fileforum.com Open in urlscan Pro
108.44.238.29 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fileforum.com/profile/puffincork5/
Submission: On May 31 via manual (May 31st 2024, 4:39:51 pm UTC) from US — Scanned from IL

Summary HTTP 30 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 10 IPs in 1 countries across 8 domains to perform 30 HTTP transactions. The main IP is 108.44.238.29, located in Leesburg, United States and belongs to UUNET, US. The main domain is fileforum.com.
TLS certificate: Issued by R3 on May 2nd 2024. Valid for: 3 months.

This is the only time fileforum.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	108.44.238.29 108.44.238.29	701 (UUNET) (UUNET)
11	172.67.74.154 172.67.74.154	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	192.0.73.2 192.0.73.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	142.250.185.104 142.250.185.104	15169 (GOOGLE) (GOOGLE)
1	216.239.32.178 216.239.32.178	15169 (GOOGLE) (GOOGLE)
5	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
2	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
1	216.58.206.68 216.58.206.68	15169 (GOOGLE) (GOOGLE)
30	10

2 108.44.238.29 (Leesburg, United States)

ASN701 (UUNET, US)
PTR: phoenix.betanews.com

fileforum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.67.74.154 (United States)

ASN13335 (CLOUDFLARENET, US)

images.betanews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.73.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

www.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.68 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	betanews.com images.betanews.com	85 KB
6	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 164	270 KB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	158 KB
2	fileforum.com fileforum.com	5 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	253 B
1	gravatar.com www.gravatar.com — Cisco Umbrella Rank: 4183	5 KB
30	8

	Domain	Requested by
11	images.betanews.com	fileforum.com images.betanews.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	pagead2.googlesyndication.com	fileforum.com pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.googletagmanager.com	fileforum.com www.googletagmanager.com
2	fileforum.com
1	www.google.com	tpc.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.gravatar.com	fileforum.com
30	9

This site contains links to these domains. Also see Links.

Domain
betanews.com
fileforum.betanews.com
store.fileforum.com
twitter.com
www.facebook.com
output.jsbin.com

Subject Issuer	Validity	Valid
admin.betanews.com R3	`2024-05-02` - `2024-07-31`	3 months	crt.sh
betanews.com E1	`2024-05-26` - `2024-08-24`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-05` - `2025-01-04`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.google.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://fileforum.com/profile/puffincork5/
Frame ID: C4AB4F8DDAB6B16B4D3EBF370D24BF7F
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240529/r20110914/zrt_lookup_fy2021.html
Frame ID: 24A44BC58BA42F3C2C6482DFC07B975C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1717173585&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffileforum.com%2Fprofile%2Fpuffincork5%2F&pra=5&wgl=1&easpi=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1717173587037&bpp=18&bdt=1323&idt=702&shv=r20240529&mjsv=m202405290101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6183305863064&frm=20&pv=2&ga_vid=695035154.1717173588&ga_sid=1717173588&ga_hid=697244355&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31083639%2C31084024%2C31084027%2C42532523%2C95331696%2C31084174%2C95334052%2C95334159%2C95334311%2C31078668&oid=2&pvsid=2580566763053058&tmod=1045693242&uas=0&nvt=1&fsapi=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=750
Frame ID: F92674DCE1914B89CC4EDD0CF621B0CB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3368998127&adf=2550651363&pi=t.aa~a.3269266735~rp.4&w=659&abgtt=6&fwrn=4&fwrnh=100&lmt=1717173585&rafmt=1&to=qs&pwprc=8797158495&format=659x280&url=https%3A%2F%2Ffileforum.com%2Fprofile%2Fpuffincork5%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1717173587055&bpp=2&bdt=1340&idt=753&shv=r20240529&mjsv=m202405290101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=6183305863064&frm=20&pv=1&ga_vid=695035154.1717173588&ga_sid=1717173588&ga_hid=697244355&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31083639%2C31084024%2C31084027%2C42532523%2C95331696%2C31084174%2C95334052%2C95334159%2C95334311%2C31078668&oid=2&pvsid=2580566763053058&tmod=1045693242&uas=0&nvt=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=758
Frame ID: 64AAD7539D4B499848EF1FD858771DF1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240529/r20110914/zrt_lookup_fy2021.html
Frame ID: F13FDE344D18CF67EDB0A8938FFA5210
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240529/r20110914/zrt_lookup_fy2021.html
Frame ID: 3EF4CACFC31543608DC49EB18E41E8EF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1DE8FC79BDB819E3C94E481FD195951A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 37CB48F6E2D2D88CD52D1D70811F4250
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

puffincork5's Profile | FileForum

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Gravatar (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<[^>]+gravatar\.com/avatar/

Page Statistics

30
Requests

97 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

10
IPs

1
Countries

523 kB
Transfer

1438 kB
Size

8
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://betanews.com/
Title: BetaNews

Search URL Search Domain Scan URL

URL: https://fileforum.betanews.com/
Title: Downloads

Search URL Search Domain Scan URL

URL: https://store.fileforum.com/
Title: Software Store

Search URL Search Domain Scan URL

URL: http://twitter.com/FileForum
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/FileForum
Title: Facebook

Search URL Search Domain Scan URL

URL: https://output.jsbin.com/dotibasoyi
Title: https://output.jsbin.com/dotibasoyi

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
fileforum.com/profile/puffincork5/ 7 KB
3 KB 798ms
210ms Document
text/html 108.44.238.29
UUNET

General

Check archive.org

Show headers Download Go to

Full URL: https://fileforum.com/profile/puffincork5/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.44.238.29 Leesburg, United States, ASN701 (UUNET, US),
Reverse DNS: phoenix.betanews.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 29b8efebc158f2de93e346e8437211694ef38dad0e5f7b85c547f98cb1e5a7cd

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: private, must-revalidate, pre-check=0, post-check=0
Connection: close
Content-Encoding: gzip
Content-Length: 2365
Content-Type: text/html; charset=UTF-8
Date: Fri, 31 May 2024 16:39:45 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Fri, 31 May 2024 16:39:45 GMT
Pragma: no-cache
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding

GET
H2 200 reset.css
images.betanews.com/stylesheets/fileforum3/ 886 B
917 B 757ms
619ms Stylesheet
text/css 172.67.74.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images.betanews.com/stylesheets/fileforum3/reset.css
Requested by: Host: fileforum.com
URL: https://fileforum.com/profile/puffincork5/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160d317860d283845ddde93faa4a3c41f42f0e777acb74dba3a716555c89610f

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 May 2024 16:39:46 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Sat, 08 Jul 2017 02:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "376-553c565bb7500-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j5fFjaX3E%2F8%2BfFRXuEp86WBfnLuDrg618wVFga%2BZLeXUZ3YaWRszMa9te9GBhsZlK1KtZIJ58TswwTnTfwEV4R8whczEktWtdO5NYdtX%2Bv3zQuzJpvq95F0w4Wnhg60L9YNNWsU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c866dfcc3ae3d7-TLV
content-length: 436

GET
H2 200 main.css
images.betanews.com/stylesheets/fileforum3/ 29 KB
6 KB 779ms
641ms Stylesheet
text/css 172.67.74.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Requested by: Host: fileforum.com
URL: https://fileforum.com/profile/puffincork5/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deda914cce5fb739ca5624e64be7af22f3a426623b3bf174429287d2376dfc4b

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 May 2024 16:39:46 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Tue, 11 Jul 2017 23:54:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "72a2-554136b4eee40-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zcY1eQLXVcv%2BfcGzEFZSry2nr732pINwzHtJI4Eszwo8IrroIkB2RunPx4%2Ff%2BrwaMldTFjZU2R45fBqdp5wLHaki%2BY5Dqsndw4OS0jOcPjKtG2WEDc4Cz74TeMSRcIjk0DA%2F%2FB4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c866dfcc3de3d7-TLV
content-length: 6192

GET
H2 200 ffsite.js Show response
images.betanews.com/resources/ 137 KB
47 KB 1065ms
927ms Script
application/javascript 172.67.74.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images.betanews.com/resources/ffsite.js
Requested by: Host: fileforum.com
URL: https://fileforum.com/profile/puffincork5/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f061bc61c6a752564bba70c0675de98f06d26b6fe0655c2189fba606539accab

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 May 2024 16:39:46 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Sat, 08 Jul 2017 02:55:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "223e8-553c57b3fe140-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A8ZtycCgat4B%2FIL98P8vxupIkmSbyXChjglXaAf0u9obPN3r4oKsZ8NN0%2FuvGoGgqZQTzKx7AvPfwEQgaL0SLYh%2BvFC15zEl%2B4BRoE5DE8mRN4POTQ4IQCX1AlllexT2xzjhvn4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c866dfcc40e3d7-TLV
content-length: 48131

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 160 KB
51 KB 393ms
166ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6676241418785266

Requested by

Host: fileforum.com
URL: https://fileforum.com/profile/puffincork5/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

845db4804670fe60d55c1c2ee14ff95f6e478dfbab37260d7d1a96b90c9eddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fileforum.com/
Origin: https://fileforum.com
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 May 2024 16:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52510
x-xss-protection: 0
server: cafe
etag: 7465589803840436563
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 31 May 2024 16:39:46 GMT

GET
H2 200 c5f051be35b2a99d7191c1300a21c09d
www.gravatar.com/avatar/ 4 KB
5 KB 472ms
257ms Image
image/jpeg 192.0.73.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gravatar.com/avatar/c5f051be35b2a99d7191c1300a21c09d?s=128
Requested by: Host: fileforum.com
URL: https://fileforum.com/profile/puffincork5/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: fe77474b897160fc9eeb28dd35f21632587b1e238d2f32efaccc0fb021696174

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS mxp 2
date: Fri, 31 May 2024 16:39:46 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="c5f051be35b2a99d7191c1300a21c09d.jpg"
accept-ranges: bytes
link: <https://gravatar.com/avatar/c5f051be35b2a99d7191c1300a21c09d?s=128>; rel="canonical"
content-length: 4265
alt-svc: h3=":443"; ma=86400
expires: Fri, 31 May 2024 16:44:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 188 KB
68 KB 374ms
142ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WHTWSXS

Requested by

Host: fileforum.com
URL: https://fileforum.com/profile/puffincork5/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

658755b233f8167df2d1dbdcafb896df7781d12fc73dcc5e145199a2672bceb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 May 2024 16:39:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68762
x-xss-protection: 0
last-modified: Fri, 31 May 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 31 May 2024 16:39:47 GMT

GET
H2 200 navbar_active_gray.png
images.betanews.com/fileforum3/header/ 1006 B
1 KB 619ms
618ms Image
image/png 172.67.74.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.betanews.com/fileforum3/header/navbar_active_gray.png
Requested by: Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54b646173856c05ad595598fcfee96dc54495c2f9a30ea1c55515b64789d2803

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 May 2024 16:39:47 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 11 Jul 2017 23:30:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3ee-5541315c69180"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=43RnVZKOrZkyRj2%2Btpl%2B5sv5Syf40ObtNRnQwsIM9VJAyxAeSWQdZc9NKpfC0ex1EJh8YhzmuwTMNaqGiPjKn8FKWOna5yiRDRwHACqqOpbEcvaLiKgdb1rJplpFhh2%2B%2BM7fVHg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c866e62f2de3d7-TLV
content-length: 1006

GET
H2 200 ff_logo_gray.png
images.betanews.com/fileforum3/header/ 1 KB
2 KB 611ms
611ms Image
image/png 172.67.74.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.betanews.com/fileforum3/header/ff_logo_gray.png
Requested by: Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 529ce545d0f689295a76134ae7f6add7b8b78904a15b6bef1a5a6bd0cb47b281

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 May 2024 16:39:47 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 11 Jul 2017 23:30:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "563-5541315c69180"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t7pf%2FGu2Kkr2oZdhSltQtVq8LjueOWZ3RY7mO%2BR9KTjow%2FdgWctYP0vo3NVhSVLwX20ZtwCiylTdFz5GcjXZUR4xpx54tfC7BJZtQ08ClM%2BSWDTAh8hlw9M4UsFhAg3TWTun2Sc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c866e62f32e3d7-TLV
content-length: 1379

GET
H2 200 ff_logo.png
images.betanews.com/fileforum3/header/ 4 KB
4 KB 650ms
650ms Image
image/png 172.67.74.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.betanews.com/fileforum3/header/ff_logo.png
Requested by: Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a8f59aaec3baa11914a42d01b1513778de352d807ced7c5a7296f21b97e1848

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 May 2024 16:39:47 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 08 Jul 2017 02:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "f28-553c565bb7500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2BQ2hpqhS0OFO%2B8358tz5y5qWlDBtBiaum1cUkphFymGWkNbatTP%2BQAjzJ7cEHOpRiruWw%2Fxgbd848PWQpJXIgLXu4aCVjjUMpSIoUbmZBCdT64g9O43lyQFPzbE%2BL%2BL2Tt8bDI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c866e62f34e3d7-TLV
content-length: 3880

GET
H2 200 buttons.png
images.betanews.com/fileforum3/buttons/ 12 KB
12 KB 625ms
625ms Image
image/png 172.67.74.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.betanews.com/fileforum3/buttons/buttons.png
Requested by: Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06f1ec52dea17ff1c6bed231b53938e5200586e1b37c6707f453b115454da806

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 May 2024 16:39:47 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 08 Jul 2017 02:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2ea3-553c565bb7500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nhCN8MCGjIV%2BqGthqMIlS5JRrS3gKo4P96100ddXxxmJuqgsxXzoLQLd0BilpS51o%2Fz%2FmQe9hiXftmztTNjI9ex5LZ9dn86HXj74%2BkQnSv%2BCAPVvEkgNk6rX044QJ%2FoRHVvqRps%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c866e62f39e3d7-TLV
content-length: 11939

GET
H2 200 socialmedia_icons.png
images.betanews.com/fileforum3/ 5 KB
5 KB 633ms
633ms Image
image/png 172.67.74.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.betanews.com/fileforum3/socialmedia_icons.png
Requested by: Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71a2933a8805045e2305cbd2824ab3bcc1a371f1e6d111645ce14cd7c7c5bf7a

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 May 2024 16:39:47 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 08 Jul 2017 02:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "123b-553c565bb7500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B1xlw2j7GMeJMIes0zKwZibAN2uJwHK3OOHPlgP8VaXt04OYDAmRT%2Fn%2FRDJJpg2jglJPvpUBOmxnf9vzZaJyKI7%2BoN5yMhgBFm%2F6BBubEQDqGlUK3BDSFIuZdmhKZv6Ecz3ld5o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c866e62f3be3d7-TLV
content-length: 4667

GET
H2 200 navbar_active.png
images.betanews.com/fileforum3/header/ 192 B
484 B 76ms
75ms Image
image/png 172.67.74.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.betanews.com/fileforum3/header/navbar_active.png
Requested by: Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7087b3afc70c0f1a640c5327239e94a508b7a7751800b3952edf804a3837a2e8

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 May 2024 16:39:46 GMT
cf-cache-status: HIT
last-modified: Sat, 08 Jul 2017 02:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6878
etag: "c0-553c565bb7500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hzq9FzPbKKptDthSw2m0ec%2FFMLtx4cbpWQqo%2Fjj7Oc9Ty7DN%2F3DqKk0evHahkDPOaHo8i9fDBCfwI%2BBf3mgn%2BnsG7MB4ZA3EWjuD4c1V1mBm8990VqJRKK97UbPMdM410fB1Wpg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c866e62f3ee3d7-TLV
content-length: 192

GET
H2 200 bgs.png
images.betanews.com/fileforum3/ 4 KB
4 KB 614ms
613ms Image
image/png 172.67.74.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.betanews.com/fileforum3/bgs.png
Requested by: Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe00f6a25703ead073b6b2ce1a56c07fb5dcb6da14aa2c73a06dce0ffb90b9ab

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 May 2024 16:39:47 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 08 Jul 2017 02:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ec9-553c565bb7500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FiTibzdQWlo7%2FUyrHkR6rdqw7zUiTgip4RxIuG8Sfb0RVyebCzE14l77r9ITCH21I16CxoH%2Bkwu7JfBp9eNaNQiG0Btlr%2FgXx%2B1S2jG3d8rGalv3mfUiSpKIuiKGcJndgsx0Dco%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c866e62f42e3d7-TLV
content-length: 3785

GET
H2 200 icons2.png
images.betanews.com/fileforum3/icons/ 2 KB
2 KB 73ms
72ms Image
image/png 172.67.74.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.betanews.com/fileforum3/icons/icons2.png
Requested by: Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34de0b876686b5e0e70169241a272564f2813e26def4572b91e79af258ad3d89

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 May 2024 16:39:46 GMT
cf-cache-status: HIT
last-modified: Sat, 08 Jul 2017 02:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6878
etag: "892-553c565bb7500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3%2FEfZJfV0rwKCb86db4c%2BiZtYfT6pLxqFAYxQkBpxKZPLTecs2eSP6oAA0FcIeACsfRkgdjYYT0cvJxuURHOp5U%2FgZgDy6K4tVAbdO0B2LGRjzd6rKSt0RulRpRhAXx%2FuAuxrQ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c866e62f44e3d7-TLV
content-length: 2194

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405290101/ 424 KB
143 KB 402ms
175ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405290101/show_ads_impl_fy2021.js?bust=31084174

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6676241418785266

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e11ef9f8345269e549da9c84c7179b8c7aef08c24938acbb1efefcadba90dfb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 May 2024 16:39:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146648
x-xss-protection: 0
server: cafe
etag: 7749126744555655213
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 May 2024 16:39:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 257 KB
90 KB 145ms
144ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H9SLV28721&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHTWSXS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

af2f161c0772f61f78f9b3e47479b758f56aa8d461d726c3448462c1211fd73b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 May 2024 16:39:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92053
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 31 May 2024 16:39:47 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
253 B 300ms
117ms Ping
text/plain 216.239.32.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H9SLV28721&gtm=45je45t0v9110113147z89119310666za200zb9119310666&_p=1717173586876&gcd=13l3l3l3l1&npa=0&dma=0&cid=695035154.1717173588&ul=he-il&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717173587&sct=1&seg=0&dl=https%3A%2F%2Ffileforum.com%2Fprofile%2Fpuffincork5%2F&dt=puffincork5%27s%20Profile%20%7C%20FileForum&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2707
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H9SLV28721&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 May 2024 16:39:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fileforum.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240529/r20110914/ Frame 24A4 0
0 337ms
113ms Document
text/html 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240529/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405290101/show_ads_impl_fy2021.js?bust=31084174

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://fileforum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

age: 3585
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4165
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 31 May 2024 15:40:03 GMT
etag: 3711839061170457607
expires: Fri, 14 Jun 2024 15:40:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame F926 0
0 1072ms
866ms Document
text/html 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1717173585&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffileforum.com%2Fprofile%2Fpuffincork5%2F&pra=5&wgl=1&easpi=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1717173587037&bpp=18&bdt=1323&idt=702&shv=r20240529&mjsv=m202405290101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6183305863064&frm=20&pv=2&ga_vid=695035154.1717173588&ga_sid=1717173588&ga_hid=697244355&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31083639%2C31084024%2C31084027%2C42532523%2C95331696%2C31084174%2C95334052%2C95334159%2C95334311%2C31078668&oid=2&pvsid=2580566763053058&tmod=1045693242&uas=0&nvt=1&fsapi=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=750

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405290101/show_ads_impl_fy2021.js?bust=31084174

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://fileforum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 98563
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 31 May 2024 16:39:48 GMT
expires: Fri, 31 May 2024 16:39:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 64AA 0
0 792ms
612ms Document
text/html 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3368998127&adf=2550651363&pi=t.aa~a.3269266735~rp.4&w=659&abgtt=6&fwrn=4&fwrnh=100&lmt=1717173585&rafmt=1&to=qs&pwprc=8797158495&format=659x280&url=https%3A%2F%2Ffileforum.com%2Fprofile%2Fpuffincork5%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1717173587055&bpp=2&bdt=1340&idt=753&shv=r20240529&mjsv=m202405290101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=6183305863064&frm=20&pv=1&ga_vid=695035154.1717173588&ga_sid=1717173588&ga_hid=697244355&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31083639%2C31084024%2C31084027%2C42532523%2C95331696%2C31084174%2C95334052%2C95334159%2C95334311%2C31078668&oid=2&pvsid=2580566763053058&tmod=1045693242&uas=0&nvt=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=758

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405290101/show_ads_impl_fy2021.js?bust=31084174

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://fileforum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45241
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 31 May 2024 16:39:48 GMT
expires: Fri, 31 May 2024 16:39:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405290101/ 168 KB
56 KB 166ms
166ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405290101/reactive_library_fy2021.js?bust=31084174

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405290101/show_ads_impl_fy2021.js?bust=31084174

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

579c882adca420d71aac3023558339d154629374799bd4dcab31f92993d4a979

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 May 2024 16:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57782
x-xss-protection: 0
server: cafe
etag: 11411910183916223575
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 May 2024 16:39:49 GMT

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240529/r20110914/ Frame F13F 0
0 0ms
0ms Document
text/html 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240529/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405290101/show_ads_impl_fy2021.js?bust=31084174

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://fileforum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

age: 3585
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4165
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 31 May 2024 15:40:03 GMT
etag: 3711839061170457607
expires: Fri, 14 Jun 2024 15:40:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240529/r20110914/ Frame 3EF4 0
0 0ms
0ms Document
text/html 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240529/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405290101/show_ads_impl_fy2021.js?bust=31084174

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://fileforum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

age: 3585
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4165
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 31 May 2024 15:40:03 GMT
etag: 3711839061170457607
expires: Fri, 14 Jun 2024 15:40:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 157ms
157ms XHR
application/json 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240529&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405290101/show_ads_impl_fy2021.js?bust=31084174

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

077abb95639ca97d1b11e561193fce54c9605ee741543636aacf804aedb1f04d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 May 2024 16:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12526
x-xss-protection: 0

GET
H/1.1 200
OK favicon.ico
fileforum.com/ 2 KB
2 KB 567ms
189ms Other
image/vnd.microsoft.icon 108.44.238.29
UUNET

General

Check archive.org

Show headers Download Go to

Full URL: https://fileforum.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.44.238.29 Leesburg, United States, ASN701 (UUNET, US),
Reverse DNS: phoenix.betanews.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: e4ad725d5dcd5533e63c9ec927504dc55e05ef0e62bb7688f50e83d86fe3a5b9

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://fileforum.com/profile/puffincork5/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 31 May 2024 16:39:50 GMT
Last-Modified: Wed, 02 Jun 2004 01:57:09 GMT
Server: Apache/2.4.10 (Debian)
ETag: "8f6-3dbd7020d2740"
Content-Type: image/vnd.microsoft.icon
Connection: close
Accept-Ranges: bytes
Content-Length: 2294

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 363ms
127ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405290101/show_ads_impl_fy2021.js?bust=31084174

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 31 May 2024 16:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 31 May 2024 16:39:50 GMT

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1DE8 0
0 114ms
113ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://fileforum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
age: 16982
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 31 May 2024 11:56:48 GMT
expires: Sat, 31 May 2025 11:56:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 37CB 0
0 363ms
125ms Document
text/html 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7d1NQLP-nJFz6BxryLek1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://fileforum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-7d1NQLP-nJFz6BxryLek1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 31 May 2024 16:39:50 GMT
expires: Fri, 31 May 2024 16:39:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240529&jk=2580566763053058&bg=!SUqlSgXNAAbEf60J5H87ADQBe5WfOKmYg3oaJ8tlmMY_rgpjW9ZhvOEKrYQGytHYI5VO8BFRNqYUSzFhjxSojNyOWVnyAgAAADdSAAAAD2gBB34ANTkTAm2X4t1vpzVEH0PfLMK0P0kDiM6jFVN16kJ9LgzTcD9GpB3-3OlebM_EX1qj-lxo2E1XCgBGv3Rl4e-ETAmUFnwPKtwaUl2wYxJsdbpf-6D7p6ftbQ559V3sBlr3v6a-Nb3wFLbRLk9bkwV1abmu3Fcif69h7hZiSBbwT5kCoYwdfz2NWvJSacASiM-TKtX_05kQvUoaasdooIeoyaalB8Dk9qHCw8BtQtEwf279rMAxDCPEdWd0k9bYuTB7rMiFXPhGcMWSrQK-OK73g6eHqhHvEPGUxtw0Ec69shwzhBoclvx_LJIFTKJr2SAy-wzS66eYSYjENvHRpGJrAGZJXDX4exhz68QCAAtLhasbnfGX7T8NPaGPWJgFMYSftha4MMMUCigTZRXj5XWnXZk_tbrgjC-5gLy5kwzUD_QpJMHODWFopBZKPkWluQnRJGmnXs2aDHq-ihGfGmMkif4D3L3pCydGR0TOGuyT8h0kFdSi7YY7QLySy0h6iatNahXTy2LA23pWDzYSLVioaD2mrHIvBYdZmCroUaGI0YnEfw9Bxv3u43vTzbFhO3J1lJLvaGPvUYN1agfC2ivRJP2bPIwDDCGfzj-L8_9OpHmeGzVE_Q_hD0u-891DQWe6h393oPxdPRxDGwhRrzr_ZTPZrAHGT8Ue1XEhM367o9mYmVHEHrS1_zESi3w9ALW62TkhZn06_UKhXlqTvcpno4igM2otTa_O5YKxvsle0VoVm4opR5htnoHXx5Ggdm-UG4detKBWu7MMbt0rehfyC_dK3SZqDAG-yNskW3CVyejT-nKo43Ak6f5-rX0DvYRl2JP_byDc2TKg_P3torkGt76aeHPo7PHhSmjc7K2NsohXAhB-xIpjkFqpzyjnOdm0haeNW0fSrQUqa8VhCn5k1l_t4D6V8pAFXOC66spvKXYY618RmQD4D0CjIIgVbU5xeujF_Byh0JLJO6UVqi1v1HYbsB9JoBrAHgIf7NLWbxh8cvDN7eMdT8w1tf_Aqxqo8BjXebnguwzOwA0b9no6K2TnHAn0f1GOReZKvfoCEBlsR9k

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fileforum.com/	1969-12-31 23:59:59	Name: sixsession Value: gq5j30d30d0p9vfmrjgo989pmgt55d04
.fileforum.com/	1970-01-21 06:35:33	Name: _ga Value: GA1.1.695035154.1717173588
.fileforum.com/	1970-01-21 06:21:09	Name: __gads Value: ID=8f5ada9f4e381005:T=1717173588:RT=1717173588:S=ALNI_MbKYU5z2QicONsk2C4__x_C6Lra-Q
.fileforum.com/	1970-01-21 06:21:09	Name: __gpi Value: UID=00000e36d0991470:T=1717173588:RT=1717173588:S=ALNI_MZngRo5RC9Ax6MUQaq_cwWZEW10ew
.fileforum.com/	1970-01-21 01:18:45	Name: __eoi Value: ID=283667b9fc1e666a:T=1717173588:RT=1717173588:S=AA-Afjaa5HHivf08RhQK4Bgs9nlV
.fileforum.com/	1970-01-21 06:35:33	Name: _ga_H9SLV28721 Value: GS1.1.1717173587.1.0.1717173589.0.0.0
.doubleclick.net/	1970-01-21 06:35:33	Name: IDE Value: AHWqTUl5tWNQsSACK1KxM4iFi7k5bRtThQk9CnoxpuFwgus7vM1xtnaRlaPZIbFuBvc
.googleadservices.com/	1970-01-20 23:09:09	Name: ar_debug Value: 1

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://fileforum.com/profile/puffincork5/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fileforum.com/profile/puffincork5/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fileforum.com/profile/puffincork5/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fileforum.com/profile/puffincork5/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fileforum.com/profile/puffincork5/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fileforum.com/profile/puffincork5/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fileforum.com/profile/puffincork5/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fileforum.com/profile/puffincork5/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fileforum.com/profile/puffincork5/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fileforum.com/profile/puffincork5/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fileforum.com
googleads.g.doubleclick.net
images.betanews.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gravatar.com
pagead2.googlesyndication.com
108.44.238.29
142.250.185.104
142.250.186.129
172.67.74.154
192.0.73.2
216.239.32.178
216.58.206.66
216.58.206.68
216.58.212.130
06f1ec52dea17ff1c6bed231b53938e5200586e1b37c6707f453b115454da806
077abb95639ca97d1b11e561193fce54c9605ee741543636aacf804aedb1f04d
160d317860d283845ddde93faa4a3c41f42f0e777acb74dba3a716555c89610f
29b8efebc158f2de93e346e8437211694ef38dad0e5f7b85c547f98cb1e5a7cd
34de0b876686b5e0e70169241a272564f2813e26def4572b91e79af258ad3d89
3a8f59aaec3baa11914a42d01b1513778de352d807ced7c5a7296f21b97e1848
529ce545d0f689295a76134ae7f6add7b8b78904a15b6bef1a5a6bd0cb47b281
54b646173856c05ad595598fcfee96dc54495c2f9a30ea1c55515b64789d2803
579c882adca420d71aac3023558339d154629374799bd4dcab31f92993d4a979
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
658755b233f8167df2d1dbdcafb896df7781d12fc73dcc5e145199a2672bceb6
7087b3afc70c0f1a640c5327239e94a508b7a7751800b3952edf804a3837a2e8
71a2933a8805045e2305cbd2824ab3bcc1a371f1e6d111645ce14cd7c7c5bf7a
845db4804670fe60d55c1c2ee14ff95f6e478dfbab37260d7d1a96b90c9eddc7
af2f161c0772f61f78f9b3e47479b758f56aa8d461d726c3448462c1211fd73b
deda914cce5fb739ca5624e64be7af22f3a426623b3bf174429287d2376dfc4b
e11ef9f8345269e549da9c84c7179b8c7aef08c24938acbb1efefcadba90dfb7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ad725d5dcd5533e63c9ec927504dc55e05ef0e62bb7688f50e83d86fe3a5b9
f061bc61c6a752564bba70c0675de98f06d26b6fe0655c2189fba606539accab
fe00f6a25703ead073b6b2ce1a56c07fb5dcb6da14aa2c73a06dce0ffb90b9ab
fe77474b897160fc9eeb28dd35f21632587b1e238d2f32efaccc0fb021696174

fileforum.com Open in urlscan Pro 108.44.238.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

30 Requests

97 %HTTPS

0 %IPv6

8 Domains

9 Subdomains

10 IPs

1 Countries

523 kBTransfer

1438 kBSize

8 Cookies

6 Outgoing links

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

fileforum.com Open in urlscan Pro
108.44.238.29 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

97 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

10
IPs

1
Countries

523 kB
Transfer

1438 kB
Size

8
Cookies

30 HTTP transactions
0 data transactions