 835a04e55cf24bd2-BUF
GET H2	200	emojione.min.js Show response cdn.jsdelivr.net/emojione/2.2.7/lib/js/	295 KB 41 KB	93ms 29ms	Script application/javascript	2a04:4e42:200::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-chunk-vendors.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Thu, 14 Dec 2023 22:52:46 GMT age 4488724 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 41275 x-served-by cache-fra-eddf8230136-FRA, cache-nyc-kteb1890068-NYC etag W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
OPTIONS H3	200	v3 va.tawk.to/log-performance/ Frame	0 0	83ms 83ms	Preflight	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://va.tawk.to/log-performance/v3 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://filonl.demura.tv Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-tawk-token access-control-allow-methods POST,OPTIONS access-control-allow-origin https://filonl.demura.tv alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 835a04e5daa64bc1-BUF date Thu, 14 Dec 2023 22:52:46 GMT server cloudflare strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff x-served-by visitor-application-preemptive-bm6j
POST H3	200	v3 Show response va.tawk.to/log-performance/	5 B 262 B	82ms 82ms	Fetch text/html	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://va.tawk.to/log-performance/v3 Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-chunk-common.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://filonl.demura.tv/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type application/json; charset=utf-8 Response headers date Thu, 14 Dec 2023 22:52:46 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br server cloudflare vary Accept-Encoding access-control-allow-methods POST,OPTIONS content-type text/html; charset=utf-8 access-control-allow-origin https://filonl.demura.tv access-control-allow-credentials true cf-ray 835a04e65b214bc1-BUF access-control-allow-headers content-type,x-tawk-token alt-svc h3=":443"; ma=86400 x-served-by visitor-application-preemptive-bm6j
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	91ms 90ms	Image text/html	2607:f8b0:4004:c17::9c GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2592641645674657&bg=!w8ClwI_NAAY3kmNgF5I7ADQBe5WfOF67USq3Fcu5K3fpK5mS7aOA8CLOfT1_QLbJxJf7fMq6xn-lm1ii67H8rIP81iDJAgAAAWVSAAAAA2gBB5kC32QgrF15_hQ0HfhyzgRLeZwffQk-V7LJT3YlA-9SD-iFBjBOBMt0BbeHdfo2dMRgE1oJp9dtVGO7zTzMbEggL6XevmZm5yyYXD8gCLuSpg8ZETH8dKOOeZGE1wV-EhEK8wCAWxk4htt1peEzKkaegrdDl021d_tSkOden0FEk-VY1v1VuMD2lqhayRhimyN0QwbVlbukyDoup3Tz8miYaXLS534ynxtFKuMib8zDviOiAavUDmL6VwE0HWCA8ow1HboA6OHoivKKvUEjH60fG8uCoGE-Uf503NxbcAvY3kLdnM0gh7hyM4pWyhD6km-ExXbL1yyZPEnBoinBgVGnwZ74ykKeTB2kL2EmZ3v2VmiBl1XCzSSR4lP9FAhYEGhWJweyTU0DBCUBlhj8NuboGJ8BUCN1oNi1HUegNP2djohX28T_LVGrNC_cmMJb5kjhHVAtikmAcVyWJUTIRGrzz0sXRmQPC5SinDdCKDeznYHPj4fdi07gbFaXnGJzfmcHiBqxnag96ZZVeLICpxWvP_gUjAzdJKou2sGB9_9iB6ny_CLEDDGtDPshrGRZ6nSm6g5xCMBdi5UTVXqTMrGYtj6uX5NzeL2FFSyW__5Ps9K1Qz5iR0o9-MVWllFBEAAWk3Eg-2hLfnME9Irmq-MS6xSyrZacks2f8lHUlvdhSbD45lkBUQNL_5PE6nkhpabzGyOfb2wd79HKNBEfWpJJ45C2kIfH_Nlz1hoKjMfZOEYzIzmPGIJJyMD8oWKBRl9s2KR46vO2LpvrvT4lY4hin9MPCX7XhVgFvYHd9_x3h-fxDnDniLvD6JrvWLHNA0ixlPBWTbiSUnHQDQPlIxhp40siQX3Ueklmgk8YDACt7s_7kBn3aD4sEKZPbRfktvcxxVWH75GKhDwVA33amdeUndW9YmHZ46DwkF9YBpzJqYsOpLW84nCLIT1JvmCJEVTbEjXm9zL56qGyhdUWPyW9Kg Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers
GET H3	200	px.gif fundingchoicesmessages.google.com/img/	43 B 68 B	52ms 51ms	Image image/gif	2607:f8b0:4004:c08::71 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=10.414703313108443 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c08::71 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-BtRhgkKUY2fveq3upnKRgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:46 GMT content-security-policy script-src 'report-sample' 'nonce-BtRhgkKUY2fveq3upnKRgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type image/gif cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	px.gif fundingchoicesmessages.google.com/img/	43 B 68 B	50ms 49ms	Image image/gif	2607:f8b0:4004:c08::71 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=3.872757151085022 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c08::71 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-1l4iV0ocH4VHSIguMe9L3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:46 GMT content-security-policy script-src 'report-sample' 'nonce-1l4iV0ocH4VHSIguMe9L3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type image/gif cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxUbDS25Ey3FLkxTqRBvejo6MKuTgLAUXeb0cofc4Lzt4F2KsL52uw3F45aCaydWIiahCZG2ZgnypTmPIv4m2xGbimJt9uyedpHqsfIuqgFy2LYARR8R7cR9AK30FUNs2bOdCN58QQ== Show response fundingchoicesmessages.google.com/el/	0 28 B	112ms 49ms	XHR text/html	2607:f8b0:4004:c08::71 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUbDS25Ey3FLkxTqRBvejo6MKuTgLAUXeb0cofc4Lzt4F2KsL52uw3F45aCaydWIiahCZG2ZgnypTmPIv4m2xGbimJt9uyedpHqsfIuqgFy2LYARR8R7cR9AK30FUNs2bOdCN58QQ== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.wuRrcfYlYhw.es5.O/am=wA/d=1/rs=AJlcJMyq4j3elD76bCvqI3Q9g6iUxioeVA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c08::71 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-LT1PAni1vtZQNd9-UQibsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://filonl.demura.tv/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers date Thu, 14 Dec 2023 22:52:46 GMT content-security-policy script-src 'report-sample' 'nonce-LT1PAni1vtZQNd9-UQibsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://filonl.demura.tv content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	tizers.php Show response fundingchoicesmessages.google.com/f/AGSKWxW7wOKnAekowC55uz0DMIgfbmeK69pGIF1SgfdHCTMG0t9NrUxFlvC-7OF1ksehptcYO1fYtOUPk4IeuuKiDxDrcl1vO5-njBFQyl29jBbOV-Q9dxUD1dHlJ0NWPpgzeShjOoZJursjkHegQeKSdRS_29hsR...	54 B 109 B	51ms 50ms	Script application/javascript	2607:f8b0:4004:c08::71 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxW7wOKnAekowC55uz0DMIgfbmeK69pGIF1SgfdHCTMG0t9NrUxFlvC-7OF1ksehptcYO1fYtOUPk4IeuuKiDxDrcl1vO5-njBFQyl29jBbOV-Q9dxUD1dHlJ0NWPpgzeShjOoZJursjkHegQeKSdRS_29hsR8BaJW5S5I8oLBt1Ydd9pC3UOdFdGUta/_/siteads./cgi/ad_/tizers.php?/sticker_ad..ads.css Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.wuRrcfYlYhw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyNreoDFLSym4fIlcqYY32kVmLO6g/m=ad_blocking_detection_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c08::71 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 24924e0d6609c84650c8397e8553426d3b9316e005dc44c1b6cdbda14a9814d5 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-HQLsfCizZWpEWxpmqYfcng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:47 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-HQLsfCizZWpEWxpmqYfcng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	google_top_exp.js Show response pagead2.googlesyndication.com/pagead/js/	47 B 67 B	32ms 31ms	Script text/javascript	2607:f8b0:4004:c17::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.wuRrcfYlYhw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyNreoDFLSym4fIlcqYY32kVmLO6g/m=ad_blocking_detection_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 18:30:04 GMT content-encoding br x-content-type-options nosniff age 15763 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 server cafe etag 13036835877489095579 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 28 Dec 2023 18:30:04 GMT
POST H3	204	AGSKWxUbDS25Ey3FLkxTqRBvejo6MKuTgLAUXeb0cofc4Lzt4F2KsL52uw3F45aCaydWIiahCZG2ZgnypTmPIv4m2xGbimJt9uyedpHqsfIuqgFy2LYARR8R7cR9AK30FUNs2bOdCN58QQ== Show response fundingchoicesmessages.google.com/el/	0 28 B	48ms 48ms	XHR text/html	2607:f8b0:4004:c08::71 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUbDS25Ey3FLkxTqRBvejo6MKuTgLAUXeb0cofc4Lzt4F2KsL52uw3F45aCaydWIiahCZG2ZgnypTmPIv4m2xGbimJt9uyedpHqsfIuqgFy2LYARR8R7cR9AK30FUNs2bOdCN58QQ== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.wuRrcfYlYhw.es5.O/am=wA/d=1/rs=AJlcJMyq4j3elD76bCvqI3Q9g6iUxioeVA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c08::71 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-epKgBO1EhxCEZMGhintw1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://filonl.demura.tv/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers date Thu, 14 Dec 2023 22:52:47 GMT content-security-policy script-src 'report-sample' 'nonce-epKgBO1EhxCEZMGhintw1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://filonl.demura.tv content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxUbDS25Ey3FLkxTqRBvejo6MKuTgLAUXeb0cofc4Lzt4F2KsL52uw3F45aCaydWIiahCZG2ZgnypTmPIv4m2xGbimJt9uyedpHqsfIuqgFy2LYARR8R7cR9AK30FUNs2bOdCN58QQ== Show response fundingchoicesmessages.google.com/el/	0 28 B	48ms 47ms	XHR text/html	2607:f8b0:4004:c08::71 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUbDS25Ey3FLkxTqRBvejo6MKuTgLAUXeb0cofc4Lzt4F2KsL52uw3F45aCaydWIiahCZG2ZgnypTmPIv4m2xGbimJt9uyedpHqsfIuqgFy2LYARR8R7cR9AK30FUNs2bOdCN58QQ== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.wuRrcfYlYhw.es5.O/am=wA/d=1/rs=AJlcJMyq4j3elD76bCvqI3Q9g6iUxioeVA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c08::71 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xhpbs2rTxm3GazToIAEQmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://filonl.demura.tv/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers date Thu, 14 Dec 2023 22:52:47 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xhpbs2rTxm3GazToIAEQmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://filonl.demura.tv access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxUbDS25Ey3FLkxTqRBvejo6MKuTgLAUXeb0cofc4Lzt4F2KsL52uw3F45aCaydWIiahCZG2ZgnypTmPIv4m2xGbimJt9uyedpHqsfIuqgFy2LYARR8R7cR9AK30FUNs2bOdCN58QQ== Show response fundingchoicesmessages.google.com/el/	0 28 B	48ms 47ms	XHR text/html	2607:f8b0:4004:c08::71 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUbDS25Ey3FLkxTqRBvejo6MKuTgLAUXeb0cofc4Lzt4F2KsL52uw3F45aCaydWIiahCZG2ZgnypTmPIv4m2xGbimJt9uyedpHqsfIuqgFy2LYARR8R7cR9AK30FUNs2bOdCN58QQ== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.wuRrcfYlYhw.es5.O/am=wA/d=1/rs=AJlcJMyq4j3elD76bCvqI3Q9g6iUxioeVA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c08::71 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iPHL2hni4hAmQ0unkC1s9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://filonl.demura.tv/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers date Thu, 14 Dec 2023 22:52:47 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iPHL2hni4hAmQ0unkC1s9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://filonl.demura.tv content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxUbDS25Ey3FLkxTqRBvejo6MKuTgLAUXeb0cofc4Lzt4F2KsL52uw3F45aCaydWIiahCZG2ZgnypTmPIv4m2xGbimJt9uyedpHqsfIuqgFy2LYARR8R7cR9AK30FUNs2bOdCN58QQ== Show response fundingchoicesmessages.google.com/el/	0 28 B	47ms 47ms	XHR text/html	2607:f8b0:4004:c08::71 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUbDS25Ey3FLkxTqRBvejo6MKuTgLAUXeb0cofc4Lzt4F2KsL52uw3F45aCaydWIiahCZG2ZgnypTmPIv4m2xGbimJt9uyedpHqsfIuqgFy2LYARR8R7cR9AK30FUNs2bOdCN58QQ== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.wuRrcfYlYhw.es5.O/am=wA/d=1/rs=AJlcJMyq4j3elD76bCvqI3Q9g6iUxioeVA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c08::71 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-20q0R45Xv97mTjLEU8zOag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://filonl.demura.tv/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers date Thu, 14 Dec 2023 22:52:47 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-20q0R45Xv97mTjLEU8zOag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://filonl.demura.tv access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	AGSKWxVGWQsrlP31YrcrzCdw8OdVvoEPWio7fIot65S5rjOL8MTdINJah8MAwdqOyimOsLpSV4x452TN43CHZe5lTNXGWWrd4Djx61C-KIwnkk9SoMG4X09G1M-hJXMWocxklEC241-i3Q== Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	64ms 63ms	Script application/javascript	2607:f8b0:4004:c08::71 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxVGWQsrlP31YrcrzCdw8OdVvoEPWio7fIot65S5rjOL8MTdINJah8MAwdqOyimOsLpSV4x452TN43CHZe5lTNXGWWrd4Djx61C-KIwnkk9SoMG4X09G1M-hJXMWocxklEC241-i3Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyNTk0MzY3LDY3OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9maWxvbmwuZGVtdXJhLnR2LyIsbnVsbCxbWzgsInd1UnJjZllsWWh3Il0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.wuRrcfYlYhw.es5.O/am=wA/d=1/rs=AJlcJMyq4j3elD76bCvqI3Q9g6iUxioeVA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c08::71 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3a72b41d78502952434bedfc0a132b7e73463e16aea00bd88808a7c29d0b641a Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-GejyEWgOFEvCLgBCLSlcYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://filonl.demura.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:52:47 GMT content-security-policy script-src 'report-sample' 'nonce-GejyEWgOFEvCLgBCLSlcYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxVXzE1c4ci6Z5CWU1oWF-U5sDhW0pivnBNod4DFoyn46UTGNfypy33y6mf6Z_kg66LjVR-UYpAAfTFZdEkyQZGZNRD5o8YS1QMzcJBhaCFNE4c97wyHR5lwIgep_Nr5R-6jD3Dl-g== Show response fundingchoicesmessages.google.com/el/	0 28 B	50ms 50ms	XHR text/html	2607:f8b0:4004:c08::71 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVXzE1c4ci6Z5CWU1oWF-U5sDhW0pivnBNod4DFoyn46UTGNfypy33y6mf6Z_kg66LjVR-UYpAAfTFZdEkyQZGZNRD5o8YS1QMzcJBhaCFNE4c97wyHR5lwIgep_Nr5R-6jD3Dl-g== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.wuRrcfYlYhw.es5.O/am=wA/d=1/rs=AJlcJMyq4j3elD76bCvqI3Q9g6iUxioeVA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c08::71 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-aWWx3IKdSbh1St6jdKFsWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://filonl.demura.tv/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers date Thu, 14 Dec 2023 22:52:47 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-aWWx3IKdSbh1St6jdKFsWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://filonl.demura.tv content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxUbDS25Ey3FLkxTqRBvejo6MKuTgLAUXeb0cofc4Lzt4F2KsL52uw3F45aCaydWIiahCZG2ZgnypTmPIv4m2xGbimJt9uyedpHqsfIuqgFy2LYARR8R7cR9AK30FUNs2bOdCN58QQ== Show response fundingchoicesmessages.google.com/el/	0 28 B	48ms 47ms	XHR text/html	2607:f8b0:4004:c08::71 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUbDS25Ey3FLkxTqRBvejo6MKuTgLAUXeb0cofc4Lzt4F2KsL52uw3F45aCaydWIiahCZG2ZgnypTmPIv4m2xGbimJt9uyedpHqsfIuqgFy2LYARR8R7cR9AK30FUNs2bOdCN58QQ== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.wuRrcfYlYhw.es5.O/am=wA/d=1/rs=AJlcJMyq4j3elD76bCvqI3Q9g6iUxioeVA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c08::71 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-UrapNoIf4fwPMOQPhs0mPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://filonl.demura.tv/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers date Thu, 14 Dec 2023 22:52:47 GMT content-security-policy script-src 'report-sample' 'nonce-UrapNoIf4fwPMOQPhs0mPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://filonl.demura.tv access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT